CVE-2026-4516

CVSS v2.0

6.5

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Foundation Agents MetaGPT versions prior to 0.8.1

Description A vulnerability exists in Foundation Agents MetaGPT up to version 0.8.1. The issue is related to injection within the DataInterpreter component, specifically in the file metagpt/actions/di/write analysis code.py. This allows for remote exploitation. The exploit has been publicly released, and the vendor was notified but did not respond.

Recommendations Update Foundation Agents MetaGPT to a version newer than 0.8.1.

Exploit

Fix

Improper Neutralization

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-707CWE-74

Related Identifiers

CVE-2026-4516

Affected Products

Foundation Agents Metagpt

CVE-2026-4516

Weakness Enumeration

Related Identifiers

Affected Products

References · 6