What is CVE-2026-5970 — Code Injection in FoundationAgents MetaGPT?

CVE-2026-5970 is a code injection vulnerability affecting FoundationAgents MetaGPT versions 0.8.0–0.8.1. The `check_solution` function allows remote attackers to inject code, potentially leading to system compromise.

Am I affected by CVE-2026-5970 in FoundationAgents MetaGPT?

If you are using FoundationAgents MetaGPT versions 0.8.0 or 0.8.1, you are potentially affected by this vulnerability. Immediate action is required.

How do I fix CVE-2026-5970 in FoundationAgents MetaGPT?

The recommended fix is to upgrade to a patched version of FoundationAgents MetaGPT. As of now, no patch is available. Implement input validation as a temporary mitigation.

Is CVE-2026-5970 being actively exploited?

Yes, a public exploit for CVE-2026-5970 is available, indicating active exploitation is likely occurring.

Where can I find the official FoundationAgents advisory for CVE-2026-5970?

Check the FoundationAgents project repository and website for updates and advisories regarding CVE-2026-5970. As of this writing, no official advisory has been published.

CVE-2026-5970 — Vulnerability Details

NEXTGUARD

Escanear gratis

CVE-2026-5970 — Vulnerability Details | NextGuard

Pasos de Deteccióntraduciendo…

• python / server:

import os
import subprocess
# Check for the vulnerable function
with open('/path/to/your/foundationagents/HumanEvalBenchmark/MBPPBenchmark.py', 'r') as f:
    if 'check_solution' in f.read():
        print('Vulnerable function detected!')

• python / supply-chain:

import subprocess
result = subprocess.run(['pip', 'show', 'foundationagents'], capture_output=True, text=True)
if 'Version: 0.8.0' in result.stdout or 'Version: 0.8.1' in result.stdout:
    print('FoundationAgents version is vulnerable!')

MetaGPT tiene un problema de Inyección

Impacto y Escenarios de Ataquetraduciendo…

Contexto de Explotacióntraduciendo…

Quién Está en Riesgotraduciendo…

Pasos de Deteccióntraduciendo…

Cronología del Ataque

Inteligencia de Amenazas

Software Afectado

Clasificación de Debilidad (CWE)

Cronología

Mitigación y Workaroundstraduciendo…

Cómo corregirlo

Boletín de seguridad CVE

Preguntas frecuentestraduciendo…

What is CVE-2026-5970 — Code Injection in FoundationAgents MetaGPT?

Am I affected by CVE-2026-5970 in FoundationAgents MetaGPT?

How do I fix CVE-2026-5970 in FoundationAgents MetaGPT?

Is CVE-2026-5970 being actively exploited?

Where can I find the official FoundationAgents advisory for CVE-2026-5970?

¿Tu proyecto está afectado?

Detecta esta CVE en tu proyecto