CVE-2026-7482
criticalCVSS v3 Base Score
9.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
EPSS Score
0.0%
Exploitation probability in 30 days
Top 89% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Confidentiality
High
Integrity
None
Availability
High
Vulnerability Report
Generated by CyberWatcher
Description
A flaw was found in Ollama. A remote attacker can exploit a heap out-of-bounds read vulnerability in the GGUF model loader by providing a specially crafted GGUF (GGML Unified Format) file to the /api/create endpoint. This allows the attacker to read beyond the allocated memory buffer, potentially disclosing sensitive information such as environment variables, API keys, system prompts, and user conversation data. The leaked data can then be exfiltrated by uploading the resulting model artifact through the /api/push endpoint to an attacker-controlled registry. Both /api/create and /api/push endpoints lack authentication in the upstream distribution, increasing the risk of exploitation.