CVE-2026-11455 | FoundationAgents MetaGPT up to 0.8.2 metagpt/utils/common.py check_cmd_exists mermaid.path command injection (Issue 2037)

Inserito da Angelo Barbosa | Giu 6, 2026 | CVE

A vulnerability was found in FoundationAgents MetaGPT up to 0.8.2. It has been classified as critical. Affected by this issue is the function check_cmd_exists of the file metagpt/utils/common.py. This manipulation of the argument mermaid.path causes command injection.

This vulnerability appears as CVE-2026-11455. The attack may be initiated remotely. In addition, an exploit is available.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-11455 | FoundationAgents MetaGPT up to 0.8.2 metagpt/utils/common.py check_cmd_exists mermaid.path command injection (Issue 2037)

Post correlati

CVE-2024-9479 | upKeeper Solutions upKeeper Instant Privilege Access up to 1.1 privileges management

CVE-2025-62990 | Livemesh Addons for Beaver Builder Plugin up to 3.9.2 on WordPress cross site scripting

CVE-2025-9264 | Xuxueli xxl-job up to 3.1.1 Jobs JobInfoController.java remove ID resource injection (Issue 3773)

CVE-2024-29030 | usememos up to 0.13.2 /api/resource server-side request forgery (GHSL-2023-154)