Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Significant-Gravitas — Vulnerabilities & Security Advisories 23

Browse all 23 CVE security advisories affecting Significant-Gravitas. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Significant-Gravitas develops AI-powered cybersecurity tools, primarily focusing on automated vulnerability detection and penetration testing capabilities. Their software enables organizations to identify security flaws within applications and infrastructure without extensive manual intervention. Historical analysis of their public vulnerability database reveals a pattern of common web application security risks, including remote code execution, cross-site scripting, and broken access control issues. These defects often stem from input validation failures or improper configuration handling within their scanning engines. While no catastrophic data breaches have been publicly attributed to the company, the presence of twenty-three recorded CVEs indicates recurring challenges in securing their own development lifecycle. The incidents generally involve privilege escalation and information disclosure vectors that could allow attackers to compromise the integrity of the testing environment. This track record highlights the necessity for rigorous internal security audits even for vendors specializing in defensive technologies.

Top products by Significant-Gravitas: AutoGPT significant-gravitas/autogpt Auto-GPT
CVE IDTitleCVSSSeverityPublished
CVE-2026-26020 AutoGPT Affected by Remote Code Execution via Dynamic Module Import in Block Loading (__import__) — AutoGPTCWE-285 8.8AIHighAI2026-02-12
CVE-2026-26006 Redos (Regular Expression Denial of Service) at Code Extraction Block in significant-gravitas/autogpt — AutoGPTCWE-1333 6.5 Medium2026-02-10
CVE-2025-32393 AutoGPT has a DoS vulnerability in ReadRSSFeedBlock — AutoGPTCWE-770 6.5AIMediumAI2026-02-05
CVE-2025-62616 AutoGPT has SSRF vulnerability in SendDiscordFileBlock — AutoGPTCWE-918 8.1AIHighAI2026-02-04
CVE-2025-62615 AutoGPT has SSRF vulnerability in ReadRSSFeedBlock — AutoGPTCWE-918 9.1AICriticalAI2026-02-04
CVE-2026-22038 AutoGPT's API Keys and Secrets Logged in Plaintext in Stagehand Integration Blocks — AutoGPTCWE-532 8.1 High2026-02-04
CVE-2026-24780 AutoGPT is Vulnerable to RCE via Disabled Block Execution — AutoGPTCWE-863 8.8AIHighAI2026-01-29
CVE-2025-53944 AutoGPT Platform Exposes Graph Execution Results via Authorization Gap — AutoGPTCWE-285 7.7 High2025-07-30
CVE-2025-31494 AutoGPT allows cross-user sharing of node execution results through WebSockets API — AutoGPTCWE-200 3.5 Low2025-04-14
CVE-2025-31491 AutoGPT allows leakage of cross-domain cookies and protected headers in requests redirect — AutoGPTCWE-200 8.6 High2025-04-14
CVE-2025-31490 AutoGPT allows SSRF due to DNS Rebinding in requests wrapper — AutoGPTCWE-918 7.5 High2025-04-14
CVE-2024-10457 SSRF Vulnerabilities in significant-gravitas/autogpt — significant-gravitas/autogptCWE-918 9.1 -2025-03-20
CVE-2025-0454 SSRF Check Bypass in Requests Utility in significant-gravitas/autogpt — significant-gravitas/autogptCWE-918 9.1 -2025-03-20
CVE-2025-1040 Server-Side Template Injection (SSTI) in significant-gravitas/autogpt — significant-gravitas/autogptCWE-1336 9.8 -2025-03-20
CVE-2024-8156 Command Injection in significant-gravitas/autogpt — significant-gravitas/autogptCWE-77 8.8 -2025-03-20
CVE-2025-22603 AutoGPT SSRF vulnerability — AutoGPTCWE-918 9.1 -2025-03-10
CVE-2024-6091 Shell Command Denylist Bypass in significant-gravitas/autogpt — significant-gravitas/autogptCWE-78 9.8AICriticalAI2024-09-11
CVE-2024-1880 OS Command Injection in MacOS Text-To-Speech Class in significant-gravitas/autogpt — significant-gravitas/autogptCWE-78 8.8AIHighAI2024-06-06
CVE-2024-1881 Improper Neutralization of Special Elements used in an OS Command in significant-gravitas/autogpt — significant-gravitas/autogptCWE-78 9.8AICriticalAI2024-06-06
CVE-2024-1879 CSRF to RCE in significant-gravitas/autogpt — significant-gravitas/autogptCWE-352 8.8AIHighAI2024-06-06
CVE-2023-37275 System logs spoofable in Auto-GPT via ANSI control sequences — Auto-GPTCWE-117 3.1 Low2023-07-13
CVE-2023-37274 Python code execution sandbox escape in non-docker version in Auto-GPT — Auto-GPTCWE-94 7.6 High2023-07-13
CVE-2023-37273 Docker escape in Auto-GPT when running from docker-compose.yml included in git repo — Auto-GPTCWE-94 8.1 High2023-07-13

This page lists every published CVE security advisory associated with Significant-Gravitas. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.