Lucene search
K

5 matches found

EUVD
EUVD
added 3 hours ago4 views

EUVD-2026-42126

mem0's openmemory/api component contains an unauthenticated access vulnerability that allows unauthenticated attackers to read, write, and delete arbitrary user memories by accessing API routers registered without authentication middleware. Attackers can supply arbitrary userid parameters or...

9.8CVSS6AI score
Exploits0References5
CVE
CVE
added yesterday11 views

CVE-2026-59705

CVE-2026-59705 concerns mem0’s openmemory/api component, where an unauthenticated access flaw allows reading, writing, and deleting arbitrary user memories via API routers registered without authentication middleware. Attackers can supply arbitrary user_id parameters or directly access memory ret...

9.8CVSS6AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/15 9:5 p.m.11 views

CVE-2026-44570 Open WebUI: Inconsistent authorization controls within memories API

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.19, authorization controls surrounding the memories API were inconsistent, resulting in the ability of a standard user to delete, restore, and view the contents of other users' memories...

8.3CVSS5.8AI score0.00294EPSS
Exploits1References1
CVE
CVE
added 2026/05/15 9:5 p.m.18 views

CVE-2026-44570

CVE-2026-44570 affects Open WebUI prior to version 0.6.19, where authorization controls around the memories API were inconsistent. A non-admin user could query, view, delete, or attempt to modify another user’s memories via endpoints such as POST /api/v1/memories/query, POST /api/v1/memories/{mem...

8.3CVSS5.8AI score0.00294EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.9 views

Open WebUI 安全漏洞

Open WebUI is an open-source, scalable, feature-rich, and user-friendly self-hosted WebUI. Versions of Open WebUI prior to 0.6.19 contained security vulnerabilities. These vulnerabilities stemmed from inconsistent authorization controls in the memory API, allowing standard users to delete, restor...

8.3CVSS5.8AI score0.00294EPSS
Exploits1References2
Rows per page
Query Builder