Vulnerabilities > Agpt
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-11 | CVE-2024-6091 | OS Command Injection vulnerability in Agpt Autogpt 0.5.1 A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the shell commands denylist settings. | 9.8 |
| 2024-06-06 | CVE-2024-1880 | OS Command Injection vulnerability in Agpt Autogpt An OS command injection vulnerability exists in the MacOS Text-To-Speech class MacOSTTS of the significant-gravitas/autogpt project, affecting versions up to v0.5.0. | 7.8 |
| 2024-06-06 | CVE-2024-1881 | OS Command Injection vulnerability in Agpt Autogpt 0.5.0 AutoGPT, a component of significant-gravitas/autogpt, is vulnerable to an improper neutralization of special elements used in an OS command ('OS Command Injection') due to a flaw in its shell command validation function. | 9.8 |
| 2024-06-06 | CVE-2024-1879 | Cross-Site Request Forgery (CSRF) vulnerability in Agpt Autogpt 0.5.0 A Cross-Site Request Forgery (CSRF) vulnerability in significant-gravitas/autogpt version v0.5.0 allows attackers to execute arbitrary commands on the AutoGPT server. | 8.8 |
| 2023-07-13 | CVE-2023-37273 | Code Injection vulnerability in Agpt Auto-Gpt Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. | 8.8 |
| 2023-07-13 | CVE-2023-37274 | Code Injection vulnerability in Agpt Auto-Gpt Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. | 7.8 |
| 2023-07-13 | CVE-2023-37275 | Improper Output Neutralization for Logs vulnerability in Agpt Auto-Gpt Auto-GPT is an experimental open-source application showcasing the capabilities of the GPT-4 language model. | 4.3 |