LOW
VoltAgent
CVE published 2026-06-28
CVE-2026-13511
CVE-2026-13511 is an improper authorization vulnerability in the Memory REST API of VoltAgent, affecting versions up to 2.1.17. The vulnerability is located in the handleGetMemoryConversation function within the memory.handlers.ts file. Exploitation requires a manipulated conversationId argument and is characterized by high complexity and difficulty. The attack can be performed remotely, and a public expl [truncated]