PatchSiren

PatchSiren cyber security CVE debrief

CVE-2025-15514 Ollama CVE debrief

CVE-2025-15514 is a high-severity null pointer dereference vulnerability in Ollama's multi-modal model image processing functionality. The vulnerability allows remote attackers to exploit the application by sending specially crafted base64 image data, causing a segmentation fault and crashing the runner process, resulting in a denial of service condition. This issue affects Ollama versions from 0.11.5-rc0 to 0.13.5. The vulnerability has a CVSS score of 8.7 and is considered HIGH severity. The CVE was published on January 12, 2026, and last modified on June 30, 2026.

Vendor
Ollama
Product
Unknown
CVSS
HIGH 8.7
CISA KEV
Not listed in stored evidence
Original CVE published
2026-01-12
Original CVE updated
2026-06-30
Advisory published
2026-01-12
Advisory updated
2026-06-30

Who should care

Organizations using Ollama versions between 0.11.5-rc0 and 0.13.5 should prioritize patching this vulnerability to prevent potential denial of service attacks. Additionally, security teams and administrators responsible for maintaining Ollama installations should be aware of this vulnerability and take necessary actions to mitigate the risk.

Technical summary

The vulnerability exists in the multi-modal model image processing functionality of Ollama, specifically in the handling of base64-encoded image data via the /api/chat endpoint. The application fails to validate the decoded data before passing it to the mtmd_helper_bitmap_init_from_buf function, which can return NULL for malformed input. The code does not check this return value before dereferencing the pointer, leading to a null pointer dereference and a segmentation fault. This results in a denial of service condition, making the model unavailable to all users until the service is restarted.

Defensive priority

High priority should be given to patching this vulnerability, as it can be exploited remotely and results in a denial of service condition. Administrators should update Ollama to a version that fixes this issue as soon as possible.

Recommended defensive actions

  • Update Ollama to a version that fixes the null pointer dereference vulnerability.
  • Implement input validation and sanitization for base64-encoded image data.
  • Monitor Ollama installations for potential exploitation attempts.
  • Review and update incident response plans to address potential denial of service attacks.
  • Consider implementing compensating controls, such as web application firewalls, to detect and prevent malicious traffic.

Evidence notes

The CVE-2025-15514 vulnerability was published on January 12, 2026, and last modified on June 30, 2026. The vulnerability affects Ollama versions from 0.11.5-rc0 to 0.13.5. The CVSS score is 8.7, indicating high severity. The vulnerability allows remote attackers to exploit the application, causing a denial of service condition.

Official resources

This article is AI-assisted and based on the supplied source corpus.