Critical Vulnerability Information Vulnerability Type Buffer overflow, caused by a signed-to-unsigned conversion error in . Attack Vector Triggered by malicious GGUF models containing vocabulary entries exceeding . The vulnerability is triggered whenever performs any conversion, such as during model loading, decoding, grammar checking, or sampling. Affected Components function, called by: - Grammar routines: , - Sampling and refill code: - Public API: Severity CVSS v3 Base Score: 8.8/10 Risk Level: High Consequences Arbitrary memory corruption: Leading to application instability or crashes. Remote Code Execution (RCE): Attackers can redirect execution flow. Immediate crash: Undefined behavior observed in debuggers using ASAN or in production binaries. Information disclosure: Memory overwrites may expose sensitive data or internal pointers. Affected Entities Any application or service using to load GGUF models from untrusted sources. Inference servers, chatbots, or pipelines that dynamically integrate external model files are at risk. Mitigation and Recommendations Required Patch: Modify to ensure and are compared in an unsigned context, for example: - This change ensures that values exceeding cannot bypass the bounds check.