Home

Description

mem0's openmemory/api component contains an unauthenticated access vulnerability that allows unauthenticated attackers to read, write, and delete arbitrary user memories by accessing API routers registered without authentication middleware. Attackers can supply arbitrary user_id parameters or directly access memory retrieval endpoints to expose private memory content, or invoke pause endpoints with global_pause=true to cause denial-of-service across all users.

PUBLISHED Reserved 2026-07-06 | Published 2026-07-07 | Updated 2026-07-08 | Assigner VulnCheck




CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CRITICAL: 9.8CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Problem types

Missing Authentication for Critical Function

Product status

Default status
unaffected

Any version before a3154d5
affected

Credits

George Chen reporter

References

github.com/mem0ai/mem0/issues/6080 exploit

github.com/mem0ai/mem0/issues/6080 (GitHub Issue) issue-tracking

github.com/mem0ai/mem0 (Product) product

github.com/...ommit/a3154d59e52386d4e1189c1f5f44819868f76514 (Patch Commit) patch

www.vulncheck.com/...thenticated-access-via-memory-endpoints third-party-advisory

cve.org (CVE-2026-59705)

nvd.nist.gov (CVE-2026-59705)

Download JSON