{"data":{"id":"3111c29a-dfca-4c15-beee-7575cf0f822b","title":"CVE-2025-66960: An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the fs/ggml/gguf.go, function rea","summary":"CVE-2025-66960 is a vulnerability in Ollama v.0.12.10 where a remote attacker can cause a denial of service (making a service unavailable by overwhelming it) by sending malicious GGUF metadata (a file format used in machine learning). The issue is in the readGGUFV1String function, which reads string length data from untrusted sources without properly validating it.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-66960","publishedAt":"2026-01-21T23:16:23.950Z","cveId":"CVE-2025-66960","cweIds":["CWE-20","CWE-400"],"cvssScore":"7.5","cvssSeverity":"high","severity":"high","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Ollama"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00279,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-125","CAPEC-130"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability"],"aiComponentTargeted":"inference","llmSpecific":true,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}