Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

significant-gravitas — Vulnerabilities & Security Advisories 28

Browse all 28 CVE security advisories affecting significant-gravitas. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Significant-Gravitas develops AI-powered cybersecurity tools, primarily focusing on automated vulnerability detection and penetration testing capabilities. Their software enables organizations to identify security flaws within applications and infrastructure without extensive manual intervention. Historical analysis of their public vulnerability database reveals a pattern of common web application security risks, including remote code execution, cross-site scripting, and broken access control issues. These defects often stem from input validation failures or improper configuration handling within their scanning engines. While no catastrophic data breaches have been publicly attributed to the company, the presence of twenty-three recorded CVEs indicates recurring challenges in securing their own development lifecycle. The incidents generally involve privilege escalation and information disclosure vectors that could allow attackers to compromise the integrity of the testing environment. This track record highlights the necessity for rigorous internal security audits even for vendors specializing in defensive technologies.

Found 17 results / 28Clear Filters
Top products by significant-gravitas: AutoGPT significant-gravitas/autogpt Auto-GPT
CVE IDTitleCVSSSeverityPublished
CVE-2026-33234 AutoGPT: SendEmailBlock's IP blocklist bypass allows SSRF via user-controlled SMTP server — AutoGPTCWE-918 5.0 Medium2026-05-19
CVE-2026-33233 AutoGPT Platform: Remote Code Execution via Unsafe Pickle Deserialization of Redis Cache Entries — AutoGPTCWE-502 7.6 High2026-05-19
CVE-2026-33232 AutoGPT: Unauthenticated DoS via Disk Space Exhaustion — AutoGPTCWE-459 7.5 High2026-05-19
CVE-2026-30950 AutoGPT has Authenticated Session Hijacking via IDOR — AutoGPTCWE-862 7.1 High2026-05-18
CVE-2025-32425 AutoGPT has missing Docker log rotation on platform containers that allows host disk-exhaustion DoS — AutoGPTCWE-770--2026-05-13
CVE-2026-26020 AutoGPT Affected by Remote Code Execution via Dynamic Module Import in Block Loading (__import__) — AutoGPTCWE-285 8.8AIHighAI2026-02-12
CVE-2026-26006 Redos (Regular Expression Denial of Service) at Code Extraction Block in significant-gravitas/autogpt — AutoGPTCWE-1333 6.5 Medium2026-02-10
CVE-2025-32393 AutoGPT has a DoS vulnerability in ReadRSSFeedBlock — AutoGPTCWE-770 6.5AIMediumAI2026-02-05
CVE-2025-62616 AutoGPT has SSRF vulnerability in SendDiscordFileBlock — AutoGPTCWE-918 8.1AIHighAI2026-02-04
CVE-2025-62615 AutoGPT has SSRF vulnerability in ReadRSSFeedBlock — AutoGPTCWE-918 9.1AICriticalAI2026-02-04
CVE-2026-22038 AutoGPT's API Keys and Secrets Logged in Plaintext in Stagehand Integration Blocks — AutoGPTCWE-532 8.1 High2026-02-04
CVE-2026-24780 AutoGPT is Vulnerable to RCE via Disabled Block Execution — AutoGPTCWE-863 8.8AIHighAI2026-01-29
CVE-2025-53944 AutoGPT Platform Exposes Graph Execution Results via Authorization Gap — AutoGPTCWE-285 7.7 High2025-07-30
CVE-2025-31494 AutoGPT allows cross-user sharing of node execution results through WebSockets API — AutoGPTCWE-200 3.5 Low2025-04-14
CVE-2025-31491 AutoGPT allows leakage of cross-domain cookies and protected headers in requests redirect — AutoGPTCWE-200 8.6 High2025-04-14
CVE-2025-31490 AutoGPT allows SSRF due to DNS Rebinding in requests wrapper — AutoGPTCWE-918 7.5 High2025-04-14
CVE-2025-22603 AutoGPT SSRF vulnerability — AutoGPTCWE-918 9.1 -2025-03-10

This page lists every published CVE security advisory associated with significant-gravitas. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.