Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak
Details
CVSS v3
9.1
CVSS v4
7.7
NVD published
2026-04-29 12:16:19
EPSS
<0.1% probability · 12.9th percentile — 2026-05-12
Affected versions
Ollama for Windows 0.12.10 to 0.17.5
Summary
Ollama for Windows contains a remote code execution vulnerability in its update mechanism. The application builds local file paths from unvalidated attacker-controlled HTTP response headers, allowing path traversal to write arbitrary files outside the intended update directory. When chained with CVE-2026-42248, this enables automatic persistent code execution without any user interaction.
Remediation
Until an official vendor patch is released, restrict network access to Ollama for Windows instances to prevent tampering with update requests. Consider disabling automatic updates to block the exploitation vector. Monitor systems running affected Ollama versions for unauthorized persistent activity.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.