Lucene search
K

155 matches found

vulnersOsv
vulnersOsv
added 2026/02/06 6:37 p.m.4 views

agentiq-semantic-kernel (>=1.0.0 <=1.1.0a20250428), agixt (>=1.1.76b0 <=1.3.71) +9 more potentially affected by CVE-2026-25592 via semantic-kernel (>=0.2.9.dev0 <=1.35.3)

semantic-kernel PYPI version =0.2.9.dev0, =1.0.0, =1.1.76b0, =1.1.0, =0.1.1, =0.1.0, =0.3.0, =1.2.0, =0.2.0, =0.0.1, =1.0.0, =1.0.9 Source cves: CVE-2026-25592 Source advisory: OSV:GHSA-2WW3-72RP-WPP4...

9.9CVSS5.4AI score0.0195EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/24 9:15 a.m.7 views

CVE-2026-0760

Foundation Agents MetaGPT deserializemessage Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this...

9.8CVSS6.6AI score0.00993EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/24 9:15 a.m.6 views

CVE-2026-0761

Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...

9.8CVSS6.5AI score0.01051EPSS
Exploits0References1
Snyk
Snyk
added 2026/01/23 5:8 a.m.3 views

Deserialization of Untrusted Data

Overview metagpt is a The Multi-Agent Framework Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the deserializemessage function. Details Serialization is a process of converting an object into a sequence of bytes which can be persisted to a disk or databa...

9.8CVSS5.9AI score0.00993EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/23 5:8 a.m.3 views

Arbitrary Code Injection

Overview metagpt is a The Multi-Agent Framework Affected versions of this package are vulnerable to Arbitrary Code Injection via the actionoutputstrtomapping function. An attacker can execute arbitrary code as the service account. Remediation There is no fixed version for metagpt. References -...

9.8CVSS6.2AI score0.01051EPSS
Exploits0References2
NVD
NVD
added 2026/01/23 4:16 a.m.7 views

CVE-2026-0760

Foundation Agents MetaGPT deserializemessage Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this...

9.8CVSS0.00993EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 4:16 a.m.6 views

CVE-2026-0761

Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...

9.8CVSS0.01051EPSS
Exploits0References1
OSV
OSV
added 2026/01/23 3:28 a.m.4 views

CVE-2026-0761 Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability

Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...

9.8CVSS7.7AI score0.01051EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/23 3:28 a.m.7 views

CVE-2026-0761

Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...

9.8CVSS6.3AI score0.01051EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/23 3:28 a.m.3 views

CVE-2026-0761 Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability

Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...

9.8CVSS6.5AI score0.01051EPSS
Exploits0References1
CVE
CVE
added 2026/01/23 3:28 a.m.12 views

CVE-2026-0761

The CVE-2026-0761 issue affects Foundation Agents MetaGPT, where the function actionoutput_str_to_mapping accepts user-supplied strings without proper validation, allowing remote code execution in the service account context. Reports from Red Hat and NVD summarize the flaw as a Python code execut...

9.8CVSS6.5AI score0.01051EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/01/23 3:28 a.m.47 views

CVE-2026-0761 Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability

Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...

9.8CVSS0.01051EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 3:28 a.m.5 views

CVE-2026-0760

Foundation Agents MetaGPT deserializemessage Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this...

9.8CVSS6.4AI score0.00993EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/01/23 3:28 a.m.3 views

CVE-2026-0760 Foundation Agents MetaGPT deserialize_message Deserialization of Untrusted Data Remote Code Execution Vulnerability

Foundation Agents MetaGPT deserializemessage Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this...

9.8CVSS7.7AI score0.00993EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/23 3:28 a.m.3 views

CVE-2026-0760 Foundation Agents MetaGPT deserialize_message Deserialization of Untrusted Data Remote Code Execution Vulnerability

Foundation Agents MetaGPT deserializemessage Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this...

9.8CVSS6.6AI score0.00993EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.7 views

MetaGPT code injection vulnerability

MetaGPT is a multi-agent framework developed by MetaGPT Inc. MetaGPT has a code injection vulnerability, which stems from the actionoutputstrtomapping function’s lack of validation for strings provided by users. This vulnerability may lead to code injection and remote code execution...

9.8CVSS7.6AI score0.01051EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/23 12:0 a.m.7 views

MetaGPT code issues and vulnerabilities

MetaGPT is a multi-agent framework developed by MetaGPT Inc. There are code issues and vulnerabilities in MetaGPT; these vulnerabilities stem from the deserializemessage function’s lack of verification of the data provided by users, which may lead to the deserialization of untrusted data and remo...

9.8CVSS7.6AI score0.00993EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/09 12:0 a.m.6 views

PT-2026-1991

Name of the Vulnerable Software and Affected Versions Foundation Agents MetaGPT affected versions not specified Description A flaw exists in the actionoutput str to mapping function that allows remote attackers to execute arbitrary code on affected systems. Authentication is not required for...

9.8CVSS9AI score0.01051EPSS
Exploits0References6
Zero Day Initiative
Zero Day Initiative
added 2026/01/09 12:0 a.m.6 views

(0Day) Foundation Agents MetaGPT deserialize_message Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The specific flaw exists within the deserializemessage function. The issue results from the lack of proper...

9.8CVSS7.7AI score0.00993EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2026/01/09 12:0 a.m.6 views

(0Day) Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The specific flaw exists within the actionoutputstrtomapping function. The issue results from the lack of prop...

9.8CVSS7.6AI score0.01051EPSS
Exploits0
Rows per page
Query Builder