CVE-2026-29787
📋 TL;DR
mcp-memory-service versions before 10.21.0 expose detailed system information via an unauthenticated /api/health/detailed endpoint when MCP_ALLOW_ANONYMOUS_ACCESS=true is configured. This allows network attackers to gather reconnaissance data including OS details, Python version, CPU/memory stats, disk usage, and database file paths. Systems running vulnerable versions with anonymous access enabled and bound to 0.0.0.0 are affected.
💻 Affected Systems
- mcp-memory-service
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers map the entire infrastructure, identify vulnerable software versions, locate database files for potential theft, and use reconnaissance data to launch targeted attacks against other systems.
Likely Case
Attackers gather system intelligence to plan further attacks, identify vulnerable components, and potentially access sensitive database file paths.
If Mitigated
Limited information disclosure with no direct system compromise, but still provides attackers with useful reconnaissance data.
🎯 Exploit Status
Simple HTTP GET request to /api/health/detailed endpoint with no authentication required
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 10.21.0
Vendor Advisory: https://github.com/doobidoo/mcp-memory-service/security/advisories/GHSA-73hc-m4hx-79pj
Restart Required: Yes
Instructions:
1. Update mcp-memory-service to version 10.21.0 or later using pip: pip install mcp-memory-service>=10.21.0
2. Restart the mcp-memory-service process
3. Verify the endpoint no longer returns sensitive information
🔧 Temporary Workarounds
Disable Anonymous Access
allRemove MCP_ALLOW_ANONYMOUS_ACCESS=true from configuration or set to false
export MCP_ALLOW_ANONYMOUS_ACCESS=false
unset MCP_ALLOW_ANONYMOUS_ACCESS
Restrict Network Binding
allBind service to localhost or specific IP instead of 0.0.0.0
Set binding to 127.0.0.1 or specific interface IP in service configuration
🧯 If You Can't Patch
- Implement network firewall rules to restrict access to the mcp-memory-service port from trusted IPs only
- Place service behind reverse proxy with authentication requirements for /api/health/detailed endpoint
🔍 How to Verify
Check if Vulnerable:
curl -v http://<server>:<port>/api/health/detailed - if it returns detailed system info without authentication, system is vulnerableCheck Version:
pip show mcp-memory-service | grep VersionVerify Fix Applied:
After patching, same curl command should return minimal or no sensitive information📡 Detection & Monitoring
Log Indicators:
- Multiple GET requests to /api/health/detailed from untrusted sources
- Unusual access patterns to health endpoint
Network Indicators:
- HTTP GET requests to /api/health/detailed endpoint from external IPs
- Port scanning followed by health endpoint access
SIEM Query:
source="mcp-memory-service" AND path="/api/health/detailed" AND src_ip NOT IN (trusted_ips)