Denial of Service Vulnerability in AutoGPT by Significant Gravitas
CVE-2025-32393
8.7HIGH
What is CVE-2025-32393?
AutoGPT, a platform designed for creating and managing artificial intelligence agents, has a vulnerability in its ReadRSSFeedBlock feature. This vulnerability occurs when the RSS feed parser accesses user-provided URLs without imposing limitations on parsing time and resource allocation. Malicious users can exploit this by crafting a deep XML structure to exhaust memory resources, leading to a denial of service. This issue has been addressed in version autogpt-platform-beta-v0.6.32.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
AutoGPT < autogpt-platform-beta-v0.6.32
References
CVSS V4
Score:
8.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved