CVE-2026-33235— AutoGPT: Denial of Service (DoS) via Resource Exhaustion in text templating features
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-33235
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AutoGPT: Denial of Service (DoS) via Resource Exhaustion in text templating features
Source: NVD (National Vulnerability Database)
Vulnerability Description
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions prior to 0.6.52, the Fill Text Template block is vulnerable to a Denial of Service (DoS) attack. While the backend implements a SandboxedEnvironment to prevent unauthorized attribute access (e.g., blocking __class__), it fails to limit the computational complexity or execution time of the expressions. An attacker can input computationally expensive Python/Jinja2 expressions that consume the server's CPU and memory, leading to a complete system hang or crash. In multi-tenant or self-hosted environments, this results in a complete service outage and "noisy neighbor" effects that require manual administrative intervention to recover. This issue has been fixed in version 0.6.52.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Significant-Gravitas | AutoGPT | >= 0.1.0, < 0.6.52 | - |
II. Public POCs for CVE-2026-33235
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-33235
请登录查看更多情报信息。
Patches & Fixes for CVE-2026-33235 (1)
Other References for CVE-2026-33235 (1)
IV. Related Vulnerabilities
Same product: AutoGPT
- CVE-2025-32394
AutoGPT: There is a DoS vulnerability in AITextSummarizerBlo - CVE-2025-32423
AutoGPT: There is a DoS vulnerability in ExtractTextInformat - CVE-2026-56663
AutoGPT: SSRF-to-RCE Chain in `SendWebRequestBlock` via IP v - CVE-2026-56823
AutoGPT: IDOR in Webhook Ping Endpoint Allows Enumeration an - CVE-2026-55237
AutoGPT SignUp Page has DOM-Based XSS and Open Redirect
Same vendor: Significant-Gravitas
- CVE-2025-32394
AutoGPT: There is a DoS vulnerability in AITextSummarizerBlo - CVE-2025-32423
AutoGPT: There is a DoS vulnerability in ExtractTextInformat - CVE-2026-56663
AutoGPT: SSRF-to-RCE Chain in `SendWebRequestBlock` via IP v - CVE-2026-56823
AutoGPT: IDOR in Webhook Ping Endpoint Allows Enumeration an - CVE-2026-55237
AutoGPT SignUp Page has DOM-Based XSS and Open Redirect
Same weakness: CWE-400
- CVE-2026-57914
Apache Kerby: StackOverflow on parsing deeply nested ASN1 st - CVE-2026-48619
Node.js HTTP/2客户端OOM漏洞 - CVE-2026-52814
Gogs: Unauthenticated Asymmetric Denial of Service (DoS) via - CVE-2026-49851
Mistune: Potential DoS via quadratic-time parsing in parse_l - CVE-2026-50193
jackson-databind: Deeply nested JsonNode throws StackOverflo
V. Comments for CVE-2026-33235
No comments yet