8 matches found
CVE-2026-10566 FoundationAgents MetaGPT schema.py Message.check_instruct_content deserialization
A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.checkinstructcontent of the file metagpt/schema.py. Executing a manipulation of the argument mapping can lead to deserialization. The attack is restricted to local execution. The exploit has...
EUVD-2026-33872
A weakness has been identified in FoundationAgents MetaGPT up to 0.8.2. This affects the function Message.checkinstructcontent of the file metagpt/schema.py. Executing a manipulation of the argument mapping can lead to deserialization. The attack is restricted to local execution. The exploit has...
MetaGPT affected by server-side request forgery in metagpt/utils/common.py
A security flaw has been discovered in FoundationAgents MetaGPT up to 0.8.2. This impacts the function decodeimage of the file metagpt/utils/common.py. The manipulation of the argument imgurlorb64 results in server-side request forgery. It is possible to launch the attack remotely. The exploit ha...
CVE-2026-5972
A vulnerability has been found in FoundationAgents MetaGPT up to 0.8.1. This issue affects the function Terminal.runcommand in the library metagpt/tools/libs/terminal.py. The manipulation leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed ...
CVE-2026-5971 FoundationAgents MetaGPT XML action_node.py ActionNode.xml_fill eval injection
A flaw has been found in FoundationAgents MetaGPT up to 0.8.1. This vulnerability affects the function ActionNode.xmlfill of the file metagpt/actions/actionnode.py of the component XML Handler. Executing a manipulation can lead to improper neutralization of directives in dynamically evaluated cod...
PT-2026-31669
Name of the Vulnerable Software and Affected Versions FoundationAgents MetaGPT versions up to 0.8.1 Description A flaw exists in the check solution function within the HumanEvalBenchmark/MBPPBenchmark component of FoundationAgents MetaGPT. Manipulation of this function can lead to code injection,...
CVE-2026-4516
A vulnerability was found in Foundation Agents MetaGPT up to 0.8.1. This vulnerability affects unknown code of the file metagpt/actions/di/writeanalysiscode.py of the component DataInterpreter. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has be...
CVE-2026-0760
Foundational Software: Foundation Agents MetaGPT. The CVE-2026-0760 issue is in the deserialize_message function where unvalidated untrusted data can be deserialized, enabling Remote Code Execution with network access and no authentication. Documented impact states an attacker can execute code in...