PT-2026-26920 · Unknown · Foundation Agents Metagpt

Goku

Publicado

2026-03-21

Atualizado

2026-03-22

CVE-2026-4516

CVSS v2.0

6.5

Média

Vetor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Foundation Agents MetaGPT versions prior to 0.8.1

Description A vulnerability exists in Foundation Agents MetaGPT up to version 0.8.1. The issue is related to injection within the DataInterpreter component, specifically in the file metagpt/actions/di/write analysis code.py. This allows for remote exploitation. The exploit has been publicly released, and the vendor was notified but did not respond.

Recommendations Update Foundation Agents MetaGPT to a version newer than 0.8.1.

Exploit

Correção

Improper Neutralization

Special Elements Injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-707CWE-74

Identificadores relacionados

CVE-2026-4516

Produtos afetados

Foundation Agents Metagpt

PT-2026-26920 · Unknown · Foundation Agents Metagpt

CVE-2026-4516

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6