[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"article-ollama-memory-leak-cve-2026-7482-zh":3,"tags-ollama-memory-leak-cve-2026-7482-zh":38,"related-lang-ollama-memory-leak-cve-2026-7482-zh":48,"related-posts-ollama-memory-leak-cve-2026-7482-zh":52,"series-research-1de70fef-f10d-4ff6-b162-d58b527a168c":89},{"id":4,"title":5,"content":6,"summary":7,"source":8,"source_url":9,"author":10,"image_url":11,"keywords":12,"language":19,"translated_content":10,"views":20,"is_premium":21,"created_at":22,"updated_at":22,"cover_image":11,"published_at":23,"rewrite_status":24,"rewrite_error":10,"rewritten_from_id":25,"slug":26,"category":27,"related_article_id":28,"status":29,"google_indexed_at":30,"x_posted_at":10,"tweet_text":10,"title_rewritten_at":10,"title_original":10,"key_takeaways":31,"topic_cluster_id":35,"embedding":36,"is_canonical_seed":37},"1de70fef-f10d-4ff6-b162-d58b527a168c","Ollama 漏洞可遠端洩漏記憶體","\u003Cp data-speakable=\"summary\">Ollama 的 CVE-2026-7482 會讓外網可達的伺服器，因為惡意 GGUF 檔而洩漏程序記憶體。\u003C\u002Fp>\u003Cp>說真的，這種洞很麻煩。攻擊者不用先拿到登入權限，只要打到暴露的 Ollama \u003Ca href=\"\u002Ftag\u002Fapi\">API\u003C\u002Fa> 就有機會下手。\u003C\u002Fp>\u003Cp>這個漏洞的 CVSS 是 9.1。\u003Ca href=\"https:\u002F\u002Fwww.cve.org\u002FCVERecord?id=CVE-2026-7482\" target=\"_blank\" rel=\"noopener\">CVE-2026-7482\u003C\u002Fa> 已經被公開，\u003Ca href=\"https:\u002F\u002Fwww.cyera.com\u002F\" target=\"_blank\" rel=\"noopener\">Cyera\u003C\u002Fa> 也把它命名為 Bleeding Llama。\u003C\u002Fp>\u003Cp>更糟的是，Ollama 在 \u003Ca href=\"\u002Ftag\u002Fgithub\">GitHub\u003C\u002Fa> 上有超過 17.1 萬顆星。Fork 也超過 1.61 萬個。這代表用的人多，掃得到的面也大。\u003C\u002Fp>\u003Ctable>\u003Cthead>\u003Ctr>\u003Cth>項目\u003C\u002Fth>\u003Cth>數值\u003C\u002Fth>\u003C\u002Ftr>\u003C\u002Fthead>\u003Ctbody>\u003Ctr>\u003Ctd>CVE\u003C\u002Ftd>\u003Ctd>CVE-2026-7482\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>CVSS\u003C\u002Ftd>\u003Ctd>9.1\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>可能暴露伺服器\u003C\u002Ftd>\u003Ctd>300,000+\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>GitHub stars\u003C\u002Ftd>\u003Ctd>171,000+\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>GitHub forks\u003C\u002Ftd>\u003Ctd>16,100+\u003C\u002Ftd>\u003C\u002Ftr>\u003Ctr>\u003Ctd>修補版本\u003C\u002Ftd>\u003Ctd>0.17.1\u003C\u002Ftd>\u003C\u002Ftr>\u003C\u002Ftbody>\u003C\u002Ftable>\u003Ch2>這個洞到底怎麼來的\u003C\u002Fh2>\u003Cp>\u003Ca href=\"https:\u002F\u002Follama.com\" target=\"_blank\" rel=\"noopener\">Ollama\u003C\u002Fa> 的賣點很直接。它讓你在本機跑 \u003Ca href=\"\u002Ftag\u002Fllm\">LLM\u003C\u002Fa>。提示詞不用先送雲端，很多團隊覺得比較安心。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778713858981-cpex.png\" alt=\"Ollama 漏洞可遠端洩漏記憶體\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>但本機不等於安全。只要 REST API 對內網或外網開著，攻擊面就出現了。這次的問題就在 \u003Ccode>\u002Fapi\u002Fcreate\u003C\u002Fcode>。\u003C\u002Fp>\u003Cp>根據公開描述，0.17.1 之前的版本，會接受攻擊者送進來的 GGUF 檔。只要 t\u003Ca href=\"\u002Fnews\u002Fwhy-jensen-huang-is-right-to-run-toward-ai-zh\">ens\u003C\u002Fa>or offset 和 size 被刻意灌大，程式就可能在量化流程中越界讀取。\u003C\u002Fp>\u003Cp>漏洞點落在 \u003Ccode>fs\u002Fggml\u002Fgguf.go\u003C\u002Fcode> 和 \u003Ccode>server\u002Fquantization.go\u003C\u002Fcode>。而且它還用了 Go 的 \u003Ccode>unsafe\u003C\u002Fcode>。講白了就是，正常的記憶體安全保護在那條路徑上失效了。\u003C\u002Fp>\u003Cul>\u003Cli>攻擊面：對外可連的 Ollama REST API\u003C\u002Fli>\u003Cli>觸發方式：惡意 GGUF 檔\u003C\u002Fli>\u003Cli>核心問題：heap out-of-bounds read\u003C\u002Fli>\u003Cli>可能外洩：環境變數、API key、system prompt、聊天內容\u003C\u002Fli>\u003C\u002Ful>\u003Ch2>為什麼這種洩漏很危險\u003C\u002Fh2>\u003Cp>這不是只漏幾個位元組而已。若攻擊者能把記憶體內容帶出來，很多敏感資料都可能一起被撈走。\u003C\u002Fp>\u003Cp>最可怕的是，AI 服務常常把很多東西塞進同一個程序。模型載入、推理、工具呼叫、日誌，通通可能在 heap 裡留下痕跡。\u003C\u002Fp>\u003Cp>Cyera 的資安研究員 Dor Attias 直接講得很白：「攻擊者幾乎可以從你的 AI 推理中學到組織的一切，包括 API keys、專有程式碼、客戶合約，還有更多。」\u003C\u002Fp>\u003Cblockquote>“An attacker can learn basically anything about the organization from your AI inference — API keys, proprietary code, customer contracts, and much more.” — Dor Attias, Cyera\u003C\u002Fblockquote>\u003Cp>這句話很重。因為它不是在講模型本身。它在講整個工作流程。\u003C\u002Fp>\u003Cp>如果你把 \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Fanthropics\u002Fclaude-code\" target=\"_blank\" rel=\"noopener\">Claude Code\u003C\u002Fa> 這類工具接進去，風險還會往上疊。工具輸出、上下文、暫存資料，都可能進到程序記憶體。\u003C\u002Fp>\u003Ch2>攻擊鏈怎麼走\u003C\u002Fh2>\u003Cp>這次的攻擊流程不複雜。先丟惡意 GGUF，再觸發模型建立，最後把漏出來的資料送出去。\u003C\u002Fp>\n\u003Cfigure class=\"my-6\">\u003Cimg src=\"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778713847451-c2mg.png\" alt=\"Ollama 漏洞可遠端洩漏記憶體\" class=\"rounded-xl w-full\" loading=\"lazy\" \u002F>\u003C\u002Ffigure>\n\u003Cp>攻擊者先打 \u003Ccode>\u002Fapi\u002Fcreate\u003C\u002Fcode>。這一步會讓 Ollama 去處理檔案內容。當 tensor metadata 被做假，程式就可能讀過頭。\u003C\u002Fp>\u003Cp>接著再用 \u003Ccode>\u002Fapi\u002Fpush\u003C\u002Fcode>。如果漏出的 heap 內容已經混進模型產物，攻擊者就能把它推到自己控制的 registry。\u003C\u002Fp>\u003Cp>這裡最陰的是，每一步看起來都像正常操作。上傳檔案、建立模型、發佈模型，都是 Ollama 的日常功能。\u003C\u002Fp>\u003Cul>\u003Cli>Step 1：送入偽造 GGUF\u003C\u002Fli>\u003Cli>Step 2：呼叫 \u003Ccode>\u002Fapi\u002Fcreate\u003C\u002Fcode>\u003C\u002Fli>\u003Cli>Step 3：利用 \u003Ccode>\u002Fapi\u002Fpush\u003C\u002Fcode> 外送資料\u003C\u002Fli>\u003Cli>Step 4：從外部 registry 讀回洩漏內容\u003C\u002Fli>\u003C\u002Ful>\u003Cp>Cyera 提到，可能受影響的伺服器超過 30 萬台。這數字很刺眼。\u003C\u002Fp>\u003Cp>我覺得這也反映一件事。很多團隊把 local AI server 當成內部工具。結果一旦 API 開錯地方，就變成可掃描的目標。\u003C\u002Fp>\u003Ch2>跟其他 Ollama 問題比起來\u003C\u002Fh2>\u003Cp>這次的 CVE-2026-7482，重點是資訊外洩。它不是單純的 crash。它直接碰到機密資料。\u003C\u002Fp>\u003Cp>修補已經放在 \u003Ca href=\"https:\u002F\u002Fgithub.com\u002Follama\u002Follama\" target=\"_blank\" rel=\"noopener\">Ollama\u003C\u002Fa> 0.17.1。這代表版本檢查要立刻做，不要拖。\u003C\u002Fp>\u003Cp>但這不是 Ollama 唯一的麻煩。Windows upda\u003Ca href=\"\u002Fnews\u002Fwhy-pinterest-new-ad-relevance-model-wins-zh\">ter\u003C\u002Fa> 另外還有 \u003Ca href=\"https:\u002F\u002Fwww.cve.org\u002FCVERecord?id=CVE-2026-42248\" target=\"_blank\" rel=\"noopener\">CVE-2026-42248\u003C\u002Fa> 和 \u003Ca href=\"https:\u002F\u002Fwww.cve.org\u002FCVERecord?id=CVE-2026-42249\" target=\"_blank\" rel=\"noopener\">CVE-2026-42249\u003C\u002Fa>。一個是簽章驗證問題，一個是路徑穿越。\u003C\u002Fp>\u003Cp>如果 Windows 桌面版會自動啟動，還會定期檢查更新，攻擊鏈就更長了。這種情況下，持久化執行不是空想。\u003C\u002Fp>\u003Cul>\u003Cli>CVE-2026-7482：GGUF loader 的 heap 越界讀取\u003C\u002Fli>\u003Cli>CVE-2026-42248：Windows updater 簽章驗證缺失\u003C\u002Fli>\u003Cli>CVE-2026-42249：Windows updater staging path 路徑穿越\u003C\u002Fli>\u003Cli>0.12.10 到 0.17.5：公開說明中點名的 Windows 版本範圍\u003C\u002Fli>\u003Cli>AutoUpdateEnabled：預設開啟，除非管理員關掉\u003C\u002Fli>\u003C\u002Ful>\u003Cp>把這些放一起看，就很清楚了。問題不是單點，而是整條供應鏈和更新流程都要管。\u003C\u002Fp>\u003Cp>你不能只說「我有裝最新版」就算完事。你還要看服務是不是對外開著，更新機制有沒有被繞過。\u003C\u002Fp>\u003Ch2>現在該怎麼處理\u003C\u002Fh2>\u003Cp>先更新到 0.17.1。這是最直接的動作。版本沒升上去，其他討論都只是聊天。\u003C\u002Fp>\u003Cp>再來是網路隔離。Ollama 不該裸露在公網。至少要放在防火牆後面，再加上認證代理或 API gateway。\u003C\u002Fp>\u003Cp>如果你有用 Windows 客戶端，也要檢查自動更新。能關就先關，Startup 資料夾的捷徑也要確認有沒有被濫用。\u003C\u002Fp>\u003Cp>我會建議再補一輪稽核。看哪些主機能從外網打到，哪些服務帳號有 API key，哪些 prompt 可能含有內部資料。\u003C\u002Fp>\u003Cul>\u003Cli>先升級到 0.17.1\u003C\u002Fli>\u003Cli>把 API 從公網收回來\u003C\u002Fli>\u003Cli>前面加認證層\u003C\u002Fli>\u003Cli>盤點環境變數和 secrets\u003C\u002Fli>\u003Cli>檢查 Windows updater 設定\u003C\u002Fli>\u003C\u002Ful>\u003Ch2>這件事放到產業脈絡裡看\u003C\u002Fh2>\u003Cp>本機 LLM 這幾年很紅。大家想要的是低延遲、低成本、資料不出門。\u003C\u002Fp>\u003Cp>但本機只是部署方式，不是安全保證。只要有檔案解析、更新器、API、工具呼叫，漏洞一樣會出現。\u003C\u002Fp>\u003Cp>而且 AI 服務的敏感度，比一般 Web 服務更高。因為它吃進去的資料，常常就是公司最值錢的東西。\u003C\u002Fp>\u003Cp>這也是為\u003Ca href=\"\u002Fnews\u002Fwhy-gemini-powered-siri-will-be-apples-best-ai-move-zh\">什麼\u003C\u002Fa>很多團隊現在開始把 LLM 當成基礎設施管。不是 demo，不是玩具，就是正式服務。\u003C\u002Fp>\u003Cp>所以這次事件的重點很實際。你要問的不是「有沒有裝 Ollama」，而是「誰能碰到它」。\u003C\u002Fp>\u003Ch2>接下來該盯什麼\u003C\u002Fh2>\u003Cp>我會先看兩件事。第一，外網上到底還有多少 Ollama instance。第二，這些 instance 裡面有沒有塞著 prompt、key、客服資料。\u003C\u002Fp>\u003Cp>如果你們團隊也在跑 local LLM，現在就該做一次盤點。把版本、網段、權限、更新器都拉出來看。\u003C\u002Fp>\u003Cp>講白了，這類漏洞不會只停在單一產品。誰先把暴露面收乾淨，誰就少掉一大截風險。\u003C\u002Fp>\u003Cp>如果你要我給一句建議，就是先升級，再封網，最後再談優化。這順序別搞反。\u003C\u002Fp>","Ollama 出現 CVE-2026-7482，遠端攻擊者可透過惡意 GGUF 檔讀出程序記憶體，可能外洩金鑰、提示詞與使用者資料。","thehackernews.com","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Follama-out-of-bounds-read-vulnerability.html",null,"https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778713858981-cpex.png",[13,14,15,16,17,18],"Ollama","CVE-2026-7482","GGUF","LLM 安全","記憶體洩漏","AI 伺服器","zh",0,false,"2026-05-13T23:10:35.420032+00:00","2026-05-13T23:10:35.166+00:00","done","cedb86b7-8ecb-4de7-b06c-91172c573cbc","ollama-memory-leak-cve-2026-7482-zh","research","4eaf4af7-1f8a-4856-bcfe-e83241d9abda","published","2026-05-14T09:00:17.364+00:00",[32,33,34],"CVE-2026-7482 會讓暴露的 Ollama 伺服器透過惡意 GGUF 檔洩漏程序記憶體。","受影響資料可能包含 API key、system prompt、聊天內容與其他敏感資訊。","最優先的處置是升級到 0.17.1，並把 Ollama 從公網收回來。","8575dc44-8be8-4a20-a937-db265af3e9e9","[-0.0007499797,0.010257817,0.0031859872,-0.07334929,0.00287356,-0.007060063,-0.0043697692,0.005409755,0.006639756,0.023605043,0.0073369853,-0.023185352,-0.005577098,-0.033820853,0.1483111,0.019948468,-0.0043484797,0.020146254,0.04123096,-0.010507963,-0.015866226,-0.014915302,-0.0069664996,0.005462598,0.0022226044,-0.017522901,-0.002495134,0.018149137,0.045381997,-0.0017866993,-0.0028813086,-0.0055930032,-0.004142758,0.006734478,0.013245627,0.024817074,0.026887352,-0.0010325048,0.014073334,0.016018398,-0.007607516,-0.033508945,0.0024249014,0.011335161,0.0015928553,0.022588212,-0.01437283,-0.01892981,-0.011470824,0.020974312,-0.0054498385,0.017180651,-0.01803733,-0.15827405,-0.01675724,0.035262894,-0.010572431,0.005118156,0.029553259,0.002774223,-0.0074614156,0.004646417,0.012701316,0.011726592,0.0048564523,-0.023006009,0.0043176035,-0.0031433,-0.017972555,-0.00429736,-0.03442137,-0.0061540175,-0.004865986,-0.037262637,-0.0007620552,-0.0040957453,0.010338125,-0.004449218,0.031860214,0.007360653,-0.014931415,-0.03864285,-0.006105433,0.012608918,0.005085232,0.016115824,0.005166131,-0.005126185,-0.006959413,-0.00308628,0.011960615,0.025080705,0.006719108,0.010912848,0.0026210318,0.013857912,0.017377753,-0.0034376404,-0.0036605382,0.0091512455,0.016130105,-0.02674627,-0.014286222,0.038890027,-0.0052675162,0.004222673,0.018397825,0.0006469902,0.008169802,0.014433421,-0.0093313055,0.00010160745,-0.03260695,-0.0035834091,0.0072868336,-0.12820366,0.0044712406,-0.0015005784,-0.0005450614,0.0036475407,-0.004679666,-0.024868257,0.011448771,0.021024918,0.017014742,-0.0025660384,0.01888228,0.008904105,0.0022838817,-0.01149258,-0.008218215,-0.023061993,0.024247343,9.162515e-05,-0.0057562576,0.051014535,-0.013560225,-0.01679901,-0.001627857,-0.003761974,0.01753426,0.022334283,0.017758463,-0.027533313,-0.019753369,-0.013385159,-0.009115396,-0.0038463396,0.016891008,-0.028956972,0.02238103,-0.0034148677,-0.024388999,-0.015091947,0.026485842,-0.04946862,0.005866314,0.026708763,-0.009954546,0.020070905,-0.015445444,-0.013510352,0.0070160874,0.012955631,0.012875513,0.0072953254,-0.01093665,-0.007994199,0.0055701756,0.013063085,-0.023147635,-0.034071308,-0.015527565,-0.0061148256,0.015145249,0.008089576,0.008550103,-0.009100106,-0.014748058,-0.01642283,-0.028026946,0.0075451164,0.002174837,0.013189762,0.02209285,-0.0146354325,0.0040689977,0.0049438705,-0.003616515,-0.0031653163,-0.021031857,-0.008576813,0.0071477937,0.00835368,-0.0029571282,-0.0027272145,-0.021911586,0.00059533346,0.0006176658,0.0026693512,-0.017714387,-0.015311154,0.0051379553,-0.030977936,0.00554066,-0.011433484,-0.0117498385,0.009222968,0.009729612,-0.004826157,0.011201983,0.0038760162,0.050061233,-0.0033091945,0.0063175857,-0.0012306677,-0.002490936,-0.017695993,0.012698665,-0.01690946,0.0151708,-0.012613021,-0.00080428977,0.019283,-0.0053120516,-0.013918694,0.00946272,-0.004406061,-0.01168608,0.037460987,0.014898575,0.021821763,0.013814523,0.00796151,0.0057051354,0.007887182,0.0124178985,-0.010952486,-0.014099712,0.021927608,-0.02001951,0.0043289526,-0.023178631,0.00196152,0.038439043,-0.051883847,0.031075295,-0.0027207653,-0.022803,0.028029446,0.00394365,-0.004313762,0.0056509534,0.004445713,0.0005075055,-0.016431974,-0.000895227,0.023953252,-0.013376661,-0.014129452,0.016503826,0.0012125969,-0.020842915,0.018081272,0.011904975,0.008667353,0.021527313,0.0152378455,-0.01932007,0.011468539,-0.01388753,0.01653068,-0.011701857,0.010123234,0.043310642,-0.028291736,-0.047435403,0.008644842,0.015265299,-0.012377065,0.011068785,0.029418716,-0.012356187,-0.003175278,-0.0009990002,-0.010127279,-0.010445711,0.003355313,-0.009979374,-0.0167966,-0.0052182553,0.018344685,0.022830827,0.024802266,0.01820374,-0.01859996,0.0030562154,-0.00699345,-0.0016624763,-0.00064698566,-0.004773347,0.0016115204,0.030230515,0.03612153,-0.0013848348,0.010380155,0.0013500347,0.01037785,0.002274224,0.016336285,-0.009002962,-0.001660944,0.0037634906,-0.027583824,-0.008411061,-0.015282597,-0.00606432,-0.024718948,-0.022095568,-0.012890588,-0.0059681293,-0.012404005,0.024288027,-0.01578742,-0.044727374,0.017285151,-0.0118739195,-0.012561248,0.022565557,0.002472174,-0.014492326,0.009684104,0.004538939,0.0015154574,-0.012779342,-0.020336578,-0.010598951,0.0072073373,-0.022331716,-0.0073161526,-0.02421161,0.009749825,-0.0075352327,-0.0097714495,-0.01636694,0.019091487,0.020648748,-0.0023497627,0.019702522,-0.031034052,0.033176623,-0.016431507,0.017031543,0.0066120317,-0.037402324,0.017742787,-0.009542784,-0.013145001,0.010068267,0.03301656,0.022845352,0.004205592,0.006925384,-0.005913725,0.03655305,0.0043058004,0.0008309479,-0.0073298123,-0.021457357,-0.007917029,0.0005377841,-0.014817358,0.018395472,-0.017369116,-0.011268225,0.013018734,-0.01726514,0.018102556,0.013756395,-0.024203757,-0.00786296,0.020026354,-0.013707052,-0.02464492,0.0047417814,0.012257627,-0.014532964,-0.025735289,0.018108685,0.008096673,-0.029981237,-0.0035809814,-0.014739312,0.011165737,-0.006924378,0.0016298535,-0.024378337,0.015761476,0.024846327,-0.034998838,0.006686558,0.018073732,-0.005217791,0.008112564,0.018867936,-0.0005877772,0.0061199646,0.0051163924,0.032924246,-0.0039548925,0.00908558,-0.023074085,0.010100175,-0.014287081,0.012059322,0.00028493718,-0.0056827487,-0.02109824,-0.01835873,0.008946813,-0.017778983,0.025019115,-0.00089083385,-0.0061495174,0.001516882,0.025289992,0.011255366,-0.0173697,-0.017374413,-0.0031593423,-0.0027504195,-0.008432044,-0.010298956,-0.022971228,0.014944407,0.008730259,-0.009060098,-0.029242631,-0.022843765,0.0010209089,-0.021304736,-0.024123484,0.010291254,0.0018232089,-0.0088098785,-0.012155417,0.019279135,-0.04689825,-0.021858148,0.022040376,0.043329082,-0.014052389,0.03772527,-0.026228625,-0.021905452,-0.0060345074,0.01842483,-0.0016757755,-0.018386504,-0.020433854,0.012809087,-0.016705245,0.042580593,0.036824014,0.013689988,-0.044993665,-0.013203162,-0.012807504,0.0013801833,0.033212926,-0.013305639,-0.002022401,0.034165226,0.010523111,-0.0218948,0.0055553005,-0.0044200504,0.019666338,-0.011579839,0.010141529,-0.005421418,-0.0076372875,4.8058006e-05,0.021128353,-0.017296204,0.0286787,0.0017258055,-0.0070409407,-0.020127846,0.015107109,0.0099615,0.0034652106,0.009200991,-0.0026085828,-0.007931645,-0.018926851,-0.018341923,-0.016239088,-0.004923723,0.023415731,0.023671612,-0.008334392,0.013566724,-0.024584884,-0.012966412,-0.0024717874,0.007469557,0.013306526,-0.010311125,0.007816509,-0.024232898,-0.009745439,0.01321821,-0.02162814,-0.01298208,-0.016852627,0.0019564754,-0.005189961,-0.024778338,-0.0070296614,0.0078066895,-0.018081125,0.00820756,0.012957052,0.00461123,-0.0068250233,0.021851148,-0.0018339632,-0.017639944,0.0021840488,8.4204104e-05,-0.010707643,0.0038305165,-0.0073414533,0.040264625,-0.015993627,0.0089636585,0.011963157,0.033478335,0.020034913,-0.020831173,-0.0028888457,-0.011298737,-0.015708225,0.027862096,-0.0993553,-0.030612102,0.005769925,-0.0030132362,-0.024650495,-0.022491977,0.017025879,-0.010944624,-0.006544361,0.021105979,0.032610856,-0.012551299,0.04575413,0.052452296,0.008324529,-0.026691489,-0.012449235,-0.0018481481,0.011731633,-0.020788046,0.021977771,-0.016588604,0.017065698,0.030615458,-0.03911729,-0.008840858,-0.0066977977,-0.0008688949,0.02743495,0.014285281,-0.020932889,-0.016264627,0.027910197,0.02894234,-0.008516339,-0.01315818,-0.003083831,-0.0030209809,0.0014500432,0.0075418213,-0.006411307,-0.017966157,-0.033705246,-0.0004367347,0.0074555655,-0.0024545921,-0.004475419,-0.0058470992,-0.00035319783,0.029247658,-0.016986828,-0.010489335,-0.024301518,-0.012212809,0.0030616473,-0.021911778,-0.0074343258,-0.0018109306,-0.02021293,0.011847986,-0.025220731,0.022031732,-0.015923288,0.0050782356,0.0098556075,0.003395478,0.014545687,0.009435239,0.0057111303,-0.0105659785,-0.026424658,-0.004789657,0.015896058,0.014410404,-0.041019585,0.01645143,-0.00896378,0.02951669,0.001815387,-0.011469447,-0.00024037108,-0.01674983,-0.08157081,-0.012850934,0.012165717,-0.0184289,-0.0052785864,0.02142281,0.020803027,-0.04382443,-0.003735187,-0.05273578,0.007077552,0.004384648,-0.029085573,-0.0056046247,0.034343287,-0.010143501,0.0067174034,0.024901485,0.008238,-0.04424966,-0.009015658,0.0035759197,0.012642781,-0.0012875424,-0.019324124,0.005410035,0.02194764,0.0116982935,0.019407647,-0.020053046,-0.020065358,-0.12517834,0.04595096,0.014493771,-0.007439119,0.01704672,0.010488999,0.00016038198,-0.0028704668,-0.0008676848,-0.0020883584,-0.002524715,-0.046237767,0.010705941,0.006837239,-0.0059644277,0.11601994,0.0026811168,0.0012314658,-0.0002179555,-0.0043213745,0.0057679955,-0.026548102,0.004872868,-0.0031339591,0.02305344,0.023553686,0.028030325,-0.0068063717,-0.03216929,0.031878676,0.036537755,-0.0031074693,-0.012277547,-0.010309656,0.007821996,-0.010523506,-0.020552916,0.007134659,-0.0065776617,-0.002373313,0.010018917,0.041918147,0.002843407,-0.016376683,-0.0075343763,0.004920209,0.012846826,-0.002066985,-0.014576426,0.0015277835,0.0058599804,-0.054883897,0.03516009,-0.03841834,0.035784904,-0.011926993,0.0017063224,0.0043001906,0.029628547,0.044970796,-0.0028743942,-0.010665229,0.0022818532,-0.004302699,-0.0068633794,0.009426736,0.013188679,0.00927556,-0.050215673,0.010767191,-0.014162736,0.0016037308,-0.007754805,-0.039806835,0.010727267,0.008410306,0.0003704146,0.006647405,0.0317056,0.003944624,0.0073048314,-0.015834901,0.009684149,0.00025037766,-0.025510095,-0.014507482,0.017246468,-0.0020094248,0.033462852,0.00812773,-0.0113188485,0.025389949,-0.009741328,0.0068152607,0.023572398,0.003122074,-0.03575797,-0.005204988,-0.022129586,-0.00336095,0.005703779,-0.02831833,-0.01761897,0.0111405905,-0.0059396806,0.0009443201,0.0099411085,0.019954693,0.031869613,0.0035324243]",true,[39,41,43,45,47],{"name":16,"slug":40},"llm-安全",{"name":15,"slug":42},"gguf",{"name":14,"slug":44},"cve-2026-7482",{"name":13,"slug":46},"ollama",{"name":17,"slug":17},{"id":28,"slug":49,"title":50,"language":51},"ollama-memory-leak-cve-2026-7482-en","Ollama flaw can leak process memory remotely","en",[53,59,65,71,77,83],{"id":54,"slug":55,"title":56,"cover_image":57,"image_url":57,"created_at":58,"category":27},"667b72b6-e821-4d68-80a1-e03340bc85f1","turboquant-seo-shift-small-sites-zh","TurboQuant 與小站 SEO 變化","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778840440690-kcw9.png","2026-05-15T10:20:27.319472+00:00",{"id":60,"slug":61,"title":62,"cover_image":63,"image_url":63,"created_at":64,"category":27},"381fb6c6-6da7-4444-831f-8c5eed8d685c","turboquant-vllm-comparison-fp8-kv-cache-zh","TurboQuant 與 FP8 實測結果","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778839867551-4v9g.png","2026-05-15T10:10:36.034569+00:00",{"id":66,"slug":67,"title":68,"cover_image":69,"image_url":69,"created_at":70,"category":27},"c15f45ee-a548-4dbf-8152-91de159c1a11","llmbda-calculus-agent-safety-rules-zh","LLMbda 演算替 AI 代理人立安全規則","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778825503412-mlbf.png","2026-05-15T06:10:34.832664+00:00",{"id":72,"slug":73,"title":74,"cover_image":75,"image_url":75,"created_at":76,"category":27},"0c02225c-d6ff-44f8-bc92-884c8921c4a3","low-complexity-beamspace-denoiser-mmwave-mimo-zh","更簡單的毫米波波束域去噪器","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778814650361-xtc2.png","2026-05-15T03:10:30.06639+00:00",{"id":78,"slug":79,"title":80,"cover_image":81,"image_url":81,"created_at":82,"category":27},"9d27f967-62cc-433f-8cdb-9300937ade13","ai-benchmark-wins-cyber-scare-defenders-zh","為什麼 AI 基準賽在資安領域的勝利，應該讓防守方警醒","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778807450006-nofx.png","2026-05-15T01:10:29.379041+00:00",{"id":84,"slug":85,"title":86,"cover_image":87,"image_url":87,"created_at":88,"category":27},"bc402dc6-5da6-46fc-9d66-d09cb215f72b","why-linux-security-needs-patch-wave-mindset-zh","為什麼 Linux 安全需要「補丁浪潮」思維","https:\u002F\u002Fxxdpdyhzhpamafnrdkyq.supabase.co\u002Fstorage\u002Fv1\u002Fobject\u002Fpublic\u002Fcovers\u002Finline-1778741449813-s2wn.png","2026-05-14T06:50:24.052583+00:00",[90,95,100,105,110,115,120,125,130,135],{"id":91,"slug":92,"title":93,"created_at":94},"f18dbadb-8c59-4723-84a4-6ad22746c77a","deepmind-bets-on-continuous-learning-ai-2026-zh","DeepMind 押注 2026 連續學習 AI","2026-03-26T08:16:02.367355+00:00",{"id":96,"slug":97,"title":98,"created_at":99},"f4a106cb-02a6-4508-8f39-9720a0a93cee","ml-papers-of-the-week-github-research-desk-zh","每週 ML 論文清單，為何紅到 GitHub","2026-03-27T01:11:39.284175+00:00",{"id":101,"slug":102,"title":103,"created_at":104},"c4f807ca-4e5f-47f1-a48c-961cf3fc44dc","ai-ml-conferences-to-watch-in-2026-zh","2026 AI 研討會投稿時程整理","2026-03-27T01:51:53.874432+00:00",{"id":106,"slug":107,"title":108,"created_at":109},"9f50561b-aebd-46ba-94a8-363198aa7091","openclaw-agents-manipulated-self-sabotage-zh","OpenClaw Agent 會自己搞砸自己","2026-03-28T03:03:18.786425+00:00",{"id":111,"slug":112,"title":113,"created_at":114},"11f22e92-7066-4978-a544-31f5f2156ec6","vega-learning-to-drive-with-natural-language-instructions-zh","Vega：使用自然語言指示進行自駕車控制","2026-03-28T14:54:04.847912+00:00",{"id":116,"slug":117,"title":118,"created_at":119},"a4c7cfec-8d0e-4fec-93cf-1b9699a530b8","drive-my-way-en-zh","Drive My Way：個性化自駕車風格的實現","2026-03-28T14:54:26.207495+00:00",{"id":121,"slug":122,"title":123,"created_at":124},"dec02f89-fd39-41ba-8e4d-11ede93a536d","training-knowledge-bases-with-writeback-rag-zh","用 WriteBack-RAG 強化知識庫提升檢索效能","2026-03-28T14:54:45.775606+00:00",{"id":126,"slug":127,"title":128,"created_at":129},"3886be5c-a137-40cc-b9e2-0bf18430c002","packforcing-efficient-long-video-generation-method-zh","PackForcing：短影片訓練也能生成長影片","2026-03-28T14:55:02.688141+00:00",{"id":131,"slug":132,"title":133,"created_at":134},"72b90667-d930-4cc9-8ced-aaa0f8968d44","pixelsmile-toward-fine-grained-facial-expression-editing-zh","PixelSmile：提升精細臉部表情編輯的新方法","2026-03-28T14:55:20.678181+00:00",{"id":136,"slug":137,"title":138,"created_at":139},"cf046742-efb2-4753-aef9-caed5da5e32e","adaptive-block-scaled-data-types-zh","IF4：神經網路量化的聰明選擇","2026-03-31T06:00:36.990273+00:00"]