|
1211
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function get_agent_execution/update_agent_execution of the file superagi/controllers/agent_execution.py of…
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-6612
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1212
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py of the component Multipart Uplo…
|
CWE-22
Path Traversal
|
CVE-2026-6615
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1213
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extract_with_bs4/extract_with_3k/extract_with_lxml of the file superagi/helper/webpag…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-6616
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1214
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in langgenius dify up to 0.6.9. This vulnerability affects the function get_api_tool_provider_remote_schema of the file api/services/tools/api_tools_manage_service.py of …
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-6617
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1215
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in langgenius dify up to 1.13.3. This issue affects the function parse_openai_plugin_json_to_tool_bundle of the file api/core/tools/utils/parser.py of the component ApiBasedTool…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-6618
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1216
|
3.5 |
LOW
Network
|
-
|
-
|
A vulnerability has been found in langgenius dify up to 1.13.3. Impacted is the function openInNewTab of the file web/app/components/base/image-uploader/image-preview.tsx of the component ImagePrevie…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6619
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1217
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in SonicCloudOrg sonic-server up to 2.0.0. The affected element is the function Upload of the file FileTool.java of the component File Upload Endpoint. The manipulation of t…
|
CWE-22
Path Traversal
|
CVE-2026-6620
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1218
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in 1024bit extend-deep up to 0.1.6. The impacted element is an unknown function of the file index.js. This manipulation of the argument __proto__ causes improperly cont…
|
CWE-94
CWE-1321
Code Injection
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2026-6621
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1219
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability was identified in BichitroGan ISP Billing Software 2025.3.20. This affects an unknown function of the file /?\_route=customers/edit/ of the component Customer Handler. Such manipulati…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6622
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1220
|
2.4 |
LOW
Network
|
-
|
-
|
A security flaw has been discovered in BichitroGan ISP Billing Software 2025.3.20. This impacts an unknown function of the file /?_route=settings/users-view/ of the component Profile Page Handler. Pe…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6623
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
