18 matches found
CowAgent 路径遍历漏洞
CowAgent is an intelligent assistant and scalable agent framework developed by zhayujie’s individual developer. Versions of CowAgent 2.0.4 and earlier had a path traversal vulnerability. This vulnerability stemmed from incorrect handling of the parameter filename in the file...
CVE-2026-33010
mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.25.1, when the HTTP server is enabled MCPHTTPENABLED=true, the application configures FastAPI's CORSMiddleware with alloworigins='', allowcredentials=True, allowmethods="", and allowheaders="". The...
CVE-2026-33010
mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.25.1, when the HTTP server is enabled MCPHTTPENABLED=true, the application configures FastAPI's CORSMiddleware with alloworigins='', allowcredentials=True, allowmethods="", and allowheaders="". The...
CVE-2026-33010
CVE-2026-33010 affects mcp-memory-service prior to 10.25.1. When MCP_HTTP_ENABLED is true, the app configures FastAPI CORSMiddleware with allow_origins=[''], allow_credentials=True, allow_methods=[' '], and allow_headers=['*'], yielding Access-Control-Allow-Origin: *. With MCP_ALLOW_ANONYMOUS_ACC...
CVE-2026-33010 mcp-memory-service's Wildcard CORS with Credentials Enables Cross-Origin Memory Theft
mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.25.1, when the HTTP server is enabled MCPHTTPENABLED=true, the application configures FastAPI's CORSMiddleware with alloworigins='', allowcredentials=True, allowmethods="", and allowheaders="". The...
CVE-2026-33010 mcp-memory-service's Wildcard CORS with Credentials Enables Cross-Origin Memory Theft
mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.25.1, when the HTTP server is enabled MCPHTTPENABLED=true, the application configures FastAPI's CORSMiddleware with alloworigins='', allowcredentials=True, allowmethods="", and allowheaders="". The...
CVE-2026-33010 mcp-memory-service's Wildcard CORS with Credentials Enables Cross-Origin Memory Theft
mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.25.1, when the HTTP server is enabled MCPHTTPENABLED=true, the application configures FastAPI's CORSMiddleware with alloworigins='', allowcredentials=True, allowmethods="", and allowheaders="". The...
mcp-memory-service 安全漏洞
mcp-memory-service is a backend service developed by Henry’s individual developer, designed to provide persistent shared memory for AI agents. Versions of mcp-memory-service prior to 10.25.1 contained security vulnerabilities. These vulnerabilities stemmed from improper CORS configuration and...
CVE-2026-29787 mcp-memory-service: System Information Disclosure via Health Endpoint
mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.21.0, the /api/health/detailed endpoint returns detailed system information including OS version, Python version, CPU count, memory totals, disk usage, and the full database filesystem path. When...
CVE-2026-29787
mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.21.0, the /api/health/detailed endpoint returns detailed system information including OS version, Python version, CPU count, memory totals, disk usage, and the full database filesystem path. When...
CVE-2026-29787 mcp-memory-service: System Information Disclosure via Health Endpoint
mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.21.0, the /api/health/detailed endpoint returns detailed system information including OS version, Python version, CPU count, memory totals, disk usage, and the full database filesystem path. When...
CVE-2026-29787
Summary of CVE-2026-29787 (mcp-memory-service) : The /api/health/detailed endpoint exposes detailed reconnaissance data (OS version, Python version, CPU, memory, disk usage, and the full database path). This occurs when anonymous access is enabled (MCP_ALLOW_ANONYMOUS_ACCESS=true) and the service...
CVE-2026-29787 mcp-memory-service: System Information Disclosure via Health Endpoint
mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.21.0, the /api/health/detailed endpoint returns detailed system information including OS version, Python version, CPU count, memory totals, disk usage, and the full database filesystem path. When...
Permissive Cross-domain Policy with Untrusted Domains
Overview mcp-memory-service is an Open-source persistent memory for AI agent pipelines and Claude. REST API + semantic search + knowledge graph + autonomous consolidation. Self-host, zero cloud cost. Affected versions of this package are vulnerable to Permissive Cross-domain Policy with Untrusted...
mcp-memory-service 信息泄露漏洞
mcp-memory-service is a backend service developed by Henry’s individual developer, designed to provide persistent shared memory for AI agents. Versions of mcp-memory-service prior to 10.21.0 contained an information leakage vulnerability. This vulnerability stemmed from the health check endpoint...
Information Exposure
Overview mcp-memory-service is an Open-source persistent memory for AI agent pipelines and Claude. REST API + semantic search + knowledge graph + autonomous consolidation. Self-host, zero cloud cost. Affected versions of this package are vulnerable to Information Exposure in the...
EUVD-2020-23869
Malware in sbrugna...
CVE-2016-4546
Samsung devices with Android KK4.4 or L5.0/5.1 allow local users to cause a denial of service IAndroidShm service crash via crafted data in a service call...