Lucene search
K

CVE-2026-44342 New API CSRF in email and WeChat account binding endpoints

🗓️ 09 Jul 2026 22:33:06Reported by GitHub_MType 
cvelist
 cvelist
🔗 www.cve.org👁 4 Views

CVE-2026-44342 CSRF lets attacker bind email or OAuth via GET endpoints before 0.12.0-alpha.1.

Related
Affected
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2026-44342
9 Jul 202622:33
attackerkb
CVE
CVE-2026-44342
9 Jul 202622:33
cve
Github Security Blog
New API is vulnerable to CSRF through user email binding
7 Jul 202613:01
github
NVD
CVE-2026-44342
9 Jul 202623:17
nvd
OSV
GHSA-26V7-H57M-GH9M New API is vulnerable to CSRF through user email binding
7 Jul 202613:01
osv
Positive Technologies
PT-2026-56214
7 Jul 202600:00
ptsecurity
Snyk
Cross-site Request Forgery (CSRF)
7 Jul 202613:01
snyk
Snyk
Cross-site Request Forgery (CSRF)
7 Jul 202613:01
snyk
[
  {
    "vendor": "QuantumNous",
    "product": "new-api",
    "versions": [
      {
        "version": "< 0.12.0-alpha.1",
        "status": "affected"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation