Lucene search
K

37 matches found

EUVD
EUVD
added 2026/06/07 7:0 a.m.11 views

EUVD-2026-34985

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.2. Affected by this issue is the function checkcmdexists of the file metagpt/utils/common.py. This manipulation of the argument mermaid.path causes command injection. The attack may be initiated remotely. A high degree of...

5CVSS5.2AI score0.00936EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/02 1:45 a.m.45 views

CVE-2026-10566 FoundationAgents MetaGPT schema.py Message.check_instruct_content deserialization

A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.checkinstructcontent of the file metagpt/schema.py. Executing a manipulation of the argument mapping can lead to deserialization. The attack is restricted to local execution. The exploit has...

5.3CVSS0.00122EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/02 1:45 a.m.9 views

CVE-2026-10566 FoundationAgents MetaGPT schema.py Message.check_instruct_content deserialization

A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.checkinstructcontent of the file metagpt/schema.py. Executing a manipulation of the argument mapping can lead to deserialization. The attack is restricted to local execution. The exploit has...

5.3CVSS5.7AI score0.00122EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/02 1:45 a.m.13 views

EUVD-2026-33872

A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.checkinstructcontent of the file metagpt/schema.py. Executing a manipulation of the argument mapping can lead to deserialization. The attack is restricted to local execution. The exploit has...

5.3CVSS5.5AI score0.00122EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/12 2:0 a.m.4 views

EUVD-2026-21696

A vulnerability was identified in FoundationAgents MetaGPT up to 0.8.1. This affects the function generatethoughts of the file metagpt/strategy/tot.py of the component Tree-of-Thought Solver. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit is...

7.5CVSS6.7AI score0.00409EPSS
Exploits1References6
EUVD
EUVD
added 2026/04/12 1:30 a.m.6 views

EUVD-2026-21694

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minecraft/mineflayer/index.js of the component Mineflayer HTTP API. Executing a manipulation can lead to cross-site request forgery. The attack...

5.3CVSS5.3AI score0.00224EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.3 views

PT-2026-32144

Name of the Vulnerable Software and Affected Versions FoundationAgents MetaGPT versions up to 0.8.1 Description A security flaw exists in FoundationAgents MetaGPT versions up to 0.8.1. The decode image function within the metagpt/utils/common.py file is susceptible to server-side request forgery...

6.5CVSS6.4AI score0.00263EPSS
Exploits1References10
Vulnrichment
Vulnrichment
added 2026/04/09 7:0 p.m.1 views

CVE-2026-5972 FoundationAgents MetaGPT terminal.py Terminal.run_command os command injection

A vulnerability has been found in FoundationAgents MetaGPT up to 0.8.1. This issue affects the function Terminal.runcommand in the library metagpt/tools/libs/terminal.py. The manipulation leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed ...

7.5CVSS6.4AI score0.02328EPSS
Exploits1References6
OSV
OSV
added 2026/04/09 6:31 p.m.8 views

GHSA-G977-H85W-H2XJ MetaGPT has an Injection issue

A vulnerability was detected in FoundationAgents MetaGPT up to 0.8.1. This affects the function checksolution of the component HumanEvalBenchmark/MBPPBenchmark. Performing a manipulation results in code injection. The attack may be initiated remotely. The exploit is now public and may be used. Th...

7.3CVSS6.9AI score0.00387EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/04/09 6:0 p.m.23 views

CVE-2026-5971 FoundationAgents MetaGPT XML action_node.py ActionNode.xml_fill eval injection

A flaw has been found in FoundationAgents MetaGPT up to 0.8.1. This vulnerability affects the function ActionNode.xmlfill of the file metagpt/actions/actionnode.py of the component XML Handler. Executing a manipulation can lead to improper neutralization of directives in dynamically evaluated cod...

7.5CVSS0.00387EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/04/09 6:0 p.m.3 views

CVE-2026-5971 FoundationAgents MetaGPT XML action_node.py ActionNode.xml_fill eval injection

A flaw has been found in FoundationAgents MetaGPT up to 0.8.1. This vulnerability affects the function ActionNode.xmlfill of the file metagpt/actions/actionnode.py of the component XML Handler. Executing a manipulation can lead to improper neutralization of directives in dynamically evaluated cod...

7.5CVSS5.3AI score0.00387EPSS
Exploits1References6
CVE
CVE
added 2026/04/09 6:0 p.m.18 views

CVE-2026-5971

FoundationAgents MetaGPT up to 0.8.1 is affected. The vulnerability lies in ActionNode.xml_fill within metagpt/actions/action_node.py (XML Handler). It enables remote exploitation through manipulation of dynamically evaluated code, with reports that an exploit has been published. Multiple sources...

9.8CVSS6.7AI score0.00387EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2026/04/09 5:0 p.m.21 views

CVE-2026-5970 FoundationAgents MetaGPT HumanEvalBenchmark/MBPPBenchmark check_solution code injection

A vulnerability was detected in FoundationAgents MetaGPT up to 0.8.1. This affects the function checksolution of the component HumanEvalBenchmark/MBPPBenchmark. Performing a manipulation results in code injection. The attack may be initiated remotely. The exploit is now public and may be used. Th...

7.5CVSS0.00387EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.7 views

PT-2026-31669

A vulnerability was detected in FoundationAgents MetaGPT up to 0.8.1. This affects the function check solution of the component HumanEvalBenchmark/MBPPBenchmark. Performing a manipulation results in code injection. The attack may be initiated remotely. The exploit is now public and may be used. T...

7.5CVSS6.8AI score0.00387EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.9 views

PT-2026-31679

A flaw has been found in FoundationAgents MetaGPT up to 0.8.1. This vulnerability affects the function ActionNode.xml fill of the file metagpt/actions/action node.py of the component XML Handler. Executing a manipulation can lead to improper neutralization of directives in dynamically evaluated...

7.5CVSS6.7AI score0.00387EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.6 views

CVE-2026-4516

A vulnerability was found in Foundation Agents MetaGPT up to 0.8.1. This vulnerability affects unknown code of the file metagpt/actions/di/writeanalysiscode.py of the component DataInterpreter. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has be...

6.5CVSS6.2AI score0.00246EPSS
Exploits0References1
NVD
NVD
added 2026/03/21 3:17 p.m.5 views

CVE-2026-4516

A vulnerability was found in Foundation Agents MetaGPT up to 0.8.1. This vulnerability affects unknown code of the file metagpt/actions/di/writeanalysiscode.py of the component DataInterpreter. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has be...

6.5CVSS0.00246EPSS
Exploits0References4
NVD
NVD
added 2026/03/21 12:16 p.m.8 views

CVE-2026-4515

A vulnerability has been found in Foundation Agents MetaGPT up to 0.8.1. This affects the function codegenerate of the file metagpt/ext/aflow/scripts/operator.py. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

6.5CVSS0.00241EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/21 11:32 a.m.29 views

CVE-2026-4515 Foundation Agents MetaGPT operator.py code_generate code injection

A vulnerability has been found in Foundation Agents MetaGPT up to 0.8.1. This affects the function codegenerate of the file metagpt/ext/aflow/scripts/operator.py. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

6.5CVSS0.00241EPSS
Exploits0References4
CVE
CVE
added 2026/03/21 11:32 a.m.13 views

CVE-2026-4515

Foundation Agents MetaGPT up to 0.8.1 contains a code injection vulnerability in metagpt/ext/aflow/scripts/operator.py: function code_generate. The issue allows remote initiation and is associated with a PROOF-OF-CONCEPT exploit; exploitation status is indicated by the sources as disclosed public...

6.5CVSS6.1AI score0.00241EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder