CVE-2026-59706 - mem0 - Server-Side Request Forgery and Plaintext API Key Exposure via Unauthenticated Config Endpoints
CVE ID :CVE-2026-59706 Published : July 7, 2026, 10:16 p.m. | 58 minutes ago Description :mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forgery via attacker-controlled ollama_base_url parameter. Unauthenticated attackers...