CVE-2025-62615

Name of the Vulnerable Software and Affected Versions AutoGPT versions prior to 0.6.34

Description AutoGPT is a platform for creating and managing AI agents to automate workflows. A Server-Side Request Forgery (SSRF) issue exists in the RSSFeedBlock component due to the direct use of urllib.request.urlopen to access URLs without input validation. This allows an attacker to potentially make requests to unintended locations. The vulnerable code does not filter the input URL before using it.

Recommendations Update to version 0.6.34 or later.