Platform
python
Component
metagpt
Opgelost in
0.8.2
CVE-2026-0761 describes a critical Remote Code Execution (RCE) vulnerability discovered in MetaGPT, specifically impacting versions 0.8.1 through 0.8.1. This flaw allows unauthenticated attackers to execute arbitrary code on vulnerable systems. A fix is available in version 0.8.2, and users are strongly advised to upgrade immediately.
The impact of CVE-2026-0761 is severe. An attacker can leverage the lack of input validation in the actionoutputstrto_mapping function to inject and execute malicious Python code. This code will run within the context of the MetaGPT service account, potentially granting the attacker full control over the affected system. This could lead to data breaches, system compromise, and further lateral movement within the network. The absence of authentication requirements significantly lowers the barrier to exploitation, making this a high-priority vulnerability.
CVE-2026-0761 was publicly disclosed on January 23, 2026. The vulnerability was initially reported as ZDI-CAN-28. The lack of authentication and the ease of code injection suggest a high probability of exploitation. Public proof-of-concept (PoC) code is likely to emerge, further increasing the risk. Monitor security advisories and threat intelligence feeds for any signs of active exploitation campaigns.
Organizations deploying MetaGPT in production environments, particularly those with limited network segmentation or inadequate access controls, are at significant risk. Systems running MetaGPT as a service account with elevated privileges are especially vulnerable, as the attacker would inherit those privileges upon successful exploitation.
• python / server:
import psutil
for proc in psutil.process_iter(['pid', 'name', 'cmdline']):
if 'metagpt' in proc.info['name'].lower():
print(f'MetaGPT process found: PID={proc.info[0]}, Command={proc.info[2]}')• linux / server:
journalctl -u metagpt | grep -i "error" -i "exception"• generic web:
curl -I http://<target>/metagpt/actionoutput_str_to_mapping # Check for unexpected responses or error messagesdisclosure
patch
Exploit Status
EPSS
2.59% (85% percentiel)
CISA SSVC
CVSS-vector
The primary mitigation for CVE-2026-0761 is to upgrade MetaGPT to version 0.8.2 or later, which includes the necessary fix. If immediate upgrading is not possible, consider implementing temporary workarounds. While a direct WAF rule is difficult to implement due to the code injection nature, restricting network access to the MetaGPT service and carefully reviewing any external data sources used by the application can reduce the attack surface. Monitor system logs for unusual Python process activity. After upgrading, confirm the fix by attempting to trigger the vulnerable function with a malicious payload; it should now be properly sanitized and fail to execute.
Werk de MetaGPT bibliotheek bij naar een versie later dan 0.8.1 die de code-injectie kwetsbaarheid verhelpt. Raadpleeg de release notes of het changelog van het project voor meer details over de correctie. Indien er geen bijgewerkte versie beschikbaar is, overweeg dan om de actionoutput_str_to_mapping functie uit te schakelen of te verwijderen totdat een update is gepubliceerd.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
CVE-2026-0761 is a critical RCE vulnerability affecting MetaGPT versions 0.8.1–0.8.1. It allows attackers to execute arbitrary code due to insufficient input validation.
If you are running MetaGPT version 0.8.1, you are vulnerable to this RCE vulnerability. Upgrade to version 0.8.2 or later to mitigate the risk.
The recommended fix is to upgrade MetaGPT to version 0.8.2 or later. If upgrading is not immediately possible, consider temporary workarounds like restricting network access.
While no active exploitation has been confirmed, the vulnerability's severity and ease of exploitation suggest a high probability of future attacks. Monitor security advisories.
Refer to the MetaGPT project's official website and security advisories for the latest information and updates regarding CVE-2026-0761.
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.
Upload je requirements.txt-bestand en we vertellen je direct of je getroffen bent.