CVE-2025-62616 – AutoGPT has SSRF vulnerability in SendDiscordFileBlock

CVE ID : CVE-2025-62616

Published : Feb. 4, 2026, 10:28 p.m. | 50 minutes ago

Description : AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.34, in SendDiscordFileBlock, the third-party library aiohttp.ClientSession().get is used directly to access the URL, but the input URL is not filtered, which will cause SSRF vulnerability. This issue has been patched in autogpt-platform-beta-v0.6.34.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…