CVE-2026-6612 | TransformerOptimus SuperAGI up to 0.0.14 Agent Execution Endpoint agent_execution.py get_agent_execution/update_agent_execution agent_execution_id authorization

A vulnerability classified as critical was found in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function get_agent_execution/update_agent_execution of the file superagi/controllers/agent_execution.py of the component Agent Execution Endpoint. Executing a manipulation of the argument agent_execution_id can lead to authorization bypass.

This vulnerability is handled as CVE-2026-6612. The attack can be executed remotely. Additionally, an exploit exists.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More