Is there a public PoC exploit available for EUVD-2026-21049?

Yes, a public proof-of-concept exploit is available for EUVD-2026-21049. Prioritise patching immediately. EPSS: 0.8%.

Is there a patch available for EUVD-2026-21049?

Yes, a patch is available for EUVD-2026-21049. Update the affected software to the latest version immediately.

Metagpt EUVD-2026-21049

Q: What is the CVSS score of EUVD-2026-21049?

EUVD-2026-21049 has a CVSS 4.0 base score of 5.5 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.8%.

| CVE-2026-5972 MEDIUM

OS Command Injection (CWE-78)

2026-04-09 VulDB

GHSA-wp29-qmvj-frvp

Command Injection Metagpt

5.5

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

5.5 MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

CVSS changed

Apr 29, 2026 - 01:11 NVD

6.9 (MEDIUM) 5.5 (MEDIUM)

PoC Detected

Apr 09, 2026 - 20:16 vuln.today

Public exploit code

EUVD ID Assigned

Apr 09, 2026 - 19:45 euvd

EUVD-2026-21049

Analysis Generated

Apr 09, 2026 - 19:45 vuln.today

Patch released

Apr 09, 2026 - 19:45 nvd

Patch available

CVE Published

Apr 09, 2026 - 19:00 nvd

MEDIUM 6.9

DescriptionCVE.org

A vulnerability has been found in FoundationAgents MetaGPT up to 0.8.1. This issue affects the function Terminal.run_command in the library metagpt/tools/libs/terminal.py. The manipulation leads to os command injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The identifier of the patch is d04ffc8dc67903e8b327f78ec121df5e190ffc7b. Applying a patch is the recommended action to fix this issue.

AnalysisAI

Remote code execution in FoundationAgents MetaGPT up to version 0.8.1 allows unauthenticated attackers to execute arbitrary OS commands via improper input validation in the Terminal.run_command function. The vulnerability exploits command injection in metagpt/tools/libs/terminal.py and has publicly available exploit code; patch commit d04ffc8dc67903e8b327f78ec121df5e190ffc7b is available from the vendor.

Unlock full vulnerability intelligence

Risk assessment & exploitation conditions
Attack chain visualization
Remediation with exact patch versions
Threat intelligence from 22 sources
Personal watchlist & email alerts

Continue with Google Continue with GitHub

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment	This vulnerability presents significant real-world risk despite a CVSS 6.9 base score. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario	An attacker sends a malicious request to a MetaGPT agent endpoint, injecting shell metacharacters (e.g., semicolons, pipes, or backticks) into parameters that are passed to Terminal.run_command without sanitization. The injected commands execute with the privileges of the MetaGPT process, allowing the attacker to read sensitive files, modify system state, or pivot to other systems. …
Remediation	Apply the vendor-released patch identified by commit d04ffc8dc67903e8b327f78ec121df5e190ffc7b from the MetaGPT repository. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

EUVD-2026-21049 vulnerability details – vuln.today

Back