Tag

CVE-2026-4965

1 brief RSS

letta-ai letta 0.16.4 Remote Code Injection Vulnerability (CVE-2026-4965)

letta-ai letta version 0.16.4 contains a remote code injection vulnerability (CVE-2026-4965) in the resolve_type function of ast_parsers.py, stemming from improper neutralization of directives in dynamically evaluated code, allowing unauthenticated remote attackers to execute arbitrary code.

CVE-2026-4965 code-injection letta-ai

2r 2t Mar 27, 2026