Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-42339 |
|
SSRF (Server-Side Request Forgery) in github.com/QuantumNous/new-api (CVE-2026-42339)
SSRF in github.com/QuantumNous/new-api (CVE-2026-42339). Data can be tampered with by attackers. Exploitable via `POST /v1/chat/completions`. Mitigation: upgrade to `0.9.0.5` or later.
|
| CVE-2026-41432 |
|
Vulnerability in github.com/QuantumNous/new-api (CVE-2026-41432)
vulnerability in github.com/QuantumNous/new-api (CVE-2026-41432). Data can be tampered with by attackers. Exploitable via `POST /api/user/pay`. Mitigation: upgrade to `0.12.10` or later.
|