Lucene search
K

38 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.7 views

CVE-2026-6616

A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extractwithbs4/extractwith3k/extractwithlxml of the file superagi/helper/webpageextractor.py of the component WebScraperTool. Such manipulation leads to server-side request forgery. I...

6.5CVSS6.1AI score0.00219EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:46 p.m.12 views

CVE-2026-6583

A vulnerability has been found in TransformerOptimus SuperAGI up to 0.0.14. This affects the function deleteapikey/editapikey of the file superagi/controllers/apikey.py of the component API Key Management Endpoint. The manipulation leads to authorization bypass. The attack is possible to be carri...

5.5CVSS5.3AI score0.003EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/20 9:30 a.m.8 views

EUVD-2026-23803

A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extractwithbs4/extractwith3k/extractwithlxml of the file superagi/helper/webpageextractor.py of the component WebScraperTool. Such manipulation leads to server-side request forgery. I...

6.5CVSS5.2AI score0.00219EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/20 9:30 a.m.4 views

EUVD-2026-23791

A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function deleteagent/stopschedule/getscheduledata of the file superagi/controllers/agent.py. The manipulation of the argument agentid leads to authorization bypass. The attack is possible to be carried out...

6.5CVSS6.2AI score0.00216EPSS
Exploits0References5
NVD
NVD
added 2026/04/20 7:16 a.m.3 views

CVE-2026-6614

A security flaw has been discovered in TransformerOptimus SuperAGI up to 0.0.14. Affected by this vulnerability is the function getproject/updateproject/getprojectsorganisation of the file superagi/controllers/project.py. The manipulation results in authorization bypass. The attack may be perform...

6.5CVSS0.00216EPSS
Exploits0References4
NVD
NVD
added 2026/04/20 7:16 a.m.4 views

CVE-2026-6612

A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function getagentexecution/updateagentexecution of the file superagi/controllers/agentexecution.py of the component Agent Execution Endpoint. Executing a manipulation of the argument agentexecutionid can...

6.5CVSS0.00314EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/20 7:0 a.m.4 views

CVE-2026-6615

A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py of the component Multipart Upload Handler. This manipulation of the argument Name causes path traversal. It is possible to initia...

7.5CVSS5.4AI score0.00502EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/20 7:0 a.m.30 views

CVE-2026-6615 TransformerOptimus SuperAGI Multipart Upload resources.py upload path traversal

A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py of the component Multipart Upload Handler. This manipulation of the argument Name causes path traversal. It is possible to initia...

7.5CVSS0.00502EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/20 7:0 a.m.5 views

CVE-2026-6615 TransformerOptimus SuperAGI Multipart Upload resources.py upload path traversal

A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py of the component Multipart Upload Handler. This manipulation of the argument Name causes path traversal. It is possible to initia...

7.5CVSS5.4AI score0.00502EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/20 6:30 a.m.4 views

CVE-2026-6613 TransformerOptimus SuperAGI agent.py get_schedule_data authorization

A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function deleteagent/stopschedule/getscheduledata of the file superagi/controllers/agent.py. The manipulation of the argument agentid leads to authorization bypass. The attack is possible to be carried out...

6.5CVSS6.2AI score0.00216EPSS
Exploits0References4
CVE
CVE
added 2026/04/20 6:30 a.m.10 views

CVE-2026-6613

The affected software is TransformerOptimus SuperAGI (up to 0.0.14). The vulnerability exists in the functions delete_agent, stop_schedule, and get_schedule_data in superagi/controllers/agent.py, where manipulating the argument agent_id leads to an authorization bypass. It can be exploited remote...

6.5CVSS5.4AI score0.00216EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/20 6:15 a.m.3 views

CVE-2026-6612

A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function getagentexecution/updateagentexecution of the file superagi/controllers/agentexecution.py of the component Agent Execution Endpoint. Executing a manipulation of the argument agentexecutionid can...

6.5CVSS5.4AI score0.00314EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/20 6:15 a.m.31 views

CVE-2026-6612 TransformerOptimus SuperAGI Agent Execution Endpoint agent_execution.py update_agent_execution authorization

A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function getagentexecution/updateagentexecution of the file superagi/controllers/agentexecution.py of the component Agent Execution Endpoint. Executing a manipulation of the argument agentexecutionid can...

6.5CVSS0.00314EPSS
Exploits0References4
CVE
CVE
added 2026/04/20 6:15 a.m.13 views

CVE-2026-6612

The vulnerability CVE-2026-6612 affects TransformerOptimus SuperAGI up to version 0.0.14, specifically the Agent Execution Endpoint’s get_agent_execution/update_agent_execution in superagi/controllers/agent_execution.py. The underlying issue is an authorization bypass caused by manipulating the a...

6.5CVSS5.4AI score0.00314EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/20 6:15 a.m.3 views

CVE-2026-6612 TransformerOptimus SuperAGI Agent Execution Endpoint agent_execution.py update_agent_execution authorization

A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function getagentexecution/updateagentexecution of the file superagi/controllers/agentexecution.py of the component Agent Execution Endpoint. Executing a manipulation of the argument agentexecutionid can...

6.5CVSS5.4AI score0.00314EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/20 12:30 a.m.9 views

EUVD-2026-23726

A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function getbudget/updatebudget of the file superagi/controllers/budget.py of the component Budget Endpoint. Such manipulation leads to authorization bypass. It is possible to launch the attack remotely. T...

6.5CVSS5.3AI score0.0027EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.5 views

PT-2026-33721

A security flaw has been discovered in TransformerOptimus SuperAGI up to 0.0.14. Affected by this vulnerability is the function get project/update project/get projects organisation of the file superagi/controllers/project.py. The manipulation results in authorization bypass. The attack may be...

6.5CVSS6.1AI score0.00216EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/19 11:45 p.m.34 views

CVE-2026-6586 TransformerOptimus SuperAGI Budget Endpoint budget.py update_budget authorization

A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function getbudget/updatebudget of the file superagi/controllers/budget.py of the component Budget Endpoint. Such manipulation leads to authorization bypass. It is possible to launch the attack remotely. T...

6.5CVSS0.0027EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/19 11:45 p.m.4 views

CVE-2026-6586 TransformerOptimus SuperAGI Budget Endpoint budget.py update_budget authorization

A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function getbudget/updatebudget of the file superagi/controllers/budget.py of the component Budget Endpoint. Such manipulation leads to authorization bypass. It is possible to launch the attack remotely. T...

6.5CVSS5.3AI score0.0027EPSS
Exploits0References4
CVE
CVE
added 2026/04/19 11:45 p.m.21 views

CVE-2026-6586

Affected product: TransformerOptimus SuperAGI (up to version 0.0.14). The vulnerability is in the Budget Endpoint, specifically the get_budget and update_budget functions in superagi/controllers/budget.py, enabling an authorization bypass. Exploitation can be performed remotely, and a public expl...

6.5CVSS6.2AI score0.0027EPSS
Exploits0References4
Rows per page
Query Builder