What is CVE-2026-33233?

CVE-2026-33233 is a high-severity vulnerability in Significant-gravitas Autogpt, classified under Code Injection. CVSS score: 7.6/10. Published 2026-05-19.

How severe is CVE-2026-33233?

High severity. CVSS v3 base score is 7.6 out of 10.

RCE in Significant-gravitas Autogpt

CVE-2026-33233

AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. In versions 0.6.34 through 0.6.51, the backend deserializes Redis cache bytes using pickle.loads without integrity/a…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.000 (3.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.6 (High). Vector: CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H.

Affected products

Significant-gravitas Autogpt — versions >= 0.6.34, < 0.6.52

Weakness classification (CWE)

References

security-advisories@github.com (x_refsource_CONFIRM)
security-advisories@github.com (x_refsource_MISC)

Frequently asked questions

What is CVE-2026-33233?: CVE-2026-33233 is a high-severity vulnerability in Significant-gravitas Autogpt, classified under Code Injection. CVSS score: 7.6/10. Published 2026-05-19.
How severe is CVE-2026-33233?: High severity. CVSS v3 base score is 7.6 out of 10.