Lucene search
K

155 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/12 1:30 a.m.2 views

CVE-2026-6109

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minecraft/mineflayer/index.js of the component Mineflayer HTTP API. Executing a manipulation can lead to cross-site request forgery. The attack...

5.3CVSS5.3AI score0.00224EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/12 1:30 a.m.2 views

CVE-2026-6109 FoundationAgents MetaGPT Mineflayer HTTP API index.js evaluateCode cross-site request forgery

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minecraft/mineflayer/index.js of the component Mineflayer HTTP API. Executing a manipulation can lead to cross-site request forgery. The attack...

5.3CVSS5.3AI score0.00224EPSS
Exploits1References5
CVE
CVE
added 2026/04/12 1:30 a.m.21 views

CVE-2026-6109

The CVE-2026-6109 entry describes a vulnerability in FoundationAgents MetaGPT up to 0.8.1, specifically in the evaluateCode function of metagpt/environment/minecraft/mineflayer/index.js (Mineflayer HTTP API). It enables cross-site request forgery and can be exploited remotely. Public exploit disc...

8.8CVSS5.3AI score0.00224EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/04/12 1:30 a.m.6 views

EUVD-2026-21694

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minecraft/mineflayer/index.js of the component Mineflayer HTTP API. Executing a manipulation can lead to cross-site request forgery. The attack...

5.3CVSS5.3AI score0.00224EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.7 views

PT-2026-32141

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minecraft/mineflayer/index.js of the component Mineflayer HTTP API. Executing a manipulation can lead to cross-site request forgery. The attack...

5.3CVSS5.4AI score0.00224EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.11 views

PT-2026-32143

Name of the Vulnerable Software and Affected Versions FoundationAgents MetaGPT versions up to 0.8.1 Description A code injection issue exists in FoundationAgents MetaGPT up to version 0.8.1. The issue is located in the generate thoughts function within the metagpt/strategy/tot.py file of the...

9.8CVSS7.1AI score0.00409EPSS
Exploits1References11
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.6 views

MetaGPT 安全漏洞

MetaGPT is a multi-agent framework developed by MetaGPT Inc. Versions of MetaGPT 0.8.1 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the evaluateCode function in the Mineflayer HTTP API component’s file metagpt/environment/minecraft/mineflayer/index.js, which...

8.8CVSS5.8AI score0.00224EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.2 views

PT-2026-32144

Name of the Vulnerable Software and Affected Versions FoundationAgents MetaGPT versions up to 0.8.1 Description A security flaw exists in FoundationAgents MetaGPT versions up to 0.8.1. The decode image function within the metagpt/utils/common.py file is susceptible to server-side request forgery...

6.5CVSS6.4AI score0.00263EPSS
Exploits1References10
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.4 views

MetaGPT 代码注入漏洞

MetaGPT is a multi-agent framework developed by MetaGPT Inc. Versions of MetaGPT 0.8.1 and earlier contained a code injection vulnerability. This vulnerability stemmed from the generatethoughts function in the Tree-of-Thought Solver component’s metagpt/strategy/tot.py file, which could lead to...

9.8CVSS7.2AI score0.00409EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.4 views

MetaGPT 代码问题漏洞

MetaGPT is a multi-agent framework developed by MetaGPT Inc. Versions of MetaGPT 0.8.1 and earlier contained code vulnerabilities. These vulnerabilities stemmed from the improper handling of the imgurlorb64 parameter in the decodeimage function within the metagpt/utils/common.py file, which could...

6.5CVSS6.7AI score0.00263EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/04/10 7:22 p.m.4 views

CVE-2026-5972

A vulnerability has been found in FoundationAgents MetaGPT up to 0.8.1. This issue affects the function Terminal.runcommand in the library metagpt/tools/libs/terminal.py. The manipulation leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed ...

9.8CVSS6.4AI score0.02328EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/09 9:31 p.m.6 views

EUVD-2026-21049

A vulnerability has been found in FoundationAgents MetaGPT up to 0.8.1. This issue affects the function Terminal.runcommand in the library metagpt/tools/libs/terminal.py. The manipulation leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed ...

7.5CVSS6.4AI score0.02328EPSS
Exploits1References7
Snyk
Snyk
added 2026/04/09 9:31 p.m.5 views

Arbitrary Command Injection

Overview metagpt is a The Multi-Agent Framework Affected versions of this package are vulnerable to Arbitrary Command Injection via the Terminal.runcommand function. An attacker can execute arbitrary operating system commands by supplying crafted input to this function. Remediation A fix was push...

9.8CVSS7.8AI score0.02328EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/09 9:31 p.m.6 views

Arbitrary Command Injection

Overview metagpt is a The Multi-Agent Framework Affected versions of this package are vulnerable to Arbitrary Command Injection via the Bash.run method in metagpt/tools/libs/terminal.py. An attacker can execute arbitrary operating system commands by supplying crafted input remotely. Remediation A...

9.8CVSS7.7AI score0.02241EPSS
Exploits1References2
Snyk
Snyk
added 2026/04/09 9:31 p.m.5 views

Arbitrary Command Injection

Overview metagpt is a The Multi-Agent Framework Affected versions of this package are vulnerable to Arbitrary Command Injection via the getmimetype function. An attacker can execute arbitrary operating system commands by supplying crafted input remotely. Remediation A fix was pushed into the mast...

9.8CVSS7.8AI score0.02283EPSS
Exploits1References2
EUVD
EUVD
added 2026/04/09 9:31 p.m.8 views

EUVD-2026-21072

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The affected element is the function Bash.run in the library metagpt/tools/libs/terminal.py. This manipulation causes os command injection. The attack is possible to be carried out remotely. The project was informed of the...

7.5CVSS6.8AI score0.02241EPSS
Exploits1References7
OSV
OSV
added 2026/04/09 9:31 p.m.1 views

GHSA-QW5F-QPQ5-PPFG FoundationAgents MetaGPT vulnerable to OS Command Injection in metagpt/utils/common.py

A vulnerability was found in FoundationAgents MetaGPT up to 0.8.1. Impacted is the function getmimetype of the file metagpt/utils/common.py. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The project was...

7.3CVSS6.7AI score0.02283EPSS
Exploits1References7
OSV
OSV
added 2026/04/09 9:31 p.m.2 views

GHSA-WP29-QMVJ-FRVP FoundationAgents MetaGPT vulnerable to os command injection via the Terminal.run_command

A vulnerability has been found in FoundationAgents MetaGPT up to 0.8.1. This issue affects the function Terminal.runcommand in the library metagpt/tools/libs/terminal.py. The manipulation leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed ...

7.3CVSS5.2AI score0.02328EPSS
Exploits1References7
OSV
OSV
added 2026/04/09 9:31 p.m.6 views

GHSA-FCC8-4Q7H-WVWC FoundationAgents MetaGPT vulnerable to OS Command Injection in metagpt/tools/libs/terminal.py

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The affected element is the function Bash.run in the library metagpt/tools/libs/terminal.py. This manipulation causes os command injection. The attack is possible to be carried out remotely. The project was informed of the...

7.3CVSS6.9AI score0.02241EPSS
Exploits1References7
EUVD
EUVD
added 2026/04/09 9:31 p.m.3 views

EUVD-2026-21051

A vulnerability was found in FoundationAgents MetaGPT up to 0.8.1. Impacted is the function getmimetype of the file metagpt/utils/common.py. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The project was...

7.5CVSS6.7AI score0.02283EPSS
Exploits1References7
Rows per page
Query Builder