devtake.dev — GGUFArticles on devtake.dev covering GGUF.https://devtake.dev/en-usA crafted Ollama model file leaks the whole server's memory. 300,000 instances are exposed.https://devtake.dev/article/ollama-bleeding-llama-cve-2026-7482/https://devtake.dev/article/ollama-bleeding-llama-cve-2026-7482/Cyera disclosed CVE-2026-7482 on May 1, a CVSS 9.1 unauthenticated heap read in Ollama. Three API calls dump prompts, env vars, and API keys from any open instance.Mon, 11 May 2026 10:00:00 GMTsecuritysecurityollamallmcve-2026-7482local-inferencememorycyeraai-securityluca-reinhardtA malicious GGUF file owns your SGLang server: CVE-2026-5760 is an unpatched 9.8https://devtake.dev/article/sglang-cve-2026-5760-gguf-rce/https://devtake.dev/article/sglang-cve-2026-5760-gguf-rce/SGLang's reranker renders chat templates without a sandbox. Load a hostile GGUF, hit /v1/rerank, and the attacker has Python on your inference box. No patch yet.Mon, 27 Apr 2026 11:30:00 GMTsecuritysglangcve-2026-5760supply-chainai-securityllmrcejinja2ggufluca-reinhardt