CVE-2026-5970

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions FoundationAgents MetaGPT versions up to 0.8.1

Description A flaw exists in the check solution function within the HumanEvalBenchmark/MBPPBenchmark component of FoundationAgents MetaGPT. Manipulation of this function can lead to code injection, potentially allowing remote attackers to compromise the system. The exploit is publicly available.

Recommendations Update to a version beyond 0.8.1.

Exploit

Fix

Code Injection

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94CWE-74

Related Identifiers

CVE-2026-5970

GHSA-G977-H85W-H2XJ

Affected Products

Foundation Agents Metagpt

CVE-2026-5970

Weakness Enumeration

Related Identifiers

Affected Products

References · 9