CVE-2025-51482

HIGH EXPLOITED NUCLEI

letta 0.7.12 - Remote Code Execution via /v1/tools/run Endpoint

Title source: llm

Exploitation Summary

CVE-2025-51482 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Kai-One001. A Nuclei detection template is also available.

AI-analyzed exploit summary The repository contains a functional Python exploit for CVE-2025-51482, demonstrating remote command execution (RCE) via an API endpoint that unsafely executes user-provided Python code. The exploit sends a crafted JSON payload to the '/v1/tools/run' endpoint, leveraging insecure use of exec() and exposed environment variables.

Description

Remote Code Execution in letta.server.rest_api.routers.v1.tools.run_tool_from_source in letta-ai Letta 0.7.12 allows remote attackers to execute arbitrary Python code and system commands via crafted payloads to the /v1/tools/run endpoint, bypassing intended sandbox restrictions.

Exploits (1)

nomisec WORKING POC

by Kai-One001 · remote

https://github.com/Kai-One001/Letta-CVE-2025-51482-RCE

View Code ZIP pw:eip

The repository contains a functional Python exploit for CVE-2025-51482, demonstrating remote command execution (RCE) via an API endpoint that unsafely executes user-provided Python code. The exploit sends a crafted JSON payload to the '/v1/tools/run' endpoint, leveraging insecure use of exec() and exposed environment variables.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Letta (version not specified)

No auth needed

Prerequisites: Network access to the target API endpoint

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Letta Letta 0.7.12 - Remote Code Execution

HIGHVERIFIEDby RaghavArora14

FOFA: title="Letta"

References (3)

Core 3

Core References

Product

https://github.com/letta-ai/letta

Exploit, Issue Tracking, Patch, Vendor Advisory

https://github.com/letta-ai/letta/pull/2630

Exploit, Third Party Advisory

https://www.gecko.security/blog/cve-2025-51482

Scores

CVSS v3 8.8

EPSS 0.1200

EPSS Percentile 94.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

VulnCheck KEV 2025-10-24

CWE

CWE-94

Status published

Products (1)

letta/letta 0.7.12

Published Jul 22, 2025

Tracked Since Feb 18, 2026