Letta
Monthly
Improper neutralization of directives in dynamically evaluated code within letta-ai letta 0.16.4 allows remote attackers without authentication to manipulate the resolve_type function in letta/functions/ast_parsers.py, resulting in code injection and information disclosure. This vulnerability represents an incomplete fix for CVE-2025-6101, and publicly available exploit code exists that demonstrates remote exploitation with low attack complexity.
Server-side request forgery in letta-ai letta 0.16.4 allows authenticated remote attackers to manipulate ImageContent parameters in the _convert_message_create_to_message function within the file URL handler, enabling arbitrary HTTP requests to internal or external systems. Letta versions up to and including 0.16.4 are affected. Publicly available exploit code exists, and the vendor has not responded to early disclosure notifications, leaving affected deployments without an official patch at time of analysis.
Improper neutralization of directives in dynamically evaluated code within letta-ai letta 0.16.4 allows remote attackers without authentication to manipulate the resolve_type function in letta/functions/ast_parsers.py, resulting in code injection and information disclosure. This vulnerability represents an incomplete fix for CVE-2025-6101, and publicly available exploit code exists that demonstrates remote exploitation with low attack complexity.
Server-side request forgery in letta-ai letta 0.16.4 allows authenticated remote attackers to manipulate ImageContent parameters in the _convert_message_create_to_message function within the file URL handler, enabling arbitrary HTTP requests to internal or external systems. Letta versions up to and including 0.16.4 are affected. Publicly available exploit code exists, and the vendor has not responded to early disclosure notifications, leaving affected deployments without an official patch at time of analysis.