https://vulnerability.circl.lu/sightings/feed 2026-06-27T23:36:19.938487+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/88712db1-fa59-49f9-a0e7-9280235bb354/export 2026-06-27T23:36:19.962543+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "88712db1-fa59-49f9-a0e7-9280235bb354", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7482", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/116554490423746027", "content": "\ud83d\udea8 CVE-2026-7482 in Ollama could let remote attackers leak process memory from more than 300,000 exposed servers using crafted GGUF files.\nSeparate unpatched Windows flaws enable persistent code execution through Ollama\u2019s update mechanism.\nFull details and mitigations: https://thehackernews.com/2026/05/ollama-out-of-bounds-read-vulnerability.html", "creation_timestamp": "2026-05-11T06:19:44.013796Z"} 2026-05-11T06:19:44.013796+00:00 https://vulnerability.circl.lu/sighting/2db5533a-075f-4383-aafa-9d7dddaa15e2/export 2026-06-27T23:36:19.962448+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "2db5533a-075f-4383-aafa-9d7dddaa15e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7482", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mlldqadbog2p", "content": "\ud83d\udccc CVE-2026-7482 - Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied ... https://www.cyberhub.blog/cves/CVE-2026-7482", "creation_timestamp": "2026-05-11T13:07:11.539857Z"} 2026-05-11T13:07:11.539857+00:00 https://vulnerability.circl.lu/sighting/4ee78d4b-b3ae-4e4d-b365-1f2e6ea543ad/export 2026-06-27T23:36:19.962348+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "4ee78d4b-b3ae-4e4d-b365-1f2e6ea543ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7482", "type": "seen", "source": "https://bsky.app/profile/calimegai.bsky.social/post/3mllnge3c2d2y", "content": "Une faille critique dans Ollama (CVE-2026-7482, score 9.1) expose plus de 300 000 serveurs \u00e0 une fuite m\u00e9moire \u00e0 distance. Nom de code : Bleeding Llama \ud83e\udd99\ud83d\udca5 #CyberSecurity #IA ", "creation_timestamp": "2026-05-11T16:00:40.443617Z"} 2026-05-11T16:00:40.443617+00:00 https://vulnerability.circl.lu/sighting/26860afc-728f-40e3-9e63-30700d7bfbbe/export 2026-06-27T23:36:19.962249+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "26860afc-728f-40e3-9e63-30700d7bfbbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7482", "type": "seen", "source": "https://bsky.app/profile/modat-io.bsky.social/post/3mln776ammk2m", "content": "\ufe0f\u26a0 CVE-2026-7482: Critical heap out-of-bounds read in Ollama via crafted GGUF uploads to /api/create may leak API keys, prompts, credentials & conversation data from process memory. Affected: <0.17.1. Patch now. Query: product=\"Ollama\"\u00a0\n\nThe platform:\u00a0\nmagnify.modat.io", "creation_timestamp": "2026-05-12T06:51:22.944418Z"} 2026-05-12T06:51:22.944418+00:00 https://vulnerability.circl.lu/sighting/58122199-db41-4a31-acaa-050785290cc2/export 2026-06-27T23:36:19.962148+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "58122199-db41-4a31-acaa-050785290cc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7482", "type": "seen", "source": "https://bsky.app/profile/mengli512.bsky.social/post/3mlndfaaioc2u", "content": "Ollama has a CVSS 9.1 bug named Bleeding Llama (CVE-2026-7482). Upgrade to 0.17.1 now. Are you running Ollama on 0.0.0.0?\n#Ollama #bug \nopen.substack.com/pub/pythonli...", "creation_timestamp": "2026-05-12T08:06:19.781893Z"} 2026-05-12T08:06:19.781893+00:00 https://vulnerability.circl.lu/sighting/36ffe781-4480-41c7-b4f7-17725102afcc/export 2026-06-27T23:36:19.962041+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "36ffe781-4480-41c7-b4f7-17725102afcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7482", "type": "seen", "source": "https://bsky.app/profile/Kubernetes.activitypub.awakari.com.ap.brid.gy/post/3mlnivxjq2zh2", "content": "Bleeding Llama (CVE-2026-7482): Critical Unauthenticated Memory Leak in Ollama Critical Ollama flaw CVE-2026-7482 exposes 300K servers, letting attackers leak API keys, prompts, and credentials thr...