CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Newapi: >> New Api >> 0.10.8 Security Vulnerabilities

CVE-2026-25802

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to version 0.10.8-alpha.9, a potential unsafe operation occurs in component `MarkdownRenderer.jsx`, allowing for Cross-Site Scripting(XSS) when the model outputs items containing `<script>` tag. Version 0.10.8-alpha.9 fixes the issue.

CVSS Score

7.6

EPSS Score

0.0

Published

2026-02-24

Page 1

Vulnerabilities

Vulnerable Software

Newapi: >> New Api >> 0.10.8 Security Vulnerabilities

Products

Pricing

Contact Us