{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T14:12:33.301","vulnerabilities":[{"cve":{"id":"CVE-2024-12048","sourceIdentifier":"security@huntr.dev","published":"2025-03-20T10:15:26.503","lastModified":"2025-07-18T19:58:36.770","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"An IDOR (Insecure Direct Object Reference) vulnerability exists in transformeroptimus/superagi version v0.0.14. The application fails to properly check authorization for multiple API endpoints, allowing attackers to view, edit, and delete other users' information without proper authorization. Affected endpoints include but are not limited to /get/project/{project_id}, /get/schedule_data/{agent_id}, /delete/{agent_id}, /get/organisation/{organisation_id}, and /get/user/{user_id}."},{"lang":"es","value":"Existe una vulnerabilidad IDOR (Referencia Directa a Objetos Insegura) en transformeroptimus/superagi versión v0.0.14. La aplicación no verifica correctamente la autorización de varios endpoints de API, lo que permite a los atacantes ver, editar y eliminar la información de otros usuarios sin la debida autorización. Los endpoints afectados incluyen, entre otros, /get/project/{project_id}, /get/schedule_data/{agent_id}, /delete/{agent_id}, /get/organisation/{organisation_id} y /get/user/{user_id}."}],"metrics":{"cvssMetricV30":[{"source":"security@huntr.dev","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}]},"weaknesses":[{"source":"security@huntr.dev","type":"Secondary","description":[{"lang":"en","value":"CWE-304"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-639"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:superagi:superagi:0.0.14:*:*:*:*:*:*:*","matchCriteriaId":"3C63CFCE-4FB2-47EC-A731-8C17458675D3"}]}]}],"references":[{"url":"https://huntr.com/bounties/6def3e3a-c443-44bb-b20e-3e69b48f37dc","source":"security@huntr.dev","tags":["Exploit","Third Party Advisory"]},{"url":"https://huntr.com/bounties/6def3e3a-c443-44bb-b20e-3e69b48f37dc","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Third Party Advisory"]}]}}]}