Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
Summary
Ollama, a popular framework for running large language models locally, has a critical out-of-bounds read vulnerability (CVE-2026-7482, CVSS score 9.1) that allows attackers to leak sensitive data like API keys and conversation history from process memory by uploading a specially crafted GGUF file (a file format for storing language models). The vulnerability affects versions before 0.17.1 and potentially impacts over 300,000 servers globally.
Solution / Mitigation
Update to Ollama version 0.17.1 or later. Additionally, the source recommends: limit network access to Ollama instances, audit running instances for internet exposure, isolate and secure them behind a firewall, and deploy an authentication proxy or API gateway in front of all Ollama instances since the REST API does not provide authentication by default.
Classification
Affected Vendors
Related Issues
CVE-2025-45150: Insecure permissions in LangChain-ChatGLM-Webui commit ef829 allows attackers to arbitrarily view and download sensitive
CVE-2025-54868: LibreChat is a ChatGPT clone with additional features. In versions 0.0.6 through 0.7.7-rc1, an exposed testing endpoint
Original source: https://thehackernews.com/2026/05/ollama-out-of-bounds-read-vulnerability.html
First tracked: May 10, 2026 at 02:00 PM
Classified by LLM (prompt v3) · confidence: 92%