CVE-2026-6616
Received Received - Intake
Server-Side Request Forgery in TransformerOptimus SuperAGI WebScraperTool

Publication date: 2026-04-20

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extract_with_bs4/extract_with_3k/extract_with_lxml of the file superagi/helper/webpage_extractor.py of the component WebScraperTool. Such manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-20
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2026-04-20
EPSS Evaluated
2026-05-05
NVD
CVE-2026-6616
EUVD
EUVD-2026-23803
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:

CVE-2026-6616 is a server-side request forgery vulnerability that allows authenticated users to access internal network services and sensitive cloud metadata endpoints, potentially leading to cloud credential theft and unauthorized access to internal data.

Such unauthorized access and potential data exfiltration could lead to violations of data protection regulations like GDPR and HIPAA, which require strict controls over access to personal and sensitive data.

Specifically, the ability to retrieve cloud credentials and internal service data without validation increases the risk of data breaches, which may result in non-compliance with these standards.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

CVE-2026-6616 is a server-side request forgery (SSRF) vulnerability in the WebScraperTool component of SuperAGI that allows authenticated users to make the server perform HTTP requests to arbitrary URLs without validation.

To detect this vulnerability on your system or network, you can monitor for unusual outbound HTTP requests originating from the SuperAGI server, especially requests to internal IP ranges (e.g., 127.0.0.0/8, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) or cloud metadata service endpoints such as http://169.254.169.254.

You can also check the SuperAGI logs or agent execution feed API for evidence of requests made to internal or sensitive URLs.

Suggested commands to detect exploitation attempts include:

  • Use network monitoring tools like tcpdump or Wireshark to capture outbound HTTP requests from the SuperAGI server: tcpdump -i <interface> 'tcp port 80 or tcp port 443'
  • Search application logs for URLs containing internal IP addresses or cloud metadata IPs: grep -E 'http://(127\.0\.0\.1|10\.|172\.(1[6-9]|2[0-9]|3[0-1])|192\.168\.|169\.254\.169\.254)' /path/to/superagi/logs/*
  • Monitor HTTP requests made by the WebScraperTool by instrumenting or reviewing the code calls to requests.get() with user-supplied URLs.

What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps for CVE-2026-6616 include restricting or disabling the vulnerable WebScraperTool component in SuperAGI to prevent exploitation.

Since the vulnerability arises from lack of URL validation, you should implement strict input validation and filtering on URLs accepted by the WebScraperTool to block requests to internal IP ranges and cloud metadata endpoints.

Additional steps include:

  • Restrict access to SuperAGI to trusted users only, as exploitation requires authentication.
  • Apply network-level controls such as firewall rules to block outbound HTTP requests from the SuperAGI server to internal IP ranges and cloud metadata IP addresses.
  • Monitor and audit agent creation and execution activities for suspicious goals that include internal or metadata URLs.
  • Check for and apply any available patches or updates from the vendor once they are released.

Can you explain this vulnerability to me?

This vulnerability exists in TransformerOptimus SuperAGI up to version 0.0.14, specifically in the WebScraperTool component's functions extract_with_bs4, extract_with_3k, and extract_with_lxml located in the file superagi/helper/webpage_extractor.py.

The issue allows an attacker to perform server-side request forgery (SSRF), meaning the attacker can manipulate the server to make unintended requests to other systems or resources.

The attack can be launched remotely, and the exploit has been publicly disclosed.


How can this vulnerability impact me? :

This vulnerability can allow an attacker to make unauthorized requests from the vulnerable server to internal or external systems, potentially accessing sensitive information or causing unintended actions.

Because the attack can be launched remotely, it increases the risk of exploitation without physical access.

The impact includes potential data exposure, unauthorized access, or disruption of services depending on what the server can reach and the attacker's intent.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart