2 matches found
CVE-2025-53944
CVE-2025-53944 concerns AutoGPT. In v0.6.15 and earlier, the external API endpoint get_graph_execution_results bypassed authorization by validating graph_id ownership but not graph_exec_id ownership, allowing authenticated users to access arbitrary execution results. The internal API properly val...
CVE-2025-53944 AutoGPT Platform Exposes Graph Execution Results via Authorization Gap
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents. In v0.6.15 and below, the external API's getgraphexecutionresults endpoint has an authorization bypass vulnerability. While it correctly validates user access to the graphid, it fails ...