Plattform
python
Komponente
letta-ai/letta
Behoben in
0.16.5
A code injection vulnerability has been identified in letta-ai letta version 0.16.4. This flaw stems from improper neutralization of directives within dynamically evaluated code, allowing attackers to potentially execute arbitrary commands. The vulnerability is remotely exploitable and a public exploit is already available, increasing the risk of immediate exploitation. Affected versions include 0.16.4.
Successful exploitation of CVE-2026-4965 allows an attacker to inject and execute arbitrary code on the affected system. This can lead to complete system compromise, including data exfiltration, privilege escalation, and the installation of malware. Given the remote nature of the attack and the availability of a public exploit, the potential blast radius is significant, particularly for environments where letta-ai letta is exposed to untrusted networks. The vulnerability's connection to an incomplete fix for CVE-2025-6101 suggests a potential history of similar issues and a need for thorough code review.
CVE-2026-4965 is actively being exploited, as evidenced by the public availability of a proof-of-concept. The vulnerability was disclosed on 2026-03-27. The vendor was contacted but did not respond. The existence of a public exploit and the lack of vendor response significantly elevate the risk associated with this vulnerability. It is not currently listed on CISA KEV.
Organizations and individuals using letta-ai letta version 0.16.4, particularly those deploying it in production environments or integrating it with other critical systems, are at significant risk. Systems where letta-ai letta processes user-supplied data without proper sanitization are especially vulnerable.
• python / supply-chain:
import os
import subprocess
# Check for the vulnerable version of letta-ai letta
process = subprocess.run(['pip', 'show', 'letta-ai'], capture_output=True, text=True)
output = process.stdout
if 'Version: 0.16.4' in output:
print('Vulnerable version detected!')• generic web: Check for unusual process executions or network connections originating from the letta-ai letta process. Monitor access logs for suspicious requests containing potentially malicious code.
disclosure
poc
Exploit-Status
EPSS
0.02% (5% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2026-4965 is to upgrade to a patched version of letta-ai letta. Unfortunately, no fixed version is currently specified. As a temporary workaround, consider implementing strict input validation and sanitization on any data passed to the resolvetype function within letta/functions/astparsers.py. Web application firewalls (WAFs) configured to detect and block code injection attempts can also provide a layer of defense. Monitor system logs for suspicious activity related to the resolve_type function or any unusual process execution.
Actualice la biblioteca letta-ai letta a una versión corregida. Dado que no hay una versión fija disponible, se recomienda monitorear el proyecto para futuras actualizaciones o considerar alternativas que no sean vulnerables a la inyección de código.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2026-4965 is a code injection vulnerability in letta-ai letta version 0.16.4, allowing remote attackers to execute arbitrary code due to improper directive neutralization.
If you are using letta-ai letta version 0.16.4, you are potentially affected by this vulnerability. Check your version and upgrade as soon as possible.
Upgrade to a patched version of letta-ai letta. As no fixed version is specified, review release notes and consider rolling back if necessary.
Yes, a public exploit for CVE-2026-4965 is available, indicating active exploitation is likely occurring.
Due to lack of vendor response, an official advisory may not be available. Monitor the letta-ai project's website and relevant security mailing lists for updates.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.
Lade deine requirements.txt-Datei hoch und wir sagen dir sofort, ob du betroffen bist.