5 matches found
CVE-2026-45023
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.59, POST /api/blocks/blockid/execute endpoint executes blocks without consuming any credits, regardless of the user's balance. The credit check that exists in th...
CVE-2026-45023 AutoGP: Credit system bypassed via direct block execution in POST /api/blocks/{block_id}/execute
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.59, POST /api/blocks/blockid/execute endpoint executes blocks without consuming any credits, regardless of the user's balance. The credit check that exists in th...
CVE-2026-45023
AutoGPT is affected by CVE-2026-45023. The vulnerability resides in the POST /api/blocks/{block_id}/execute endpoint, where blocks can be executed without consuming credits, bypassing the intended credit check in the graph execution path. The bypass occurs when blocks are invoked directly via the...
CVE-2026-45023 AutoGP: Credit system bypassed via direct block execution in POST /api/blocks/{block_id}/execute
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.59, POST /api/blocks/blockid/execute endpoint executes blocks without consuming any credits, regardless of the user's balance. The credit check that exists in th...
PT-2026-44553
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.59, POST /api/blocks/block id/execute endpoint executes blocks without consuming any credits, regardless of the user's balance. The credit check that exists in t...