Description
A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minecraft/mineflayer/index.js of the component Mineflayer HTTP API. Executing a manipulation can lead to cross-site request forgery. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.
Published: 2026-04-12
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Cross‑Site Request Forgery
Action: Apply Patch
AI Analysis

Impact

The flaw lies in the Mineflayer HTTP API’s evaluateCode function, allowing a remote attacker to trick a legitimate user into executing arbitrary code. This cross‑site request forgery can result in the unauthorized execution of commands through the API, compromising the integrity of Minecraft server processes and potentially enabling further intrusions.

Affected Systems

Affected deployments run FoundationAgents MetaGPT versions 0.8.1 or earlier. All users of these versions must assess exposure as no earlier versions are documented as safe.

Risk and Exploitability

The vulnerability scores 5.3 on CVSS, indicating a medium impact when combined with remote access. The EPSS score is unavailable and the issue is not in CISA’s KEV catalog. Attackers can exploit this by sending crafted HTTP requests to the evaluateCode endpoint from any network location. Although the CVE notes that the vulnerability is publicly disclosed, no official patch exists yet, raising the risk for active exploitation.

Generated by OpenCVE AI on April 12, 2026 at 02:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the repository for updated releases and upgrade MetaGPT to the latest version once a patch is released.
  • Until a fix is available, restrict access to the Mineflayer HTTP API by firewall rules or network segmentation, allowing only trusted IP ranges.
  • Implement additional CSRF protection on the evaluateCode endpoint, such as a custom token or SameSite cookie enforcement.
  • Monitor system logs for unexpected evaluateCode calls and generate alerts for suspicious activity.
  • Contact FoundationAgents security team to request a timely patch and report any exploitation attempts.

Generated by OpenCVE AI on April 12, 2026 at 02:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-w287-wwhf-95vv MetaGPT has an eval injection via a cross-site request forgery attack
History

Wed, 29 Apr 2026 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Deepwisdom
Deepwisdom metagpt
CPEs cpe:2.3:a:deepwisdom:metagpt:*:*:*:*:*:*:*:*
Vendors & Products Deepwisdom
Deepwisdom metagpt

Tue, 14 Apr 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 13 Apr 2026 13:00:00 +0000

Type Values Removed Values Added
First Time appeared Foundation Agents
Foundation Agents metagpt
Vendors & Products Foundation Agents
Foundation Agents metagpt

Sun, 12 Apr 2026 01:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minecraft/mineflayer/index.js of the component Mineflayer HTTP API. Executing a manipulation can lead to cross-site request forgery. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet.
Title FoundationAgents MetaGPT Mineflayer HTTP API index.js evaluateCode cross-site request forgery
Weaknesses CWE-352
CWE-862
References
Metrics cvssV2_0

{'score': 5, 'vector': 'AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 4.3, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Deepwisdom Metagpt
Foundation Agents Metagpt
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-14T16:33:38.654Z

Reserved: 2026-04-11T07:49:27.735Z

Link: CVE-2026-6109

cve-icon Vulnrichment

Updated: 2026-04-14T15:17:23.630Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-12T02:16:00.790

Modified: 2026-04-29T18:46:15.257

Link: CVE-2026-6109

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-13T12:56:27Z

Weaknesses