PyPI: metagpt

CVE-2026-5972

Safety vulnerability ID: SFTY-20260409-34215

Safety legacy ID: pyup.io-92526

Affected versions of the metagpt package are vulnerable to OS Command Injection due to improper neutralisation of user-controlled input in the terminal command execution component. The Terminal.run_command function in metagpt/tools/libs/terminal.py passes input to the operating system shell without adequate sanitisation, enabling injection of arbitrary commands. An attacker can remotely exploit this flaw to execute arbitrary operating system commands on the host by supplying crafted input that is processed by the vulnerable function.

PythonPyPINVDNVDGitHubGHSA
Created at: Apr 13, 2026Updated at: Apr 13, 2026

Overview

FoundationAgents MetaGPT vulnerable to os command injection via the Terminal.run_command

Advisory

Affected versions of the metagpt package are vulnerable to OS Command Injection due to improper neutralisation of user-controlled input in the terminal command execution component. The Terminal.run_command function in metagpt/tools/libs/terminal.py passes input to the operating system shell without adequate sanitisation, enabling injection of arbitrary commands. An attacker can remotely exploit this flaw to execute arbitrary operating system commands on the host by supplying crafted input that is processed by the vulnerable function.

Affected Package

Affecting metagpt package, versions
<=0.8.1

Also affects

---

How to Fix

Upgrade
metagpt
to
0.8.2
or higher.

Mitigation and Workarounds

---

Vulnerable Functions

Functions linked to known vulnerabilities.

Vulnerable function data is available for Enterprise customers

Book a call with us to see Safety in action.

References

Safety

Verified by Safety

Our Cybersecurity Intelligence Team reviewed this vulnerability. We combine public data with our own research to find issues not yet reported to public sources.

Learn more