CNNVD-202601-4186 Information

CNNVD ID

CNNVD-202601-4186

Related CVE

CVE-2026-0761

• CNNVD Published: 2026-01-23

Description (Chinese)

MetaGPT是MetaGPT公司的一个多代理框架。 MetaGPT存在代码注入漏洞，该漏洞源于actionoutput_str_to_mapping函数缺乏对用户提供字符串的验证，可能导致代码注入和远程代码执行。

Description (English)

MetaGPT is a multi-agent framework for MetaGPT. MetaGPT has a code-injecting loophole, which arises from the lack of a string validation for users in the actionoutput str to mapping function, which may result in code injection and remote code execution.

Hazard Level

Low

Vulnerability Type

代码注入

Affected Vendor

MetaGPT

Published

2026-01-23

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-26-027/