2 matches found
CVE-2026-49291
creationtimestamp| type| source ---|---|--- 2026-06-26 22:35:27+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-2r68-g678-7qr3...
CVE-2026-49291
mcp-memory-service is a semantic memory layer for AI applications. Prior to version 10.65.3, the HTTP MCP JSON-RPC endpoint at /mcp requires only OAuth read scope for all requests, then dispatches tools/call directly to handlers that include mutating tools. A read-only OAuth client can call...