CNNVD-202601-3372 Information

CNNVD ID

CNNVD-202601-3372

Related CVE

CVE-2025-66959

• CNNVD Published: 2026-01-21

Description (Chinese)

Ollama是Ollama开源的一个可以在本地设备上运行、管理和自定义大语言模型的工具。 ollama 0.12.10版本存在安全漏洞，该漏洞源于GGUF解码器存在问题，可能导致远程攻击者引发拒绝服务。

Description (English)

Ollama is a tool for operating, managing and customizing large language models on local equipment. There is a security loophole in version 0.12.10 of olama, which stems from problems with the GGF decoder, which may lead to a denial of service by a remote assailant.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Ollama

Published

2026-01-21

Last Modified

2026-02-24

References

https://github.com/ollama/ollama/issues/9820 https://zero.shotlearni.ng/blog/cve-2025-66959panic-dos-via-unchecked-length-in-gguf-decoder-copy/

Patch

https://github.com/ollama/ollama/releases