{"data":{"id":"f9bdb224-36f3-460d-949a-eae4cf459280","title":"CVE-2025-63389: A critical authentication bypass vulnerability exists in Ollama platform's API endpoints in versions prior to and includ","summary":"CVE-2025-63389 is a critical vulnerability in Ollama (an AI platform) versions up to v0.12.3 where API endpoints (connection points for software communication) are exposed without authentication (verification of identity), allowing attackers to remotely perform unauthorized model management operations. The vulnerability stems from missing authentication checks on critical functions.","solution":"N/A -- no mitigation discussed in source.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2025-63389","publishedAt":"2025-12-18T21:15:54.760Z","cveId":"CVE-2025-63389","cweIds":["CWE-306"],"cvssScore":"9.8","cvssSeverity":"critical","severity":"critical","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Ollama"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00181,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-115"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["integrity","availability"],"aiComponentTargeted":"inference","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}