Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama (www.cyera.com)

A critical vulnerability (CVE-2026–7482, CVSS 9.1) has been discovered in Ollama, an open-source platform for running large language models (LLMs) locally. This flaw allows unauthenticated attackers to leak the entire process memory of Ollama instances, potentially affecting approximately 300,000 servers worldwide. The leaked memory includes sensitive user messages, system prompts, and environment variables, posing significant risks to user privacy and data security. Ollama's architecture, which facilitates model creation through specific API endpoints, relies on a GGUF format for efficiently loading models. The vulnerability stems from an out-of-bounds memory access within Ollama's use of the Go programming language. By crafting malicious GGUF files that trick the system into reading excessive data beyond the buffer, attackers can extract sensitive information hidden in memory. This leaked data can then be uploaded to external servers through the /api/push endpoint, enabling potential exploitation. The implications of this vulnerability underscore the necessity for enhanced security measures in platforms supporting model deployments and memory management in AI applications.