CVE-2026-4965CRITICAL 9.8EPSS p44.2%

CVE-2026-4965CVE-2026-4965

Description

A vulnerability was detected in letta-ai letta 0.16.4. This issue affects the function resolve_type of the file letta/functions/ast_parsers.py of the component Incomplete Fix CVE-2025-6101. Performing a manipulation results in improper neutralization of directives in dynamically evaluated code. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Scoring

CVSS 3.19.8 (CRITICAL)
VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS0.60% probability of exploitation · percentile 44.2% · 2026-06-19T12:03:05Z
Published2026-03-27
Last modified2026-04-29

Underlying weaknesses· 2

CWE-94CWE-95

References

  1. https://gist.github.com/YLChen-007/fc09bc447a73bba526c1642d9ce73ca5
  2. https://vuldb.com/?ctiid.353842
  3. https://vuldb.com/?id.353842
  4. https://vuldb.com/?submit.777654

2

TypeTargetConfidenceTier
WeaknessImproper Control of Generation of Code ('Code Injection')cwe-940%live
WeaknessImproper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')cwe-950%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-51482
CVE
CVE-2026-4963
CVE
CVE-2025-1497
CVE
CVE-2026-6110
CVE
CVE-2025-45146
CVE
CVE-2025-12345
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.