CVE-2026-31240 — Unauthenticated memory tampering via mem0 PUT /memories/{memory_id}

MITRE service request: 1988584

Status: RESERVED (pending a qualifying public reference per CNA Rules §5.3).

Official CVE description

The mem0 1.0.0 server lacks authentication and authorization controls for its memory management API endpoints. Critical functions such as updating memory records (PUT /memories/{memory_id}) are exposed without any verification of the requester’s identity or permissions. A remote attacker can exploit this by sending unauthenticated requests to modify, overwrite, or delete arbitrary memory records, leading to unauthorized data manipulation and potential data loss.

Summary

Anyone on the network can issue PUT /memories/{memory_id} with arbitrary JSON bodies and overwrite another tenant’s vector-backed memory row because the API never binds memory_id to an authenticated principal.

Affected product and versions

• Product: mem0ai/mem0 server.
• Affected range (coordination record): v1.0.0 and associated commit 5f5e64b44be9be26c6aa223f5c4b538998b8ec8e.

Technical details

• Surface: REST PUT /memories/{memory_id} proxied into Memory.update() → PGVector.update() without authZ checks.
• Impact: Integrity loss—attackers can poison RAG/assistant memory, delete business-critical facts, or inject malicious instructions consumed downstream by LLM agents.
• Network position: Any client that can reach the FastAPI/uvicorn bind address.

Risk

High for deployments exposing mem0 on 0.0.0.0 without API gateway auth.

Remediation / workaround

• Immediately front mem0 with OAuth2/JWT or private network access only.
• Implement row-level security keyed on authenticated user IDs.
• Vendor patch TBD.