A critical vulnerability in Ollama poses a direct risk of sensitive information leaks to more than 300,000 internet-exposed servers, researchers have found.
The flaw, tracked as CVE-2026-7482, stems from an out-of-bounds heap read in Ollama’s model quantization pipeline. Ollama is one of the most popular frameworks for running AI models on local hardware. The flaw also subjects servers on local LANs to the leak risk if access is not restricted to them.
The vulnerability, dubbed Bleeding Llama by the researchers from Cyera who found it, enables unauthenticated attackers to upload a specially crafted file to the Ollama API endpoint, causing the application to leak its process memory, including...