CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Newapi: >> New Api Security Vulnerabilities

CVE-2026-25802

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to version 0.10.8-alpha.9, a potential unsafe operation occurs in component `MarkdownRenderer.jsx`, allowing for Cross-Site Scripting(XSS) when the model outputs items containing `<script>` tag. Version 0.10.8-alpha.9 fixes the issue.

CVSS Score

7.6

EPSS Score

0.0

Published

2026-02-24

CVE-2025-55573

QuantumNous new-api v.0.8.5.2 is vulnerable to Cross Site Scripting (XSS).

CVSS Score

8.8

EPSS Score

0.001

Published

2025-08-22

Page 1

Vulnerabilities

Vulnerable Software

Newapi: >> New Api Security Vulnerabilities

Products

Pricing

Contact Us