CVE-2025-15514

Severity CVSS v4.0:

HIGH

Type:

Unavailable / Other

Publication date:

12/01/2026

Last modified:

21/01/2026

Description

Ollama 0.11.5-rc0 through current version 0.13.5 contain a null pointer dereference vulnerability in the multi-modal model image processing functionality. When processing base64-encoded image data via the /api/chat endpoint, the application fails to validate that the decoded data represents valid media before passing it to the mtmd_helper_bitmap_init_from_buf function. This function can return NULL for malformed input, but the code does not check this return value before dereferencing the pointer in subsequent operations. A remote attacker can exploit this by sending specially crafted base64 image data that decodes to invalid media, causing a segmentation fault and crashing the runner process. This results in a denial of service condition where the model becomes unavailable to all users until the service is restarted.

Impact

Vector 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N CVSS v4.0 Severity and Metrics:

Base Score: 8.70 HIGH
Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Attack Vector (AV): Network
Attack Complexity (AC): Low
Attack Requirements (AT): None
Privileges Required (PR): None
User Interaction (UI): None
Confidentiality (VC): None
Integrity (VI): None
Availability (VA): High
Confidentiality (SC): None
Integrity (SI): None
Availability (SA): None

Base Score 4.0

8.70

Severity 4.0

HIGH

Vector 3.x

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS v3.1 Severity and Metrics:

Base Score: 7.50 HIGH
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): High

Base Score 3.x

7.50

Severity 3.x

HIGH

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:a:ollama:ollama::-::::::*	0.11.6 (including)	0.13.5 (including)
cpe:2.3:a:ollama:ollama:0.11.5:-::::::
cpe:2.3:a:ollama:ollama:0.11.5:rc0::::::
cpe:2.3:a:ollama:ollama:0.11.5:rc1::::::
cpe:2.3:a:ollama:ollama:0.11.5:rc2::::::
cpe:2.3:a:ollama:ollama:0.11.5:rc3::::::
cpe:2.3:a:ollama:ollama:0.11.5:rc4::::::
cpe:2.3:a:ollama:ollama:0.11.5:rc5::::::

To consult the complete list of CPE names with products and versions, see this page

CPE	From	Up to
cpe:2.3:a:ollama:ollama::-::::::*	0.11.6 (including)	0.13.5 (including)
cpe:2.3:a:ollama:ollama:0.11.5:-::::::
cpe:2.3:a:ollama:ollama:0.11.5:rc0::::::
cpe:2.3:a:ollama:ollama:0.11.5:rc1::::::
cpe:2.3:a:ollama:ollama:0.11.5:rc2::::::
cpe:2.3:a:ollama:ollama:0.11.5:rc3::::::
cpe:2.3:a:ollama:ollama:0.11.5:rc4::::::
cpe:2.3:a:ollama:ollama:0.11.5:rc5::::::

CVE-2025-15514

Description

Impact

Vulnerable products and versions

References to Advisories, Solutions, and Tools