CVE-2025-32425: CWE-770: Allocation of Resources Without Limits or Throttling in Significant-Gravitas AutoGPT
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. In AutoGPT, the execution process is recorded to the console (stdout/stderr), and deployed in container mode, which is automatically captured by Docker and stored as "container logs". However, prior to 0.6.32, there is no limit on the log size when the container is deployed. When the number of user accesses is too large, the log on the server disk will be too large, causing disk resource exhaustion and eventually causing DoS. autogpt-platform-beta-v0.6.32 fixes the issue.
AI Analysis
Technical Summary
AutoGPT records its execution process to the console, which Docker captures as container logs stored on the server disk. In versions before 0.6.32, there is no limit on the size of these logs. When the number of user accesses is very high, the logs can grow excessively large, consuming all available disk space and causing a denial of service due to resource exhaustion. The vulnerability is classified under CWE-770 (Allocation of Resources Without Limits or Throttling). The fix is implemented in autogpt-platform-beta-v0.6.32.
Potential Impact
If exploited, this vulnerability can cause disk resource exhaustion on the server hosting AutoGPT containers, leading to denial of service conditions. This could disrupt the availability of AutoGPT services but does not indicate direct compromise of confidentiality or integrity.
Mitigation Recommendations
Upgrade AutoGPT to version 0.6.32 or later, where the issue is fixed by limiting container log size. Since the vendor advisory indicates the fix is in 0.6.32, applying this official update is the recommended remediation. No other mitigation or temporary workaround is specified.
CVE-2025-32425: CWE-770: Allocation of Resources Without Limits or Throttling in Significant-Gravitas AutoGPT
Description
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. In AutoGPT, the execution process is recorded to the console (stdout/stderr), and deployed in container mode, which is automatically captured by Docker and stored as "container logs". However, prior to 0.6.32, there is no limit on the log size when the container is deployed. When the number of user accesses is too large, the log on the server disk will be too large, causing disk resource exhaustion and eventually causing DoS. autogpt-platform-beta-v0.6.32 fixes the issue.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
AutoGPT records its execution process to the console, which Docker captures as container logs stored on the server disk. In versions before 0.6.32, there is no limit on the size of these logs. When the number of user accesses is very high, the logs can grow excessively large, consuming all available disk space and causing a denial of service due to resource exhaustion. The vulnerability is classified under CWE-770 (Allocation of Resources Without Limits or Throttling). The fix is implemented in autogpt-platform-beta-v0.6.32.
Potential Impact
If exploited, this vulnerability can cause disk resource exhaustion on the server hosting AutoGPT containers, leading to denial of service conditions. This could disrupt the availability of AutoGPT services but does not indicate direct compromise of confidentiality or integrity.
Mitigation Recommendations
Upgrade AutoGPT to version 0.6.32 or later, where the issue is fixed by limiting container log size. Since the vendor advisory indicates the fix is in 0.6.32, applying this official update is the recommended remediation. No other mitigation or temporary workaround is specified.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2025-04-08T10:54:58.367Z
- Cvss Version
- 4.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a04a508cbff5d8610e8043d
Added to database: 5/13/2026, 4:21:28 PM
Last enriched: 5/13/2026, 4:37:12 PM
Last updated: 5/14/2026, 6:45:31 AM
Views: 7
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.