Browse all 4 CVE security advisories affecting Foundation Agents. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Foundation Agents primarily serve as monitoring and management tools for enterprise IT infrastructure, enabling real-time data collection and system control. Historically, they have been associated with vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from improper input validation and insecure authentication mechanisms. Security researchers have identified multiple CVEs exposing risks such as unauthenticated access and insecure data transmission. While no major public incidents have been widely documented, the consistent appearance of similar vulnerability patterns across multiple CVEs suggests potential systemic weaknesses in their implementation, requiring organizations to apply patches and harden configurations to mitigate exposure.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-4516 | Foundation Agents MetaGPT DataInterpreter write_analysis_code.py injection — MetaGPTCWE-74 | 6.3 | Medium | 2026-03-21 |
| CVE-2026-4515 | Foundation Agents MetaGPT operator.py code_generate code injection — MetaGPTCWE-94 | 6.3 | Medium | 2026-03-21 |
| CVE-2026-0761 | Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability — MetaGPTCWE-94 | 9.8 | - | 2026-01-23 |
| CVE-2026-0760 | Foundation Agents MetaGPT deserialize_message Deserialization of Untrusted Data Remote Code Execution Vulnerability — MetaGPTCWE-502 | 9.8 | - | 2026-01-23 |
This page lists every published CVE security advisory associated with Foundation Agents. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.