CVE-2025-51482

Name of the Vulnerable Software and Affected Versions letta versions 0.7.12

Description A remote code execution issue exists in letta.server.rest api.routers.v1.tools.run tool from source within letta-ai Letta. The vulnerability allows remote attackers to execute arbitrary Python code and system commands through crafted payloads sent to the /v1/tools/run endpoint, bypassing sandbox restrictions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.