Lucene search
+L

160 matches found

CNNVD
CNNVD
added 2026/04/20 12:0 a.m.13 views

SuperAGI 安全漏洞

SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI 0.0.14 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling of the...

6.5CVSS6.6AI score0.0027EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.10 views

SuperAGI 安全漏洞

SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI 0.0.14 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling of the...

5.5CVSS6.1AI score0.003EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.9 views

SuperAGI 安全漏洞

SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI prior to 0.0.14 contain security vulnerabilities, which stem from incorrect operations on the file...

6.5CVSS6.6AI score0.00216EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.9 views

SuperAGI 安全漏洞

SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI prior to 0.0.14 contain security vulnerabilities. These vulnerabilities stem from improper handling of the...

6.5CVSS6.6AI score0.00219EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.11 views

SuperAGI 安全漏洞

SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI 0.0.14 and earlier contain security vulnerabilities. These vulnerabilities stem from incorrect handling of th...

6.5CVSS6.6AI score0.00216EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.6 views

PT-2026-33721

A security flaw has been discovered in TransformerOptimus SuperAGI up to 0.0.14. Affected by this vulnerability is the function get project/update project/get projects organisation of the file superagi/controllers/project.py. The manipulation results in authorization bypass. The attack may be...

6.5CVSS6.1AI score0.00216EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.8 views

PT-2026-33728

A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py of the component Multipart Upload Handler. This manipulation of the argument Name causes path traversal. It is possible to initia...

7.5CVSS6.7AI score0.00502EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.7 views

PT-2026-33729

A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extract with bs4/extract with 3k/extract with lxml of the file superagi/helper/webpage extractor.py of the component WebScraperTool. Such manipulation leads to server-side request...

6.5CVSS6AI score0.00219EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/20 12:0 a.m.11 views

SuperAGI 安全漏洞

SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI 0.0.14 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling of...

7.5CVSS7.1AI score0.00502EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.11 views

PT-2026-33719

A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function get agent execution/update agent execution of the file superagi/controllers/agent execution.py of the component Agent Execution Endpoint. Executing a manipulation of the argument agent execution ...

6.5CVSS6.3AI score0.00314EPSS
Exploits0References5
CVE
CVE
added 2026/04/19 11:45 p.m.22 views

CVE-2026-6586

Affected product: TransformerOptimus SuperAGI (up to version 0.0.14). The vulnerability is in the Budget Endpoint, specifically the get_budget and update_budget functions in superagi/controllers/budget.py, enabling an authorization bypass. Exploitation can be performed remotely, and a public expl...

6.5CVSS6.2AI score0.0027EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/19 11:45 p.m.4 views

CVE-2026-6586 TransformerOptimus SuperAGI Budget Endpoint budget.py update_budget authorization

A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function getbudget/updatebudget of the file superagi/controllers/budget.py of the component Budget Endpoint. Such manipulation leads to authorization bypass. It is possible to launch the attack remotely. T...

6.5CVSS5.3AI score0.0027EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/19 11:45 p.m.7 views

CVE-2026-6586

A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function getbudget/updatebudget of the file superagi/controllers/budget.py of the component Budget Endpoint. Such manipulation leads to authorization bypass. It is possible to launch the attack remotely. T...

6.5CVSS5.3AI score0.0027EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/19 11:45 p.m.38 views

CVE-2026-6586 TransformerOptimus SuperAGI Budget Endpoint budget.py update_budget authorization

A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function getbudget/updatebudget of the file superagi/controllers/budget.py of the component Budget Endpoint. Such manipulation leads to authorization bypass. It is possible to launch the attack remotely. T...

6.5CVSS0.0027EPSS
Exploits0References4
CVE
CVE
added 2026/04/19 11:30 p.m.14 views

CVE-2026-6585

TransformerOptimus SuperAGI up to version 0.0.14 is affected. The issue occurs in the Organisation Update Endpoint (superagi/controllers/organisation.py) where manipulation of the organisation_id argument leads to an authorization bypass. The vulnerability can be exploited remotely and has public...

5.5CVSS5.6AI score0.003EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/19 11:30 p.m.2 views

CVE-2026-6585

A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function updateorganisation of the file superagi/controllers/organisation.py of the component Organisation Update Endpoint. This manipulation of the argument organisationid causes authorization...

5.5CVSS5.3AI score0.003EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/19 11:30 p.m.4 views

CVE-2026-6585 TransformerOptimus SuperAGI Organisation Update Endpoint organisation.py update_organisation authorization

A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function updateorganisation of the file superagi/controllers/organisation.py of the component Organisation Update Endpoint. This manipulation of the argument organisationid causes authorization...

5.5CVSS5.6AI score0.003EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/19 11:30 p.m.39 views

CVE-2026-6585 TransformerOptimus SuperAGI Organisation Update Endpoint organisation.py update_organisation authorization

A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function updateorganisation of the file superagi/controllers/organisation.py of the component Organisation Update Endpoint. This manipulation of the argument organisationid causes authorization...

5.5CVSS0.003EPSS
Exploits0References4
NVD
NVD
added 2026/04/19 11:16 p.m.9 views

CVE-2026-6582

A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function getvectordbdetails of the file superagi/controllers/vectordbs.py of the component Vector Database Management Endpoint. Executing a manipulation can lead to missing authentication. The attack...

7.5CVSS0.00391EPSS
Exploits0References4
CVE
CVE
added 2026/04/19 11:15 p.m.15 views

CVE-2026-6584

The CVE concerns TransformerOptimus SuperAGI (up to 0.0.14). The vulnerability is in the update_user function in superagi/controllers/user.py, where manipulating the user_id parameter leads to an authorization bypass. Impact is reported as a remote attack with publicly available exploit. Supporte...

5.5CVSS5.5AI score0.003EPSS
Exploits0References4
Rows per page
Query Builder