{"id":"PYSEC-2026-101","details":"An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the GGUF decoder","aliases":["CVE-2025-66959"],"modified":"2026-06-10T12:00:07.103727621Z","published":"2026-01-21T18:16:23.470Z","withdrawn":"2026-06-10T11:00:00Z","references":[{"type":"REPORT","url":"https://github.com/ollama/ollama/issues/9820"},{"type":"EVIDENCE","url":"https://zero.shotlearni.ng/blog/cve-2025-66959panic-dos-via-unchecked-length-in-gguf-decoder-copy/"}],"affected":[{"package":{"name":"ollama","ecosystem":"PyPI","purl":"pkg:pypi/ollama"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"0.12.10-NA"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/ollama/PYSEC-2026-101.yaml"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}