VDB
CVE-2025-51471
CVE-2025-51471
PUBLISHED
CVSS 6.900000095367432 MEDIUM
Ollama vulnerable to Cross-Domain Token Exposure
EPSS 0.06% · 17.9th percentile
Risk Scores
CVSS 3.1
6.900000095367432
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N
EPSS Score
0.06%
17.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| ollama | ollama | 0.6.7 |
| github.com | ollama/ollama | 0 |
| n/a | n/a | * |
Exploit Intelligence
- This PoC is for educational and authorized security testing purposes only. Do NOT use against systems you don't own. (github-poc)
- This PoC is for educational and authorized security testing purposes only. Do NOT use against systems you don't own. (github-poc)
- This PoC is for educational and authorized security testing purposes only. Do NOT use against systems you don't own. (github-poc)
- This PoC is for educational and authorized security testing purposes only. Do NOT use against systems you don't own. (github-poc)
- This PoC is for educational and authorized security testing purposes only. Do NOT use against systems you don't own. (github-poc)
- This PoC is for educational and authorized security testing purposes only. Do NOT use against systems you don't own. (github-poc)
- This PoC is for educational and authorized security testing purposes only. Do NOT use against systems you don't own. (github-poc)
- This PoC is for educational and authorized security testing purposes only. Do NOT use against systems you don't own. (github-poc)
- https://www.gecko.security/blog/cve-2025-51471 (nist-nvd)
- https://github.com/ollama/ollama/pull/10750 (nist-nvd)
…and 3 more exploits
Timeline
- Jul 22, 2025 CVE Published
- Jul 22, 2025 Coalition ESS Score
- Jul 22, 2025 PoC Published
- Jul 23, 2025 EPSS Score
- Jul 25, 2025 Coalition ESS Score
- Aug 1, 2025 EPSS Score
- Aug 10, 2025 EPSS Score
- Aug 19, 2025 EPSS Score
- Aug 26, 2025 Coalition ESS Score
- Aug 28, 2025 EPSS Score
- Sep 6, 2025 EPSS Score
- Sep 15, 2025 EPSS Score