CVE-2026-0761
Code Injection in Foundation Agents MetaGPT Enables Remote Execution
Publication date: 2026-01-23
Last updated on: 2026-02-20
Assigner: Zero Day Initiative
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| deepwisdom | metagpt | 0.8.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a critical remote code execution flaw in Foundation Agents' MetaGPT product. It exists in the function actionoutput_str_to_mapping, where the software improperly validates a user-supplied string before executing it as Python code. Because of this, a remote attacker can send malicious input that gets executed on the system without needing to authenticate, allowing them to run arbitrary code with the same privileges as the service account running MetaGPT. [1]
How can this vulnerability impact me? :
Exploiting this vulnerability allows a remote attacker to execute arbitrary code on your system with the privileges of the MetaGPT service account. This can lead to a full compromise of the affected installation, including unauthorized access, data manipulation, or disruption of services. [1]