CVE-2026-5973
Description
A vulnerability was found in FoundationAgents MetaGPT up to 0.8.1. Impacted is the function get_mime_type of the file metagpt/utils/common.py. The manipulation results in os command injection. The attack can be executed remotely. The exploit has been made public and could be used. The project was informed of the problem early through a pull request but has not reacted yet.
Risk Information
Base Score
7.3
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.837
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2026-5971,CVE-2026-5972,CVE-2026-5973,CVE-2026-5974 are affected in Python-metagpt 0.8.1 | Windows |
| Vulnerabilities CVE-2026-5971,CVE-2026-5972,CVE-2026-5973,CVE-2026-5974 are affected in Python-metagpt for linux 0.8.1 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234