Ollama contains a high-severity unauthenticated memory disclosure vulnerability that could lead to sensitive data exposure and persistent system compromise.

The vulnerability resides in the model quantization engine and allows an unauthenticated attacker to remotely read and exfiltrate heap memory. This flaw provides a direct path for extracting sensitive information without requiring valid user credentials.

This vulnerability is critical because it allows for unauthenticated data exfiltration, which could lead to the theft of intellectual property, API keys, or other sensitive data residing in memory. With a CVSS score of 7.5, the risk is compounded by the potential for attackers to gain a foothold for further, more destructive system-wide compromise.

Immediate Action: Update Ollama to the latest version provided by the vendor to remediate the quantization engine flaw.

Proactive Monitoring: Monitor server memory usage and network egress traffic for unusual patterns that may indicate unauthorized data extraction from the heap.

Compensating Controls: Restrict network access to the Ollama service to authorized internal IP addresses only, effectively blocking unauthenticated remote access.

Public Exploit Available: false

Given the ease of access (unauthenticated) and the sensitivity of the exposed data (heap memory), this vulnerability should be patched with the highest priority. Organizations using Ollama should immediately audit their network exposure and apply the vendor’s security updates.