CVE-2024-9439

SuperAGI is vulnerable to remote code execution in the latest version. The `agent template update` API allows attackers to control certain parameters, which are then fed to the eval function without any sanitization or checks in place. This vulnerability can lead to full system compromise. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt