Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
8DescriptionCVE.org
A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py of the component Multipart Upload Handler. This manipulation of the argument Name causes path traversal. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
Path traversal in TransformerOptimus SuperAGI versions up to 0.0.14 allows remote unauthenticated attackers to read, write, or delete arbitrary files via manipulated 'Name' parameter in multipart upload requests. Publicly available exploit code exists (GitHub Gist) demonstrating exploitation. EPSS data unavailable, not currently listed in CISA KEV. CVSS 7.3 reflects network-accessible attack with no authentication barrier, though impact is rated as 'Low' across confidentiality, integrity, and availability - likely indicating file system scope limitations rather than full system compromise.
Technical ContextAI
The vulnerability resides in the Upload function within superagi/controllers/resources.py, specifically the multipart file upload handler. CWE-22 (Path Traversal) indicates improper neutralization of special elements like '../' in file paths. When processing multipart upload requests, the 'Name' argument is not properly sanitized, allowing attackers to manipulate the filename parameter to traverse outside intended upload directories. SuperAGI is an autonomous AI agent framework, and this controller likely handles resource uploads for agent workflows. The affected component (CPE cpe:2.3:a:transformeroptimus:superagi) encompasses all versions through 0.0.14, suggesting this is a design flaw in the upload validation logic rather than a regression introduced in a specific version.
RemediationAI
No vendor-released patch identified at time of analysis - vendor did not respond to early disclosure per VulDB report. Immediate compensating controls required: (1) Implement strict input validation for the 'Name' parameter in upload requests, rejecting any filenames containing path traversal sequences (../, ..\ , absolute paths, URL-encoded variants like %2e%2e%2f). Trade-off: May break legitimate use cases requiring nested directory structures in filenames. (2) Configure web application firewall (WAF) rules to block requests with path traversal patterns in multipart form data 'Name' fields. Trade-off: Adds latency and potential for false positives. (3) Run SuperAGI process with minimal filesystem permissions, using a dedicated service account restricted to write only within a sandboxed upload directory. Trade-off: Requires infrastructure changes and may complicate deployment. (4) If feasible, disable or restrict network access to the /resources upload endpoint to trusted internal IPs only until a patch is available. Trade-off: Breaks functionality for remote users. Reference the public exploit at https://gist.github.com/YLChen-007/300843c707435540ce0e23bff3e6173a to understand attack patterns for detection rules. Monitor SuperAGI GitHub repository for community-contributed patches or consider forking to implement fix independently.
A Path Traversal vulnerability exists in the file upload functionality of transformeroptimus/superagi version 0.0.14. Ra
An IDOR (Insecure Direct Object Reference) vulnerability exists in transformeroptimus/superagi version v0.0.14. Rated hi
An information disclosure vulnerability exists in the latest version of transformeroptimus/superagi. Rated high severity
An information disclosure vulnerability exists in the latest version of transformeroptimus/superagi. Rated medium severi
In version 0.0.14 of transformeroptimus/superagi, the API endpoint `/api/users/get/{id}` returns the user's password in
Remote unauthenticated access to vector database configurations in TransformerOptimus SuperAGI ≤0.0.14 allows attackers
SuperAGI v0.0.13 was discovered to use a hardcoded key for encryption operations. Rated high severity (CVSS 7.5), this v
TransformerOptimus SuperAGI up to version 0.0.14 allows authenticated remote attackers to bypass authorization controls
Server-side request forgery (SSRF) in TransformerOptimus SuperAGI up to version 0.0.14 allows authenticated remote attac
Authorization bypass in TransformerOptimus SuperAGI up to version 0.0.14 allows authenticated remote attackers to access
Authorization bypass in TransformerOptimus SuperAGI up to version 0.0.14 allows authenticated attackers to manipulate th
Authorization bypass in TransformerOptimus SuperAGI up to version 0.0.14 allows authenticated users to modify arbitrary
Same weakness CWE-22 – Path Traversal
View allSame technique Path Traversal
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-23801