Lucene search
+L

160 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-7030

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.00685EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6850

Malicious code in bioql PyPI...

7.5CVSS7.7AI score0.00765EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-52141

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00371EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-6842

Malicious code in bioql PyPI...

8.8CVSS8.8AI score0.01094EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/07/24 12:23 a.m.6 views

CVE-2025-51475

Arbitrary File Overwrite AFO in superagi.controllers.resources.upload in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to overwrite arbitrary files via unsanitised filenames submitted to the file upload endpoint, due to improper handling of directory traversal in os.path.join and lac...

5CVSS6.9AI score0.00782EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/07/24 12:23 a.m.9 views

CVE-2025-51472

Code Injection in AgentTemplate.evalagentconfig in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to execute arbitrary Python code via malicious values in agent template configurations such as the goal, constraints, or instruction field, which are evaluated using eval without validati...

6.5CVSS7.8AI score0.004EPSS
Exploits1References1
NVD
NVD
added 2025/07/22 8:15 p.m.8 views

CVE-2025-51472

Code Injection in AgentTemplate.evalagentconfig in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to execute arbitrary Python code via malicious values in agent template configurations such as the goal, constraints, or instruction field, which are evaluated using eval without validati...

6.5CVSS0.004EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.4 views

PT-2025-30457 · Unknown · Transformeroptimus/Superagi

Name of the Vulnerable Software and Affected Versions: TransformerOptimus SuperAGI version 0.0.14 Description: A code injection issue exists in AgentTemplate.eval agent config within TransformerOptimus SuperAGI version 0.0.14. This allows remote attackers to execute arbitrary Python code by...

6.5CVSS7.7AI score0.004EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/07/22 12:0 a.m.4 views

SuperAGI 路径遍历漏洞

SuperAGI is an open source infrastructure application from SuperAGI Open Source. for building components, tools, frameworks, and models to implement open source AGI. A security vulnerability exists in SuperAGI version 0.0.14, which stems from an arbitrary file overwrite vulnerability in...

5CVSS6.7AI score0.00782EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/07/22 12:0 a.m.13 views

CVE-2025-51472

Code Injection in AgentTemplate.evalagentconfig in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to execute arbitrary Python code via malicious values in agent template configurations such as the goal, constraints, or instruction field, which are evaluated using eval without validati...

0.004EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/07/22 12:0 a.m.15 views

CVE-2025-51475

Arbitrary File Overwrite AFO in superagi.controllers.resources.upload in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to overwrite arbitrary files via unsanitised filenames submitted to the file upload endpoint, due to improper handling of directory traversal in os.path.join and lac...

0.00782EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/07/22 12:0 a.m.4 views

CVE-2025-51475

Arbitrary File Overwrite AFO in superagi.controllers.resources.upload in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to overwrite arbitrary files via unsanitised filenames submitted to the file upload endpoint, due to improper handling of directory traversal in os.path.join and lac...

7.5AI score0.00782EPSS
Exploits1References3
CVE
CVE
added 2025/07/22 12:0 a.m.24 views

CVE-2025-51475

The CVE-2025-51475 entry affects TransformerOptimus SuperAGI v0.0.14, specifically the file upload path handling in superagi.controllers.resources.upload. A directory-traversal flaw in os.path.join() and missing validation in get_root_input_dir() can allow an attacker to overwrite arbitrary files...

5CVSS7AI score0.00782EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.4 views

PT-2025-30455 · Unknown · Transformeroptimus/Superagi

Name of the Vulnerable Software and Affected Versions: TransformerOptimus SuperAGI version 0.0.14 Description: An arbitrary file overwrite issue exists in the superagi.controllers.resources.upload component. This allows remote attackers to overwrite arbitrary files by submitting unsanitized...

5CVSS6.7AI score0.00782EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/07/22 12:0 a.m.6 views

SuperAGI 命令注入漏洞

SuperAGI is an open source infrastructure application from SuperAGI Open Source. It is used to build components, tools, frameworks and models to implement open source AGI. A security vulnerability exists in SuperAGI version 0.0.14, which stems from a code injection vulnerability in...

6.5CVSS7.3AI score0.004EPSS
Exploits1References4
OSV
OSV
added 2025/07/22 12:0 a.m.9 views

CVE-2025-51472

Code Injection in AgentTemplate.evalagentconfig in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to execute arbitrary Python code via malicious values in agent template configurations such as the goal, constraints, or instruction field, which are evaluated using eval without validati...

6.5CVSS8.2AI score0.004EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/06/23 8:41 a.m.7 views

CVE-2025-6280

A vulnerability, which was classified as critical, was found in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function downloadattachment of the file SuperAGI/superagi/helper/reademail.py of the component EmailToolKit. The manipulation of the argument filename leads to path traversal...

9.8CVSS7.2AI score0.0059EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/06/19 9:27 p.m.22 views

CVE-2025-6280 TransformerOptimus SuperAGI EmailToolKit read_email.py download_attachment path traversal

A vulnerability, which was classified as critical, was found in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function downloadattachment of the file SuperAGI/superagi/helper/reademail.py of the component EmailToolKit. The manipulation of the argument filename leads to path traversal...

5.5CVSS0.0059EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/06/19 9:27 p.m.4 views

CVE-2025-6280 TransformerOptimus SuperAGI EmailToolKit read_email.py download_attachment path traversal

A vulnerability, which was classified as critical, was found in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function downloadattachment of the file SuperAGI/superagi/helper/reademail.py of the component EmailToolKit. The manipulation of the argument filename leads to path traversal...

5.5CVSS7.1AI score0.0059EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/06/19 12:0 a.m.6 views

SuperAGI 路径遍历漏洞

SuperAGI is an open source infrastructure application from SuperAGI Open Source. It is used to build components, tools, frameworks and models to implement open source AGI. A path traversal vulnerability exists in SuperAGI 0.0.14 and earlier versions, which stems from a path traversal in the file...

9.8CVSS5.4AI score0.0059EPSS
Exploits1References2
Rows per page
Query Builder