Loading...

Ready to See Your True Attack Surface?

Join thousands of security teams who trust ZeroVault to discover vulnerabilities before attackers do. Get started with a personalized demo.

mem0 contains unauthenticated config API endpoints that expose LLM API keys in plaintext and allow server-side request forgery via attacker-controlled ollama_base_url parameter