Dispatch
CVE-2026-33010: CVSS 8.1 High Severity Vulnerability in mcp-memory-service — Open-Source Agent Memory Backend at Risk
A high severity vulnerability (CVSS 8.1) was publicly disclosed March 20 in mcp-memory-service, a widely used open-source memory backend for multi-agent AI systems. This is distinct from the CVE-2026-26118 Azure MCP SSRF patched earlier this month, signaling that core agent infrastructure — not just cloud hosting layers — carries significant unpatched risk. Developers building multi-agent systems with persistent memory should audit mcp-memory-service deployments immediately.
Source
↳ Follow the thread