14 matches found
CVE-2025-32425
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. In AutoGPT, the execution process is recorded to the console stdout/stderr, and deployed in container mode, which is automatically captured by Docker an...
CVE-2025-32425
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. In AutoGPT, the execution process is recorded to the console stdout/stderr, and deployed in container mode, which is automatically captured by Docker an...
CVE-2025-32425 AutoGPT has missing Docker log rotation on platform containers that allows host disk-exhaustion DoS
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. In AutoGPT, the execution process is recorded to the console stdout/stderr, and deployed in container mode, which is automatically captured by Docker an...
CVE-2025-32425
CVE-2025-32425 affects AutoGPT platform prior to v0.6.32, where container execution logs emitted to stdout/stderr could be captured by Docker and stored as container logs without a size limit. This lack of log rotation/log size control can lead to server disk resource exhaustion and DoS under hig...
CVE-2025-32425 AutoGPT has missing Docker log rotation on platform containers that allows host disk-exhaustion DoS
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. In AutoGPT, the execution process is recorded to the console stdout/stderr, and deployed in container mode, which is automatically captured by Docker an...
CVE-2026-26006
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The autogpt before 0.6.32 is vulnerable to Regular Expression Denial of Service due to the use of regex at Code Extraction Block. The two Regex are used...
CVE-2026-26006 Redos (Regular Expression Denial of Service) at Code Extraction Block in significant-gravitas/autogpt
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The autogpt before 0.6.32 is vulnerable to Regular Expression Denial of Service due to the use of regex at Code Extraction Block. The two Regex are used...
PT-2026-7472
Name of the Vulnerable Software and Affected Versions AutoGPT versions prior to 0.6.32 Description AutoGPT is a platform for creating, deploying, and managing continuous artificial intelligence agents that automate complex workflows. Versions of AutoGPT before 0.6.32 contain a Regular Expression...
CVE-2025-32393
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.32, there is a DoS vulnerability in ReadRSSFeedBlock. In RSSBlock, feedparser.parser is called to obtain the XML fil...
CVE-2025-32393
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.32, there is a DoS vulnerability in ReadRSSFeedBlock. In RSSBlock, feedparser.parser is called to obtain the XML fil...
CVE-2025-32393
AutoGPT exposes a DoS in ReadRSSFeedBlock where feedparser.parser may parse deeply nested XML without limits on time or resources, exhausting memory and causing service disruption. Multiple sources (Red Hat and NVD/NVD-derived entries) confirm the issue and note it affects autogpt-platform-beta-v...
CVE-2025-32393 AutoGPT has a DoS vulnerability in ReadRSSFeedBlock
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.32, there is a DoS vulnerability in ReadRSSFeedBlock. In RSSBlock, feedparser.parser is called to obtain the XML fil...
CVE-2025-32393
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.32, there is a DoS vulnerability in ReadRSSFeedBlock. In RSSBlock, feedparser.parser is called to obtain the XML fil...
CVE-2025-63391
An authentication bypass vulnerability exists in Open-WebUI =0.6.32 in the /api/config endpoint. The endpoint lacks proper authentication and authorization controls, exposing sensitive system configuration data to unauthenticated remote attackers...