A server-side request forgery vulnerability in Ollama allows attackers on the local network to read arbitrary files and make requests to internal services via the model pull endpoint. Affects all versions prior to 0.3.8.
A critical deserialization vulnerability in a widely-deployed ML model serving framework allows unauthenticated remote code execution via crafted model files. Patch immediately — active exploitation observed in the wild.
Analysis of a novel attack class targeting agentic AI systems: how injected instructions in tool outputs can escalate an agent's effective permissions, exfiltrate data, and pivot to internal services — and how to defend against it.
Model inversion and training data extraction attacks allow adversaries to recover PII, proprietary data, and trade secrets from fine-tuned LLMs exposed via API — a significant compliance and IP risk for enterprises.