Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
Lifecycle Timeline
4DescriptionCVE.org
The mem0 1.0.0 server lacks authentication and authorization controls for its memory reset and table re-creation functionality accessible via the DELETE /memories endpoint. An unauthenticated attacker can send a DELETE request that triggers a reset operation, leading to the execution of a CREATE TABLE SQL statement. This can cause unexpected table re-creation, schema disruption, potential data loss, and denial of service for the memory management service.
AnalysisAI
mem0 1.0.0 server allows unauthenticated remote attackers to trigger memory reset and table re-creation via unprotected DELETE /memories endpoint, causing schema disruption, data loss, and denial of service. The vulnerability exploits missing authentication and authorization controls on a database management operation accessible over the network without credentials.
Technical ContextAI
mem0 is a memory management service that exposes HTTP endpoints for managing persistent data. The DELETE /memories endpoint directly triggers database operations including CREATE TABLE SQL statements without validating client identity or permissions. This violates the principle of least privilege and CWE-862 (Missing Authorization), where sensitive operations lack access controls. The HTTP protocol allows network-based access, and the unauthenticated nature (PR:N in CVSS) means no credentials are required to invoke the vulnerable endpoint.
RemediationAI
Immediate mitigation: upgrade to a patched version of mem0 beyond 1.0.0 (exact version not specified in available references; check https://github.com/mem0ai/mem0 for latest release). Until patching is available, implement network-level controls by restricting access to the DELETE /memories endpoint to authenticated internal clients only using a reverse proxy or API gateway (e.g., requiring Bearer token validation, IP whitelisting). Additionally, disable or restrict the DELETE /memories endpoint entirely if the reset functionality is not required for operational use. For defense-in-depth, enable database-level transaction logging and implement alerting on CREATE TABLE operations to detect unauthorized schema modifications. Validate that HTTP requests to sensitive endpoints include authentication credentials before processing, and consider implementing rate limiting on the DELETE endpoint to mitigate rapid, automated exploitation attempts.
Authorization bypass in Mem0 self-hosted server versions through 0.2.8 allows any authenticated holder of a distributed
Unauthenticated data theft, tampering, and denial-of-service affects mem0's OpenMemory API server (openmemory/api compon
Sensitive information disclosure and server-side request forgery in mem0's self-hosted server let unauthenticated remote
Unauthenticated deletion of arbitrary memory records in mem0 1.0.0 allows remote attackers to remove any database entry
Unsafe pickle deserialization in mem0 up to version 1.0.11 allows authenticated remote attackers to execute arbitrary co
mem0 1.0.0 server accepts unauthenticated POST requests to the /memories endpoint, allowing remote attackers to inject a
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29566
GHSA-gr7h-9xmf-cp53