A vulnerability was found in ggml-org whisper.cpp up to 1.8.2 . It has been declared as problematic . This vulnerability affects the function whisper_model_load of the file ggml/src/ggml.c . The manipulation results in null pointer dereference. This vulnerability is known as CVE-2026-10298 . Attacking locally is a requirement. Furthermore, an exploit is available. The project was informed of the problem early through an issue report but has not responded yet.