Open-source persistent memory for AI agent pipelines (LangGraph, CrewAI, AutoGen) and Claude. REST API + knowledge graph + autonomous consolidation.
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"memory": {
"args": [
"server"
],
"command": "memory"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Open-source memory backend for multi-agent systems. Agents store decisions, share causal knowledge graphs, and retrieve context in 5ms — without cloud lock-in or API costs.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
uvx 'mcp-memory-service' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
mcp-memory-service: OAuth read-only clients can write and delete memories through MCP tools/call
## Summary The HTTP MCP JSON-RPC endpoint at `/mcp` requires only OAuth `read` scope for all requests, then dispatches `tools/call` directly to handlers that include mutating tools. A read-only OAuth client can call `store_memory` and `delete_memory` through MCP even though the corresponding REST endpoints require `write` scope. ## Technical Details `src/mcp_memory_service/web/api/mcp.py` declares `mcp_endpoint` with `user: AuthenticationResult = Depends(require_read_access)`. For `tools/call
mcp-memory-service's Wildcard CORS with Credentials Enables Cross-Origin Memory Theft
### Summary When the HTTP server is enabled (`MCP_HTTP_ENABLED=true`), the application configures FastAPI's CORSMiddleware with `allow_origins=['*']`, `allow_credentials=True`, `allow_methods=["*"]`, and `allow_headers=["*"]`. The wildcard `Access-Control-Allow-Origin: *` header permits any website to read API responses cross-origin. When combined with anonymous access (`MCP_ALLOW_ANONYMOUS_ACCESS=true`) - the simplest way to get the HTTP dashboard working without OAuth - no credentials are need
mcp-memory-service Vulnerable to System Information Disclosure via Health Endpoint
### Summary The `/api/health/detailed` endpoint returns detailed system information including OS version, Python version, CPU count, memory totals, disk usage, and the full database filesystem path. When `MCP_ALLOW_ANONYMOUS_ACCESS=true` is set (required for the HTTP server to function without OAuth/API key), this endpoint is accessible without authentication. Combined with the default `0.0.0.0` binding, this exposes sensitive reconnaissance data to the entire network. ### Details ### Vulnerabl
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in ai-ml / productivity
Dynamic problem-solving through sequential thought chains
Persistent memory using a knowledge graph
Workspace template + MCP server for Claude Code, Codex CLI, Cursor & Windsurf. Multi-agent knowledge engine (ag-refresh / ag-ask) that turns any codebase into a queryable AI assistant.
mini cli search engine for your docs, knowledge bases, meeting notes, whatever. Tracking current sota approaches while being all local
MCP Security Weekly
Get CVE alerts and security updates for Mcp Memory Service and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.