{"data":{"id":"ea56fe29-248b-485b-a741-15e9c2206772","title":"CVE-2026-5530: A flaw has been found in Ollama up to 18.1. This issue affects some unknown processing of the file server/download.go of","summary":"A vulnerability (CVE-2026-5530) has been discovered in Ollama up to version 18.1 that allows attackers to perform SSRF (server-side request forgery, where an attacker tricks a server into making unwanted requests on their behalf) through the Model Pull API component. The flaw can be exploited remotely by authenticated users, and the vendor has not responded to disclosure attempts.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2026-5530","publishedAt":"2026-04-05T01:16:48.220Z","cveId":"CVE-2026-5530","cweIds":["CWE-918"],"cvssScore":"6.3","cvssSeverity":"medium","severity":"medium","attackType":["supply_chain"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Ollama"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L","attackVector":"network","attackComplexity":"low","privilegesRequired":"low","userInteraction":"none","exploitMaturity":"unknown","epssScore":0,"patchAvailable":null,"disclosureDate":"2026-04-05T01:16:48.220Z","capecIds":["CAPEC-664"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","confidentiality"],"aiComponentTargeted":"inference","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":["AML.T0010"]}}