CVE-2026-6584 TransformerOptimus SuperAGI User Update Endpoint user.py update_user authorization

A vulnerability was found in TransformerOptimus SuperAGI up to 0.0.14. This vulnerability affects the function updateuser of the file superagi/controllers/user.py of the component User Update Endpoint. The manipulation of the argument userid results in authorization bypass. The attack may be...