CVE-2026-6111
published 2026-04-12CVE-2026-6111: A security flaw has been discovered in FoundationAgents MetaGPT up to 0.8.1. This impacts the function decode_image of the file metagpt/utils/common.py. The…
PriorityP341medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EPSS
0.26%
17.6th percentile
A security flaw has been discovered in FoundationAgents MetaGPT up to 0.8.1. This impacts the function decode_image of the file metagpt/utils/common.py. The manipulation of the argument img_url_or_b64 results in server-side request forgery. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| deepwisdom | metagpt | — | — |
| deepwisdom | metagpt | — | — |
| foundationagents | metagpt | — | — |
| foundationagents | metagpt | — | — |
| foundationagents | metagpt | 0 – 0.8.2 | — |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv4.02.1LOWCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vendor_redhat5.9MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
MetaGPT affected by server-side request forgery in metagpt/utils/common.py
ghsa·2026-04-12
CVE-2026-6111 [LOW] CWE-918 MetaGPT affected by server-side request forgery in metagpt/utils/common.py
MetaGPT affected by server-side request forgery in metagpt/utils/common.py
A security flaw has been discovered in FoundationAgents MetaGPT up to 0.8.2. This impacts the function decode_image of the file metagpt/utils/common.py. The manipulation of the argument img_url_or_b64 results in server-side request forgery. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
GHSA
GHSA-r5v8-c28h-f8r8: A security flaw has been discovered in FoundationAgents MetaGPT up to 0
ghsa_unreviewed·2026-04-12
CVE-2026-6111 [MEDIUM] CWE-918 GHSA-r5v8-c28h-f8r8: A security flaw has been discovered in FoundationAgents MetaGPT up to 0
A security flaw has been discovered in FoundationAgents MetaGPT up to 0.8.1. This impacts the function decode_image of the file metagpt/utils/common.py. The manipulation of the argument img_url_or_b64 results in server-side request forgery. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
VulDB
FoundationAgents MetaGPT up to 0.8.1 metagpt/utils/common.py decode_image img_url_or_b64 server-side request forgery (Issue 1934)
vuldb·2026-04-11·CVSS 5.3
CVE-2026-6111 [MEDIUM] FoundationAgents MetaGPT up to 0.8.1 metagpt/utils/common.py decode_image img_url_or_b64 server-side request forgery (Issue 1934)
A vulnerability described as critical has been identified in FoundationAgents MetaGPT up to 0.8.1. This impacts the function decode_image of the file metagpt/utils/common.py. The manipulation of the argument img_url_or_b64 results in server-side request forgery.
This vulnerability is known as CVE-2026-6111. It is possible to launch the attack remotely. Furthermore, an exploit is available.
The project was informed of the problem early through an issue report but has not responded yet.
Red Hat
libssh: Improper sanitation of paths received from SCP servers
vendor_redhat·2026-02-10·CVSS 5.9
CVE-2026-0964 [MEDIUM] CWE-22 libssh: Improper sanitation of paths received from SCP servers
libssh: Improper sanitation of paths received from SCP servers
A malicious SCP server can send unexpected paths that could make the
client application override local files outside of working directory.
This could be misused to create malicious executable or configuration
files and make the user execute them under specific consequences.
This is the same issue as in OpenSSH, tracked as CVE-2019-6111.
A malicious SCP server can send unexpected paths that could make the
client application override local files outside of working directory.
This could be misused to create malicious executable or configuration
files and make the user execute them under specific consequences.
This is the same issue as in OpenSSH, tracked as CVE-2019-6111.
Mitigation: Do not use SCP! SCP is deprecated for severa
No detection rules found.
No public exploits indexed.
2026-04-12
Published