Denial of Service Vulnerability in AutoGPT Workflow Automation Platform by Significant Gravitas
CVE-2025-32423

5.3MEDIUM

Key Information:

Vendor: Significant-gravitas
Status: Autogpt
Vendor: CVE Published:; 26 June 2026

🔔 Create Significant-gravitas Vulnerability Alert

What is CVE-2025-32423?

The AutoGPT platform, developed by Significant Gravitas, suffers from a Denial of Service vulnerability within the ExtractTextInformationBlock function. When prior to version 0.6.32, the platform allows malicious users to send excessive input that can result in severe memory consumption. Specifically, when a user inputs content of 10,000 bytes, the server can expend up to 50 gigabytes of memory, which can ultimately lead to resource exhaustion. This critical issue has been addressed in version 0.6.32, making it essential for users to update their systems promptly to mitigate any potential exploitation.

Affected Version(s)

AutoGPT < 0.6.32

References

https://github.com/Significant-Gravitas/AutoGPT/security/...

x_refsource_CONFIRM

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2026
Vulnerability Reserved
Apr 8, 2025

CVE-2025-32423 Data

JSON