NuClide Research
Most recent
navigate open esc close Corpus index built 2026-06-07 23:58 UTC

← All engagement records

Case study May 2, 2026

Informatics and Telematics Institute (ITI): Mistral Small 24B, vcl.iti.gr

Bill Rondell, Nick Adams & Dade Murphy — May 2, 2026 — case study — 1 min read — 185 words
Sector
Universities
Country
iti

NuClide Research · 2026-05-02

Summary

The Information Technologies Institute (ITI), part of CERTH (Centre for Research and Technology Hellas), Greece’s largest national research centre, exposes one Ollama node (vcl.iti.gr, 195.251.117.101) running Mistral Small 24B with an exposed system prompt.

Infrastructure

FieldValue
IP195.251.117.101
Hostnamevcl.iti.gr
OrgInformatics and Telematics Institute
CountryGreece
Ollama version0.16.0
Open port11434 (public)

Models

ModelSystem Prompt
mistral-small:24b”You are Mistral Small 3, a Large Language Model (LLM) created by Mistral AI, a French startup headquartered in Paris. Your knowledge base was last updated…”
(1 additional model),

The hostname vcl.iti.gr suggests a Virtual Compute Lab, likely shared research infrastructure accessible to ITI researchers.

Findings

F1: National Research Centre Node Exposed (MEDIUM)

ITI/CERTH is Greece’s premier national research centre (equivalent to Fraunhofer in Germany). The vcl.iti.gr hostname confirms this is shared lab infrastructure, not a personal workstation, potential for multiple researcher deployments behind the same exposed port.

F2: Model Injection (CRITICAL)

CVE-2025-63389 applies.

Remediation

OLLAMA_HOST=127.0.0.1:11434
systemctl restart ollama

Disclosure

  • Discovered: 2026-05-02
  • Status: Pending outreach to ITI/CERTH security