Lucene search
+L

6 matches found

nvd
nvd
added 2026/05/23 4:19 p.m.17 views

CVE-2026-9306

A security vulnerability has been detected in QuantumNous new-api up to 0.12.1. This affects the function RelayMidjourneyImage/GetByOnlyMJId of the file router/relay-router.go of the component Midjourney Image Relay Endpoint. Such manipulation leads to authorization bypass. The attack can be...

6.3CVSS0.00291EPSS
Exploits0References4
cve
cve
added 2026/05/23 3:0 p.m.92 views

CVE-2026-9306

CVE-2026-9306 affects QuantumNous new-api up to 0.12.1, specifically the Midjourney Image Relay Endpoint’s RelayMidjourneyImage/GetByOnlyMJId in router/relay-router.go. The issue enables authorization bypass through manipulation of the endpoint. It is reported as exploitable remotely with high co...

6.3CVSS5.2AI score0.00291EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2026/05/23 2:30 p.m.9 views

CVE-2026-9305 QuantumNous new-api self Endpoint topup.go SearchAllTopUps sql injection

A weakness has been identified in QuantumNous new-api up to 0.12.1. The impacted element is the function SearchUserTopUps/SearchAllTopUps of the file model/topup.go of the component self Endpoint. This manipulation causes sql injection. The attack can be initiated remotely. The exploit has been...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/05/23 12:0 a.m.21 views

PT-2026-42885

A weakness has been identified in QuantumNous new-api up to 0.12.1. The impacted element is the function SearchUserTopUps/SearchAllTopUps of the file model/topup.go of the component self Endpoint. This manipulation causes sql injection. The attack can be initiated remotely. The exploit has been...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/03/23 12:0 a.m.72 views

New API 授权问题漏洞

The New API is an interface software developed by QuantumNous. Versions of the New API starting from 0.10.0 have a vulnerability related to authorization. This vulnerability stems from logical flaws in the general security verification process, allowing authenticated users with registered...

4.9CVSS6.4AI score0.00289EPSS
Exploits0References1
osv
osv
added 2025/08/22 12:0 a.m.4 views

CVE-2025-55573

QuantumNous new-api v.0.8.5.2 is vulnerable to Cross Site Scripting XSS...

8.8CVSS6.5AI score0.00392EPSS
Exploits1References4
Rows per page
Query Builder