diff --git a/server/router/api/v1/memo_service.go b/server/router/api/v1/memo_service.go
index b9455b682..0fcc2d25a 100644
--- a/server/router/api/v1/memo_service.go
+++ b/server/router/api/v1/memo_service.go
@@ -13,6 +13,7 @@ import (
 	"google.golang.org/grpc/status"
 	"google.golang.org/protobuf/types/known/emptypb"
 
+	"github.com/usememos/memos/internal/base"
 	"github.com/usememos/memos/plugin/webhook"
 	v1pb "github.com/usememos/memos/proto/gen/api/v1"
 	storepb "github.com/usememos/memos/proto/gen/store"
@@ -33,6 +34,11 @@ func (s *APIV1Service) CreateMemo(ctx context.Context, request *v1pb.CreateMemoR
 	memoUID := strings.TrimSpace(request.MemoId)
 	if memoUID == "" {
 		memoUID = shortuuid.New()
+	} else {
+		// Validate custom memo ID format
+		if !base.UIDMatcher.MatchString(memoUID) {
+			return nil, status.Errorf(codes.InvalidArgument, "invalid memo_id format: must be 1-32 characters, alphanumeric and hyphens only, cannot start or end with hyphen")
+		}
 	}
 
 	create := &store.Memo{