CVE-2025-41023 Authentication bypass in AutoGPT de Thesamur

An authentication bypass vulnerability has been found in Thesamur's AutoGPT. This vulnerability allows an attacker to bypass authentication mechanisms. Once inside the web application, the attacker can use any of its features regardless of the authorisation method used...

CVE-2025-41023

CVE-2025-41023 concerns Thesamur’s AutoGPT with an authentication bypass that lets an attacker access features without proper authorization. The vulnerability is network-exposed (attack_vector: NETWORK) and requires no privileges or user interaction, with a LOW-impact in confidentiality and integ...