Vulnerability Report

CVE-2026-7482

Title: Heap Out-of-Bounds Read in Ollama GGUF Loader

Information Disclosure, Heap Out-of-Bounds Read

Proof Of Concept

PoC Available for CVE-2026-7482

CWE Category CWE-125
Published Date May 04, 2026
Modified Date May 11, 2026
Exploit Status Available
Score 8.8 CVSS v4.0
Exploit Probability (EPSS)
0.76%

Vulnerability Summary

CVE-2026-7482: Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in which the declared tensor offset and size exceed the file's actual length; during quantization in fs/ggml/gguf.go and server/quantization.go (WriteTo()), the server reads past the allocated heap buffer. The leaked memory contents may include environment variables, API keys, system prompts, and concurrent users' conversation data, and can be exfiltrated by uploading the resulting model artifact through the /api/push endpoint to an attacker-controlled registry. The /api/create and /api/push endpoints have no authentication in the upstream distribution. Default deployments bind to 127.0.0.1, but the documented OLLAMA_HOST=0.0.0.0 configuration is widely used in practice (large public-internet exposure observed).

Impacted Vendors

O
ollama 1

Reference Links

https://github.com/ollama/ollama/commit/88d57d0483cca907e0b23a968c83627a20b21047 https://github.com/ollama/ollama/pull/14406 https://github.com/ollama/ollama/releases/tag/v0.17.1
CVSS v4.0
Source Entity abd028dc-c042-4c4d-9749-38d0f850af89
Severity HIGH
8.8
Attack Vector
NETWORK
Complexity
LOW
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
N/A
RAW VECTOR CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:D/RE:L/U:Red
CVSS v3.1
Source Entity abd028dc-c042-4c4d-9749-38d0f850af89
Severity CRITICAL
9.1
Attack Vector
NETWORK
Complexity
LOW
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2026-7482 Exploits & PoCs (Proof Of Concept)

GitHub https://github.com/0x0OZ/CVE-2026-7482-PoC
View Code
GitHub https://github.com/szybnev/CVE-2026-7482
View Code
GitHub https://github.com/kaleth4/CVE-2026-7482
View Code
MODIFIED

Vulnerability data updated via NVD.

MODIFIED

Vulnerability data updated via NVD.

Attack Vector Matrix

Access Vector NETWORK
Complexity LOW
Privileges N/A
Interaction NONE
CVSS Vector String CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:A/V:D/RE:L/U:Red

Affected Stack

No specific products linked.