Mem0 Memory Management API Unauthenticated Access Vulnerability

Vulnerability

A vulnerability exists in the Mem0 server version 1.0.0, where the memory management API endpoints lack proper authentication and authorization. This flaw allows remote attackers to send unauthenticated requests to critical functions, such as updating memory records, potentially leading to unauthorized data manipulation and loss. The absence of verification for the requester's identity or permissions creates a significant risk by exposing sensitive memory management functions to exploitation.

Impact

Exploitation of this vulnerability could result in unauthorized modification, overwriting, or deletion of memory records, causing data loss and integrity issues within the application's memory management system.

Added: May 12, 2026, 6:25 PM

Updated: May 12, 2026, 6:25 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.5

remediation

0.0

relevance

8.1

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.5

remediation

0.0

relevance

8.1

threat

3.2

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mem0 Memory Management API Unauthenticated Access Vulnerability

Vulnerability

Impact

Affected Products

mem0ai mem0

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating