What is the severity of CVE-2025-22603?

CVE-2025-22603 is considered a high severity vulnerability due to its potential for server-side request forgery exploitation.

How do I fix CVE-2025-22603?

To fix CVE-2025-22603, upgrade to AutoGPT version autogpt-platform-beta-v0.4.2 or later.

What type of vulnerability is CVE-2025-22603?

CVE-2025-22603 is classified as a server-side request forgery (SSRF) vulnerability.

Which versions of AutoGPT are affected by CVE-2025-22603?

All versions of AutoGPT prior to autogpt-platform-beta-v0.4.2 are affected by CVE-2025-22603.

What impact does CVE-2025-22603 have on users?

CVE-2025-22603 can allow attackers to manipulate server requests, potentially leading to data exposure or system compromise.

Vulnerability/
CVE-2025-22603

high

7.7

CWE

918

10/3/2025

CVE-2025-22603: AutoGPT SSRF vulnerability

First published: Mon Mar 10 2025(Updated: )

AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Versions prior to autogpt-platform-beta-v0.4.2 contains a server-side request forgery (SSRF) vulnerability inside component (or block) `Send Web Request`. The root cause is that IPV6 address is not restricted or filtered, which allows attackers to perform a server side request forgery to visit an IPV6 service. autogpt-platform-beta-v0.4.2 fixes the issue.

Credit: security-advisories@github.com

Affected Software	Affected Version	How to fix
AutoGPT	<autogpt-platform-beta-v0.4.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2025-22603?
CVE-2025-22603 is considered a high severity vulnerability due to its potential for server-side request forgery exploitation.
How do I fix CVE-2025-22603?
To fix CVE-2025-22603, upgrade to AutoGPT version autogpt-platform-beta-v0.4.2 or later.
What type of vulnerability is CVE-2025-22603?
CVE-2025-22603 is classified as a server-side request forgery (SSRF) vulnerability.
Which versions of AutoGPT are affected by CVE-2025-22603?
All versions of AutoGPT prior to autogpt-platform-beta-v0.4.2 are affected by CVE-2025-22603.
What impact does CVE-2025-22603 have on users?
CVE-2025-22603 can allow attackers to manipulate server requests, potentially leading to data exposure or system compromise.

collector/mitre-cve
source/MITRE
agent/title
agent/references
agent/weakness
agent/first-publish-date
agent/type
agent/description
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
collector/nvd-api
source/NVD
agent/severity
agent/last-modified-date
agent/author
agent/source
agent/tags
agent/event
vendor/autogpt
canonical/autogpt

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.