Description
A security vulnerability has been detected in letta-ai letta 0.16.4. This vulnerability affects the function _convert_message_create_to_message of the file letta/helpers/message_helper.py of the component File URL Handler. Such manipulation of the argument ImageContent leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Published: 2026-03-27
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Server‑side request forgery
Action: Patch Immediately
AI Analysis

Impact

The CVE involves a server‑side request forgery flaw in letta‑ai letta where a malicious ImageContent argument supplied to the _convert_message_create_to_message function in the File URL handler causes the application to perform outbound HTTP requests to attacker‑controlled URLs. This CWE‑918 weakness permits an attacker to invoke requests to internal or remote systems, potentially leading to information disclosure, unauthorized data exfiltration, or further exploitation of internal resources. The impact primarily affects confidentiality and integrity of the systems reachable from the application server.

Affected Systems

The only affected product identified by the CNA is letta‑ai letta, specifically version 0.16.4. No other affected versions or vendors are listed. Users operating that exact release are at risk until a vendor‑issued fix or mitigation is applied.

Risk and Exploitability

The CVSS base score of 5.3 indicates a moderate severity, while the EPSS score is not available and the vulnerability is not listed in the KEV catalog. The description confirms that a remote attacker can trigger the flaw through crafted requests, but the lack of an EPSS score leaves exploitation likelihood uncertain yet present. An attacker could use this vulnerability to reach internal services, transmit sensitive data, or chain additional attacks depending on the network topology.

Generated by OpenCVE AI on March 28, 2026 at 06:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest letta‑ai letta release if a patch is available
  • Restrict the ImageContent field to allow only whitelisted domains and validate URLs before processing
  • Implement outbound request filtering or controls to block or log unexpected HTTP requests to internal networks
  • Monitor application logs for anomalous outbound traffic and investigate incidents
  • Regularly check the vendor’s website or GitHub releases for updates

Generated by OpenCVE AI on March 28, 2026 at 06:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 31 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Sat, 28 Mar 2026 03:15:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in letta-ai letta 0.16.4. This vulnerability affects the function _convert_message_create_to_message of the file letta/helpers/message_helper.py of the component File URL Handler. Such manipulation of the argument ImageContent leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data. A security vulnerability has been detected in letta-ai letta 0.16.4. This vulnerability affects the function _convert_message_create_to_message of the file letta/helpers/message_helper.py of the component File URL Handler. Such manipulation of the argument ImageContent leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Fri, 27 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Description A security vulnerability has been detected in letta-ai letta 0.16.4. This vulnerability affects the function _convert_message_create_to_message of the file letta/helpers/message_helper.py of the component File URL Handler. Such manipulation of the argument ImageContent leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Title letta-ai letta File URL message_helper.py _convert_message_create_to_message server-side request forgery
First Time appeared Letta
Letta letta
Weaknesses CWE-918
CPEs cpe:2.3:a:letta:letta:*:*:*:*:*:*:*:*
Vendors & Products Letta
Letta letta
References
Metrics cvssV2_0

{'score': 6.5, 'vector': 'AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 6.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Letta Letta
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-31T15:11:01.435Z

Reserved: 2026-03-27T08:23:08.629Z

Link: CVE-2026-4964

cve-icon Vulnrichment

Updated: 2026-03-31T15:10:58.157Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-27T17:16:31.767

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-4964

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-30T07:59:32Z

Weaknesses