\n\n#Security #Bulletin #Bleeding #Llama #Vulnerability [\u2026] \n\n[Original post on indusface.com]", "creation_timestamp": "2026-05-12T09:45:36.962997Z"} 2026-05-12T09:45:36.962997+00:00 https://vulnerability.circl.lu/sighting/b819dee0-f99d-4ab9-9aa9-e007021c52e0/export 2026-06-27T23:36:19.961917+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "b819dee0-f99d-4ab9-9aa9-e007021c52e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7482", "type": "seen", "source": "https://bsky.app/profile/opsmatters.com/post/3mlphjah4sn2x", "content": "The latest update for #Indusface includes \"Bleeding Llama (CVE-2026-7482): Critical Unauthenticated Memory Leak in Ollama\" and \"DDoS Protection for Insurance: Always-On Defense for Claims, Quotes & #APIs\".\n \n#cybersecurity #infosec https://opsmtrs.com/3ySs2VF", "creation_timestamp": "2026-05-13T04:25:26.159661Z"} 2026-05-13T04:25:26.159661+00:00 https://vulnerability.circl.lu/sighting/dfaaa1fc-de55-4425-963f-4ff0ccb6f7bc/export 2026-06-27T23:36:19.961632+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "dfaaa1fc-de55-4425-963f-4ff0ccb6f7bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-7482", "type": "seen", "source": "https://bsky.app/profile/kubonai.bsky.social/post/3mmmqhog3te2q", "content": "Bleeding Llama: Ollama Memory Leak Exposes 300K Servers \u2014 API Keys & Chat Dat...\n\nCVE-2026-7482 'Bleeding Llama': Critical Ollama out-of-bounds read allows remote unauthenticated attackers ...\n\n\ud83d\udd17 https://ipsec.live/blog/2026-05-24-ollama-bleeding-llama-cve-2026-7482\n\n#infosec #cybersecurity", "creation_timestamp": "2026-05-24T19:52:49.650564Z"} 2026-05-24T19:52:49.650564+00:00 https://vulnerability.circl.lu/sighting/6cc7996a-b543-4fb0-9fc1-4c0d1fc9e559/export 2026-06-27T23:36:19.961270+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "6cc7996a-b543-4fb0-9fc1-4c0d1fc9e559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7482", "type": "seen", "source": "https://bsky.app/profile/hatena-bookmark.bsky.social/post/3mmrfjcfbou2z", "content": "#\ud83d\udd16\u30c6\u30af\u30ce\u30ed\u30b8\u30fc\n\u3010\u5b8c\u5168\u7248\u3011AI\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u5730\u7344\u7d75\u56f32026 - CVE\u30fb\u653b\u6483\u624b\u6cd5\u30fb\u9632\u5fa1\u7b56\u3092\u5168\u90e8\u89e3\u8aac\u3059\u308b - Qiita\n\n\u5148\u65e5\u306e\u8a18\u4e8b\u300c100\u4e07\u53f0\u306eAI\u30b5\u30fc\u30d3\u30b9\u3092\u30b9\u30ad\u30e3\u30f3\u3057\u305f\u3089\u53f2\u4e0a\u6700\u60aa\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u3060\u3063\u305f\u300d\u304c\u5927\u304d\u306a\u53cd\u97ff\u3092\u3044\u305f\u3060\u3044\u305f\u3002 76\u3044\u3044\u306d\u300162\u30b9\u30c8\u30c3\u30af\u30018\u4e07PV\u8d85\u3048\u3002 \u30b3\u30e1\u30f3\u30c8\u3067\u300c\u3082\u3063\u3068\u8a73\u3057\u304f\u77e5\u308a\u305f\u3044\u300d\u300c\u5177\u4f53\u7684\u306a\u5bfe\u7b56\u3092\u6559\u3048\u3066\u300d\u3068\u3044\u3046\u58f0\u3092\u591a\u6570\u3044\u305f\u3060\u3044\u305f\u306e\u3067\u3001\u5b8c\u5168\u7248\u306e\u6df1\u6398\u308a\u8a18\u4e8b\u3092\u66f8\u304f\u3053\u3068\u306b\u3057\u305f\u3002 \u3053\u306e\u8a18\u4e8b\u3067\u306f\uff1a CVE-2026-7482\u300cBlee...", "creation_timestamp": "2026-05-26T16:20:12.715487Z"} 2026-05-26T16:20:12.715487+00:00 https://vulnerability.circl.lu/sighting/43bc1681-3cbf-448f-a735-fc3c316c336e/export 2026-06-27T23:36:19.958427+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "43bc1681-3cbf-448f-a735-fc3c316c336e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-7482", "type": "seen", "source": "https://bsky.app/profile/foursignalsdev.bsky.social/post/3mp7cub72h325", "content": "Cyera Research disclosed CVE-2026-7482 (Bleeding Llama) with a 9.1 CVSS rating. Three unauthenticated API calls to Ollama before 0.17.1 can leak prompts, API keys, and tool outputs from process memory.", "creation_timestamp": "2026-06-26T16:00:18.519318Z"} 2026-06-26T16:00:18.519318+00:00