CVE-2026-4964 MEDIUM

CVE-2026-4964: letta-ai letta File URL message_helper.py _convert_message_create_to_message server-side request forgery

Vendor Letta-Ai
Product letta
Weakness CWE-918 · SSRF
Published March 27, 2026
Last update March 31, 2026
View on NVD All CVEs

CVSS base score

5.3/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

What the vulnerability does

01Description

A security vulnerability has been detected in letta-ai letta 0.16.4. This vulnerability affects the function _convert_message_create_to_message of the file letta/helpers/message_helper.py of the component File URL Handler. Such manipulation of the argument ImageContent leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Key dates

02Disclosure timeline

March 27, 2026 CVE published
March 31, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-31009 WordPress IndieBlocks plugin <= 0.13.1 - Server Side Request Forgery (SSRF) Vulnerability CVE-2026-42260 Open-WebSearch: SSRF in `fetchWebContent` MCP tool: bracketed IPv6 literals and non-resolving hostname check bypass `isPrivateOrLocalHostname` CVE-2026-44284 FastGPT: Stored MCP tool URL SSRF in FastGPT workflow execution CVE-2022-39039 aEnrich a+HRD - Server-Side Request Forgery (SSRF) CVE-2025-14438 Xagio SEO <= 7.1.0.30 - Authenticated (Subscriber+) Server-Side Request Forgery