Ollama

Unpatched flaws turn Ollama’s auto-updater into a persistent RCE vector, researchers say

May 5, 2026

Researchers at Striga have disclosed two vulnerabilities (CVE-2026-42248, CVE-2026-42249) in Ollama’s Windows auto-updater that, when chained together, may allow an …

Resources

Download: Secure Foundations for AI Workloads on AWS
Download: Automating Pentest Delivery Guide
CIS Benchmarks March 2026 Update

Don't miss

LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)
The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic
Treating AI agents like service accounts for federated query security
Malware ships with bugs that defenders could use against it
Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)

Ollama

Unpatched flaws turn Ollama’s auto-updater into a persistent RCE vector, researchers say

Featured news

Resources

Don't miss