Ollama Security Vulnerabilities (CVEs)
Track 12 security vulnerabilities affecting Ollama products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
A vulnerability in ollama's GGUF decoder allows remote attackers to trigger a denial of service by sending specially crafted input. This affects all s...
Jan 21, 2026A vulnerability in ollama v0.12.10 allows remote attackers to cause denial of service by sending specially crafted GGUF files. The readGGUFV1String fu...
Jan 21, 2026A critical authentication bypass vulnerability in Ollama platform allows remote attackers to perform unauthorized model management operations without ...
Dec 18, 2025This vulnerability in Ollama v0.1.33 allows attackers to delete arbitrary files by sending a specially crafted packet to the /api/pull endpoint. It af...
Aug 7, 2025A null pointer dereference vulnerability in Ollama versions up to 0.3.14 allows attackers to upload specially crafted GGUF model files that crash the ...
Mar 20, 2025A memory exhaustion vulnerability in Ollama allows attackers to upload specially crafted GGUF model files that cause unlimited memory allocation, lead...
Mar 20, 2025A vulnerability in Ollama versions up to 0.3.14 allows attackers to upload malicious GGUF model files that trigger a division by zero error, causing s...
Mar 20, 2025A divide-by-zero vulnerability in ollama/ollama v0.3.3 allows attackers to cause denial of service by importing malicious GGUF models with crafted blo...
Mar 20, 2025A vulnerability in Ollama versions up to 0.3.14 allows attackers to upload specially crafted gguf model files that cause an out-of-bounds read, crashi...
Mar 20, 2025This vulnerability in Ollama allows attackers to discover which files exist on the server via path traversal in the api/push route. It affects all dep...
Oct 31, 2024This vulnerability allows attackers to crash Ollama servers by uploading a specially crafted GGUF file and triggering a segmentation fault through the...
Oct 31, 2024This vulnerability in Ollama allows attackers to bypass path validation when retrieving model files, potentially leading to arbitrary file read or rem...
May 31, 2024Why Monitor Ollama Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 12+ known vulnerabilities affecting Ollama products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Ollama packages in under 60 seconds. No agents required - completely agentless scanning that works across Ollama deployments.
Free vulnerability database: Access detailed information about every Ollama CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Ollama CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
