Advisories 11 May 2026 / 0 Comments

Ollama "Bleeding Llama" Heap Memory Leak Exposing LLM API Keys (CVE-2026-7482)

Scope: Ollama (Versions Prior to 0.17.1 / Windows Prior to 0.23.0)

Severity: Red

A critical out-of-bounds heap read vulnerability (CVSS 9.1) in Ollama's GGUF model loader allows unauthenticated remote attackers to leak the entire Ollama server process memory — including API keys, cloud credentials such as AWS_ACCESS_KEY_ID, system prompts, and other concurrent users' conversation data — using just three unauthenticated API calls, with stolen data silently exfiltrated via the /api/push endpoint to an attacker-controlled model registry. With over 300,000 Ollama servers estimated to be internet-exposed and the API unauthenticated by default, any deployment not behind a firewall or authentication proxy is immediately at risk. Organizations should upgrade to Ollama version 0.17.1 or later immediately, place all Ollama instances behind an authentication proxy or firewall, and rotate all API keys, tokens, and cloud credentials that may have been accessible in server memory.

The Uganda National CERT and Coordination Center (CERT.UG/CC) encourages users and administrators to review the recommendations and apply the necessary updates.

Ollama "Bleeding Llama" Heap Memory Leak Exposing LLM API Keys (CVE-2026-7482)

First AI-Generated Zero-Day Exploit – 2FA Bypass in Open-Source Web Admin Tool

Recent Advisories

Categories

Contact info

Useful Links

Subscribe to our Mailing List

Ollama "Bleeding Llama" Heap Memory Leak Exposing LLM API Keys (CVE-2026-7482)

RELATED ADVISORIES

First AI-Generated Zero-Day Exploit – 2FA Bypass in Open-Source Web Admin Tool

Recent Advisories

Categories