Fetching from the wire…
Public story · 2026-03-22 · source-backed
CVSS 8.1 vulnerability disclosed March 20 in mcp-memory-service, a widely used open-source memory backend for multi-agent systems. Distinct from the Azure MCP SSRF patched earlier this month — core agent infrastructure, not just hosting layers, carries significant unpatched risk. Source
Each link below shares sources, entities, or timing with this story.
Shared entities / Same source / Shared topic / Earlier coverage
Both cover CVE, CVSS, March; cite the same source (Source); overlapping topics (agent, cvss, mcp-memory-service).
Shared entities / Same source domain / Shared topic / What happened next
Both cover CVE, CVSS, March; reported by the same outlet (thehackerwire.com); overlapping topics (cvss, disclosed).
Both cover CVE, CVSS; reported by the same outlet (thehackerwire.com); overlapping topics (agent, azure, cvss).
Shared entities / Shared topic / What happened next
Both cover CVE, CVSS, March; overlapping topics (agent, vulnerability); picks up the CVE thread on 2026-03-29.
Shared entities / Same source domain / Shared topic / Earlier coverage
Both cover CVE, CVSS; reported by the same outlet (thehackerwire.com); overlapping topics (azure, cvss, infrastructure).
Shared entities / Shared topic / Earlier coverage / Tension
Both cover CVE, CVSS; overlapping topics (cvss, disclosed, infrastructure); earlier CVE coverage from 2026-02-21.
Shared entities / Same source domain / Shared topic / Earlier coverage
Both cover CVE, CVSS; reported by the same outlet (thehackerwire.com); overlapping topics (agent, cvss).
Both cover CVE, CVSS; reported by the same outlet (thehackerwire.com); overlapping topics (agent, cvss).