cbcvebase.

Significant-Gravitas Autogpt vulnerabilities

24 known vulnerabilities affecting significant-gravitas/autogpt.

Total CVEs
24
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH13MEDIUM8LOW1

Vulnerabilities

Page 1 of 2
CVE-2026-24780P2HIGHCVSS 8.8v>= 0.1.0, < 0.6.442026-01-29
CVE-2026-24780 [HIGH] CWE-94 CVE-2026-24780: AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intellig AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.44, AutoGPT Platform's block execution endpoints (both main web API and external API) allow executing blocks by UUID without checking the `disabled` flag. Any authenticated
nvd
CVE-2026-26020P2HIGHCVSS 8.8fixed in 0.6.482026-02-12
CVE-2026-26020 [HIGH] CWE-285 CVE-2026-26020: AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intellig AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to 0.6.48, an authenticated user could achieve Remote Code Execution (RCE) on the backend server by embedding a disabled block inside a graph. The BlockInstallationBlock — a development tool capable of
nvd
CVE-2025-62615P3CRITICALCVSS 9.8fixed in autogpt-platform-beta-v0.6.342026-02-04
CVE-2025-62615 [CRITICAL] CWE-918 CVE-2025-62615: AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intellig AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.34, in RSSFeedBlock, the third-party library urllib.request.urlopen is used directly to access the URL, but the input URL is not filtered, which will cause SSRF vulnera
nvd
CVE-2026-56663P3HIGHCVSS 8.5fixed in 0.6.522026-06-26
CVE-2026-56663 [HIGH] CWE-918 CVE-2026-56663: AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificia AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.52, an authenticated user can bypass the SSRF / private-IP protections in SendWebRequestBlock and reach internal network services. _is_ip_blocked() in backend/backend/util/request.py does not normalize IPv4-mapped IPv
nvd
CVE-2025-62616P3CRITICALCVSS 9.8fixed in autogpt-platform-beta-v0.6.342026-02-04
CVE-2025-62616 [CRITICAL] CWE-918 CVE-2025-62616: AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intellig AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.34, in SendDiscordFileBlock, the third-party library aiohttp.ClientSession().get is used directly to access the URL, but the input URL is not filtered, which will cause
nvd
CVE-2025-53944P3HIGHCVSS 7.7fixed in 0.6.162025-07-30
CVE-2025-53944 [HIGH] CWE-285 CVE-2025-53944: AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intellig AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents. In v0.6.15 and below, the external API's get_graph_execution_results endpoint has an authorization bypass vulnerability. While it correctly validates user access to the graph_id, it fails to verify ownership of the graph_exec_id parameter,
nvd
CVE-2025-31491P3HIGHCVSS 8.6fixed in 0.6.12025-04-15
CVE-2025-31491 [HIGH] CWE-200 CVE-2025-31491: AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intellig AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to 0.6.1, AutoGPT allows of leakage of cross-domain cookies and protected headers in requests redirect. AutoGPT uses a wrapper around the requests python library, located in autogpt_platform/backend/bac
nvd
CVE-2026-22038P3HIGHCVSS 8.1fixed in autogpt-platform-beta-v0.6.462026-02-04
CVE-2026-22038 [HIGH] CWE-532 CVE-2026-22038: AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intellig AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.46, the AutoGPT platform's Stagehand integration blocks log API keys and authentication secrets in plaintext using logger.info() statements. This occurs in three separate b
nvd
CVE-2025-22603P3HIGHCVSS 8.1fixed in autogpt-platform-beta-v0.4.22025-03-10
CVE-2025-22603 [HIGH] CWE-918 CVE-2025-22603: AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intellig AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Versions prior to autogpt-platform-beta-v0.4.2 contains a server-side request forgery (SSRF) vulnerability inside component (or block) `Send Web Request`. The root cause is that IPV6 address is not restricted
nvd
CVE-2026-33232P3HIGHCVSS 7.5v>= 0.4.2, < 0.6.522026-05-19
CVE-2026-33232 [HIGH] CWE-400 CVE-2026-33232: AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificia AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of Service (DoS) through the server due to uncontrolled disk space consumption. The download_agent_file endpoint creates persistent temporary files for ever
