4 matches found
CVE-2026-31243
The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...
CVE-2026-31243
The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...
PT-2026-40320
The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE...
CVE-2026-31243
The CVE-2026-31243 entry concerns the mem0 1.0.0 server, where the DELETE /memories endpoint lacks authentication/authorization controls. An unauthenticated attacker can trigger a memory reset that executes a CREATE TABLE SQL statement, potentially re-creating or altering schemas, causing data lo...