COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2026-59706

CVE-2026-59706

Severity
critical
Source
NVD · cve
Published
2026-07-07
CVSS
9.3
Reference
https://nvd.nist.gov/vuln/detail/CVE-2026-59706
shame 35/100

mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forgery via attacker-controlled ollama_base_url parameter. Unauthenticated attackers can retrieve stored secrets like OpenAI API keys via GET /api/v1/config/ or

Description

mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forgery via attacker-controlled ollama_base_url parameter. Unauthenticated attackers can retrieve stored secrets like OpenAI API keys via GET /api/v1/config/ or trigger SSRF attacks by setting ollama_base_url to internal addresses like cloud IMDS via PUT /api/v1/config/mem0/llm endpoint.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.