CVE-2026-42249
Path Traversal in Ollama Windows Update Enables Remote Code Execution
Publication date: 2026-04-29
Last updated on: 2026-04-29
Assigner: CERT.PL
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ollama | ollama | From 0.12.10 (inc) to 0.17.5 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
| CWE-494 | The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Ollama for Windows' update mechanism, where it improperly handles HTTP response headers controlled by an attacker. When downloading updates, the application uses values from these headers to construct local file paths without validating them. This allows path traversal sequences (../) to be resolved, enabling an attacker to write files outside the intended update directory.
An attacker who can influence update responses can exploit this flaw to write arbitrary executable files to locations accessible by the current user, such as the Windows Startup directory, allowing execution of arbitrary code.
When combined with another vulnerability (CVE-2026-42248) that involves missing signature verification for updates, an attacker can deliver malicious payloads that are automatically executed without user interaction, resulting in persistent and silent code execution.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to execute arbitrary code on your system without your knowledge or consent. By exploiting the flaw, an attacker can place malicious executables in sensitive locations such as the Windows Startup directory, causing these malicious programs to run automatically when your system starts.
Because the update process is silent and automatic, this can lead to persistent compromise of your system, potentially allowing unauthorized access, data theft, or further malware installation.
Can you explain this vulnerability to me?
This vulnerability exists in Ollama for Windows' update mechanism, where it improperly handles HTTP response headers controlled by an attacker. When the application downloads updates, it uses values from these headers to construct local file paths without validating them. This allows path traversal sequences (like ../) to be resolved, enabling an attacker to write files outside the intended update directory.
An attacker who can influence update responses can exploit this flaw to write arbitrary executable files to locations accessible by the current user, such as the Windows Startup directory, leading to execution of arbitrary code.
If combined with another vulnerability (CVE-2026-42248) that lacks signature verification for updates, an attacker can deliver malicious payloads that are automatically executed without user interaction, resulting in persistent and silent code execution.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to execute arbitrary code on your system without your knowledge or consent. By exploiting the flaw, malicious executables can be placed in sensitive locations such as the Windows Startup directory, causing them to run automatically when the system starts.
Because the update process is silent and automatic, the attack can persist and remain undetected, potentially leading to unauthorized control over your system, data compromise, or further malware installation.