AI Threat Alert
Ollama
pip LLM Inference26
Total CVEs
1
Critical
pip
Ecosystem
Jan 21, 2026
Last CVE
Known Vulnerabilities (26 shown)
Severity CVE ID Summary CVSS Published
HIGH CVE-2025-66960 ollama: Input Validation flaw enables exploitation 7.5 Jan 21, 2026 HIGH CVE-2025-66959 ollama: Input Validation flaw enables exploitation 7.5 Jan 21, 2026 HIGH CVE-2025-15514 ollama: security flaw enables exploitation 7.5 Jan 12, 2026 HIGH CVE-2025-15514 ollama: security flaw enables exploitation 7.5 Jan 12, 2026 HIGH CVE-2025-15514 ollama: security flaw enables exploitation 7.5 Jan 12, 2026 HIGH CVE-2025-15514 ollama: security flaw enables exploitation 7.5 Jan 12, 2026 HIGH CVE-2025-15514 ollama: security flaw enables exploitation 7.5 Jan 12, 2026 HIGH CVE-2025-15514 ollama: security flaw enables exploitation 7.5 Jan 12, 2026 HIGH CVE-2025-15514 ollama: security flaw enables exploitation 7.5 Jan 12, 2026 HIGH CVE-2025-15514 ollama: security flaw enables exploitation 7.5 Jan 12, 2026 CRITICAL CVE-2025-63389 ollama: Missing Auth allows unauthenticated access 9.8 Dec 18, 2025 MEDIUM CVE-2025-44779 Ollama: arbitrary file deletion via /api/pull 6.6 Aug 7, 2025 MEDIUM CVE-2025-51471 Ollama: auth token hijack via crafted WWW-Authenticate 6.9 Jul 22, 2025 UNKNOWN CVE-2025-1975 Ollama: DoS via malicious manifest in /api/pull -- May 16, 2025 HIGH CVE-2025-0317 Ollama: DoS via malicious GGUF model file upload 7.5 Mar 20, 2025 HIGH CVE-2025-0315 Ollama: GGUF model upload causes memory exhaustion DoS 7.5 Mar 20, 2025 HIGH CVE-2025-0312 Ollama: null pointer DoS via malicious GGUF model upload 7.5 Mar 20, 2025 HIGH CVE-2024-8063 ollama: divide-by-zero DoS via crafted GGUF model import 7.5 Mar 20, 2025 HIGH CVE-2024-12055 Ollama: DoS via malicious gguf model file upload 7.5 Mar 20, 2025 HIGH CVE-2024-39722 Ollama: path traversal exposes server filesystem 7.5 Oct 31, 2024 HIGH CVE-2024-39721 Ollama: DoS via /dev/random causes goroutine exhaustion 7.5 Oct 31, 2024 HIGH CVE-2024-39720 Ollama: OOB read in GGUF parser enables remote DoS 8.2 Oct 31, 2024 HIGH CVE-2024-39719 Ollama: file existence oracle via api/create errors 7.5 Oct 31, 2024 HIGH CVE-2024-45436 Ollama: ZIP path traversal exposes host filesystem 7.5 Aug 29, 2024 HIGH CVE-2024-37032 Ollama: path traversal enables RCE via model blob API 8.8 May 31, 2024 MEDIUM CVE-2024-28224 Ollama: DNS rebinding exposes LLM API to remote access 6.6 Apr 8, 2024 Monitor Ollama in your stack
Get instant alerts when new vulnerabilities affect Ollama. CISO analysis, ATLAS technique mappings, and compliance reports included.
Start Monitoring