Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/01/24 3:17 a.m.10 views

CVE-2025-15063

Ollama MCP Server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ollama MCP Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

9.8CVSS6.5AI score0.02111EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 4:16 a.m.11 views

CVE-2025-15063

Ollama MCP Server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ollama MCP Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

9.8CVSS0.02111EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/23 2:47 a.m.5 views

CVE-2025-15063 Ollama MCP Server execAsync Command Injection Remote Code Execution Vulnerability

Ollama MCP Server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ollama MCP Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

9.8CVSS6.5AI score0.02111EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/23 2:47 a.m.45 views

CVE-2025-15063 Ollama MCP Server execAsync Command Injection Remote Code Execution Vulnerability

Ollama MCP Server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ollama MCP Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

9.8CVSS0.02111EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 2:47 a.m.5 views

CVE-2025-15063

Ollama MCP Server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ollama MCP Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the...

9.8CVSS6.3AI score0.02111EPSS
Exploits0References2
CVE
CVE
added 2026/01/23 2:47 a.m.14 views

CVE-2025-15063

CVE-2025-15063 : Ollama MCP Server contains a command injection in the execAsync method. The flaw stems from insufficient validation of a user-supplied string before it is used to perform a system call, enabling an unauthenticated attacker to execute arbitrary code with the service account contex...

9.8CVSS6.5AI score0.02111EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.7 views

Ollama MCP Server: Operating System Command Injection Vulnerability

Ollama MCP Server is an open-source server component based on the Large Model Context Protocol developed by Ollama. The Ollama MCP Server has a vulnerability related to operating system command injection. This vulnerability stems from the execAsync method not properly verifying the string provide...

9.8CVSS7.6AI score0.02111EPSS
Exploits0References1
Rows per page
Query Builder