Description
A vulnerability was found in FoundationAgents MetaGPT up to 0.8.1. Impacted is the function get_mime_type of the file metagpt/utils/common.py. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The project was informed of the problem early through a pull request but has not reacted yet.
Published: 2026-04-09
Score: 6.9 Medium
EPSS: 2.3% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability resides in the get_mime_type function within MetaGPT's common utilities, allowing an attacker to inject and execute arbitrary operating‑system commands. A specially crafted input is processed without proper sanitization, giving the attacker full control over system commands run by the MetaGPT process. Execution of malicious commands can lead to compromise of confidentiality, integrity, and availability of the host system, as well as any data processed by the application.

Affected Systems

FoundationAgents MetaGPT versions up to 0.8.1 are affected. No other vendors or products are listed as impacted. The vulnerability resides in the MetaGPT repository hosted by FoundationAgents.

Risk and Exploitability

The CVSS score of 6.9 indicates a score in the medium‑to‑high range. The Exploit Prediction Scoring System (EPSS) value is 2%, indicating a low probability of exploitation, but a public exploit is already documented, and the vulnerability can be triggered remotely without authentication, as inferred from the description. The absence of a KEV listing does not reduce the risk; the active public exploit and lack of a timely fix leave unpatched installations at considerable risk of compromise.

Generated by OpenCVE AI on June 18, 2026 at 09:19 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any official patch or update from FoundationAgents once it becomes available.
  • Run MetaGPT inside a restricted container or virtual machine with no network access and only the minimal filesystem permissions necessary to limit potential command execution.
  • Patch or replace the get_mime_type function to enforce strict input validation and avoid using os.system or shell commands; use safe MIME detection libraries when available.

Generated by OpenCVE AI on June 18, 2026 at 09:19 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-qw5f-qpq5-ppfg FoundationAgents MetaGPT vulnerable to OS Command Injection in metagpt/utils/common.py
History

Wed, 29 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Deepwisdom
Deepwisdom metagpt
CPEs cpe:2.3:a:deepwisdom:metagpt:*:*:*:*:*:*:*:*
Vendors & Products Deepwisdom
Deepwisdom metagpt

Tue, 14 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Foundation Agents
Foundation Agents metagpt
Vendors & Products Foundation Agents
Foundation Agents metagpt

Thu, 09 Apr 2026 19:30:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in FoundationAgents MetaGPT up to 0.8.1. Impacted is the function get_mime_type of the file metagpt/utils/common.py. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The project was informed of the problem early through a pull request but has not reacted yet.
Title FoundationAgents MetaGPT common.py get_mime_type os command injection
Weaknesses CWE-77
CWE-78
References
Metrics cvssV2_0

{'score': 7.5, 'vector': 'AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 7.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 6.9, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Deepwisdom Metagpt
Foundation Agents Metagpt
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-14T16:34:08.668Z

Reserved: 2026-04-09T12:04:32.811Z

Link: CVE-2026-5973

cve-icon Vulnrichment

Updated: 2026-04-14T15:15:46.306Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-09T20:16:29.143

Modified: 2026-06-17T10:59:58.470

Link: CVE-2026-5973

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-18T09:30:15Z

Weaknesses
  • CWE-77

    Improper Neutralization of Special Elements used in a Command ('Command Injection')

  • CWE-78

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')