Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Lifecycle Timeline
4DescriptionCVE.org
The mem0 1.0.0 server lacks authentication and authorization controls for its memory creation API endpoint (POST /memories). The endpoint allows unauthenticated users to submit arbitrary memory records without verifying their identity or permissions. A remote attacker can exploit this by sending unauthenticated POST requests to create malicious or spoofed memory entries in the database, leading to unauthorized data injection and potential data pollution.
AnalysisAI
mem0 1.0.0 server accepts unauthenticated POST requests to the /memories endpoint, allowing remote attackers to inject arbitrary memory records without identity verification or authorization checks. This authentication bypass enables data pollution and unauthorized modification of the memory database with spoofed entries. EPSS exploitation probability is low (0.05th percentile), and no active exploitation has been confirmed, but the vulnerability is automatable and affects default configurations.
Technical ContextAI
The mem0 server implements a memory creation API endpoint (POST /memories) that fails to enforce authentication or authorization controls as required by CWE-862 (Missing Authorization). The endpoint accepts structured memory record submissions without validating the requester's identity through tokens, credentials, or session management, nor does it verify permissions to create entries. This is a classic missing access control vulnerability where the application trusts all incoming requests regardless of source. The vulnerability affects the core data ingestion layer of the memory management system, allowing any network-accessible client to manipulate the persistent memory store.
RemediationAI
Upgrade mem0 to a patched version with authentication and authorization controls implemented on the /memories endpoint; consult vendor advisory at https://github.com/mem0ai/mem0 for the specific fixed version. If upgrade is not immediately available, implement a network-level authentication gateway or reverse proxy (e.g., nginx with HTTP Basic Auth, OAuth2 proxy, or API gateway) in front of the mem0 server to enforce identity verification before requests reach the /memories endpoint-this adds latency and operational complexity but fully blocks unauthenticated access. Alternatively, restrict network access to the /memories endpoint via firewall rules to trusted internal IP ranges or VPN-only connectivity; this limits functionality for remote or multi-tenant deployments but prevents external exploitation. Enable API request logging and alerting to detect suspicious patterns of memory creation from unexpected sources. Do not rely on IP-based controls alone if the mem0 deployment is accessible from untrusted networks.
Authorization bypass in Mem0 self-hosted server versions through 0.2.8 allows any authenticated holder of a distributed
Unauthenticated data theft, tampering, and denial-of-service affects mem0's OpenMemory API server (openmemory/api compon
Sensitive information disclosure and server-side request forgery in mem0's self-hosted server let unauthenticated remote
Unauthenticated deletion of arbitrary memory records in mem0 1.0.0 allows remote attackers to remove any database entry
mem0 1.0.0 server allows unauthenticated remote attackers to trigger memory reset and table re-creation via unprotected
Unsafe pickle deserialization in mem0 up to version 1.0.11 allows authenticated remote attackers to execute arbitrary co
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-29568
GHSA-cgx8-qgvr-f7vf