160 matches found
SuperAGI 安全漏洞
SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI 0.0.14 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling of the...
SuperAGI 安全漏洞
SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI 0.0.14 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling of the...
SuperAGI 安全漏洞
SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI prior to 0.0.14 contain security vulnerabilities, which stem from incorrect operations on the file...
SuperAGI 安全漏洞
SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI prior to 0.0.14 contain security vulnerabilities. These vulnerabilities stem from improper handling of the...
SuperAGI 安全漏洞
SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI 0.0.14 and earlier contain security vulnerabilities. These vulnerabilities stem from incorrect handling of th...
PT-2026-33721
A security flaw has been discovered in TransformerOptimus SuperAGI up to 0.0.14. Affected by this vulnerability is the function get project/update project/get projects organisation of the file superagi/controllers/project.py. The manipulation results in authorization bypass. The attack may be...
PT-2026-33728
A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py of the component Multipart Upload Handler. This manipulation of the argument Name causes path traversal. It is possible to initia...
PT-2026-33729
A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extract with bs4/extract with 3k/extract with lxml of the file superagi/helper/webpage extractor.py of the component WebScraperTool. Such manipulation leads to server-side request...
SuperAGI 安全漏洞
SuperAGI is an open-source infrastructure application developed by SuperAGI. It is used to build components, tools, frameworks, and models to achieve open-source AGI. Versions of SuperAGI 0.0.14 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling of...
PT-2026-33719
A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function get agent execution/update agent execution of the file superagi/controllers/agent execution.py of the component Agent Execution Endpoint. Executing a manipulation of the argument agent execution ...
CVE-2026-6586
Affected product: TransformerOptimus SuperAGI (up to version 0.0.14). The vulnerability is in the Budget Endpoint, specifically the get_budget and update_budget functions in superagi/controllers/budget.py, enabling an authorization bypass. Exploitation can be performed remotely, and a public expl...
CVE-2026-6586 TransformerOptimus SuperAGI Budget Endpoint budget.py update_budget authorization
A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function getbudget/updatebudget of the file superagi/controllers/budget.py of the component Budget Endpoint. Such manipulation leads to authorization bypass. It is possible to launch the attack remotely. T...
CVE-2026-6586
A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function getbudget/updatebudget of the file superagi/controllers/budget.py of the component Budget Endpoint. Such manipulation leads to authorization bypass. It is possible to launch the attack remotely. T...
CVE-2026-6586 TransformerOptimus SuperAGI Budget Endpoint budget.py update_budget authorization
A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function getbudget/updatebudget of the file superagi/controllers/budget.py of the component Budget Endpoint. Such manipulation leads to authorization bypass. It is possible to launch the attack remotely. T...
CVE-2026-6585
TransformerOptimus SuperAGI up to version 0.0.14 is affected. The issue occurs in the Organisation Update Endpoint (superagi/controllers/organisation.py) where manipulation of the organisation_id argument leads to an authorization bypass. The vulnerability can be exploited remotely and has public...
CVE-2026-6585
A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function updateorganisation of the file superagi/controllers/organisation.py of the component Organisation Update Endpoint. This manipulation of the argument organisationid causes authorization...
CVE-2026-6585 TransformerOptimus SuperAGI Organisation Update Endpoint organisation.py update_organisation authorization
A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function updateorganisation of the file superagi/controllers/organisation.py of the component Organisation Update Endpoint. This manipulation of the argument organisationid causes authorization...
CVE-2026-6585 TransformerOptimus SuperAGI Organisation Update Endpoint organisation.py update_organisation authorization
A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function updateorganisation of the file superagi/controllers/organisation.py of the component Organisation Update Endpoint. This manipulation of the argument organisationid causes authorization...
CVE-2026-6582
A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function getvectordbdetails of the file superagi/controllers/vectordbs.py of the component Vector Database Management Endpoint. Executing a manipulation can lead to missing authentication. The attack...
CVE-2026-6584
The CVE concerns TransformerOptimus SuperAGI (up to 0.0.14). The vulnerability is in the update_user function in superagi/controllers/user.py, where manipulating the user_id parameter leads to an authorization bypass. Impact is reported as a remote attack with publicly available exploit. Supporte...