CVE-2026-24780

Summary

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.44, AutoGPT Platform's block execution endpoints (both main web API and external API) allow executing blocks by UUID without checking the disabled flag. Any authenticated user can execute the disabled BlockInstallationBlock, which writes arbitrary Python code to the server filesystem and executes it via __import__(), achieving Remote Code Execution. In default self-hosted deployments where Supabase signup is enabled, an attacker can self-register; if signup is disabled (e.g., hosted), the attacker needs an existing account. autogpt-platform-beta-v0.6.44 contains a fix.

Affected Software

VendorProductVersion RangeStatus
Significant-GravitasAutoGPT>= 0.1.0, < 0.6.44affected

Weaknesses

  • CWE-863: CWE-863: Incorrect Authorization
  • CWE-94: CWE-94: Improper Control of Generation of Code ('Code Injection')
  • CWE-276: CWE-276: Incorrect Default Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: total

References