{"uuid": "c9371743-8a34-41e9-9f5c-c93c669abd22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "ghsa-84hp-mqvj-3p8h", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116853809243699371", "content": "CVE-2026-50027: mcp-memory-service (&lt;10.67.1) has a CRITICAL auth bypass in /api/documents/* \ud83d\udea8. Unauthenticated attackers can read, write, delete memory data. Restrict access or disable endpoints until fixed. https://radar.offseq.com/threat/ghsa-84hp-mqvj-3p8h-mcp-memory-service-missing-aut-09a7b270b55ce238 #OffSeq #CVE202650027 #APIsecurity", "creation_timestamp": "2026-07-03T03:00:27.142830Z"}