SuperAGI — Vulnerabilities & Security Advisories 12

All 12 CVE vulnerabilities found in SuperAGI, with AI-generated Chinese analysis, references, and POCs.

Vendor: n/a

CVE ID	Title	CVSS	Severity	Published
CVE-2026-6616	TransformerOptimus SuperAGI WebScraperTool webpage_extractor.py extract_with_lxml server-side request forgery CWE-918	6.3	Medium	2026-04-20
CVE-2026-6615	TransformerOptimus SuperAGI Multipart Upload resources.py upload path traversal CWE-22	7.3	High	2026-04-20
CVE-2026-6614	TransformerOptimus SuperAGI project.py get_projects_organisation authorization CWE-639	6.3	Medium	2026-04-20
CVE-2026-6613	TransformerOptimus SuperAGI agent.py get_schedule_data authorization CWE-639	6.3	Medium	2026-04-20
CVE-2026-6612	TransformerOptimus SuperAGI Agent Execution Endpoint agent_execution.py update_agent_execution authorization CWE-639	6.3	Medium	2026-04-20
CVE-2026-6586	TransformerOptimus SuperAGI Budget Endpoint budget.py update_budget authorization CWE-639	6.3	Medium	2026-04-19
CVE-2026-6585	TransformerOptimus SuperAGI Organisation Update Endpoint organisation.py update_organisation authorization CWE-639	5.4	Medium	2026-04-19
CVE-2026-6584	TransformerOptimus SuperAGI User Update Endpoint user.py update_user authorization CWE-639	5.4	Medium	2026-04-19
CVE-2026-6583	TransformerOptimus SuperAGI API Key Management Endpoint api_key.py edit_api_key authorization CWE-639	5.4	Medium	2026-04-19
CVE-2026-6582	TransformerOptimus SuperAGI Vector Database Management Endpoint vector_dbs.py get_vector_db_details missing authentication CWE-306	7.3	High	2026-04-19
CVE-2025-6280	TransformerOptimus SuperAGI EmailToolKit read_email.py download_attachment path traversal CWE-22	5.5	Medium	2025-06-19
CVE-2024-21552	SuperAGI 安全漏洞 CWE-94	9.8	Critical	2024-07-22

All 12 known CVE vulnerabilities affecting SuperAGI with full Chinese analysis, references, and POCs where available.