Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

transformeroptimus — Vulnerabilities & Security Advisories 19

Browse all 19 CVE security advisories affecting transformeroptimus. AI-powered Chinese analysis, POCs, and references for each vulnerability.

TransformerOptimus is a machine learning framework primarily used for natural language processing tasks in enterprise environments. Historically, it has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 19 CVEs. The framework's dynamic model loading and third-party plugin integration have created persistent security challenges. Notable incidents include a 2022 RCE vulnerability that allowed arbitrary code execution through crafted model files, and a 2021 XSS flaw affecting its web interface. Despite patches, its complex architecture continues to introduce new attack surfaces, making security assessments challenging for organizations relying on this technology.

Top products by transformeroptimus: SuperAGI transformeroptimus/superagi
CVE IDTitleCVSSSeverityPublished
CVE-2026-6616 TransformerOptimus SuperAGI WebScraperTool webpage_extractor.py extract_with_lxml server-side request forgery — SuperAGICWE-918 6.3 Medium2026-04-20
CVE-2026-6615 TransformerOptimus SuperAGI Multipart Upload resources.py upload path traversal — SuperAGICWE-22 7.3 High2026-04-20
CVE-2026-6614 TransformerOptimus SuperAGI project.py get_projects_organisation authorization — SuperAGICWE-639 6.3 Medium2026-04-20
CVE-2026-6613 TransformerOptimus SuperAGI agent.py get_schedule_data authorization — SuperAGICWE-639 6.3 Medium2026-04-20
CVE-2026-6612 TransformerOptimus SuperAGI Agent Execution Endpoint agent_execution.py update_agent_execution authorization — SuperAGICWE-639 6.3 Medium2026-04-20
CVE-2026-6586 TransformerOptimus SuperAGI Budget Endpoint budget.py update_budget authorization — SuperAGICWE-639 6.3 Medium2026-04-19
CVE-2026-6585 TransformerOptimus SuperAGI Organisation Update Endpoint organisation.py update_organisation authorization — SuperAGICWE-639 5.4 Medium2026-04-19
CVE-2026-6584 TransformerOptimus SuperAGI User Update Endpoint user.py update_user authorization — SuperAGICWE-639 5.4 Medium2026-04-19
CVE-2026-6583 TransformerOptimus SuperAGI API Key Management Endpoint api_key.py edit_api_key authorization — SuperAGICWE-639 5.4 Medium2026-04-19
CVE-2026-6582 TransformerOptimus SuperAGI Vector Database Management Endpoint vector_dbs.py get_vector_db_details missing authentication — SuperAGICWE-306 7.3 High2026-04-19
CVE-2025-6280 TransformerOptimus SuperAGI EmailToolKit read_email.py download_attachment path traversal — SuperAGICWE-22 5.5 Medium2025-06-19
CVE-2024-12048 IDOR Vulnerability in transformeroptimus/superagi — transformeroptimus/superagiCWE-304 8.2 -2025-03-20
CVE-2024-9437 Unauthenticated Denial of Service in transformeroptimus/superagi — transformeroptimus/superagiCWE-770 7.5 -2025-03-20
CVE-2024-9439 Remote Code Execution in transformeroptimus/superagi — transformeroptimus/superagiCWE-94 9.8 -2025-03-20
CVE-2024-9447 Exposure of Sensitive Information in transformeroptimus/superagi — transformeroptimus/superagiCWE-1230 6.5 -2025-03-20
CVE-2024-9431 Improper Privilege Management in transformeroptimus/superagi — transformeroptimus/superagiCWE-620 8.8 -2025-03-20
CVE-2024-10267 Information Disclosure in transformeroptimus/superagi — transformeroptimus/superagiCWE-359 7.5 -2025-03-20
CVE-2024-9418 Insufficiently Protected Credentials in transformeroptimus/superagi — transformeroptimus/superagiCWE-256 9.8 -2025-03-20
CVE-2024-9415 Path Traversal in transformeroptimus/superagi — transformeroptimus/superagiCWE-22 9.8 -2025-03-20

This page lists every published CVE security advisory associated with transformeroptimus. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.