{"id":81665,"date":"2026-07-08T02:46:55","date_gmt":"2026-07-07T23:16:55","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2026-59705-mem0-openmemory-api-unauthenticated-access-via-memory-endpoints\/"},"modified":"2026-07-08T02:46:55","modified_gmt":"2026-07-07T23:16:55","slug":"cve-2026-59705-mem0-openmemory-api-unauthenticated-access-via-memory-endpoints","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2026-59705-mem0-openmemory-api-unauthenticated-access-via-memory-endpoints\/","title":{"rendered":"CVE-2026-59705 &#8211; mem0 &#8211; OpenMemory API Unauthenticated Access via Memory Endpoints"},"content":{"rendered":"<p>CVE ID :CVE-2026-59705<\/p>\n<p>  Published : July 7, 2026, 11:16 p.m. | 31\u00a0minutes ago<\/p>\n<p>  Description :mem0&#8217;s openmemory\/api component contains an unauthenticated access vulnerability that allows unauthenticated attackers to read, write, and delete arbitrary user memories by accessing API routers registered without authentication middleware. Attackers can supply arbitrary user_id parameters or directly access memory retrieval endpoints to expose private memory content, or invoke pause endpoints with global_pause=true to cause denial-of-service across all users.<\/p>\n<p>  Severity: 9.8 | CRITICAL<\/p>\n<p>  Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID :CVE-2026-59705 Published : July 7, 2026, 11:16 p.m. | 31\u00a0minutes ago Description :mem0&#8217;s openmemory\/api component contains an unauthenticated access vulnerability that allows unauthenticated attackers to read, write, and delete arbitrary user memories by accessing API routers registered without authentication middleware. Attackers can supply arbitrary user_id parameters or directly access memory retrieval endpoints to &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-81665","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/81665","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=81665"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/81665\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=81665"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=81665"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=81665"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}