CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-56663

highCVSS 8.5covered by 1 sourcefirst seen 2026-06-26
AutoGPT is a workflow automation platform for creating, deploying, and managing continuous artificial intelligence agents. Prior to 0.6.52, an authenticated user can bypass the SSRF / private-IP protections in SendWebRequestBlock and reach internal network services. _is_ip_blocked() in backend/backend/util/request.py does not normalize IPv4-mapped IPv6 addresses before checking resolved IPs against the blocked IPv4 ranges, and does not block special-use ranges such as 100.64.0.0/10 (CGNAT, RFC 6598). A hostname that resolves to an IPv4-mapped IPv6 address therefore passes validation and the request reaches the embedded internal IPv4 endpoint. This affects all AutoGPT Platform deployments. This vulnerability is fixed in 0.6.52.

⚡ Watch CVE-2026-56663

Get an email if CVE-2026-56663 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-56663

CVE.org record

Embed the live status

CVE-2026-56663 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-56663 status](https://www.csirts.com/badge/CVE-2026-56663)](https://www.csirts.com/cve/CVE-2026-56663)