Known Vulnerabilities for products from Ollama
Listed below are 4 of the newest known vulnerabilities associated with the vendor "Ollama".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-45365 json | Not Provided | 2026-05-15 | 2026-05-19 | |
| CVE-2026-44563 json | Not Provided | 2026-05-15 | 2026-05-18 | |
| CVE-2026-42249 json | Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attack... | Not Provided | 2026-04-29 | 2026-05-18 |
| CVE-2026-42248 json | Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables. Unlike other pla... | Not Provided | 2026-04-29 | 2026-05-18 |
| CVE-2026-7482 json | Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint acce... | Not Provided | 2026-05-04 | 2026-05-11 |
| CVE-2026-7020 json | A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/tra... | Not Provided | 2026-04-26 | 2026-05-06 |
| CVE-2026-5530 json | Not Provided | 2026-04-05 | 2026-04-06 |