Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.7 views

CVE-2026-6614

A security flaw has been discovered in TransformerOptimus SuperAGI up to 0.0.14. Affected by this vulnerability is the function getproject/updateproject/getprojectsorganisation of the file superagi/controllers/project.py. The manipulation results in authorization bypass. The attack may be perform...

6.5CVSS6AI score0.00216EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.9 views

CVE-2026-6585

A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This issue affects the function updateorganisation of the file superagi/controllers/organisation.py of the component Organisation Update Endpoint. This manipulation of the argument organisationid causes authorization...

5.5CVSS5.5AI score0.003EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.9 views

CVE-2026-6582

A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function getvectordbdetails of the file superagi/controllers/vectordbs.py of the component Vector Database Management Endpoint. Executing a manipulation can lead to missing authentication. The attack...

7.5CVSS6.7AI score0.00391EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/20 9:30 a.m.5 views

EUVD-2026-23801

A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py of the component Multipart Upload Handler. This manipulation of the argument Name causes path traversal. It is possible to initia...

7.5CVSS5.4AI score0.00502EPSS
Exploits0References5
NVD
NVD
added 2026/04/20 8:16 a.m.6 views

CVE-2026-6616

A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extractwithbs4/extractwith3k/extractwithlxml of the file superagi/helper/webpageextractor.py of the component WebScraperTool. Such manipulation leads to server-side request forgery. I...

6.5CVSS0.00219EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/20 7:15 a.m.5 views

CVE-2026-6616 TransformerOptimus SuperAGI WebScraperTool webpage_extractor.py extract_with_lxml server-side request forgery

A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extractwithbs4/extractwith3k/extractwithlxml of the file superagi/helper/webpageextractor.py of the component WebScraperTool. Such manipulation leads to server-side request forgery. I...

6.5CVSS5.2AI score0.00219EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/20 12:0 a.m.6 views

PT-2026-33729

A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extract with bs4/extract with 3k/extract with lxml of the file superagi/helper/webpage extractor.py of the component WebScraperTool. Such manipulation leads to server-side request...

6.5CVSS6AI score0.00219EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/19 11:15 p.m.4 views

CVE-2026-6584

A vulnerability was found in TransformerOptimus SuperAGI up to 0.0.14. This vulnerability affects the function updateuser of the file superagi/controllers/user.py of the component User Update Endpoint. The manipulation of the argument userid results in authorization bypass. The attack may be...

5.5CVSS5.2AI score0.003EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/04/19 11:15 p.m.30 views

CVE-2026-6584 TransformerOptimus SuperAGI User Update Endpoint user.py update_user authorization

A vulnerability was found in TransformerOptimus SuperAGI up to 0.0.14. This vulnerability affects the function updateuser of the file superagi/controllers/user.py of the component User Update Endpoint. The manipulation of the argument userid results in authorization bypass. The attack may be...

5.5CVSS0.003EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/19 11:0 p.m.3 views

CVE-2026-6583

A vulnerability has been found in TransformerOptimus SuperAGI up to 0.0.14. This affects the function deleteapikey/editapikey of the file superagi/controllers/apikey.py of the component API Key Management Endpoint. The manipulation leads to authorization bypass. The attack is possible to be carri...

5.5CVSS5.2AI score0.003EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/19 10:45 p.m.4 views

CVE-2026-6582 TransformerOptimus SuperAGI Vector Database Management Endpoint vector_dbs.py get_vector_db_details missing authentication

A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function getvectordbdetails of the file superagi/controllers/vectordbs.py of the component Vector Database Management Endpoint. Executing a manipulation can lead to missing authentication. The attack...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References4
CVE
CVE
added 2026/04/19 10:45 p.m.10 views

CVE-2026-6582

TransformerOptimus SuperAGI up to 0.0.14: the get_vector_db_details function in superagi/controllers/vector_dbs.py of the Vector Database Management Endpoint is vulnerable to a manipulation that leads to missing authentication. This is a remote-exploit, with a publicly published exploit and confi...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References4
Rows per page
Query Builder