Cyber Resilience

CVE-2026-6582

Medium

Published: 19 April 2026

Published
19 April 2026
Modified
22 April 2026
KEV Added
Patch
CVSS Score v4 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0010 28.1th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-6582 is a medium-severity Improper Authentication (CWE-287) vulnerability. Its CVSS base score is 6.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 28.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SC-14 (Public Access Protections).

Deeper analysis

CVE-2026-6582 is a missing authentication vulnerability affecting TransformerOptimus SuperAGI versions up to 0.0.14. The flaw resides in the get_vector_db_details function within the file superagi/controllers/vector_dbs.py, part of the Vector Database Management Endpoint. This issue, classified under CWE-287 (Improper Authentication) and CWE-306 (Missing Authentication for Critical Function), allows unauthorized access to sensitive vector database details and carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), rated as High severity.

Remote attackers require no privileges, user interaction, or special conditions to exploit this vulnerability over the network with low complexity. Successful exploitation grants limited access to vector database management functions, potentially enabling low-impact confidentiality, integrity, and availability disruptions, such as unauthorized retrieval or minor manipulation of vector DB details.

Advisories from VulDB and a published GitHub Gist reference indicate no vendor response despite early disclosure contact, with no patches or official mitigations available as of the CVE publication on 2026-04-19. Security practitioners should restrict network access to affected endpoints and monitor for exploit attempts using the disclosed proof-of-concept.

Notable context includes a publicly available exploit, increasing real-world exploitation risk. The vector database component ties into AI/ML workflows, where SuperAGI handles agent-based processing, making this relevant for deployments relying on embedding stores in autonomous AI systems.

EU & UK References

Vulnerability details

A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function get_vector_db_details of the file superagi/controllers/vector_dbs.py of the component Vector Database Management Endpoint. Executing a manipulation can lead to missing authentication. The attack…

more

can be executed remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Missing authentication on public-facing Vector Database Management Endpoint (CWE-287/306) directly enables remote exploitation of the application without credentials or privileges, matching T1190: Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2026-7042Shared CWE-287, CWE-306
CVE-2025-58443Shared CWE-287, CWE-306
CVE-2025-11942Shared CWE-287, CWE-306
CVE-2026-6577Shared CWE-287, CWE-306
CVE-2026-6129Shared CWE-287, CWE-306
CVE-2026-5676Shared CWE-287, CWE-306
CVE-2026-4562Shared CWE-287, CWE-306
CVE-2026-7723Shared CWE-287, CWE-306
CVE-2026-5000Shared CWE-287, CWE-306
CVE-2026-6126Shared CWE-287, CWE-306

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

AC-3 enforces approved authorizations for access to system resources, directly addressing the missing authentication in the get_vector_db_details endpoint.

prevent

SC-14 requires server-side authentication protections for publicly accessible endpoints, mitigating the remotely exploitable unauthenticated vector database management function.

prevent

SC-7 monitors and controls communications at external boundaries, restricting network access to the vulnerable endpoint lacking authentication.

References