CVE-2026-33010

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2026-33010

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-33010.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2026-33010

Aliases

GHSA-g9rg-8vq5-mpwm

Published

2026-03-20T18:33:39.007Z

Modified

2026-04-10T05:43:06.701006Z

Severity

8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N CVSS Calculator

Summary

mcp-memory-service's Wildcard CORS with Credentials Enables Cross-Origin Memory Theft

Details

mcp-memory-service is an open-source memory backend for multi-agent systems. Prior to version 10.25.1, when the HTTP server is enabled (MCPHTTPENABLED=true), the application configures FastAPI's CORSMiddleware with alloworigins=['*'], allowcredentials=True, allowmethods=["*"], and allowheaders=["*"]. The wildcard Access-Control-Allow-Origin: * header permits any website to read API responses cross-origin. When combined with anonymous access (MCPALLOWANONYMOUS_ACCESS=true) - the simplest way to get the HTTP dashboard working without OAuth - no credentials are needed, so any malicious website can silently read, modify, and delete all stored memories. This issue has been patched in version 10.25.1.

Database specific

{
    "cwe_ids": [
        "CWE-942"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/33xxx/CVE-2026-33010.json",
    "cna_assigner": "GitHub_M"
}

References

Affected packages

Git / github.com/doobidoo/mcp-memory-service

Affected ranges

Type

GIT

Repo

https://github.com/doobidoo/mcp-memory-service

Events

Introduced

Fixed

91ab4e5ee99d593d9b4400aac1f5e28232d4ab54

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "10.25.1"
        }
    ]
}

Affected versions

v0.*

v0.1.0

v1.*

v1.0.0

v10.*

v10.0.0

v10.0.1

v10.0.2

v10.0.3

v10.1.0

v10.1.1

v10.1.2

v10.10.0

v10.10.1

v10.10.2

v10.10.3

v10.10.4

v10.10.5

v10.10.6

v10.11.0

v10.11.1

v10.11.2

v10.12.0

v10.12.1

v10.13.0

v10.13.1

v10.13.2

v10.14.0

v10.15.0

v10.15.1

v10.16.0

v10.16.1

v10.17.0

v10.17.10

v10.17.11

v10.17.12

v10.17.13

v10.17.15

v10.17.16

v10.17.2

v10.17.3

v10.17.4

v10.17.5

v10.17.6

v10.17.7

v10.17.8

v10.17.9

v10.18.0

v10.18.1

v10.18.2

v10.18.3

v10.19.0

v10.2.0

v10.2.1

v10.20.0

v10.20.1

v10.20.2

v10.20.4

v10.20.6

v10.21.0

v10.21.1

v10.22.0

v10.23.0

v10.24.0

v10.25.0

v10.3.0

v10.4.0

v10.4.1

v10.4.2

v10.4.3

v10.4.4

v10.4.5

v10.4.6

v10.5.0

v10.5.1

v10.6.0

v10.6.1

v10.7.0

v10.7.1

v10.7.2

v10.8.0

v10.9.0

v2.*

v2.0.0

v2.1.0

v2.2.0

v3.*

v3.0.0

v3.1.0

v3.2.0

v3.3.0

v3.3.1

v3.3.2

v3.3.4

v4.*

v4.0.0

v4.0.0-alpha.1

v4.0.0-beta.1

v4.2.0

v4.3.0

v4.5.0

v4.5.1

v4.5.2

v4.6.0

v4.6.1

v5.*

v5.0.0

v5.0.1

v5.0.2

v5.0.3

v5.0.4

v5.0.5

v5.1.0

v5.2.0

v5.2.1

v5.3.0

v6.*

v6.0.0

v6.1.0

v6.1.1

v6.10.0

v6.10.1

v6.11.0

v6.11.1

v6.12.0

v6.13.0

v6.13.1

v6.13.2

v6.13.3

v6.13.4

v6.13.5

v6.13.6

v6.13.7

v6.13.8

v6.14.0

v6.15.0

v6.15.1

v6.16.0

v6.16.1

v6.17.0

v6.17.1

v6.17.2

v6.18.0

v6.19.0

v6.2.0

v6.2.1

v6.2.4

v6.2.5

v6.20.0

v6.20.1

v6.21.0

v6.22.0

v6.22.1

v6.23.0

v6.3.0

v6.3.1

v6.3.2

v6.3.3

v6.4.0

v6.5.0

v6.5.1

v6.6.0

v6.6.1

v6.6.2

v6.6.3

v6.6.4

v6.7.0

v6.7.1

v6.7.2

v6.8.0

v6.9.0

v7.*

v7.0.0

v7.1.0

v7.1.3-main

v7.1.4

v7.5.1

v7.5.2

v8.*

v8.10.0

v8.11.0

v8.12.0

v8.12.1

v8.13.0

v8.13.1

v8.13.2

v8.13.3

v8.13.4

v8.13.5

v8.14.0

v8.14.1

v8.14.2

v8.15.0

v8.15.1

v8.16.0

v8.16.1

v8.16.2

v8.17.0

v8.17.1

v8.18.0

v8.18.1

v8.18.2

v8.19.0

v8.19.1

v8.2.4

v8.20.0

v8.20.1

v8.21.0

v8.22.0

v8.22.1

v8.22.2

v8.23.0

v8.23.1

v8.24.1

v8.24.2

v8.24.3

v8.24.4

v8.25.0

v8.25.1

v8.25.2

v8.26.0

v8.27.0

v8.27.1

v8.27.2

v8.28.0

v8.28.1

v8.29.0

v8.3.0

v8.3.1

v8.30.0

v8.31.0

v8.32.0

v8.33.0

v8.34.0

v8.35.0

v8.36.0

v8.36.1

v8.37.0

v8.38.0

v8.38.1

v8.39.0

v8.39.1

v8.4.0

v8.4.1

v8.4.2

v8.4.3

v8.40.0

v8.41.0

v8.41.1

v8.41.2

v8.42.0

v8.42.1

v8.43.0

v8.44.0

v8.45.0

v8.45.1

v8.45.2

v8.45.3

v8.46.0

v8.46.1

v8.46.2

v8.46.3

v8.47.0

v8.47.1

v8.48.0

v8.48.1

v8.48.2

v8.48.3

v8.48.4

v8.49.0

v8.5.0

v8.5.1

v8.5.10

v8.5.11

v8.5.12

v8.5.13

v8.5.14

v8.5.2

v8.5.3

v8.5.4

v8.5.5

v8.5.6

v8.5.7

v8.5.8

v8.5.9

v8.50.0

v8.50.1

v8.51.0

v8.52.0

v8.52.1

v8.52.2

v8.53.0

v8.54.0

v8.54.1

v8.54.2

v8.54.3

v8.54.4

v8.55.0

v8.56.0

v8.57.0

v8.57.1

v8.58.0

v8.59.0

v8.6.0

v8.60.0

v8.61.0

v8.61.1

v8.61.2

v8.62.0

v8.62.1

v8.62.10

v8.62.11

v8.62.12

v8.62.13

v8.62.2

v8.62.3

v8.62.4

v8.62.5

v8.62.6

v8.62.7

v8.62.8

v8.62.9

v8.63.0

v8.63.1

v8.64.0

v8.65.0

v8.66.0

v8.67.0

v8.68.0

v8.68.1

v8.68.2

v8.69.0

v8.7.0

v8.70.0

v8.71.0

v8.72.0

v8.73.0

v8.74.0

v8.75.0

v8.75.1

v8.76.0

v8.8.0

v8.8.1

v8.8.2

v8.9.0

v9.*

v9.0.0

v9.0.1

v9.0.2

v9.0.3

v9.0.4

v9.0.5

v9.0.6

v9.2.0

v9.2.1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-33010.json"