📦 Autogpt Platform
by Agpt
🔍 What is Autogpt Platform?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in AutoGPT's RSSFeedBlock component. Attackers can exploit unfiltered URL inputs to make unauthorized requests to internal systems...
This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in AutoGPT's SendDiscordFileBlock component. Attackers can exploit unfiltered URL inputs to make unauthorized requests to internal...
This vulnerability allows authenticated users of AutoGPT to execute arbitrary code on the backend server by bypassing disabled block restrictions. Attackers can embed the BlockInstallationBlock in a g...
AutoGPT versions before beta-v0.6.46 log API keys and authentication secrets in plaintext when using Stagehand integration blocks. This exposes sensitive credentials to anyone with access to logs, aff...
This vulnerability allows authenticated users in AutoGPT Platform to execute disabled BlockInstallationBlock components, which write arbitrary Python code to the server filesystem and execute it via _...
AutoGPT versions 0.6.15 and below have an authorization bypass vulnerability in the external API's get_graph_execution_results endpoint. Authenticated users can access any execution results by providi...
AutoGPT versions before 0.6.1 contain a DNS rebinding vulnerability in the requests wrapper that allows Server-Side Request Forgery (SSRF). Attackers can bypass IP validation by using DNS servers that...
This SSRF vulnerability in AutoGPT allows attackers to bypass URL validation and make unauthorized requests to internal systems. It affects AutoGPT versions before v0.4.0 that use the Requests utility...
AutoGPT versions 0.3.4 and earlier contain a Server-Side Template Injection vulnerability that allows attackers to execute arbitrary code on the host system. This affects all users running vulnerable ...
AutoGPT versions prior to beta-v0.4.2 contain a server-side request forgery (SSRF) vulnerability in the 'Send Web Request' component that fails to filter IPv6 addresses. This allows attackers to make ...
AutoGPT versions before beta-v0.6.32 contain a denial-of-service vulnerability in the ReadRSSFeedBlock component. Attackers can trigger resource exhaustion by feeding specially crafted XML to the RSS ...