CVE 8.7 HIGH

AutoGPT has a DoS vulnerability in ReadRSSFeedBlock_CVE-2025-32393

February 5, 2026 invoker category_cve
8.7 / 10
HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Description

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.32, there is a DoS vulnerability in ReadRSSFeedBlock. In RSSBlock, feedparser.parser is called to obtain the XML file according to the URL input by the user, parse the XML, and finally obtain the parsed result. However, during the parsing process, there is no limit on the parsing time and the resources that can be allocated for parsing. When a malicious user lets RSSBlock parse a carefully constructed, deep XML, it will cause memory resources to be exhausted, eventually causing DoS. This issue has been patched in autogpt-platform-beta-v0.6.32.

AI Analysis

Denial of Service (DoS) vulnerability in ReadRSSFeedBlock due to uncontrolled resource allocation during XML parsing

Basic Information

ID CVE-2025-32393
Source GitHub_M
Published Feb 5, 2026 at 22:57

Affected Product

Vendor Significant-Gravitas
Product AutoGPT
Version < autogpt-platform-beta-v0.6.32
Affected Versions Significant-Gravitas AutoGPT < autogpt-platform-beta-v0.6.32

CWE Classification

CWE-770

AI Assessment

AI Score 8.7 / 10
AI Severity High
Vendor Significant-Gravitas
Product AutoGPT
Version < autogpt-platform-beta-v0.6.32

References

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.