Superagi: >> Superagi Security Vulnerabilities
An information disclosure vulnerability exists in the latest version of transformeroptimus/superagi. An attacker can leak sensitive user information, including names, emails, and passwords, by attempting to register a new account with an email that is already in use. The server returns all information associated with the existing account. The vulnerable endpoint is located in the user registration functionality.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-03-20
SuperAGI v0.0.13 was discovered to use a hardcoded key for encryption operations. This vulnerability can lead to the disclosure of information and communications.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-11-16
Page 2