Lucene search
K

7337 matches found

Cvelist
Cvelist
added 2026/06/18 4:18 p.m.16 views

CVE-2025-32436 AutoGPT has a DoS vulnerability in AddAudioToVideoBlock

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, AddAudioToVideoBlock will download and store the video and audio in a temporary directory without deleting before all noded are done. StepThroughItemsBlock c...

7.1CVSS0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/18 4:14 p.m.17 views

CVE-2025-32424 AutoGPT has a DoS vulnerability in ScreenshotWebPageBlock

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, ScreenshotWebPageBlock will store the captured screenshots in a temporary directory. StepThroughItemsBlock can be used to iterate ScreenshotWebPageBlock...

8.7CVSS0.00276EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 4:14 p.m.19 views

CVE-2025-32424

AutoGPT contains a DoS vulnerability in ScreenshotWebPageBlock prior to version 0.6.63. When a user repeatedly screenshots many pages via StepThroughItemsBlock, there is no limit on loops or on disk space usage in the current working directory, allowing disk exhaustion. Version 0.6.63 patches thi...

8.7CVSS5.3AI score0.00276EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/18 4:12 p.m.17 views

CVE-2025-32422 AutoGPT has a DoS vulnerability in FileStoreBlock with StepThroughItemsBlock

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, StepThroughItemsBlock can iterate all the contents in a list and send them to FileStoreBlock for downloading one by one. Although FileStoreBlock has access...

8.7CVSS0.00276EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/18 4:12 p.m.6 views

CVE-2025-32422

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, StepThroughItemsBlock can iterate all the contents in a list and send them to FileStoreBlock for downloading one by one. Although FileStoreBlock has access...

8.7CVSS5.3AI score0.00276EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/18 4:12 p.m.13 views

CVE-2025-32422

AutoGPT contains a DoS vulnerability in StepThroughItemsBlock leading to disk exhaustion via unbounded downloads to FileStoreBlock. Before version 0.6.63, StepThroughItemsBlock can iterate over an arbitrary list and trigger downloads to FileStoreBlock without limiting loop count, while FileStoreB...

8.7CVSS5.3AI score0.00276EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/18 4:12 p.m.8 views

EUVD-2025-210280

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, StepThroughItemsBlock can iterate all the contents in a list and send them to FileStoreBlock for downloading one by one. Although FileStoreBlock has access...

8.7CVSS5.3AI score0.00276EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/18 4:8 p.m.16 views

CVE-2025-32392 AutoGPT has a DoS vulnerability in LoopVideoBlock

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, AutoGPT's LoopVideoBLock allows users to input a video file and process the video, such as looping it 5 times or extending the time, and finally writing it t...

8.7CVSS0.00343EPSS
Exploits0References1
CVE
CVE
added 2026/06/18 4:8 p.m.13 views

CVE-2025-32392

AutoGPT (workflow automation platform) contains a DoS vulnerability in the LoopVideoBlock before version 0.6.63, where looping a video has no resource limits. The attacker can set an unbounded number of loops, causing an excessively large video file to be written to disk and thereby exhaust disk ...

8.7CVSS5.3AI score0.00343EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/18 4:8 p.m.6 views

CVE-2025-32392

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, AutoGPT's LoopVideoBLock allows users to input a video file and process the video, such as looping it 5 times or extending the time, and finally writing it t...

8.7CVSS5.4AI score0.00343EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/18 1:51 p.m.16 views

CVE-2026-12539

Docker Sandboxes (sbx) ICMP egress restriction can be bypassed after daemon restart. The issue arises because the authorizer is applied only at network creation and is not re-applied to networks rebuilt from disk on restart, allowing a restart-surviving sandbox to forward ICMP to arbitrary hosts....

5.7CVSS5.5AI score0.00097EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/18 12:0 a.m.8 views

PT-2026-50694

Name of the Vulnerable Software and Affected Versions AutoGPT versions prior to 0.6.63 Description AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. The AddAudioToVideoBlock function downloads and stores video and audio file...

7.1CVSS5.8AI score0.00247EPSS
Exploits0References5
OSV
OSV
added 2026/06/18 12:0 a.m.4 views

OPENSUSE-SU-2026:11057-1 kubevirt-1.8-container-disk-1.8.3-1.1 on GA media

These are all security issues fixed in the kubevirt-1.8-container-disk-1.8.3-1.1 package on the GA media of openSUSE Tumbleweed...

9.1CVSS7.2AI score0.99999EPSS
Exploits22References9
Snyk
Snyk
added 2026/06/17 6:43 p.m.4 views

Missing Authentication for Critical Function

Overview lfx is a lfx is a command-line tool for running Langflow workflows. It provides two main commands: serve and run. Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the createuploadfile function. An attacker can exhaust server disk space...

9.3CVSS6AI score0.0031EPSS
Exploits1References2
Snyk
Snyk
added 2026/06/17 6:43 p.m.5 views

Missing Authentication for Critical Function

Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function via the createuploadfile function. An attacker can exhaust server disk space and obtain sensitive file system information by uploading arbitrary files without authentication and receiving...

9.3CVSS6AI score0.0031EPSS
Exploits1References2
NVD
NVD
added 2026/06/16 7:16 p.m.12 views

CVE-2024-39575

updatediskpsubaseline.sh requires password in plain text...

7.4CVSS0.00096EPSS
Exploits0References1
CVE
CVE
added 2026/06/16 5:54 p.m.19 views

CVE-2024-39575

Technical details are not publicly available in the provided documents; monitor for updates.

7.4CVSS5.2AI score0.00096EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/06/15 7:59 p.m.57 views

ITScape

🛡️ ITScape - Test your systems for security gaps !https:/...

5.5AI score
Exploits0
NVD
NVD
added 2026/06/15 4:16 p.m.9 views

CVE-2026-5038

Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe call does not propagate the stream destroy signal to the...

7.5CVSS0.00278EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/15 2:23 p.m.34 views

CVE-2026-5038 multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads

Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe call does not propagate the stream destroy signal to the...

5.3CVSS0.00278EPSS
Exploits0References2
Rows per page
Query Builder