| CVE-2026-7482 |
critical |
9.1 |
9.1 |
|
|
|
1mo ago |
Ollama contains a heap out-of-bounds read vulnerability in the GGUF model loader |
| CVE-2026-7020 |
low |
3.7 |
3.7 |
|
|
|
1mo ago |
Ollama is Vulnerable to Path Traversal |
| CVE-2024-37032 |
unknown |
— |
1.0 |
|
|
|
2y ago |
Ollama does not validate the format of the digest (sha256 with 64 hex digits) in github.com/ollama/ollama |
| CVE-2025-63389 |
unknown |
— |
— |
|
|
|
6mo ago |
Ollama has missing authentication enabling attackers to perform model management operations in github.com/ollama/ollama |
| CVE-2025-44779 |
unknown |
— |
— |
|
|
|
10mo ago |
An issue in Ollama v0.1.33 allows attackers to delete arbitrary files via sending a crafted packet to the endpoint /api/pull. |
| CVE-2025-51471 |
unknown |
— |
— |
|
|
|
11mo ago |
Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW… |
| CVE-2025-1975 |
unknown |
— |
— |
|
|
|
1y ago |
A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service (DoS) attack by customizing the manifest content and spoofing a service. This is due to improp… |
| CVE-2025-0315 |
unknown |
— |
— |
|
|
|
1y ago |
Ollama Allocation of Resources Without Limits or Throttling vulnerability in github.com/ollama/ollama |
| CVE-2025-0312 |
unknown |
— |
— |
|
|
|
1y ago |
Ollama Denial of Service (DoS) via Null Pointer Dereference in github.com/ollama/ollama |
| CVE-2025-0317 |
unknown |
— |
— |
|
|
|
1y ago |
Ollama Divide By Zero vulnerability in github.com/ollama/ollama |
| CVE-2024-12886 |
unknown |
— |
— |
|
|
|
1y ago |
Ollama Vulnerable to Denial of Service (DoS) via Crafted GZIP in github.com/ollama/ollama |
| CVE-2024-12055 |
unknown |
— |
— |
|
|
|
1y ago |
Ollama Allows Out-of-Bounds Read in github.com/ollama/ollama |
| CVE-2024-8063 |
unknown |
— |
— |
|
|
|
1y ago |
A divide by zero vulnerability exists in ollama/ollama version v0.3.3. The vulnerability occurs when importing GGUF models with a crafted type for `block_count` in the Modelfile. This can lead to a d… |
| CVE-2024-39720 |
unknown |
— |
— |
|
|
|
2y ago |
Ollama Out-of-bounds Read in github.com/ollama/ollama |
| CVE-2024-45436 |
unknown |
— |
— |
|
|
|
2y ago |
Ollama can extract members of a ZIP archive outside of the parent directory in github.com/ollama/ollama |
| CVE-2024-28224 |
unknown |
— |
— |
|
|
|
2y ago |
Ollama DNS rebinding vulnerability in github.com/jmorganca/ollama |
