Platform
python
Component
metagpt
Fixed in
0.8.1
0.8.2
A code injection vulnerability has been identified in MetaGPT, affecting versions 0.8.0 through 0.8.1. This flaw resides within the code_generate function of the operator.py file, allowing attackers to potentially execute arbitrary code. The vulnerability is exploitable remotely and a public exploit is already available, highlighting the urgency of remediation. The vendor has not yet acknowledged or responded to the disclosure.
Successful exploitation of CVE-2026-4515 allows an attacker to inject and execute arbitrary code on a system running vulnerable MetaGPT instances. This could lead to complete system compromise, including data exfiltration, malware installation, and denial of service. Given the remote accessibility of the vulnerability and the availability of a public exploit, the potential for widespread exploitation is significant. The impact is amplified if MetaGPT is integrated into critical workflows or processes, as an attacker could leverage this vulnerability to disrupt operations or gain access to sensitive information.
This vulnerability was publicly disclosed on 2026-03-21. The existence of a public proof-of-concept significantly increases the risk of exploitation. The lack of response from the vendor raises concerns about the timeliness of a patch. The vulnerability is not currently listed on CISA KEV, and an EPSS score is pending evaluation, but the public exploit suggests a medium to high probability of exploitation.
Exploit Status
EPSS
0.05% (14% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-4515 is to upgrade to a patched version of MetaGPT as soon as it becomes available. Since a fixed version is not yet specified, consider isolating vulnerable instances to limit potential exposure. While a direct fix awaits, review the metagpt/ext/aflow/scripts/operator.py file for any unusual or unexpected code execution patterns. Implement strict input validation and sanitization for any data passed to the code_generate function to reduce the attack surface. After upgrading, confirm the fix by attempting to trigger the code injection vulnerability and verifying that it is no longer exploitable.
Update the MetaGPT library to a version later than 0.8.1 that fixes the code injection vulnerability. If no version is available, consider patching the code_generate function in the file metagpt/ext/aflow/scripts/operator.py to prevent code injection.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-4515 is a code injection vulnerability affecting MetaGPT versions 0.8.0–0.8.1. It allows attackers to execute arbitrary code remotely through the code_generate function.
You are affected if you are running MetaGPT versions 0.8.0 or 0.8.1. Check your installed version using pip show metagpt.
Upgrade to a patched version of MetaGPT as soon as it becomes available. Until then, isolate vulnerable instances and implement strict input validation.
A public exploit exists, indicating a high probability of active exploitation. Monitor your systems closely.
As of the disclosure date, the vendor has not released an official advisory. Monitor the MetaGPT project's website and GitHub repository for updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.