3 matches found
CVE-2026-33232
The CVE-2026-33232 flaw affects AutoGPT Platform (versions 0.4.2–0.6.51). The issue is an unauthenticated DoS caused by the download_agent_file endpoint creating persistent temporary files per request and failing to delete them after serving, enabling an unauthenticated attacker to repeatedly exh...
CVE-2026-33232 AutoGPT: Unauthenticated DoS via Disk Space Exhaustion
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Versions 0.4.2 through 0.6.51 are vulnerable to an unauthenticated Denial of Service DoS through the server due to uncontrolled disk space consumption. The downloadagentfile...
Persistent Temp-File incomplete cleanup / resource exhaustion in `transformers` Serve
Description The transformers OpenAI-compatible server leaks every base64 image it decodes to disk. Because the temporary files are never cleaned up, an attacker can exhaust disk space by repeatedly calling /v1/chat/completions with base64 imageurl entries. Vulnerable Code In...