Improper Validation of Array Index in Ollama by Ollama Corp
CVE-2026-15685
7.5HIGH
What is CVE-2026-15685?
The vulnerability within the downloadBlob function in Ollama arises from inadequate validation of user-supplied data. This flaw can lead to memory access issues that trigger a denial-of-service condition. Attackers can exploit this weakness without requiring authentication, resulting in system disruption. The lack of robust input validation creates a significant security risk for installations of Ollama, necessitating prompt remediation to protect against potential exploitation.
Affected Version(s)
Ollama 0.7.1
