| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-26020 | AutoGPT Affected by Remote Code Execution via Dynamic Module Import in Block Loading (__import__) | Significant-Gravitas | AutoGPT | - | - | 2026-02-12 20:52:15 | Deep Dive |
| CVE-2026-26006 | Redos (Regular Expression Denial of Service) at Code Extraction Block in significant-gravitas/autogpt | Significant-Gravitas | AutoGPT | Medium | 6.5 | 2026-02-10 21:21:01 | Deep Dive |
| CVE-2025-32393 | AutoGPT has a DoS vulnerability in ReadRSSFeedBlock | Significant-Gravitas | AutoGPT | - | - | 2026-02-05 22:57:54 | Deep Dive |
| CVE-2025-62616 | AutoGPT has SSRF vulnerability in SendDiscordFileBlock | Significant-Gravitas | AutoGPT | - | - | 2026-02-04 22:28:41 | Deep Dive |
| CVE-2025-62615 | AutoGPT has SSRF vulnerability in ReadRSSFeedBlock | Significant-Gravitas | AutoGPT | - | - | 2026-02-04 22:28:37 | Deep Dive |
| CVE-2026-22038 | AutoGPT's API Keys and Secrets Logged in Plaintext in Stagehand Integration Blocks | Significant-Gravitas | AutoGPT | High | 8.1 | 2026-02-04 22:28:20 | Deep Dive |
| CVE-2026-24780 | AutoGPT is Vulnerable to RCE via Disabled Block Execution | Significant-Gravitas | AutoGPT | - | - | 2026-01-29 17:39:34 | Deep Dive |
| CVE-2025-53944 | AutoGPT Platform Exposes Graph Execution Results via Authorization Gap | Significant-Gravitas | AutoGPT | High | 7.7 | 2025-07-30 14:28:36 | Deep Dive |
| CVE-2025-31494 | AutoGPT allows cross-user sharing of node execution results through WebSockets API | Significant-Gravitas | AutoGPT | Low | 3.5 | 2025-04-14 23:21:10 | Deep Dive |
| CVE-2025-31491 | AutoGPT allows leakage of cross-domain cookies and protected headers in requests redirect | Significant-Gravitas | AutoGPT | High | 8.6 | 2025-04-14 23:15:57 | Deep Dive |
| CVE-2025-31490 | AutoGPT allows SSRF due to DNS Rebinding in requests wrapper | Significant-Gravitas | AutoGPT | High | 7.5 | 2025-04-14 23:07:26 | Deep Dive |
| CVE-2024-10457 | SSRF Vulnerabilities in significant-gravitas/autogpt | significant-gravitas | significant-gravitas/autogpt | 中危 | - | 2025-03-20 10:11:37 | Deep Dive |
| CVE-2025-0454 | SSRF Check Bypass in Requests Utility in significant-gravitas/autogpt | significant-gravitas | significant-gravitas/autogpt | 高危 | - | 2025-03-20 10:11:30 | Deep Dive |
| CVE-2025-1040 | Server-Side Template Injection (SSTI) in significant-gravitas/autogpt | significant-gravitas | significant-gravitas/autogpt | 高危 | - | 2025-03-20 10:11:06 | Deep Dive |
| CVE-2024-8156 | Command Injection in significant-gravitas/autogpt | significant-gravitas | significant-gravitas/autogpt | 高危 | - | 2025-03-20 10:09:13 | Deep Dive |
| CVE-2025-22603 | AutoGPT SSRF vulnerability | Significant-Gravitas | AutoGPT | 中危 | - | 2025-03-10 18:09:51 | Deep Dive |
| CVE-2024-6091 | Shell Command Denylist Bypass in significant-gravitas/autogpt | significant-gravitas | significant-gravitas/autogpt | - | - | 2024-09-11 12:49:07 | Deep Dive |
| CVE-2024-1880 | OS Command Injection in MacOS Text-To-Speech Class in significant-gravitas/autogpt | significant-gravitas | significant-gravitas/autogpt | - | - | 2024-06-06 18:39:44 | Deep Dive |
| CVE-2024-1881 | Improper Neutralization of Special Elements used in an OS Command in significant-gravitas/autogpt | significant-gravitas | significant-gravitas/autogpt | - | - | 2024-06-06 18:19:08 | Deep Dive |
| CVE-2024-1879 | CSRF to RCE in significant-gravitas/autogpt | significant-gravitas | significant-gravitas/autogpt | - | - | 2024-06-06 17:53:22 | Deep Dive |