CVE-2026-10566 | FoundationAgents MetaGPT up to 0.8.2 metagpt/schema.py Message.check_instruct_content mapping deserialization (Issue 2038)

Inserito da Angelo Barbosa | Giu 1, 2026 | CVE

A vulnerability was found in FoundationAgents MetaGPT up to 0.8.2 and classified as critical. This affects the function Message.check_instruct_content of the file metagpt/schema.py. Executing a manipulation of the argument mapping can lead to deserialization.

This vulnerability is tracked as CVE-2026-10566. The attack is restricted to local execution. Moreover, an exploit is present.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-10566 | FoundationAgents MetaGPT up to 0.8.2 metagpt/schema.py Message.check_instruct_content mapping deserialization (Issue 2038)

Post correlati

CVE-2026-25442 | QantumThemes Kentha Plugin up to 4.7.2 on WordPress cross site scripting

CVE-2024-20043 | MediaTek MT8798 Da out-of-bounds write (ALPS08541781)

CVE-2023-51070 | QStar Archive Solutions 3-0 Build 7 Patch 0 SMB Setting access control

CVE-2023-52866 | Linux Kernel up to 6.5.11/6.6.1 uclogic_params_ugee_v2_init_event_hooks null pointer dereference (64da1f6147da/6c8f953728d7/91cfe0bbaa1c)