CVE-2026-31241
- EPSS 0.39%
- Veröffentlicht 12.05.2026 00:00:00
- Zuletzt bearbeitet 14.05.2026 18:34:56
The mem0 1.0.0 server lacks authentication and authorization controls for its memory deletion API endpoint (DELETE /memories). The endpoint allows unauthenticated users to delete memory records by specifying arbitrary user identifiers (e.g., user_id,...
CVE-2026-31242
- EPSS 0.49%
- Veröffentlicht 12.05.2026 00:00:00
- Zuletzt bearbeitet 14.05.2026 18:37:40
The mem0 v1.0.0 server lacks authentication and authorization controls for its memory reset functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to ...
CVE-2026-31243
- EPSS 0.37%
- Veröffentlicht 12.05.2026 00:00:00
- Zuletzt bearbeitet 14.05.2026 18:38:15
The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset o...
CVE-2026-31244
- EPSS 0.39%
- Veröffentlicht 12.05.2026 00:00:00
- Zuletzt bearbeitet 14.05.2026 18:38:33
The mem0 1.0.0 server lacks authentication and authorization controls for its memory deletion API endpoint (DELETE /memories/{memory_id}). The endpoint allows unauthenticated users to delete arbitrary memory records without verifying their identity o...
CVE-2026-31245
- EPSS 0.34%
- Veröffentlicht 12.05.2026 00:00:00
- Zuletzt bearbeitet 14.05.2026 18:39:12
The mem0 1.0.0 server lacks authentication and authorization controls for its memory creation API endpoint (POST /memories). The endpoint allows unauthenticated users to submit arbitrary memory records without verifying their identity or permissions....