Researchers disclosed CVE-2026-7482, a critical out-of-bounds read in Ollama’s GGUF model loader that could let a remote attacker leak process memory, including API keys, system prompts, and conversation data. Separate unpatched Windows update flaws, CVE-2026-42248 and CVE-2026-42249, can be chained for persistent code execution through Ollama’s updater and Startup folder behavior. #Ollama #CVE-2026-7482 #CVE-2026-42248 #CVE-2026-42249 #BleedingLlama #CERTPolska #Cyera #Striga
Keypoints
- CVE-2026-7482 affects Ollama before 0.17.1 and enables heap out-of-bounds reads.
- The flaw is triggered through the /api/create endpoint using a crafted GGUF file.
- Successful exploitation can expose sensitive data from Ollama process memory.
- CVE-2026-42248 and CVE-2026-42249 affect Ollama for Windows update handling.
- The Windows flaws can be chained for persistent code execution at user privilege level.
Read More: https://thehackernews.com/2026/05/ollama-out-of-bounds-read-vulnerability.html