CVE-2025-51472
Published: 22 July 2025
Summary
CVE-2025-51472 is a medium-severity Command Injection (CWE-77) vulnerability in Superagi Superagi. Its CVSS base score is 6.5 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 40.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-22354
Vulnerability details
Code Injection in AgentTemplate.eval_agent_config in TransformerOptimus SuperAGI 0.0.14 allows remote attackers to execute arbitrary Python code via malicious values in agent template configurations such as the goal, constraints, or instruction field, which are evaluated using eval() without validation during template…
more
loading or updates.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The vulnerability is a code injection in SuperAGI agent templates via unsafe Python eval() on user-controlled inputs from API updates or marketplace, enabling exploitation of a public-facing application (T1190), template injection (T1221), and arbitrary Python code execution (T1059.006).
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.