CVE-2025-41023

Vulnerability Description

An authentication bypass vulnerability has been found in Thesamur's AutoGPT. This vulnerability allows an attacker to bypass authentication mechanisms. Once inside the web application, the attacker can use any of its features regardless of the authorisation method used.

Vulnerability Details

Published Date

February 19, 2026

Last Modified

February 19, 2026

CWE ID

CWE-287

Source

NVD

Vendor

Thesamur

Product

AutoGPT

External References

https://www.incibe.es/en/incibe-cert/notices/aviso/authentication-bypass-autogpt-de-thesamur

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment