Exploit for CVE-2026-7020 CVE-2026-7020 CVE-2026-7720

Name: Exploit for CVE-2026-7020 CVE-2026-7020 CVE-2026-7720
Rating: 5 (149 reviews)

2026-04-25 | CVSS 5.5

## https://sploitus.com/exploit?id=9A37C547-026D-5436-87C8-5559D3066E17
# CVE-2026-7020

Ollama arbitrary file read via tensor digest path traversal. Exfiltrates SSH host keys (and any other file) from a reachable Ollama host in three unauthenticated API calls.

Writeup: 

## Co-Researcher

- [@gouldnicholas](https://github.com/gouldnicholas)

## Usage

```
python3 poc.py 
```

Tries all three SSH host key types with known sizes and prints whatever it captures.

## CVE

[CVE-2026-7020](https://vulners.com/cve/CVE-2026-7020)