| Title | letta-ai letta >=v0.4.1 Code Injection |
|---|
| Description | Letta (formerly MemGPT) is a stateful agents framework with memory, reasoning, and context management.
This code is vulnerable to CWE - 94: Code Injection due to the use of the eval() function. The function_message function processes a string msg. When msg starts with "Running " and matches a specific regular expression, the function extracts the function_name and function_args. For certain function_name values, it uses eval() to execute the function_args string as a Python expression. The problem is that eval() can execute any valid Python code. If an attacker can control the msg input, they can craft malicious Python code within the function_args part of the string. Once eval() is called, this malicious code will be executed, potentially leading to unauthorized system access, data leakage, or other security risks.
More details: https://github.com/letta-ai/letta/issues/2613
|
|---|
| Source | ⚠️ https://github.com/letta-ai/letta/issues/2613 |
|---|
| User | ybdesire (UID 83239) |
|---|
| Submission | 06/05/2025 05:31 (1 Year ago) |
|---|
| Moderation | 06/15/2025 11:35 (10 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 312570 [letta-ai letta up to 0.4.1 letta/letta/interface.py function_message function_name/function_args eval injection] |
|---|
| Points | 20 |
|---|