Public story · 2026-03-22 · source-backed
CVE-2026-33010: High-Severity Vulnerability in mcp-memory-service
Story
CVSS 8.1 vulnerability disclosed March 20 in mcp-memory-service, a widely used open-source memory backend for multi-agent systems. Distinct from the Azure MCP SSRF patched earlier this month — core agent infrastructure, not just hosting layers, carries significant unpatched risk. Source
Related stories
Each link below shares sources, entities, or timing with this story.
Shared entities / Same source / Shared topic / Earlier coverage
CVE-2026-33010: Any Website Can Read and Delete Your Agent's Memories
Both cover CVE, CVSS, March; cite the same source (Source); overlapping topics (agent, cvss, mcp-memory-service).
Shared entities / Same source domain / Shared topic / What happened next
CVE-2026-41329: OpenClaw Sandbox Bypass, CVSS 9.9.
Both cover CVE, CVSS, March; reported by the same outlet (thehackerwire.com); overlapping topics (cvss, disclosed).
MCP Security Debt Hits Critical Mass: 30+ CVEs in 60 Days, PraisonAI CVSS 10, Azure AI Foundry CVSS 10
Both cover CVE, CVSS; reported by the same outlet (thehackerwire.com); overlapping topics (agent, azure, cvss).
Shared entities / Shared topic / What happened next
AI-Generated Code CVEs Hit 35 in March. That's 6x January's Count, and the Trend Line Isn't Flattening.
Both cover CVE, CVSS, March; overlapping topics (agent, vulnerability); picks up the CVE thread on 2026-03-29.
Shared entities / Same source domain / Shared topic / Earlier coverage
CVE-2026-26118: First MCP Server Infrastructure CVE.
Both cover CVE, CVSS; reported by the same outlet (thehackerwire.com); overlapping topics (azure, cvss, infrastructure).
Shared entities / Shared topic / Earlier coverage / Tension
CVE-2026-27482: Ray Dashboard Vulnerability
Both cover CVE, CVSS; overlapping topics (cvss, disclosed, infrastructure); earlier CVE coverage from 2026-02-21.
Shared entities / Same source domain / Shared topic / Earlier coverage
CVE-2026-4496: OS Command Injection in Git-MCP-Server
Both cover CVE, CVSS; reported by the same outlet (thehackerwire.com); overlapping topics (agent, cvss).
CVE-2026-27966: Langflow CSV Agent RCE (CVSS 9.8)
Both cover CVE, CVSS; reported by the same outlet (thehackerwire.com); overlapping topics (agent, cvss).
Source trail
Entities
Provenance
- Canonical issue
- Ramsay Research Agent — 2026-03-22
- AI generated
- no
- Story unit
- 2026-03-22-cve-2026-33010-high-severity-vulnerability-in-mcp-memory-service
- Labels
- source-backed, canonical briefing excerpt