34 matches found
SUSE CVE-2026-7482
Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in which the declared tensor offset and size exceed the file's actual length; during quantization in fs/ggml/gguf.go and...
CVE-2026-7482 Ollama heap out-of-bounds read in GGUF tensor parsing leaks server process memory to unauthenticated remote attackers
Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in which the declared tensor offset and size exceed the file's actual length; during quantization in fs/ggml/gguf.go and...
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
A critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems. The vulnerability, tracked as CVE-2026-5760 , carries a CVSS score of 9.8 out of 10.0. It has been described as a case of command injection...
EUVD-2025-6832
Malicious code in bioql PyPI...
EUVD-2025-6828
Malicious code in bioql PyPI...
DEBIAN-CVE-2025-49847
llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attacker‐supplied GGUF model vocabulary can trigger a buffer overflow in llama.cpp’s vocabulary‐loading code. Specifically, the helper trycopy in llama.cpp/src/vocab.cpp: llamavocab::impl::tokentopiece casts a ve...
CVE-2025-49847 llama.cpp Vulnerable to Buffer Overflow via Malicious GGUF Model
llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attacker‐supplied GGUF model vocabulary can trigger a buffer overflow in llama.cpp’s vocabulary‐loading code. Specifically, the helper trycopy in llama.cpp/src/vocab.cpp: llamavocab::impl::tokentopiece casts a ve...
CVE-2025-49847 llama.cpp Vulnerable to Buffer Overflow via Malicious GGUF Model
llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attacker‐supplied GGUF model vocabulary can trigger a buffer overflow in llama.cpp’s vocabulary‐loading code. Specifically, the helper trycopy in llama.cpp/src/vocab.cpp: llamavocab::impl::tokentopiece casts a ve...
PT-2025-25757 · Llama.Cpp · Llama.Cpp
Name of the Vulnerable Software and Affected Versions: llama.cpp versions prior to b5662 Description: The issue is related to a buffer overflow in the vocabulary-loading code of llama.cpp. An attacker-supplied GGUF model vocabulary can trigger this overflow. Specifically, the helper function toke...
Denial Of Service (DoS)
Ollama is vulnerable to Denial of Service DoS. The vulnerability is due to improper handling of GGUF model files, allowing a malicious user to create a crafted file that causes the server to allocate unlimited memory, leading to a DoS condition...
Ollama <= 0.3.14 Multiple Vulnerabilities
The version of Ollama installed on the remote host is prior or equal to 0.3.14. It is, therefore, affected by multiple vulnerabilities, including the following: - A vulnerability in ollama/ollama versions =0.3.14 allows a malicious user to upload and create a customized GGUF model file on the...
SUSE CVE-2024-12055
A vulnerability in Ollama versions =0.3.14 allows a malicious user to create a customized gguf model file that can be uploaded to the public Ollama server. When the server processes this malicious model, it crashes, leading to a Denial of Service DoS attack. The root cause of the issue is an...
SUSE CVE-2025-0312
A vulnerability in ollama/ollama versions =0.3.14 allows a malicious user to create a customized GGUF model file that, when uploaded and created on the Ollama server, can cause a crash due to an unchecked null pointer dereference. This can lead to a Denial of Service DoS attack via remote network...
SUSE CVE-2025-0315
A vulnerability in ollama/ollama =0.3.14 allows a malicious user to create a customized GGUF model file, upload it to the Ollama server, and create it. This can cause the server to allocate unlimited memory, leading to a Denial of Service DoS attack...
Division by zero
Overview Affected versions of this package are vulnerable to Division by zero via the ggufPadding function. An attacker can cause the server to crash by uploading and creating a customized GGUF model file on the server. PoC python import os import json import requests import hashlib if you use th...
GHSA-9GCR-28RP-CC24 Ollama Divide By Zero vulnerability
A vulnerability in ollama/ollama versions =0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. This can lead to a division by zero error in the ggufPadding function, causing the server to crash and resulting in a Denial of Service DoS attack...
Ollama Divide By Zero vulnerability
A vulnerability in ollama/ollama versions =0.3.14 allows a malicious user to upload and create a customized GGUF model file on the Ollama server. This can lead to a division by zero error in the ggufPadding function, causing the server to crash and resulting in a Denial of Service DoS attack...
Ollama Allows Out-of-Bounds Read
A vulnerability in Ollama versions =0.3.14 allows a malicious user to create a customized gguf model file that can be uploaded to the public Ollama server. When the server processes this malicious model, it crashes, leading to a Denial of Service DoS attack. The root cause of the issue is an...
CVE-2025-0313
Rejected reason: REJECT DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-12055. Notes: All CVE users should reference CVE-2024-12055 instead of this CVE Record. All references and descriptions in this candidate have been removed to prevent accidental usage...
CVE-2025-0315
A vulnerability in ollama/ollama =0.3.14 allows a malicious user to create a customized GGUF model file, upload it to the Ollama server, and create it. This can cause the server to allocate unlimited memory, leading to a Denial of Service DoS attack...