AutoGPT has a DoS vulnerability in AddAudioToVideoBlock
Description
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, AddAudioToVideoBlock will download and store the video and audio in a temporary directory without deleting before all noded are done. StepThroughItemsBlock can be used to iterate MediaDurationBlock multiple times. StepThroughItemsBlock does not limit the number of loops. In addition, AddAudioToVideoBlock does not limit the amount of disk space consumed in the current working directory and does not delete the video after outputing the result. When a malicious user chooses to screen shot many web pages, the disk space will eventually run out, causing a DoS. Version 0.6.63 patches the issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<0.6.63+ 1 more
- (no CPE)range: <0.6.63
- (no CPE)range: < 0.6.63
Patches
Vulnerability mechanics
Root cause
"Missing cleanup of temporary media files and unbounded loop iteration allow disk space exhaustion."
Attack vector
An attacker submits a crafted agent workflow that chains `StepThroughItemsBlock` with `AddAudioToVideoBlock`. `StepThroughItemsBlock` iterates over a list of video URLs without limiting the number of loops, and `AddAudioToVideoBlock` downloads each video and audio file into a temporary directory without deleting them after processing [ref_id=1]. The attacker can supply an unbounded number of video URLs (e.g., `https://video1.mp4`, `https://video2.mp4`, …) so that every iteration consumes additional disk space. Because the temporary files are never cleaned up during execution, repeated iterations eventually exhaust all available disk space, causing a denial of service [CWE-400].
What the fix does
Version 0.6.63 addresses the issue by ensuring that temporary files downloaded by `AddAudioToVideoBlock` are deleted after processing and by limiting the number of iterations in `StepThroughItemsBlock` [ref_id=1]. The patch prevents unbounded disk consumption by cleaning up intermediate media files and capping the loop count, so an attacker can no longer exhaust disk space through repeated iterations.
Preconditions
- authThe attacker must be able to submit or trigger an agent workflow that includes StepThroughItemsBlock and AddAudioToVideoBlock blocks.
- inputThe attacker supplies a list of video URLs (and optionally an audio URL) that the workflow will iterate over.
Generated on Jun 19, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1- github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-g26x-xwc5-7p44mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.