Platform
python
Component
metagpt
Fixed in
0.8.1
0.8.2
0.8.3
A server-side request forgery (SSRF) vulnerability has been identified in MetaGPT FoundationAgents versions up to 0.8.2. This flaw resides within the decodeimage function of the metagpt/utils/common.py file, allowing attackers to manipulate the imgurlorb64 argument. Successful exploitation can lead to unauthorized access and potential data exposure. While the project was notified, no response has been received as of the publication date.
The SSRF vulnerability in MetaGPT FoundationAgents allows an attacker to craft malicious requests through the imgurlor_b64 parameter. This can be leveraged to access internal resources that are not directly accessible from the outside world. An attacker could potentially scan internal networks, access sensitive data stored on internal servers, or even interact with internal APIs. The public availability of an exploit significantly increases the likelihood of exploitation, making it a high-priority concern. The blast radius extends to any internal systems accessible via the affected MetaGPT instance.
This vulnerability has been publicly disclosed and an exploit is available, indicating a high probability of exploitation. The CVE was published on 2026-04-11. The lack of a response from the MetaGPT project raises concerns about the timeliness of a patch. It is not currently listed on CISA KEV, but the public exploit warrants close monitoring.
Exploit Status
EPSS
0.05% (15% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-6111 is to upgrade MetaGPT FoundationAgents to a version that addresses the SSRF vulnerability. Unfortunately, a fixed version is not yet available. As a temporary workaround, implement strict input validation on the imgurlor_b64 parameter, ensuring it adheres to a whitelist of allowed domains or protocols. Consider deploying a Web Application Firewall (WAF) with rules to block suspicious SSRF requests. Monitor network traffic for unusual outbound connections originating from the MetaGPT instance.
Update to a patched version of MetaGPT that addresses the server-side request forgery (SSRF) vulnerability in the `decode_image` function. Review the project repository for information on available updates and follow the update instructions provided by the developers. Until a fix is applied, avoid processing image URLs from untrusted sources.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-6111 is a server-side request forgery vulnerability in MetaGPT FoundationAgents versions up to 0.8.2, allowing attackers to manipulate image URLs and potentially access internal resources.
You are affected if you are using MetaGPT FoundationAgents version 0.8.2 or earlier. A fixed version is not yet available.
Upgrade to a patched version when available. Until then, implement strict input validation and consider using a WAF to mitigate the risk.
Yes, a public exploit exists, indicating a high probability of active exploitation.
As of the publication date, no official advisory has been released by the MetaGPT project. Monitor their GitHub repository and website for updates.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your requirements.txt file and we'll tell you instantly if you're affected.