CVE-2026-10566 | FoundationAgents MetaGPT up to 0.8.2 metagpt/schema.py Message.check_instruct_content mapping deserialization (Issue 2038)

A vulnerability was found in FoundationAgents MetaGPT up to 0.8.2 and classified as critical. This affects the function Message.check_instruct_content of the file metagpt/schema.py. Executing a manipulation of the argument mapping can lead to deserialization.

This vulnerability is tracked as CVE-2026-10566. The attack is restricted to local execution. Moreover, an exploit is present.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More