CVE-2026-6583 | TransformerOptimus SuperAGI up to 0.0.14 API Key Management Endpoint api_key.py delete_api_key/edit_api_key authorization

A vulnerability classified as problematic has been found in TransformerOptimus SuperAGI up to 0.0.14. This affects the function delete_api_key/edit_api_key of the file superagi/controllers/api_key.py of the component API Key Management Endpoint. The manipulation leads to authorization bypass.

This vulnerability is uniquely identified as CVE-2026-6583. The attack is possible to be carried out remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More