CRITICAL🇵🇱 Wersja polska

CVE-2025-63389

CVSS 9.8v3.1pub. 2025-12-18upd. 2026-01-22

A critical authentication bypass vulnerability exists in Ollama platform's API endpoints in versions prior to and including v0.12.3. The platform exposes multiple API endpoints without requiring authentication, enabling remote attackers to perform unauthorized model management operations.

🤖 AI Analysis
How it works

The Ollama platform exposes a range of API endpoints without requiring any authentication (CWE-306: Missing Authentication for Critical Function). Attackers can remotely, without possessing any credentials, directly send requests to these endpoints over the network. The absence of an identity control mechanism means that every network request is accepted and processed the same way as a request from an authorized user.

Impact

Attackers can perform language model management operations without authentication, including potentially downloading, modifying, or deleting models, leading to violations of system confidentiality, integrity, and availability (full CVSS C:H/I:H/A:H).

Mitigation & patch

Ollama should be updated to a version higher than v0.12.3. Until the update is deployed, it is recommended to restrict access to the Ollama API at the network level (firewall, access rules) to trusted hosts only, and to avoid publicly exposing API endpoints on the Internet. Details are available in the vendor references.

Who is affected

Ollama in versions up to and including v0.12.3

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Ollama

    APP
    Ollama
    ≤ 0.12.3
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2026-5757HIGH7.5ten sam produkt

Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an at...

CVE-2026-7482HIGH8.8ten sam produkt

Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/creat...

CVE-2026-42248HIGH7.7ten sam produkt

Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables. U...

CVE-2026-42249HIGH7.7ten sam produkt

Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper hand...

CVE-2025-66960HIGH7.5ten sam produkt

An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the fs/ggml/gguf.go, fu...