<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 10 Jul 2026 09:39:18 +0000</lastBuildDate>
    <item>
      <title>f76aa55c-fcf9-49f7-8a53-ced46a4bb66d</title>
      <link>https://vulnerability.circl.lu/sighting/f76aa55c-fcf9-49f7-8a53-ced46a4bb66d/export</link>
      <description>{"uuid": "f76aa55c-fcf9-49f7-8a53-ced46a4bb66d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59706", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116890266111536679", "content": "I keep hearing how AI and LLMs are the future but they sure keep feeling like shitty applications from 20 years ago.\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-59706\n\nmem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forgery via attacker-controlled ollama_base_url parameter. Unauthenticated attackers can retrieve stored secrets like OpenAI API keys via GET /api/v1/config/ or trigger SSRF attacks by setting ollama_base_url to internal addresses like cloud IMDS via PUT /api/v1/config/mem0/llm endpoint.", "creation_timestamp": "2026-07-09T13:31:54.921466Z"}</description>
      <content:encoded>{"uuid": "f76aa55c-fcf9-49f7-8a53-ced46a4bb66d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59706", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/116890266111536679", "content": "I keep hearing how AI and LLMs are the future but they sure keep feeling like shitty applications from 20 years ago.\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-59706\n\nmem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forgery via attacker-controlled ollama_base_url parameter. Unauthenticated attackers can retrieve stored secrets like OpenAI API keys via GET /api/v1/config/ or trigger SSRF attacks by setting ollama_base_url to internal addresses like cloud IMDS via PUT /api/v1/config/mem0/llm endpoint.", "creation_timestamp": "2026-07-09T13:31:54.921466Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f76aa55c-fcf9-49f7-8a53-ced46a4bb66d/export</guid>
      <pubDate>Thu, 09 Jul 2026 13:31:54 +0000</pubDate>
    </item>
    <item>
      <title>3f9d1005-184b-44ec-97f1-8f321d0e5ca2</title>
      <link>https://vulnerability.circl.lu/sighting/3f9d1005-184b-44ec-97f1-8f321d0e5ca2/export</link>
      <description>{"uuid": "3f9d1005-184b-44ec-97f1-8f321d0e5ca2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59706", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq3rokhsrv2g", "content": "CVE-2026-59706 - mem0 - Server-Side Request Forgery and Plaintext API Key Exposure via Unauthenticated Config Endpoints\nCVE ID : CVE-2026-59706\n \n Published : July 7, 2026, 10:16 p.m. | 58\u00a0minutes ago\n \n Description : mem0 contains unauthenticated config API endpoints that exp...", "creation_timestamp": "2026-07-07T23:40:06.213808Z"}</description>
      <content:encoded>{"uuid": "3f9d1005-184b-44ec-97f1-8f321d0e5ca2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59706", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mq3rokhsrv2g", "content": "CVE-2026-59706 - mem0 - Server-Side Request Forgery and Plaintext API Key Exposure via Unauthenticated Config Endpoints\nCVE ID : CVE-2026-59706\n \n Published : July 7, 2026, 10:16 p.m. | 58\u00a0minutes ago\n \n Description : mem0 contains unauthenticated config API endpoints that exp...", "creation_timestamp": "2026-07-07T23:40:06.213808Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/3f9d1005-184b-44ec-97f1-8f321d0e5ca2/export</guid>
      <pubDate>Tue, 07 Jul 2026 23:40:06 +0000</pubDate>
    </item>
    <item>
      <title>6cd25b63-d020-483f-9b52-fe2706529818</title>
      <link>https://vulnerability.circl.lu/sighting/6cd25b63-d020-483f-9b52-fe2706529818/export</link>
      <description>{"uuid": "6cd25b63-d020-483f-9b52-fe2706529818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59706", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3lju4gqu2f", "content": "CVE-2026-59706 - mem0\nThe mem0 software has unsecured endpoints that reveal sensitive API keys and allow attackers to access internal addresses. This puts sensitive data and systems at risk. To protect your data, update\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#mem0 #CVE #infosec", "creation_timestamp": "2026-07-07T21:50:05.433458Z"}</description>
      <content:encoded>{"uuid": "6cd25b63-d020-483f-9b52-fe2706529818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-59706", "type": "seen", "source": "https://bsky.app/profile/stackflag.bsky.social/post/3mq3lju4gqu2f", "content": "CVE-2026-59706 - mem0\nThe mem0 software has unsecured endpoints that reveal sensitive API keys and allow attackers to access internal addresses. This puts sensitive data and systems at risk. To protect your data, update\u2026\n\nToo many irrelevant or confusing CVEs? Use stackflag.com\n\n#mem0 #CVE #infosec", "creation_timestamp": "2026-07-07T21:50:05.433458Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/6cd25b63-d020-483f-9b52-fe2706529818/export</guid>
      <pubDate>Tue, 07 Jul 2026 21:50:05 +0000</pubDate>
    </item>
  </channel>
</rss>
