CVE-2026-59705 in mem0المعلومات

الملخص

بحسب MITRE • 08/07/2026

mem0's openmemory/api component contains an unauthenticated access vulnerability that allows unauthenticated attackers to read, write, and delete arbitrary user memories by accessing API routers registered without authentication middleware. Attackers can supply arbitrary user_id parameters or directly access memory retrieval endpoints to expose private memory content, or invoke pause endpoints with global_pause=true to cause denial-of-service across all users.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

مسؤول

VulnCheck

حجز

06/07/2026

إفشاء

08/07/2026

الاعتدال

تمت الموافقة

إدخال

VDB-376729

EPSS

0.00000

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you know our Splunk app?

Download it now for free!