A vulnerability in Ollama allowed remote code execution, affecting over 1,000 instances. Wiz Research disclosed CVE-2024-37032, fixed in version 0.1.34.
Ollama's vulnerability stemmed from insufficient validation on the server side of its REST API, enabling attackers to trigger API endpoints for remote code execution.