{"id":"CVE-2025-32436","summary":"AutoGPT has a DoS vulnerability in AddAudioToVideoBlock","details":"AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, `AddAudioToVideoBlock` will download and store the video and audio in a temporary directory without deleting before all noded are done. `StepThroughItemsBlock` can be used to iterate `MediaDurationBlock` multiple times. `StepThroughItemsBlock` does not limit the number of loops. In addition, `AddAudioToVideoBlock` does not limit the amount of disk space consumed in the current working directory and does not delete the video after outputing the result. When a malicious user chooses to screen shot many web pages, the disk space will eventually run out, causing a DoS. Version 0.6.63 patches the issue.","aliases":["GHSA-g26x-xwc5-7p44"],"modified":"2026-07-08T08:12:02.024525849Z","published":"2026-06-18T16:18:52.662Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/32xxx/CVE-2025-32436.json","cwe_ids":["CWE-400"],"cna_assigner":"GitHub_M"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/32xxx/CVE-2025-32436.json"},{"type":"ADVISORY","url":"https://github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-g26x-xwc5-7p44"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32436"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/significant-gravitas/autogpt","events":[{"introduced":"0"},{"fixed":"5b603c0bd04c8db2afc12098d5af2d391b7816e7"}],"database_specific":{"source":"AFFECTED_FIELD","extracted_events":[{"introduced":"0"},{"fixed":"0.6.63"}]}}],"versions":["autogpt-platform-beta-v0.6.62","autogpt-platform-beta-v0.6.60","autogpt-platform-beta-v0.6.59","autogpt-platform-beta-v0.6.58","autogpt-platform-beta-v0.6.57","autogpt-platform-beta-v0.6.56","autogpt-platform-beta-v0.6.55","autogpt-platform-beta-v0.6.54","autogpt-platform-beta-v0.6.53","autogpt-platform-beta-v0.6.52","autogpt-platform-beta-v0.6.50","autogpt-platform-beta-v0.6.51","autogpt-platform-beta-v0.6.49","autogpt-platform-beta-v0.6.48","autogpt-platform-beta-v0.6.47","autogpt-platform-beta-v0.6.46","autogpt-platform-beta-v0.6.43","autogpt-platform-beta-v0.6.42","autogpt-platform-beta-v0.6.41","autogpt-platform-beta-v0.6.40","autogpt-platform-beta-v0.6.39","autogpt-platform-beta-v0.6.38","autogpt-platform-beta-v0.6.37","autogpt-platform-beta-v0.6.36","autogpt-platform-beta-v0.6.35","autogpt-platform-beta-v0.6.34","autogpt-platform-beta-v0.6.33","autogpt-platform-beta-v0.6.32","autogpt-platform-beta-v0.6.31","autogpt-platform-beta-v0.6.30","autogpt-platform-beta-v0.6.29","autogpt-platform-beta-v0.6.28","autogpt-platform-beta-v0.6.26","autogpt-platform-beta-v0.6.22","autogpt-platform-beta-v0.6.21","autogpt-platform-beta-v0.6.20","autogpt-platform-beta-v0.6.19","autogpt-platform-beta-v0.6.18","autogpt-platform-beta-v0.6.17","autogpt-platform-beta-v0.6.16","autogpt-platform-beta-v0.6.15","autogpt-platform-beta-v0.6.14","autogpt-platform-beta-v0.6.13","autogpt-platform-beta-v0.6.12","autogpt-platform-beta-v0.6.11","autogpt-platform-beta-v0.6.10","autogpt-platform-beta-v0.6.9","autogpt-platform-beta-v0.6.8","autogpt-platform-beta-v0.6.7","autogpt-platform-beta-v0.6.6","autogpt-platform-beta-v0.6.5","autogpt-platform-beta-v0.6.4","autogpt-platform-beta-v0.6.2","autogpt-platform-beta-v0.6.1","autogpt-platform-beta-v0.6.0","autogpt-platform-beta-v0.5.1","autogpt-platform-beta-v0.5.0","autogpt-platform-beta-v0.4.11","autogpt-platform-beta-v0.4.10","autogpt-platform-beta-v0.4.9","autogpt-platform-beta-v0.4.8","autogpt-platform-beta-v0.4.5","autogpt-platform-beta-v0.4.4","autogpt-platform-beta-v0.4.3","autogpt-platform-beta-v0.4.2","autogpt-platform-beta-v0.4.1","autogpt-platform-beta-v0.4.0","autogpt-platform-beta-v0.3.4","autogpt-platform-beta-v0.3.3","autogpt-platform-beta-v0.3.2","autogpt-platform-beta-v0.2.2","agpt-platform-beta-v0.2.0","agpt-platform-beta-v0.1.1","agpt-platform-beta-v0.1.0","agbenchmark-v0.0.10","v0.1.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-32436.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L"}]}