Platform
python
Component
metagpt
Fixed in
0.8.1
0.8.2
0.8.3
A cross-site request forgery (CSRF) vulnerability exists in MetaGPT FoundationAgents versions up to 0.8.2. This flaw resides within the evaluateCode function of the metagpt/environment/minecraft/mineflayer/index.js file, specifically impacting the Mineflayer HTTP API. Successful exploitation could allow an attacker to perform unauthorized actions on behalf of an authenticated user, potentially leading to unintended consequences. While the project has been notified, a fix remains unavailable.
The CSRF vulnerability in MetaGPT FoundationAgents allows an attacker to craft malicious requests that appear to originate from a legitimate user. This can be leveraged to perform actions such as modifying configurations, executing commands, or accessing sensitive data within the Mineflayer HTTP API. The impact is amplified if the API is integrated with other systems or services, as a successful CSRF attack could potentially lead to broader compromise. Given the publicly disclosed nature of this vulnerability, attackers are likely actively seeking ways to exploit it.
This vulnerability was publicly disclosed on 2026-04-11 and is considered actively exploitable due to the availability of information. It is not currently listed on CISA KEV, but the public disclosure and ease of exploitation warrant close monitoring. The lack of a response from the MetaGPT project increases the risk of exploitation.
Exploit Status
EPSS
0.01% (0% percentile)
CISA SSVC
CVSS Vector
Due to the lack of a direct patch from the MetaGPT project, immediate mitigation strategies are crucial. Consider implementing strict input validation and output encoding within the Mineflayer HTTP API to reduce the attack surface. Employing CSRF protection mechanisms, such as synchronizer tokens or the SameSite cookie attribute, can significantly hinder exploitation attempts. Furthermore, restrict access to the API based on user roles and permissions, limiting the potential impact of a successful attack. Regularly monitor API logs for suspicious activity and implement a Web Application Firewall (WAF) with CSRF protection rules.
Update to a patched version of MetaGPT that addresses this Cross-Site Request Forgery (CSRF) vulnerability. Refer to the project repository or release notes for more details on the update. Implement additional security measures, such as input validation and CSRF protection, to mitigate the risk.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-6109 is a cross-site request forgery (CSRF) vulnerability affecting MetaGPT FoundationAgents versions up to 0.8.2, specifically within the Mineflayer HTTP API, allowing attackers to perform unauthorized actions.
If you are using MetaGPT FoundationAgents version 0.8.2 or earlier, you are potentially affected by this vulnerability. Upgrade as soon as a patch is available.
Currently, no official patch is available. Implement mitigation strategies like input validation, CSRF protection mechanisms, and WAF rules until a fix is released.
Due to the public disclosure and ease of exploitation, CVE-2026-6109 is likely being actively exploited. Monitor your systems closely.
Refer to the MetaGPT project's official channels (GitHub repository, website) for updates and advisories regarding CVE-2026-6109.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.