{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6109", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-11T07:49:27.735Z", "datePublished": "2026-04-12T01:30:15.439Z", "dateUpdated": "2026-04-14T16:33:38.654Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-12T01:30:15.439Z"}, "title": "FoundationAgents MetaGPT Mineflayer HTTP API index.js evaluateCode cross-site request forgery", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-352", "lang": "en", "description": "Cross-Site Request Forgery"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-862", "lang": "en", "description": "Missing Authorization"}]}], "affected": [{"vendor": "FoundationAgents", "product": "MetaGPT", "versions": [{"version": "0.8.0", "status": "affected"}, {"version": "0.8.1", "status": "affected"}], "modules": ["Mineflayer HTTP API"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minecraft/mineflayer/index.js of the component Mineflayer HTTP API. Executing a manipulation can lead to cross-site request forgery. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-11T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-11T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-11T09:54:47.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Eric-d (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/356969", "name": "VDB-356969 | FoundationAgents MetaGPT Mineflayer HTTP API index.js evaluateCode cross-site request forgery", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/356969/cti", "name": "VDB-356969 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/791759", "name": "Submit #791759 | FoundationAgents MetaGPT 0.8.1 Cross Site Request Forgery (CWE-352)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/FoundationAgents/MetaGPT/issues/1932", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/FoundationAgents/MetaGPT/", "tags": ["product"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-14T15:17:18.777544Z", "id": "CVE-2026-6109", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T16:33:38.654Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-6109", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-14T15:17:18.777544Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-14T15:17:23.630Z"}}], "cna": {"title": "FoundationAgents MetaGPT Mineflayer HTTP API index.js evaluateCode cross-site request forgery", "credits": [{"lang": "en", "type": "reporter", "value": "Eric-d (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB CNA Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 5, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "FoundationAgents", "modules": ["Mineflayer HTTP API"], "product": "MetaGPT", "versions": [{"status": "affected", "version": "0.8.0"}, {"status": "affected", "version": "0.8.1"}]}], "timeline": [{"lang": "en", "time": "2026-04-11T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-11T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-11T09:54:47.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/356969", "name": "VDB-356969 | FoundationAgents MetaGPT Mineflayer HTTP API index.js evaluateCode cross-site request forgery", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/356969/cti", "name": "VDB-356969 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/791759", "name": "Submit #791759 | FoundationAgents MetaGPT 0.8.1 Cross Site Request Forgery (CWE-352)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/FoundationAgents/MetaGPT/issues/1932", "tags": ["exploit", "issue-tracking"]}, {"url": "https://github.com/FoundationAgents/MetaGPT/", "tags": ["product"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minecraft/mineflayer/index.js of the component Mineflayer HTTP API. Executing a manipulation can lead to cross-site request forgery. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-352", "description": "Cross-Site Request Forgery"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "Missing Authorization"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-12T01:30:15.439Z"}}}, "cveMetadata": {"cveId": "CVE-2026-6109", "state": "PUBLISHED", "dateUpdated": "2026-04-14T16:33:38.654Z", "dateReserved": "2026-04-11T07:49:27.735Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-12T01:30:15.439Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:deepwisdom:metagpt:*:*:*:*:*:*:*:*", "matchCriteriaId": "E2F9E578-25E5-4DB5-B4A2-4117F26DC2DE", "versionEndIncluding": "0.8.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minecraft/mineflayer/index.js of the component Mineflayer HTTP API. Executing a manipulation can lead to cross-site request forgery. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through an issue report but has not responded yet."}], "id": "CVE-2026-6109", "lastModified": "2026-04-29T18:46:15.257", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 2.1, "baseSeverity": "LOW", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-12T02:16:00.790", "references": [{"source": "cna@vuldb.com", "tags": ["Product"], "url": "https://github.com/FoundationAgents/MetaGPT/"}, {"source": "cna@vuldb.com", "tags": ["Issue Tracking", "Exploit", "Mitigation"], "url": "https://github.com/FoundationAgents/MetaGPT/issues/1932"}, {"source": "cna@vuldb.com", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/submit/791759"}, {"source": "cna@vuldb.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://vuldb.com/vuln/356969"}, {"source": "cna@vuldb.com", "tags": ["Permissions Required"], "url": "https://vuldb.com/vuln/356969/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}, {"lang": "en", "value": "CWE-862"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.8.0"}}, {"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "0.8.1"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 98.0, "source": "matching"}]}, "original": {"product": "MetaGPT", "source": "cna", "vendor": "FoundationAgents"}, "product": "metagpt", "vendor": "foundation_agents"}], "analysis": {"en": {"generated_at": "2026-04-12T02:20:47.901783+00:00", "value": {"mitigation_remediation": ["Check the repository for updated releases and upgrade MetaGPT to the latest version once a patch is released.", "Until a fix is available, restrict access to the Mineflayer HTTP API by firewall rules or network segmentation, allowing only trusted IP ranges.", "Implement additional CSRF protection on the evaluateCode endpoint, such as a custom token or SameSite cookie enforcement.", "Monitor system logs for unexpected evaluateCode calls and generate alerts for suspicious activity.", "Contact FoundationAgents security team to request a timely patch and report any exploitation attempts."], "summary": {"action": "Apply Patch", "impact": "Cross\u2011Site Request Forgery"}, "threat_synthesis": {"affected_systems": "Affected deployments run FoundationAgents MetaGPT versions 0.8.1 or earlier. All users of these versions must assess exposure as no earlier versions are documented as safe.", "description_and_impact": "The flaw lies in the Mineflayer HTTP API\u2019s evaluateCode function, allowing a remote attacker to trick a legitimate user into executing arbitrary code. This cross\u2011site request forgery can result in the unauthorized execution of commands through the API, compromising the integrity of Minecraft server processes and potentially enabling further intrusions.", "risk_and_exploitability": "The vulnerability scores 5.3 on CVSS, indicating a medium impact when combined with remote access. The EPSS score is unavailable and the issue is not in CISA\u2019s KEV catalog. Attackers can exploit this by sending crafted HTTP requests to the evaluateCode endpoint from any network location. Although the CVE notes that the vulnerability is publicly disclosed, no official patch exists yet, raising the risk for active exploitation."}}}}, "created": "2026-04-13T12:41:45.117955+00:00", "updated": "2026-04-13T12:56:27.445622+00:00", "vendors": ["foundation_agents", "foundation_agents$PRODUCT$metagpt"]}