CVE-2025-31490
- EPSS 0.32%
- Veröffentlicht 14.04.2025 23:15:21
- Zuletzt bearbeitet 05.08.2025 17:04:28
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to 0.6.1, AutoGPT allows SSRF due to DNS Rebinding in requests wrapper. AutoGPT is built with a wra...
CVE-2025-0454
- EPSS 0.1%
- Veröffentlicht 20.03.2025 10:11:30
- Zuletzt bearbeitet 05.08.2025 17:04:05
A Server-Side Request Forgery (SSRF) vulnerability was identified in the Requests utility of significant-gravitas/autogpt versions prior to v0.4.0. The vulnerability arises due to a hostname confusion between the `urlparse` function from the `urllib....
CVE-2025-1040
- EPSS 1.71%
- Veröffentlicht 20.03.2025 10:11:05
- Zuletzt bearbeitet 15.10.2025 13:16:01
AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection (SSTI) that could lead to Remote Code Execution (RCE). The vulnerability arises from the improper handling of user-supplied format strings in the `AgentOutputBlock`...
CVE-2025-22603
- EPSS 0.15%
- Veröffentlicht 10.03.2025 18:09:51
- Zuletzt bearbeitet 28.01.2026 17:24:48
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Versions prior to autogpt-platform-beta-v0.4.2 contains a server-side request forgery (SSRF) vulnerabilit...