4 matches found
CVE-2025-31494
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The AutoGPT Platform's WebSocket API transmitted node execution updates to subscribers based on the graphid+graphversion. Additionally, there was no che...
CVE-2025-31494
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. The AutoGPT Platform's WebSocket API transmitted node execution updates to subscribers based on the graphid+graphversion. Additionally, there was no che...
CVE-2025-31494
creationtimestamp| type| source ---|---|--- 2025-04-14 23:53:48+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11733 2025-04-15 00:33:26+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114339165376498544 2025-04-15 02:38:08+00:00| seen|...
CVE-2025-31494
AutoGPT CVE-2025-31494 affects the WebSocket API where node execution updates are published per graph_id+graph_version. A missing permission check allowed subscribers within the same instance to receive another user�s graph execution updates, exposing potentially sensitive data. The issue does no...