The vulnerability CVE-2026-29787 affects the open-source mcp-memory-service, a memory backend used in multi-agent systems. Prior to version 10.21.0, the service exposes a REST API endpoint /api/health/detailed that returns detailed system information including the operating system version, Python runtime version, CPU core count, total memory, disk usage statistics, and the full path to the database filesystem. This endpoint is intended for health monitoring but inadvertently leaks sensitive reconnaissance data. The issue is exacerbated when the environment variable MCP_ALLOW_ANONYMOUS_ACCESS=true is set, which disables authentication requirements for the HTTP server. Additionally, the service by default binds to 0.0.0.0, making it accessible from any network interface. Consequently, any unauthenticated user on the network can query this endpoint and obtain detailed system information that could facilitate targeted attacks or lateral movement. The vulnerability is classified under CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor). The CVSS v3.1 base score is 5.3 (medium severity), reflecting the network attack vector, low complexity, no privileges or user interaction required, and limited confidentiality impact without affecting integrity or availability. No known exploits have been reported in the wild as of now. The vendor addressed this issue in version 10.21.0 by restricting access or removing sensitive data exposure. This vulnerability primarily affects deployments that enable anonymous access and expose the service to untrusted networks.

The primary impact of this vulnerability is the unauthorized disclosure of sensitive system information. Attackers gaining access to OS version, Python version, hardware details, and database paths can use this data for reconnaissance to identify potential attack vectors, exploit version-specific vulnerabilities, or map the network environment. While the vulnerability does not directly enable system compromise, it lowers the attacker's effort and increases the likelihood of successful targeted attacks. Organizations with mcp-memory-service deployed in production environments, especially those exposing the service to public or untrusted networks with anonymous access enabled, face increased risk of information leakage. This can lead to subsequent attacks such as privilege escalation, lateral movement, or data exfiltration. The impact is more significant in environments where the service runs on critical infrastructure or handles sensitive data. Since no integrity or availability impact exists, the immediate operational disruption is low, but the confidentiality breach can have medium-term security consequences.

To mitigate this vulnerability, organizations should upgrade mcp-memory-service to version 10.21.0 or later, where the issue is patched. If immediate upgrade is not feasible, disable anonymous access by ensuring MCP_ALLOW_ANONYMOUS_ACCESS is set to false or unset, enforcing authentication via OAuth or API keys. Additionally, avoid binding the service to 0.0.0.0; instead, restrict the binding to localhost or trusted network interfaces to limit exposure. Implement network-level controls such as firewalls or access control lists to restrict access to the service endpoints only to authorized systems. Regularly audit configurations to verify that sensitive endpoints are not publicly accessible. Monitor network traffic for unusual access patterns to the /api/health/detailed endpoint. Finally, incorporate this vulnerability into vulnerability management and patching processes to ensure timely remediation.