Logo
Retour à la veille

CVE-2026-11330

Publié : 5 juin 2026
Modifié : 5 juin 2026
Lien officiel NVD
Score CVSS
3.6
LOW

Description détaillée

A weakness has been identified in thedotmack claude-mem up to 11.0.1. The affected element is the function computeObservationContentHash of the file src/services/sqlite/observations/store.ts of the component Observation Content Hash Handler. This manipulation causes use of weak hash. The attack can only be executed locally. The attack's complexity is rated as high. The exploitability is described as difficult. Upgrading to version 12.0.0 is sufficient to fix this issue. Patch name: f32fda8b35e9fe9329f87da65c31149362a03f97. It is suggested to upgrade the affected component.

Vecteur d'attaque (CVSS)

Vecteur brut :CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L

Références et Patchs

https://github.com/thedotmack/claude-mem/https://github.com/thedotmack/claude-mem/commit/f32fda8b35e9fe9329f87da65c31149362a03f97https://github.com/thedotmack/claude-mem/pull/1494https://github.com/thedotmack/claude-mem/releases/tag/v12.0.0https://vuldb.com/cve/CVE-2026-11330https://vuldb.com/submit/832401https://vuldb.com/vuln/368870https://vuldb.com/vuln/368870/cti

Dernières Vulnérabilités

CVE-2026-6209

Improper Access Control, Missing Authorization vulnerability in HAVELSAN Inc. Geographic Tracking System allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Geographic Tracking System: before v0.0.2.

VOIR DÉTAILS

CVE-2026-6208

Authorization bypass through User-Controlled key vulnerability in HAVELSAN Inc. Geographic Tracking System allows Exploitation of Trusted Identifiers. This issue affects Geographic Tracking System: before v0.0.2.

VOIR DÉTAILS

CVE-2026-6207

Observable response discrepancy vulnerability in HAVELSAN Inc. Geographic Tracking System allows System Footprinting. This issue affects Geographic Tracking System: before v0.0.2.

VOIR DÉTAILS