EUVD-2026-23801

A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py of the component Multipart Upload Handler. This manipulation of the argument Name causes path traversal. It is possible to initia...

CVE-2026-6615

A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py of the component Multipart Upload Handler. This manipulation of the argument Name causes path traversal. It is possible to initia...

CVE-2026-6615

CVE-2026-6615 — TransformerOptimus SuperAGI Multipart Upload path traversal Affected: TransformerOptimus SuperAGI (up to 0.0.14). The vulnerability is in the Multipart Upload Handler, specifically the Upload function in superagi/controllers/resources.py. Manipulating the Name argument enables pat...

CVE-2025-11261

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files resources/src/mediawiki.Language/mediawiki.Language.Js. This issue affects MediaWiki: from before 1.39.15,...

PT-2022-26572 · Sourcecodester · Sourcecodester Human Resource Management System +1

Name of the Vulnerable Software and Affected Versions: SourceCodester Human Resource Management System version 1.0 SourceCodester Book Store Management System version 1.0 Description: A critical issue affects the processing of the file /hrm/employeeadd.php, where the manipulation of the empid...

Input validation

Lack of validation in the HTML parser in RealObjects PDFreactor before 10.1.10722 leads to SSRF, allowing attackers to access network or file resources on behalf of the server by supplying malicious HTML content...