www.securityweek.com 5/5/2026, 12:59:22 PM · via preferred

Bleeding Llama bug leaks secrets from 300k Ollama servers

Bleeding Llama bug leaks secrets from 300k Ollama servers
Developing story vulnerability 2 articles tracked
Critical Ollama heap out-of-bounds read vulnerability (CVE-2026-7482)
CyberSIXT Evidence Panel
Primary Source nvd.nist.gov
CVE Intel
CISA KEV Not in KEV
Patch Patch Available

DUBBED Bleeding Llama, the heap out-of-bounds read issue in Ollama can be exploited remotely without authentication. Roughly 300,000 Ollama deployments are prone to sensitive information theft through this unauthenticated vulnerability, Cyera warns. The bug, tracked as CVE-2026-7482 with a CVSS score of 9.3, affects the GGUF model loader and enables reading memory that may contain prompts, messages and environment variables, including API keys, tokens and secrets.

The attacker can exfiltrate the resulting file via Ollama’s built-in model push feature, using only three unauthenticated API calls, Cyera says. Ollama launches by default without authentication and listens on all network interfaces, making internet-exposed instances particularly vulnerable. The vulnerability was addressed in Ollama version 0.17.1, and organisations are advised to apply the fix and implement network access controls, authentication proxies, and regular audits of exposed deployments.

View Primary Source Via www.securityweek.com

Article by CyberSIXT

Timeline Coverage

Swipe to explore timeline