📦 Superagi

SuperAGI's latest version contains a critical remote code execution vulnerability in the agent template update API. Attackers can inject malicious code through unsanitized parameters that get executed...

A path traversal vulnerability in transformeroptimus/superagi version 0.0.14 allows attackers to upload arbitrary files to any location on the server. This can lead to remote code execution or file ov...

This vulnerability in transformeroptimus/superagi v0.0.14 allows authenticated users to change other users' passwords after logging in, enabling account takeover. Any deployment using this vulnerable ...

SuperAGI v0.0.14 is vulnerable to an unauthenticated Denial of Service attack where attackers can crash the service by sending specially crafted HTTP requests with malformed multipart boundaries. This...

SuperAGI v0.0.13 uses a hardcoded encryption key, making all encrypted data vulnerable to decryption by attackers. This affects anyone using this version of SuperAGI, potentially exposing sensitive in...

This critical vulnerability in TransformerOptimus SuperAGI allows attackers to perform path traversal attacks via the filename argument in the download_attachment function. This could enable unauthori...

An information disclosure vulnerability in transformeroptimus/superagi allows authenticated users to access sensitive configuration details of any organization through the /get/organisation/ endpoint....