CVE-2026-7482 (Bleeding Llama)

Medienbericht

EPSS 1%
Veröffentlicht 04.05.2026 12:38:28
Zuletzt bearbeitet 11.05.2026 12:27:11
Quelle abd028dc-c042-4c4d-9749-38d0f8
CVE-Watchlists
Login
Unerledigt
Login

Ollama heap out-of-bounds read in GGUF tensor parsing leaks server process memory to unauthenticated remote attackers

Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in which the declared tensor offset and size exceed the file's actual length; during quantization in fs/ggml/gguf.go and server/quantization.go (WriteTo()), the server reads past the allocated heap buffer. The leaked memory contents may include environment variables, API keys, system prompts, and concurrent users' conversation data, and can be exfiltrated by uploading the resulting model artifact through the /api/push endpoint to an attacker-controlled registry. The /api/create and /api/push endpoints have no authentication in the upstream distribution. Default deployments bind to 127.0.0.1, but the documented OLLAMA_HOST=0.0.0.0 configuration is widely used in practice (large public-internet exposure observed).

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 8

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ollama ≫ Ollama Version < 0.17.1

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1%	0.583

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
abd028dc-c042-4c4d-9749-38d0f850af89	8.8	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:D/RE:L/U:Red
abd028dc-c042-4c4d-9749-38d0f850af89	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CWE-125 Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.

VulnDex Intel

Media Report

11.05.2026 16:03

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.

VulnDex Intel

Media Report

10.05.2026 15:02

https://github.com/ollama/ollama/pull/14406

Patch

Issue Tracking

https://github.com/ollama/ollama/commit/88d57d0483cca907e0b23a968c83627a20b21047

Patch

https://github.com/ollama/ollama/releases/tag/v0.17.1

Release Notes

https://nvd.nist.gov/vuln/detail/CVE-2026-7482

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-7482

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-7482

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-7482 (Bleeding Llama)