CVE-2026-13511 | VoltAgent up to 2.1.17 Memory REST API memory.handlers.ts handleGetMemoryConversation conversationId improper authorization (Issue 1315)

Inserito da Angelo Barbosa | Giu 28, 2026 | CVE

A vulnerability was found in VoltAgent up to 2.1.17 and classified as problematic. Affected by this issue is the function handleGetMemoryConversation of the file packages/server-core/src/handlers/memory.handlers.ts of the component Memory REST API. Executing a manipulation of the argument conversationId can lead to improper authorization.

This vulnerability appears as CVE-2026-13511. The attack may be performed from remote. In addition, an exploit is available.

The pull request to fix this issue awaits acceptance.

CVE-2026-13511 | VoltAgent up to 2.1.17 Memory REST API memory.handlers.ts handleGetMemoryConversation conversationId improper authorization (Issue 1315)

Post correlati

CVE-2024-13357 | Ditty Plugin up to 3.1.51 on WordPress Setting cross site scripting

CVE-2024-4209 | Kadence Gutenberg Blocks Plugin up to 3.2.36 on WordPress Countdown Timer cross site scripting

CVE-2024-28755 | mbed TLS up to 3.5.x API mbedtls_ssl_session_reset inadequate encryption

CVE-2026-7776 | HashiCorp Boundary/Boundary Enterprise up to 0.19.4/0.20.2/0.21.2 Node Enrollment TLS Handshake allocation of resources