{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-6613", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-04-19T16:13:32.175Z", "datePublished": "2026-04-20T06:30:14.889Z", "dateUpdated": "2026-04-20T14:57:19.410Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-20T06:30:14.889Z"}, "title": "TransformerOptimus SuperAGI agent.py get_schedule_data authorization", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-639", "lang": "en", "description": "Authorization Bypass"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-285", "lang": "en", "description": "Improper Authorization"}]}], "affected": [{"vendor": "TransformerOptimus", "product": "SuperAGI", "versions": [{"version": "0.0.1", "status": "affected"}, {"version": "0.0.2", "status": "affected"}, {"version": "0.0.3", "status": "affected"}, {"version": "0.0.4", "status": "affected"}, {"version": "0.0.5", "status": "affected"}, {"version": "0.0.6", "status": "affected"}, {"version": "0.0.7", "status": "affected"}, {"version": "0.0.8", "status": "affected"}, {"version": "0.0.9", "status": "affected"}, {"version": "0.0.10", "status": "affected"}, {"version": "0.0.11", "status": "affected"}, {"version": "0.0.12", "status": "affected"}, {"version": "0.0.13", "status": "affected"}, {"version": "0.0.14", "status": "affected"}], "cpes": ["cpe:2.3:a:superagi:superagi:*:*:*:*:*:*:*:*"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function delete_agent/stop_schedule/get_schedule_data of the file superagi/controllers/agent.py. The manipulation of the argument agent_id leads to authorization bypass. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-04-19T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-04-19T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-04-19T18:18:51.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "Eric-z (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/358248", "name": "VDB-358248 | TransformerOptimus SuperAGI agent.py get_schedule_data authorization", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/358248/cti", "name": "VDB-358248 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/791081", "name": "Submit #791081 | SuperAGI up to c3c1982 Authorization Bypass Through User-Controlled Key (CWE-639)", "tags": ["third-party-advisory"]}, {"url": "https://gist.github.com/YLChen-007/1d87985b274ce22c4294726d7758df8e", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-20T14:57:07.851906Z", "id": "CVE-2026-6613", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-20T14:57:19.410Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-6613", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-20T14:57:07.851906Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-20T14:57:13.991Z"}}], "cna": {"title": "TransformerOptimus SuperAGI agent.py get_schedule_data authorization", "credits": [{"lang": "en", "type": "reporter", "value": "Eric-z (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB CNA Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"cpes": ["cpe:2.3:a:superagi:superagi:*:*:*:*:*:*:*:*"], "vendor": "TransformerOptimus", "product": "SuperAGI", "versions": [{"status": "affected", "version": "0.0.1"}, {"status": "affected", "version": "0.0.2"}, {"status": "affected", "version": "0.0.3"}, {"status": "affected", "version": "0.0.4"}, {"status": "affected", "version": "0.0.5"}, {"status": "affected", "version": "0.0.6"}, {"status": "affected", "version": "0.0.7"}, {"status": "affected", "version": "0.0.8"}, {"status": "affected", "version": "0.0.9"}, {"status": "affected", "version": "0.0.10"}, {"status": "affected", "version": "0.0.11"}, {"status": "affected", "version": "0.0.12"}, {"status": "affected", "version": "0.0.13"}, {"status": "affected", "version": "0.0.14"}]}], "timeline": [{"lang": "en", "time": "2026-04-19T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-04-19T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-04-19T18:18:51.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/358248", "name": "VDB-358248 | TransformerOptimus SuperAGI agent.py get_schedule_data authorization", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/vuln/358248/cti", "name": "VDB-358248 | CTI Indicators (IOB, IOC, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/submit/791081", "name": "Submit #791081 | SuperAGI up to c3c1982 Authorization Bypass Through User-Controlled Key (CWE-639)", "tags": ["third-party-advisory"]}, {"url": "https://gist.github.com/YLChen-007/1d87985b274ce22c4294726d7758df8e", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function delete_agent/stop_schedule/get_schedule_data of the file superagi/controllers/agent.py. The manipulation of the argument agent_id leads to authorization bypass. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-639", "description": "Authorization Bypass"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-285", "description": "Improper Authorization"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-04-20T06:30:14.889Z"}}}, "cveMetadata": {"cveId": "CVE-2026-6613", "state": "PUBLISHED", "dateUpdated": "2026-04-20T14:57:19.410Z", "dateReserved": "2026-04-19T16:13:32.175Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-04-20T06:30:14.889Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function delete_agent/stop_schedule/get_schedule_data of the file superagi/controllers/agent.py. The manipulation of the argument agent_id leads to authorization bypass. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way."}], "id": "CVE-2026-6613", "lastModified": "2026-04-20T07:16:16.147", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2026-04-20T07:16:16.147", "references": [{"source": "cna@vuldb.com", "url": "https://gist.github.com/YLChen-007/1d87985b274ce22c4294726d7758df8e"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/submit/791081"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/358248"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/vuln/358248/cti"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-285"}, {"lang": "en", "value": "CWE-639"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0.0.1,0.0.14]"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "SuperAGI", "source": "cna", "vendor": "TransformerOptimus"}, "product": "superagi", "vendor": "superagi"}], "analysis": {"en": {"generated_at": "2026-04-20T08:51:32.138842+00:00", "value": {"mitigation_remediation": ["Apply any vendor patch that corrects the authorization check for agent_id in delete_agent, stop_schedule, and get_schedule_data endpoints.", "Introduce an application\u2011level verification step that confirms the authenticated user owns the target agent or has explicit permission before allowing the requested operation.", "Reject any requests in which the supplied agent_id is not included in the list of agent identifiers owned by the caller, returning an appropriate error response."], "summary": {"action": "Apply Patch", "impact": "Remote Authorization Bypass"}, "threat_synthesis": {"affected_systems": "All releases of TransformerOptimus SuperAGI up to and including version 0.0.14 are affected. The vulnerability involves the agent.py controller and impacts any instance that exposes the delete_agent, stop_schedule, or get_schedule_data APIs to untrusted clients.", "description_and_impact": "A flaw in TransformerOptimus SuperAGI inside superagi/controllers/agent.py allows manipulation of the agent_id parameter in the delete_agent, stop_schedule, and get_schedule_data endpoints. Because the request does not correctly verify that the caller owns or is authorized for the specified agent, an authenticated user can delete, halt, or read the schedule of an arbitrary agent. This breach of authorization control (CWE\u2011285 and CWE\u2011639) permits the attacker to gain unauthorized operational and informational capabilities.", "risk_and_exploitability": "The CVSS score of 5.3 indicates moderate severity, and the EPSS score is not available. Because the attack vector is remote and an exploit has been published, the risk to exposed installations remains significant. The vulnerability is not listed in CISA's KEV catalog, but lack of vendor response leaves users without an official fix until a patch or advisory is released. Until then, offending calls can alter agent state or leak scheduling data for agents not owned by the attacker."}}}}, "created": "2026-04-20T09:00:03.009174+00:00", "updated": "2026-04-20T11:00:04.889010+00:00", "vendors": ["superagi", "superagi$PRODUCT$superagi"]}