The National Cybersecurity Bulletin has issued a warning about the large model tool Ollama, stating that it poses a security risk.
1min read The default configuration of the open-source cross-platform large model tool Ollama has been found to have vulnerabilities such as unauthorized access and model theft.
On March 3, the National Cybersecurity Information Center issued a notice regarding the security risks of the large model tool Ollama. According to the analysis by the Tsinghua University Network Space Mapping Joint Research Center, the default configuration of the open-source cross-platform large model tool Ollama has vulnerabilities such as unauthorized access and model theft. Given the widespread use of large models such as DeepSeek, most users deploy Ollama privately without modifying the default configuration, which poses security risks such as data leakage, stolen computing power, and service interruption, and is highly likely to trigger network and data security incidents.
At present, a large number of servers with such security vulnerabilities are exposed on the Internet. It is recommended that users strengthen vulnerability detection and promptly carry out security reinforcement. If they find that they have been attacked by the network, they should report to the local public security network and information security department in the first time and cooperate with the investigation and disposal work of the public security network and information security department. The National Network and Information Security Information Communication Center will further strengthen monitoring and issue follow-up notices in a timely manner.
