Vulnerability Database

300,926

Total vulnerabilities in the database

CVE-2025-51475

Arbitrary File Overwrite (AFO) in superagi.controllers.resources.upload in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to overwrite arbitrary files via unsanitised filenames submitted to the file upload endpoint, due to improper handling of directory traversal in os.path.join() and lack of path validation in get_root_input_dir().

Published: Jul 22, 2025
Updated: Jul 23, 2025
CVE: CVE-2025-51475
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

No affected software listed.

https://github.com/TransformerOptimus/SuperAGI
https://github.com/TransformerOptimus/SuperAGI/pull/1463
https://www.gecko.security/blog/cve-2025-51475

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo