A vulnerability categorized as critical has been discovered in mem0. This vulnerability affects unknown code of the file /api/v1/config of the component Config API Handler. Executing a manipulation of the argument ollama_base_url can lead to server-side request forgery.

This vulnerability is registered as CVE-2026-59706. It is possible to launch the attack remotely. No exploit is available.