AutoGPT has a DoS vulnerability in MediaDurationBlock
Description
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.63, MediaDurationBlock will download and store the video in a temporary directory without deleting before all noded are done. StepThroughItemsBlock can be used to iterate MediaDurationBlock multiple times. StepThroughItemsBlock does not limit the number of loops. In addition, MediaDurationBlock does not limit the amount of disk space consumed in the current working directory and does not delete the video after outputing the result. When a malicious user chooses to screen shot many web pages, the disk space will eventually run out, causing a DoS. Version 0.6.63 patches the issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<0.6.63+ 1 more
- (no CPE)range: <0.6.63
- (no CPE)range: <0.6.63
Patches
Vulnerability mechanics
Root cause
"Missing cleanup of downloaded media files and unbounded loop iteration allow disk-space exhaustion."
Attack vector
An attacker provides a crafted agent input that references many large video URLs (e.g., `https://video1.mp4`, `https://video2.mp4`, …). `StepThroughItemsBlock` iterates over these items without limiting the number of loops, and for each iteration `MediaDurationBlock` downloads the video to a temporary directory without deleting it after outputting the duration [ref_id=1]. The downloaded files accumulate on disk until the filesystem is exhausted, causing a denial of service.
What the fix does
Version 0.6.63 patches the issue. The advisory does not publish the exact diff, but the fix is expected to either limit the number of iterations in `StepThroughItemsBlock`, delete temporary media files after each `MediaDurationBlock` run, or both, so that disk space cannot be exhausted by repeated downloads [ref_id=1].
Preconditions
- inputThe attacker must be able to submit agent input that includes a list of video URLs (e.g., via the agent's user-facing interface).
- inputThe attacker must provide URLs that point to large video files to accelerate disk exhaustion.
Generated on Jun 19, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
1- github.com/Significant-Gravitas/AutoGPT/security/advisories/GHSA-rg6v-m9x9-7wf9mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.