actbench (=0.0.1a5), agenticos (>=0.0.1 <=0.0.3.155020) +46 more potentially affected by CVE-2026-31240 via mem0ai (>=0.0.20 <=0.1.93)

mem0ai PYPI version =0.0.20, =0.0.1, =1.1.0, =1.1.0, =0.1.41, =1.0.4, =0.61.0, =0.13.0, =0.1.108, =0.1.117, =0.1.120a1, =0.1.120, =0.1.3, =0.1.0, =0.2.1 and more Source cves: CVE-2026-31240 Source advisory: OSV:GHSA-JFV9-68M5-GJJR...

actbench (=0.0.1a5), agent-framework-mem0 (>=1.0.0b260319 <=1.0.0b260521) +49 more potentially affected by CVE-2026-7597 via mem0ai (>=0.0.20 <=1.0.11)

mem0ai PYPI version =0.0.20, =1.0.0b260319, =0.0.1, =1.1.0, =1.1.0, =0.1.41, =1.0.4, =0.61.0, =0.13.0, =0.1.108, =0.1.117, =0.1.120a1, =0.1.120, =0.1.0, =0.1.1 - faq-rai-sdk =0.1.4 and more Source cves: CVE-2026-7597 Source advisory: OSV:GHSA-XQXW-R767-67M7...

EUVD-2026-26721

A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...

CVE-2026-7597 mem0ai mem0 faiss.py pickle.dump deserialization

A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vectorstores/faiss.py. Performing a manipulation results in deserialization. It is possible to initiate the attack remotely. The exploit has been made public and could be used...