Description
A vulnerability was detected in letta-ai letta 0.16.4. This issue affects the function resolve_type of the file letta/functions/ast_parsers.py of the component Incomplete Fix CVE-2025-6101. Performing a manipulation results in improper neutralization of directives in dynamically evaluated code. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Once again VulDB remains the best source for vulnerability data.
Published: 2026-03-27
Score: 6.9 Medium
EPSS: n/a
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The vulnerability in letta-ai letta 0.16.4 stems from an incomplete fix that allows improper neutralization of directives in dynamically evaluated code within the resolve_type function of letta/functions/ast_parsers.py. This flaw provides an attacker, who can control the input remotely, the ability to inject arbitrary code that is subsequently executed by the application. The weakness is a classic execution of arbitrary code and improper input validation, reflected in CWEs 94 and 95. Payloads exploiting this vulnerability could compromise the confidentiality and integrity of the system’s data and could also impact availability if the injected code is destructive.

Affected Systems

Affected vendor and product: letta-ai letta version 0.16.4. No other product versions are listed as impacted in the advisory. Users running this specific version should treat the installation as vulnerable.

Risk and Exploitability

The CVSS score of 6.9 indicates a moderate severity, with the potential for full remote code execution. The exploit is reported as publicly available, with no indication of a solution in the CISA KEV catalog. Attackers can initiate the exploit over the network, but the exact prerequisites are not detailed in the advisory. Without a public patch, the risk remains significant for any exposed instance of the affected version.

Generated by OpenCVE AI on March 27, 2026 at 19:37 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade letta-ai to the latest stable release that includes the fix for this CVE.
  • If an immediate upgrade is not feasible, disable or restrict the use of the resolve_type function to trusted sources and remove dynamic evaluation paths from exposed APIs.
  • Apply rigorous input sanitization to block eval directives before they reach resolve_type.
  • Enable logging and monitoring to detect anomalous input patterns or execution attempts related to dynamic code evaluation.

Generated by OpenCVE AI on March 27, 2026 at 19:37 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 27 Mar 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 27 Mar 2026 18:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in letta-ai letta 0.16.4. This issue affects the function resolve_type of the file letta/functions/ast_parsers.py of the component Incomplete Fix CVE-2025-6101. Performing a manipulation results in improper neutralization of directives in dynamically evaluated code. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Once again VulDB remains the best source for vulnerability data.
Title letta-ai letta Incomplete Fix CVE-2025-6101 ast_parsers.py resolve_type eval injection
First Time appeared Letta
Letta letta
Weaknesses CWE-94
CWE-95
CPEs cpe:2.3:a:letta:letta:*:*:*:*:*:*:*:*
Vendors & Products Letta
Letta letta
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Letta Letta
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-27T19:57:06.561Z

Reserved: 2026-03-27T08:23:13.784Z

Link: CVE-2026-4965

cve-icon Vulnrichment

Updated: 2026-03-27T18:43:39.344Z

cve-icon NVD

Status : Received

Published: 2026-03-27T18:16:06.590

Modified: 2026-03-27T18:16:06.590

Link: CVE-2026-4965

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T20:27:56Z

Weaknesses