CVE-2026-5971

HIGH

FoundationAgents MetaGPT XML action_node.py ActionNode.xml_fill eval injection

Title source: cna

Description

A flaw has been found in FoundationAgents MetaGPT up to 0.8.1. This vulnerability affects the function ActionNode.xml_fill of the file metagpt/actions/action_node.py of the component XML Handler. Executing a manipulation can lead to improper neutralization of directives in dynamically evaluated code. The attack may be launched remotely. The exploit has been published and may be used. The project was informed of the problem early through a pull request but has not reacted yet.

References (6)

[Vdb Entry, Technical Description] https://vuldb.com/vuln/356525

[Signature, Permissions Required] https://vuldb.com/vuln/356525/cti

[Third Party Advisory] https://vuldb.com/submit/791734

[Exploit] https://github.com/FoundationAgents/MetaGPT/issues/1928

[Issue Tracking] https://github.com/FoundationAgents/MetaGPT/issues/1956

[Product] https://github.com/FoundationAgents/MetaGPT/

Scores

CVSS v3 7.3

EPSS 0.0006

EPSS Percentile 18.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-94 CWE-95

Status published

Products (4)

deepwisdom/metagpt < 0.8.1

FoundationAgents/MetaGPT 0.8.0

FoundationAgents/MetaGPT 0.8.1

pypi/metagpt 0PyPI

Published Apr 09, 2026

Tracked Since Apr 10, 2026