CVE-2026-49948
Published: 09 June 2026
Summary
CVE-2026-49948 is a high-severity Missing Authorization (CWE-862) vulnerability. Its CVSS base score is 8.6 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 20.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
This vulnerability is AI-related — categorised as LLM Application Platforms; in the LLM/Generative AI Risks risk domain.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-35449
Vulnerability details
Mem0 versions through 0.2.8, fixed in commit ae7f406, contain a missing authorization vulnerability in the self-hosted server component where the POST /configure endpoint modifies global LLM provider and embedder configuration but only verifies authentication via JWT or X-API-Key without validating…
more
the caller's role. Any authenticated user holding a distributed API key can redirect all LLM and embedder traffic to an attacker-controlled server, with the malicious configuration persisted to PostgreSQL and surviving server restarts to affect all users and API keys on the instance.
- CWE(s)
AI Security AnalysisAI
- AI Category
- LLM Application Platforms
- Risk Domain
- LLM/Generative AI Risks
- OWASP Top 10 for LLMs 2025
- None mapped
- Classification Reason
- Matched keywords: llm
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Missing authorization on public-facing /configure endpoint directly enables exploitation of the self-hosted server application.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Requiring an access control policy ensures authorization checks are defined and applied for critical functions.
Reviews of access controls detect missing authorization checks on critical functions or resources.
Documenting permitted unauthenticated actions prevents missing authorization by making all exceptions explicit and subject to organizational review.
Requiring attribute association with information prevents authorization from being performed without necessary security or privacy context.
Mandating authorization prior to allowing remote connections addresses missing authorization for remote access.
Mandating authorization before wireless connections are allowed prevents missing authorization for wireless access.
The control requires authorization before allowing mobile device connections, directly mitigating missing authorization for system access.
Requiring approvals for account creation and specifying authorizations ensures authorization is not missing for system access.