CVE-2026-49291
Deferred Deferred - Pending Action

OAuth Bypass in mcp-memory-service Allows Unauthorized Memory Modifications

Vulnerability report for CVE-2026-49291, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-19

Last updated on: 2026-06-22

Assigner: GitHub, Inc.

Description

mcp-memory-service is a semantic memory layer for AI applications. Prior to version 10.65.3, the HTTP MCP JSON-RPC endpoint at `/mcp` requires only OAuth `read` scope for all requests, then dispatches `tools/call` directly to handlers that include mutating tools. A read-only OAuth client can call `store_memory` and `delete_memory` through MCP even though the corresponding REST endpoints require `write` scope. Version 10.65.3 patches the issue.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-19
Last Modified
2026-06-22
Generated
2026-07-11
AI Q&A
2026-06-19
EPSS Evaluated
2026-07-10
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
doobidoo mcp-memory-service to 10.65.3 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-862 The product does not perform an authorization check when an actor attempts to access a resource or perform an action.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

The vulnerability in mcp-memory-service prior to version 10.65.3 involves improper OAuth scope enforcement on the HTTP MCP JSON-RPC endpoint at `/mcp`. Specifically, the endpoint requires only the OAuth `read` scope for all requests, but it dispatches calls to handlers that include mutating tools. This means that a client with only read permissions can invoke operations like `store_memory` and `delete_memory`, which should require `write` permissions. This flaw allows unauthorized modification of memory data through the JSON-RPC interface.

Impact Analysis

This vulnerability can lead to unauthorized modification or deletion of memory data in the mcp-memory-service. An attacker or a client with only read access could perform write operations, potentially corrupting or deleting important data. This can impact the integrity and availability of the AI application's memory layer, possibly causing malfunction or data loss.

Mitigation Strategies

To mitigate this vulnerability, upgrade the mcp-memory-service to version 10.65.3 or later, where the issue has been patched.

Compliance Impact

The provided information does not specify how the vulnerability in mcp-memory-service impacts compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-49291. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart