CVE-2026-15685: Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability. This vulnerability allows remote
Summary
Ollama (an AI model software) has a vulnerability in its downloadBlob function where it doesn't properly validate user input, allowing attackers to access memory beyond an array's intended size. This can cause a denial-of-service attack (making the service unavailable) without needing authentication (special login credentials).
Vulnerability Details
EPSS: 0.0%
July 13, 2026
Classification
Taxonomy References
Affected Vendors
Related Issues
CVE-2026-47482: NVIDIA Triton Inference Server for Linux contains a vulnerability where an attacker can cause missing release of memory
CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem
Original source: https://nvd.nist.gov/vuln/detail/CVE-2026-15685
First tracked: July 13, 2026 at 08:07 PM
Classified by LLM (prompt v3) · confidence: 92%