2 matches found
CVE-2026-25802 New API has Potential XSS in its MarkdownRenderer component
New API is a large language mode LLM gateway and artificial intelligence AI asset management system. Prior to version 0.10.8-alpha.9, a potential unsafe operation occurs in component MarkdownRenderer.jsx, allowing for Cross-Site ScriptingXSS when the model outputs items containing tag. Version...
CVE-2026-25802
creationtimestamp| type| source ---|---|--- 2026-02-22 05:48:20+00:00| published-proof-of-concept| https://github.com/QuantumNous/new-api/security/advisories/GHSA-299v-8pq9-5gjq 2026-02-24 01:19:19+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfkyqmshan2c 2026-02-24...