CVE-2025-41023

Medium CVSS: 6.9

An authentication bypass vulnerability has been found in Thesamur's AutoGPT. This vulnerability allows an attacker to bypass authentication mechanisms. Once inside the web application, the attacker can use any of its features regardless of the authorisation method used.

Vendor

Product

CWE

CWE-287

Yayın Tarihi

2026-02-19 09:16:11

Güncelleme

2026-02-19 15:52:39

Source Identifier

cve-coordination@incibe.es

KEV Date Added

Kategoriler

CWE-287 MEDIUM 2026

Referanslar

https://www.incibe.es/en/incibe-cert/notices/aviso/authentication-bypass-autogpt-de-thesamur