CVE-2026-5971: FoundationAgents MetaGPT vulnerable to eval injection

April 9, 2026 (updated April 10, 2026)

A flaw has been found in FoundationAgents MetaGPT up to 0.8.1. This vulnerability affects the function ActionNode.xml_fill of the file metagpt/actions/action_node.py of the component XML Handler. Executing a manipulation can lead to improper neutralization of directives in dynamically evaluated code. The attack may be launched remotely. The exploit has been published and may be used. The project was informed of the problem early through a pull request but has not reacted yet.

References

github.com/FoundationAgents/MetaGPT
github.com/FoundationAgents/MetaGPT/issues/1928
github.com/FoundationAgents/MetaGPT/issues/1956
github.com/advisories/GHSA-3ghp-8r47-4gj4
nvd.nist.gov/vuln/detail/CVE-2026-5971
vuldb.com/submit/791734
vuldb.com/vuln/356525
vuldb.com/vuln/356525/cti

Code Behaviors & Features

Detect and mitigate CVE-2026-5971 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →