Go to main page
Versions in this module
v0
Apr 17, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Apr 17, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Apr 17, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Apr 16, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Apr 15, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Apr 13, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Apr 12, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Apr 12, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Apr 9, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Apr 8, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Apr 8, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Apr 7, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Apr 6, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Apr 2, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Apr 1, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 31, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 31, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 31, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 25, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 24, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 23, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 22, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 19, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 17, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 17, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 14, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 12, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 14, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 9, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 8, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 6, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 6, 2026 GO-2025-4154 +1 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
Mar 6, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Mar 4, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Mar 6, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Mar 6, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Mar 4, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Mar 3, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Mar 2, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Mar 2, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Mar 2, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Mar 2, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Mar 1, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 28, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 28, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 28, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 25, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 24, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 24, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 23, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 23, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 22, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 22, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 22, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 22, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 22, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 22, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 20, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 12, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 11, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 10, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 8, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 8, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 7, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 7, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 6, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 6, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 6, 2026 GO-2025-4154 +2 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 6, 2026 GO-2025-4154 +3 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 5, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 4, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 4, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 4, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 3, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 3, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 3, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 3, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Feb 3, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Jan 29, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Jan 26, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Jan 21, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Jan 14, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Jan 12, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Jan 11, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Jan 5, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Jan 3, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Dec 28, 2025 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Jan 2, 2026 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Dec 30, 2025 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api
Dec 29, 2025 GO-2025-4154 +4 more
GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api
GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api
GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api
GO-2026-4813: New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api
GO-2026-4814: New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check in github.com/QuantumNous/new-api