Skip to content

remembra-ai/remembra

v0.13.0 Security

This release includes 3 security fixes for security teams reviewing exposed deployments.

Published 2mo AI Agents & Assistants
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →
This release patches 3 known CVEs

Topics

ai ai-agents ai-memory claude developer-tools embeddings
+10 more
knowledge-graph llm mcp memory openai python self-hosted semantic-memory typescript vector-db

Affected surfaces

auth rbac

Summary

AI summary

Two‑Factor Authentication (TOTP) added to the Dashboard.

Full changelog

🚀 What's New in v0.13.0

Dashboard v2.0

  • 🔐 Two-Factor Authentication — TOTP-based 2FA with any authenticator app
  • 👥 Team Collaboration — Shared memory spaces with Viewer/Member/Admin roles
  • 🛠️ Admin Dashboard — Full user management (delete, deactivate, reset password)
  • 📊 Activity Log — Security audit trail with JSON export
  • 🕵️ Entity Browser — Visual exploration of people, places, concepts
  • ⏰ Timeline Fix — Proper timezone handling with local time display

TypeScript SDK (npm)

  • 📦 npm packagenpm install remembra with full TypeScript support

Fixed

  • 🔒 RBAC Enforcement — Viewer role properly restricted from store/delete
  • 🛡️ SSRF Protection — Webhooks block private IP ranges
  • 🧹 Error Sanitization — No Python exceptions leaked to clients

Install

pip install remembra==0.13.0
npm install remembra
docker run -d -p 8787:8787 remembra/remembra:0.13.0

Stats

  • 2,700+ PyPI downloads/month
  • 700+ Docker pulls
  • 400 unique cloners
  • Indexed on 8 platforms including npm

Full changelog: https://remembra.dev/changelog/v0.13.0

Security Fixes

  • RBAC Enforcement fixed – Viewer role now properly restricted from store/delete operations
  • SSRF Protection added – Webhooks block private IP ranges
  • Error Sanitization improved – Python exceptions are no longer leaked to clients
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track remembra-ai/remembra

Get notified when new releases ship.

Sign up free

About remembra-ai/remembra

Persistent memory layer for AI agents with entity resolution, PII detection, AES-256-GCM encryption at rest, and hybrid search. 100% on LoCoMo benchmark. Self-hosted.

All releases →

Related context

Beta — feedback welcome: [email protected]