Skip to main content

Mcp Memory Service

2 CVEs product

Monthly

CVE-2026-49291 PyPI HIGH POC PATCH GHSA This Week

Authorization bypass in doobidoo mcp-memory-service prior to 10.65.3 lets OAuth clients with only the read scope invoke mutating MCP tools such as store_memory and delete_memory via the /mcp JSON-RPC endpoint, despite the equivalent REST endpoints correctly enforcing the write scope. Authenticated read-only clients can therefore tamper with or destroy memory entries used by downstream AI applications. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Authentication Bypass Mcp Memory Service
NVD GitHub
CVSS 3.1
8.1
EPSS
0.3%
CVE-2026-29787 PyPI MEDIUM POC PATCH This Month

The /api/health/detailed endpoint in mcp-memory-service prior to version 10.21.0 discloses sensitive system information including OS details, Python version, CPU configuration, memory metrics, and database paths to unauthenticated network users when anonymous access is enabled. Public exploit code exists for this information disclosure vulnerability, which affects deployments using the default 0.0.0.0 network binding. A patch is available in version 10.21.0 to restrict endpoint access and redact sensitive data.

Python AI / ML Mcp Memory Service
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
EPSS 0% CVSS 8.1
HIGH POC PATCH This Week

Authorization bypass in doobidoo mcp-memory-service prior to 10.65.3 lets OAuth clients with only the read scope invoke mutating MCP tools such as store_memory and delete_memory via the /mcp JSON-RPC endpoint, despite the equivalent REST endpoints correctly enforcing the write scope. Authenticated read-only clients can therefore tamper with or destroy memory entries used by downstream AI applications. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Authentication Bypass Mcp Memory Service
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM POC PATCH This Month

The /api/health/detailed endpoint in mcp-memory-service prior to version 10.21.0 discloses sensitive system information including OS details, Python version, CPU configuration, memory metrics, and database paths to unauthenticated network users when anonymous access is enabled. Public exploit code exists for this information disclosure vulnerability, which affects deployments using the default 0.0.0.0 network binding. A patch is available in version 10.21.0 to restrict endpoint access and redact sensitive data.

Python AI / ML Mcp Memory Service
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy