Lucene search
+L

40 matches found

CNNVD
CNNVD
added 2026/05/12 12:0 a.m.11 views

mem0 安全漏洞

mem0 is an open-source benchmark testing tool for efficient memory algorithms developed by Mem0. Version 1.0.0 of mem0 contains a security vulnerability. This vulnerability stems from the lack of authentication and authorization controls in memory reset and table reconstruction functions...

6.5CVSS5.8AI score0.00374EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/12 12:0 a.m.6 views

CVE-2026-31244

The mem0 1.0.0 server lacks authentication and authorization controls for its memory deletion API endpoint DELETE /memories/memoryid. The endpoint allows unauthenticated users to delete arbitrary memory records without verifying their identity or permissions. A remote attacker can exploit this by...

6AI score0.00386EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.10 views

mem0 安全漏洞

mem0 is an open-source benchmark tool for efficient memory algorithms developed by Mem0. Version 1.0.0 of mem0 contains a security vulnerability. This vulnerability stems from the lack of authentication and authorization controls in the memory deletion API endpoint, which could allow remote...

6.5CVSS6AI score0.00386EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 12:0 a.m.37 views

CVE-2026-31241

The mem0 1.0.0 server lacks authentication and authorization controls for its memory deletion API endpoint DELETE /memories. The endpoint allows unauthenticated users to delete memory records by specifying arbitrary user identifiers e.g., userid, runid, agentid in the request query parameters. A...

0.00386EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.9 views

mem0 安全漏洞

mem0 is an open-source benchmark tool for efficient memory algorithms developed by Mem0. Version 1.0.0 of mem0 contains a security vulnerability. This vulnerability stems from the lack of authentication and authorization controls in the memory reset function. Unauthorized attackers could exploit...

9.1CVSS5.8AI score0.00489EPSS
Exploits0References2
OSV
OSV
added 2026/05/12 12:0 a.m.6 views

CVE-2026-31241

The mem0 1.0.0 server lacks authentication and authorization controls for its memory deletion API endpoint DELETE /memories. The endpoint allows unauthenticated users to delete memory records by specifying arbitrary user identifiers e.g., userid, runid, agentid in the request query parameters. A...

6.5CVSS6.1AI score0.00386EPSS
Exploits0References4
OSV
OSV
added 2026/05/12 12:0 a.m.3 views

CVE-2026-31242

The mem0 v1.0.0 server lacks authentication and authorization controls for its memory reset functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a DROP TABLE SQL statement. Th...

9.1CVSS6.2AI score0.00489EPSS
Exploits0References4
OSV
OSV
added 2026/05/12 12:0 a.m.4 views

CVE-2026-31243

The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...

6.5CVSS6.2AI score0.00374EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/12 12:0 a.m.11 views

CVE-2026-31243

The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...

6AI score0.00374EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2026/05/08 12:0 a.m.7 views

com.alibaba.cloud.ai.autoconfigure.memory.long:spring-ai-alibaba-autoconfigure-memory-long (=1.0.0.4), com.alibaba.cloud.ai:spring-ai-alibaba-starter-memory-long (=1.0.0.4) +3 more potentially affected by CVE-2026-41713 via org.springframework.ai:spring-ai-advisors-vector-store (>=1.0.0 <=1.0.1)

org.springframework.ai:spring-ai-advisors-vector-store MAVEN version =1.0.0, =1.0.0.1, =1.0.0.3-20260305-cve - com.alibaba.cloud.ai:spring-ai-alibaba-studio-client =1.0.0.4 Source cves: CVE-2026-41713 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-16624616...

8.2CVSS5.4AI score0.00218EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.9 views

CVE-2026-7597

A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...

6.5CVSS6.2AI score0.00315EPSS
Exploits0References1
OSV
OSV
added 2026/05/02 12:31 a.m.20 views

GHSA-XQXW-R767-67M7 mem0ai mem0 has an Improper Input Validation Issue

A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...

6.3CVSS5.4AI score0.00315EPSS
Exploits0References8
NVD
NVD
added 2026/05/01 10:16 p.m.8 views

CVE-2026-7597

A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...

6.5CVSS0.00315EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/01 9:15 p.m.9 views

CVE-2026-7597 mem0ai mem0 faiss.py pickle.dump deserialization

A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...

6.5CVSS6.1AI score0.00315EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/05/01 9:15 p.m.7 views

CVE-2026-7597

A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...

6.5CVSS6.1AI score0.00315EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/05/01 9:15 p.m.32 views

CVE-2026-7597

The CVE-2026-7597 vulnerability affects mem0ai mem0 up to version 1.0.11, specifically the pickle.load/pickle.dump path in mem0/vector_stores/faiss.py. An attacker can trigger deserialization remotely via manipulation of pickle operations. Public exploit details exist per the sources. The patch i...

6.5CVSS6.1AI score0.00315EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/01 9:15 p.m.31 views

CVE-2026-7597 mem0ai mem0 faiss.py pickle.dump deserialization

A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...

6.5CVSS0.00315EPSS
Exploits0References7
OSV
OSV
added 2026/05/01 9:15 p.m.5 views

CVE-2026-7597 mem0ai mem0 faiss.py pickle.dump deserialization

A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...

5.3CVSS6AI score0.00315EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.27 views

PT-2026-36549

Name of the Vulnerable Software and Affected Versions mem0ai mem0 versions prior to 1.0.12 Description An unsafe deserialization issue exists in the pickle.load and pickle.dump functions within the mem0/vector stores/faiss.py file. This allows a remote attacker to perform a manipulation that...

6.5CVSS6.6AI score0.00315EPSS
Exploits0References18
CNNVD
CNNVD
added 2026/05/01 12:0 a.m.22 views

mem0 输入验证错误漏洞

mem0 is an efficient memory algorithm benchmarking tool open-sourced by Mem0. An input validation error vulnerability exists in mem0 1.0.11 and earlier versions, which stems from improper manipulation of the pickle.load/pickle.dump functions in the mem0/vectorstores/faiss.py file, which could lea...

6.5CVSS6.5AI score0.00315EPSS
Exploits0References2
Rows per page
Query Builder