Advisories for Golang/Github.com/QuantumNous/New-Api package

2026

QuantumNous/new-api has an SSRF Filter Bypass via 0.0.0.0

The SSRF protection introduced in v0.9.0.5 (CVE-2025-59146) and hardened in v0.9.6 (CVE-2025-62155) does not block the unspecified address 0.0.0.0. A regular (non-admin) user holding any valid API token can send a multimodal request to /v1/chat/completions, /v1/responses, or /v1/messages with 0.0.0.0 as the image/file URL host, bypassing the private-IP filter and causing the server to issue HTTP requests to localhost. This constitutes at minimum a blind SSRF; when the request is …

New API: Stripe Webhook Signature Bypass via Empty Secret Enables Unlimited Quota Fraud

A critical vulnerability exists in the Stripe webhook handler that allows an unauthenticated attacker to forge webhook events and credit arbitrary quota to their account without making any payment. The vulnerability stems from three compounding flaws: The Stripe webhook endpoint does not reject requests when StripeWebhookSecret is empty (the default). When the HMAC secret is empty, any attacker can compute valid webhook signatures, effectively bypassing signature verification entirely. The Recharge …

New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check

The video proxy endpoint GET /v1/videos/:task_id/content is vulnerable to an Insecure Direct Object Reference (IDOR). Any authenticated user who knows another user's task_id can retrieve that user's generated video content because the handler queries tasks by task_id alone and does not verify ownership.

New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure

A logic flaw in the universal secure verification flow allows an authenticated user with a registered passkey to satisfy secure verification without completing a WebAuthn assertion.

New API has Potential XSS in its MarkdownRenderer component

A potential unsafe operation occurs in component MarkdownRenderer.jsx, allowing for Cross-Site Scripting(XSS) when the model outputs items containing <script> tag.

New API has an SQL LIKE Wildcard Injection DoS via Token Search

A SQL LIKE wildcard injection vulnerability in the /api/token/search endpoint allows authenticated users to cause Denial of Service through resource exhaustion by crafting malicious search patterns.

2025

new-api is vulnerable to SSRF Bypass

A recently patched SSRF vulnerability contains a bypass method that can bypass the existing security fix and still allow SSRF to occur. Because the existing fix only applies security restrictions to the first URL request, a 302 redirect can bypass existing security measures and successfully access the intranet.