Instructions to use exploitintel/cve-cwe-gemma4-12b-GGUF with libraries, inference providers, notebooks, and local apps. Follow these links to get started.

Libraries

How to use exploitintel/cve-cwe-gemma4-12b-GGUF with llama-cpp-python:

# !pip install llama-cpp-python

from llama_cpp import Llama

llm = Llama.from_pretrained(
	repo_id="exploitintel/cve-cwe-gemma4-12b-GGUF",
	filename="cve-cwe-gemma4-12b-Q4_K_M.gguf",
)

llm.create_chat_completion(
	messages = [
		{
			"role": "user",
			"content": "What is the capital of France?"
		}
	]
)

Notebooks
Google Colab
Kaggle
Local Apps Settings

llama.cpp

How to use exploitintel/cve-cwe-gemma4-12b-GGUF with llama.cpp:

Install from brew

brew install llama.cpp
# Start a local OpenAI-compatible server with a web UI:
llama-server -hf exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M
# Run inference directly in the terminal:
llama-cli -hf exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M

Install from WinGet (Windows)

winget install llama.cpp
# Start a local OpenAI-compatible server with a web UI:
llama-server -hf exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M
# Run inference directly in the terminal:
llama-cli -hf exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M

Use pre-built binary

# Download pre-built binary from:
# https://github.com/ggerganov/llama.cpp/releases
# Start a local OpenAI-compatible server with a web UI:
./llama-server -hf exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M
# Run inference directly in the terminal:
./llama-cli -hf exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M

Build from source code

git clone https://github.com/ggerganov/llama.cpp.git
cd llama.cpp
cmake -B build
cmake --build build -j --target llama-server llama-cli
# Start a local OpenAI-compatible server with a web UI:
./build/bin/llama-server -hf exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M
# Run inference directly in the terminal:
./build/bin/llama-cli -hf exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M

Use Docker

docker model run hf.co/exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M

LM Studio
Jan

vLLM

How to use exploitintel/cve-cwe-gemma4-12b-GGUF with vLLM:

Install from pip and serve model

# Install vLLM from pip:
pip install vllm
# Start the vLLM server:
vllm serve "exploitintel/cve-cwe-gemma4-12b-GGUF"
# Call the server using curl (OpenAI-compatible API):
curl -X POST "http://localhost:8000/v1/chat/completions" \
	-H "Content-Type: application/json" \
	--data '{
		"model": "exploitintel/cve-cwe-gemma4-12b-GGUF",
		"messages": [
			{
				"role": "user",
				"content": "What is the capital of France?"
			}
		]
	}'

Use Docker

docker model run hf.co/exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M

Ollama
How to use exploitintel/cve-cwe-gemma4-12b-GGUF with Ollama:
```
ollama run hf.co/exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M
```

Unsloth Studio

How to use exploitintel/cve-cwe-gemma4-12b-GGUF with Unsloth Studio:

Install Unsloth Studio (macOS, Linux, WSL)

curl -fsSL https://unsloth.ai/install.sh | sh
# Run unsloth studio
unsloth studio -H 0.0.0.0 -p 8888
# Then open http://localhost:8888 in your browser
# Search for exploitintel/cve-cwe-gemma4-12b-GGUF to start chatting

Install Unsloth Studio (Windows)

irm https://unsloth.ai/install.ps1 | iex
# Run unsloth studio
unsloth studio -H 0.0.0.0 -p 8888
# Then open http://localhost:8888 in your browser
# Search for exploitintel/cve-cwe-gemma4-12b-GGUF to start chatting

Using HuggingFace Spaces for Unsloth

# No setup required
# Open https://huggingface.co/spaces/unsloth/studio in your browser
# Search for exploitintel/cve-cwe-gemma4-12b-GGUF to start chatting

How to use exploitintel/cve-cwe-gemma4-12b-GGUF with Pi:

Start the llama.cpp server

# Install llama.cpp:
brew install llama.cpp
# Start a local OpenAI-compatible server:
llama-server -hf exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M

Configure the model in Pi

# Install Pi:
npm install -g @mariozechner/pi-coding-agent
# Add to ~/.pi/agent/models.json:
{
  "providers": {
    "llama-cpp": {
      "baseUrl": "http://localhost:8080/v1",
      "api": "openai-completions",
      "apiKey": "none",
      "models": [
        {
          "id": "exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M"
        }
      ]
    }
  }
}

Run Pi

# Start Pi in your project directory:
pi

Hermes Agent new

How to use exploitintel/cve-cwe-gemma4-12b-GGUF with Hermes Agent:

Start the llama.cpp server

# Install llama.cpp:
brew install llama.cpp
# Start a local OpenAI-compatible server:
llama-server -hf exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M

Configure Hermes

# Install Hermes:
curl -fsSL https://hermes-agent.nousresearch.com/install.sh | bash
hermes setup
# Point Hermes at the local server:
hermes config set model.provider custom
hermes config set model.base_url http://127.0.0.1:8080/v1
hermes config set model.default exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M

Run Hermes

hermes

Docker Model Runner
How to use exploitintel/cve-cwe-gemma4-12b-GGUF with Docker Model Runner:
```
docker model run hf.co/exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M
```

Lemonade

How to use exploitintel/cve-cwe-gemma4-12b-GGUF with Lemonade:

Pull the model

# Download Lemonade from https://lemonade-server.ai/
lemonade pull exploitintel/cve-cwe-gemma4-12b-GGUF:Q4_K_M

Run and chat with the model

lemonade run user.cve-cwe-gemma4-12b-GGUF-Q4_K_M

List all available models

lemonade list

cve-cwe-gemma4-12b-GGUF

GGUF quantizations of exploitintel/cve-cwe-gemma4-12b — a Gemma 4 12B fine-tune that maps a CVE description to its CWE ID(s) (MITRE View-1003).

📖 Write-up: From Essays to CWE-319 — how this fine-tune beats stock Gemma 4 at CWE classification

Input: a free-text vulnerability description.
Output: comma-separated CWE IDs, e.g. CWE-79 or CWE-89, CWE-352.
Text-only build (vision/audio projectors omitted).

Files

file	quant	size	notes
`cve-cwe-gemma4-12b-Q8_0.gguf`	Q8_0	11.8 GB	recommended — near-lossless
`cve-cwe-gemma4-12b-Q4_K_M.gguf`	Q4_K_M	6.87 GB	smaller/faster; some rare-CWE loss (see below)

Requires a current llama.cpp / Ollama build with Gemma 4 (gemma4_unified) support.

Quality vs the full model

Held-out test split (10,514 examples), description-only, greedy. The bf16 column is the unquantized transformers model; Q8/Q4 are measured through Ollama.

metric	bf16	Q8_0	Q4_K_M
exact-match	0.714	0.697	0.682
micro-F1	0.756	0.732	0.718
macro-F1	0.538	0.500	0.429
easy exact	0.805	0.808	0.793
hard exact	0.644	0.611	0.595

Choosing a quant: Q8_0 is effectively lossless. Q4_K_M costs only 1.5 points on exact/micro but **7 points on macro-F1** — i.e. it degrades the rare-CWE long tail specifically. Use Q8_0 if rare/long-tail CWEs matter; use Q4_K_M if size/speed dominate and you mostly see common CWEs.

Usage — Ollama

# build the model from the GGUF (see the Modelfile below)
ollama create cve-cwe-gemma4 -f Modelfile

# IMPORTANT: gemma4 runs with "thinking" ON by default, which wastes ~100-900
# tokens per query for this single-label task. Disable it:
ollama run cve-cwe-gemma4
>>> /set nothink
>>> The update handler transmits user credentials over an unencrypted HTTP channel.
CWE-319

Via the API, pass "think": false (the response field is the clean answer):

curl -s http://localhost:11434/api/generate -d '{
  "model": "cve-cwe-gemma4",
  "prompt": "SQL injection via the username parameter in the login form.",
  "stream": false,
  "think": false
}'
# -> {"response":"CWE-89", ...}

Modelfile

FROM ./cve-cwe-gemma4-12b-Q8_0.gguf

TEMPLATE """{{ if .System }}<|turn>system
{{ .System }}<turn|>
{{ end }}<|turn>user
{{ .Prompt }}<turn|>
<|turn>model
<|channel>thought
<channel|>{{ .Response }}<turn|>
"""

SYSTEM """You are a vulnerability analyst. Given a CVE description, reply with only the CWE ID(s) it maps to, comma-separated."""

PARAMETER temperature 0
PARAMETER stop "<turn|>"
PARAMETER stop "<|turn>"

Usage — llama.cpp

llama-cli -m cve-cwe-gemma4-12b-Q8_0.gguf --jinja \
  -sys "You are a vulnerability analyst. Given a CVE description, reply with only the CWE ID(s) it maps to, comma-separated." \
  -p "A heap-based buffer overflow occurs when parsing a crafted font file."

Limitations

Description-only triage aid; outputs are suggestions, not authoritative classifications. Keep a human in the loop for security-relevant decisions. Scope is MITRE View-1003. See the base model card for training details.

License

Apache-2.0, inherited from the Gemma 4 base model.

Downloads last month: 122

GGUF

Model size

12B params

Architecture

gemma4

Hardware compatibility

4-bit

8-bit

Model tree for exploitintel/cve-cwe-gemma4-12b-GGUF

Base model

google/gemma-4-12B

Finetuned

google/gemma-4-12B-it

Finetuned

unsloth/gemma-4-12b-it

Finetuned

exploitintel/cve-cwe-gemma4-12b

Quantized

(1)

this model

exploitintel
/

cve-cwe-gemma4-12b-GGUF

cve-cwe-gemma4-12b-GGUF

Files

Quality vs the full model

Usage — Ollama

Modelfile

Usage — llama.cpp

Limitations

License

Model tree for exploitintel/cve-cwe-gemma4-12b-GGUF

Dataset used to train exploitintel/cve-cwe-gemma4-12b-GGUF