PatchSiren cyber security CVE debrief
CVE-2025-32436 Significant-Gravitas CVE debrief
CVE-2025-32436 is a high-severity vulnerability in AutoGPT, a workflow automation platform. The vulnerability, patched in version 0.6.63, allows for a denial of service (DoS) attack due to improper handling of temporary files and lack of limits on disk space consumption. Affected users should be aware of this vulnerability and ensure they are running version 0.6.63 or later to prevent potential DoS attacks. The vulnerability exists in the `AddAudioToVideoBlock` and `StepThroughItemsBlock` features of AutoGPT. The `AddAudioToVideoBlock` downloads and stores videos and audio in a temporary directory without proper cleanup, while `StepThroughItemsBlock` can be used to iterate `MediaDurationBlock` multiple times without limits. This can lead to excessive disk space consumption and a DoS condition.
- Vendor
- Significant-Gravitas
- Product
- AutoGPT
- CVSS
- HIGH 7.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-18
- Original CVE updated
- 2026-06-22
- Advisory published
- 2026-06-18
- Advisory updated
- 2026-06-22
Who should care
Users of AutoGPT, especially those who utilize the `AddAudioToVideoBlock` and `StepThroughItemsBlock` features, should be aware of this vulnerability and ensure they are running version 0.6.63 or later to prevent potential DoS attacks.
Technical summary
The vulnerability exists in the `AddAudioToVideoBlock` and `StepThroughItemsBlock` features of AutoGPT. The `AddAudioToVideoBlock` downloads and stores videos and audio in a temporary directory without proper cleanup, while `StepThroughItemsBlock` can be used to iterate `MediaDurationBlock` multiple times without limits. This can lead to excessive disk space consumption and a DoS condition. The issue was patched in version 0.6.63.
Defensive priority
High priority should be given to updating AutoGPT to version 0.6.63 or later. Users should also review their usage of `AddAudioToVideoBlock` and `StepThroughItemsBlock` features and implement compensating controls to monitor and limit disk space consumption. Additional defensive measures include monitoring for unusual disk space consumption and implementing asset inventory management for affected systems. Furthermore, consider implementing source tracking to monitor for potential exploitation attempts. It is also recommended to review and limit usage of `AddAudioToVideoBlock` and `StepThroughItemsBlock` features to prevent potential DoS attacks. Users should also consider compensating controls for exposed systems while remediation is scheduled and verified. Finally, track exceptions, retest remediated assets, and close the item only after evidence is documented. This should be done with a focus on minimizing potential impact and ensuring the security of affected systems. Review relevant monitoring, detection, and logs for exposed assets that need extra review. Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up. Plan vendor-supported updates or mitigations through normal change control where exposure is confirmed. Check for any additional security advisories or CVE records that may be related to this vulnerability. This will help ensure that all necessary steps are taken to prevent potential exploitation. The goal is to prioritize and efficiently manage the remediation process while minimizing potential risks. Therefore, it is crucial to stay informed about the vulnerability and take proactive measures to protect against potential threats. By taking these steps, users can help prevent potential DoS attacks and ensure the security of their systems. In addition, users should consider implementing rollback/change windows to quickly recover from potential attacks. This can help minimize downtime and ensure business continuity. Overall, a comprehensive approach to security is essential in preventing and mitigating potential threats. By prioritizing defensive measures and staying informed, users can help protect
Recommended defensive actions
- Update AutoGPT to version 0.6.63 or later
- Review and limit usage of `AddAudioToVideoBlock` and `StepThroughItemsBlock` features
- Implement monitoring and limits on disk space consumption
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up.
- Review the supplied official advisory or CVE record to validate affected scope, severity, and vendor guidance.
- Plan vendor-supported updates or mitigations through normal change control where exposure is confirmed.
- Track exceptions, retest remediated assets, and close the item only after evidence is documented.
Evidence notes
The CVE record was published on 2026-06-18T17:16:26.797Z and last modified on 2026-06-22T14:16:22.130Z. The NVD entry is currently Deferred. The vulnerability has a CVSS score of 7.1 and is classified as HIGH severity. Evidence is limited, and defenders should verify the affected scope and vendor guidance with caution.
Official resources
-
CVE-2025-32436 CVE record
CVE.org
-
CVE-2025-32436 NVD detail
NVD
-
Source item URL
nvd_modified
- Source reference
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-06-18T17:16:26.797Z and has not been modified since then. The NVD entry is currently Deferred.