nvd
CVE-2026-33235P3HIGHCVSS 7.7v>= 0.1.0, < 0.6.522026-06-24
CVE-2026-33235 [HIGH] CWE-400 CVE-2026-33235: AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificia AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions prior to 0.6.52, the Fill Text Template block is vulnerable to a Denial of Service (DoS) attack. While the backend implements a SandboxedEnvironment to prevent unauthorized attribute access (e.g., blocking __class__),
nvd
CVE-2026-33233P3HIGHCVSS 7.6v>= 0.6.34, < 0.6.522026-05-19
CVE-2026-33233 [HIGH] CWE-94 CVE-2026-33233: AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificia AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.6.34 through 0.6.51, the backend deserializes Redis cache bytes using pickle.loads without integrity/authenticity checks. The write path serializes values with pickle.dumps(...) into Redis and the read path blindly in
nvd
CVE-2025-31490P3HIGHCVSS 7.5fixed in 0.6.12025-04-14
CVE-2025-31490 [HIGH] CWE-918 CVE-2025-31490: AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intellig AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to 0.6.1, AutoGPT allows SSRF due to DNS Rebinding in requests wrapper. AutoGPT is built with a wrapper around Python's requests library, hardening the application against SSRF. The code for this wrappe
nvd
CVE-2026-30950P3HIGHCVSS 7.1v>= 0.6.36, < 0.6.512026-05-18
CVE-2026-30950 [HIGH] CWE-862 CVE-2026-30950: AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificia AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.6.36 through 0.6.50 are vulnerable to Authenticated Session Hijacking via IDOR. If an authenticated attacker can determine the session_id of another user's session, they can take it over, reading any messages in it and
nvd
CVE-2025-32436P3HIGHCVSS 7.1fixed in 0.6.632026-06-18
CVE-2025-32436 [HIGH] CWE-400 CVE-2025-32436: AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificia AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `AddAudioToVideoBlock` will download and store the video and audio in a temporary directory without deleting before all noded are done. `StepThroughItemsBlock` can be used to iterate `MediaDurationBlock` multiple
nvd
CVE-2025-32393P3MEDIUMCVSS 6.5fixed in autogpt-platform-beta-v0.6.322026-02-05
CVE-2025-32393 [MEDIUM] CWE-770 CVE-2025-32393: AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intellig AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.32, there is a DoS vulnerability in ReadRSSFeedBlock. In RSSBlock, feedparser.parser is called to obtain the XML file according to the URL input by the user, parse the XM
nvd
CVE-2026-26006P3MEDIUMCVSS 6.5v>= 0.4.0, < 0.6.322026-02-10
CVE-2026-26006 [MEDIUM] CWE-1333 CVE-2026-26006: AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intellig AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The autogpt before 0.6.32 is vulnerable to Regular Expression Denial of Service due to the use of regex at Code Extraction Block. The two Regex are used containing the corresponding dangerous patterns \s+[
nvd
CVE-2026-56823P3MEDIUMCVSS 5.4fixed in 0.6.642026-06-26
CVE-2026-56823 [MEDIUM] CWE-284 CVE-2026-56823: AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificia AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to , the `POST /api/integrations/webhooks/{webhook_id}/ping` endpoint fetches the target webhook by primary key alone without verifying that the webhook belongs to the authenticated user. Any authenticated user can supply
nvd
CVE-2026-45023P4MEDIUMCVSS 5.4fixed in 0.6.592026-05-28
CVE-2026-45023 [MEDIUM] CWE-770 CVE-2026-45023: AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificia AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.59, POST /api/blocks/{block_id}/execute endpoint executes blocks without consuming any credits, regardless of the user's balance. The credit check that exists in the graph execution path (manager.py) is never reache
nvd
CVE-2025-32423P4MEDIUMCVSS 5.3fixed in 0.6.322026-06-26
CVE-2025-32423 [MEDIUM] CWE-770 CVE-2025-32423: AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificia AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.32, there is a DoS vulnerability in ExtractTextInformationBlock. Malicious users can amplify their input. For example, if a malicious user inputs 10K of content, the server will consume 50G of memory, eventually cau
nvd
Significant-Gravitas Autogpt vulnerabilities | cvebase