Lucene search
+L

18 matches found

EUVD
EUVD
added 2026/04/12 1:30 a.m.6 views

EUVD-2026-21694

A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minecraft/mineflayer/index.js of the component Mineflayer HTTP API. Executing a manipulation can lead to cross-site request forgery. The attack...

5.3CVSS5.3AI score0.00224EPSS
Exploits1References5
CVE
CVE
added 2026/04/09 6:0 p.m.20 views

CVE-2026-5971

FoundationAgents MetaGPT up to 0.8.1 is affected. The vulnerability lies in ActionNode.xml_fill within metagpt/actions/action_node.py (XML Handler). It enables remote exploitation through manipulation of dynamically evaluated code, with reports that an exploit has been published. Multiple sources...

9.8CVSS6.7AI score0.00387EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2026/03/21 3:2 p.m.2 views

CVE-2026-4516 Foundation Agents MetaGPT DataInterpreter write_analysis_code.py injection

A vulnerability was found in Foundation Agents MetaGPT up to 0.8.1. This vulnerability affects unknown code of the file metagpt/actions/di/writeanalysiscode.py of the component DataInterpreter. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has be...

5.3CVSS6.1AI score0.00246EPSS
Exploits0References6
NVD
NVD
added 2026/03/21 12:16 p.m.8 views

CVE-2026-4515

A vulnerability has been found in Foundation Agents MetaGPT up to 0.8.1. This affects the function codegenerate of the file metagpt/ext/aflow/scripts/operator.py. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

6.5CVSS0.00241EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/21 11:32 a.m.11 views

CVE-2026-4515

A vulnerability has been found in Foundation Agents MetaGPT up to 0.8.1. This affects the function codegenerate of the file metagpt/ext/aflow/scripts/operator.py. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

6.5CVSS5.4AI score0.00241EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/03/21 11:32 a.m.15 views

CVE-2026-4515

Foundation Agents MetaGPT up to 0.8.1 contains a code injection vulnerability in metagpt/ext/aflow/scripts/operator.py: function code_generate. The issue allows remote initiation and is associated with a PROOF-OF-CONCEPT exploit; exploitation status is indicated by the sources as disclosed public...

6.5CVSS6.1AI score0.00241EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/03/21 11:32 a.m.33 views

CVE-2026-4515 Foundation Agents MetaGPT operator.py code_generate code injection

A vulnerability has been found in Foundation Agents MetaGPT up to 0.8.1. This affects the function codegenerate of the file metagpt/ext/aflow/scripts/operator.py. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public...

6.5CVSS0.00241EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/21 12:0 a.m.7 views

PT-2026-26888

A vulnerability has been found in Foundation Agents MetaGPT up to 0.8.1. This affects the function code generate of the file metagpt/ext/aflow/scripts/operator.py. The manipulation leads to code injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the publi...

6.5CVSS6.1AI score0.00241EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/01/24 9:15 a.m.7 views

CVE-2026-0760

Foundation Agents MetaGPT deserializemessage Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this...

9.8CVSS6.6AI score0.00993EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/24 9:15 a.m.7 views

CVE-2026-0761

Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...

9.8CVSS6.5AI score0.01051EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 4:16 a.m.6 views

CVE-2026-0761

Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...

9.8CVSS0.01051EPSS
Exploits0References1
NVD
NVD
added 2026/01/23 4:16 a.m.8 views

CVE-2026-0760

Foundation Agents MetaGPT deserializemessage Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this...

9.8CVSS0.00993EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 3:28 a.m.7 views

CVE-2026-0761

Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...

9.8CVSS6.3AI score0.01051EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/01/23 3:28 a.m.14 views

CVE-2026-0761

The CVE-2026-0761 issue affects Foundation Agents MetaGPT, where the function actionoutput_str_to_mapping accepts user-supplied strings without proper validation, allowing remote code execution in the service account context. Reports from Red Hat and NVD summarize the flaw as a Python code execut...

9.8CVSS6.5AI score0.01051EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/01/23 3:28 a.m.54 views

CVE-2026-0761 Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability

Foundation Agents MetaGPT actionoutputstrtomapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The...

9.8CVSS0.01051EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/23 3:28 a.m.5 views

CVE-2026-0760

Foundation Agents MetaGPT deserializemessage Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this...

9.8CVSS6.4AI score0.00993EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/01/23 3:28 a.m.5 views

CVE-2026-0760 Foundation Agents MetaGPT deserialize_message Deserialization of Untrusted Data Remote Code Execution Vulnerability

Foundation Agents MetaGPT deserializemessage Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this...

9.8CVSS7.7AI score0.00993EPSS
Exploits0References3
Zero Day Initiative
Zero Day Initiative
added 2026/01/09 12:0 a.m.6 views

(0Day) Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The specific flaw exists within the actionoutputstrtomapping function. The issue results from the lack of prop...

9.8CVSS7.6AI score0.01051EPSS
Exploits0
Rows per page
Query Builder