operation_setting

Mar 9, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Mar 8, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Mar 6, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Mar 6, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Mar 6, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Mar 4, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Changes in this version

type ChannelAffinityRule

+ ParamOverrideTemplate map[string]interface{}

Mar 6, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Mar 6, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Mar 4, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Mar 3, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Mar 2, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Mar 2, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Mar 2, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Mar 2, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Mar 1, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 28, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 28, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 28, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Changes in this version

+ func IsAlwaysSkipRetryStatusCode(code int) bool

Feb 25, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 24, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 24, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 23, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 23, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 22, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 22, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 22, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 22, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 22, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 22, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 20, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 12, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 11, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 10, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 8, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 8, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 7, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 7, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Changes in this version

+ func GetMaxUserTokens() int

+ type TokenSetting struct

+ MaxUserTokens int

+ func GetTokenSetting() *TokenSetting

Feb 6, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 6, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 6, 2026 GO-2025-4154

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

Feb 6, 2026 GO-2025-4154 +1 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

Feb 5, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Feb 4, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Feb 4, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Feb 4, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Feb 3, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Feb 3, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Feb 3, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Feb 3, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Feb 3, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Changes in this version

+ const ClaudeWebSearchPrice

+ const FileSearchPrice

+ const GPTImage1High1024x1024

+ const GPTImage1High1024x1536

+ const GPTImage1High1536x1024

+ const GPTImage1Low1024x1024

+ const GPTImage1Low1024x1536

+ const GPTImage1Low1536x1024

+ const GPTImage1Medium1024x1024

+ const GPTImage1Medium1024x1536

+ const GPTImage1Medium1536x1024

+ const Gemini20FlashInputAudioPrice

+ const Gemini25FlashLitePreviewInputAudioPrice

+ const Gemini25FlashNativeAudioInputAudioPrice

+ const Gemini25FlashPreviewInputAudioPrice

+ const Gemini25FlashProductionInputAudioPrice

+ const GeminiRoboticsER15InputAudioPrice

+ const QuotaDisplayTypeCNY

+ const QuotaDisplayTypeCustom

+ const QuotaDisplayTypeTokens

+ const QuotaDisplayTypeUSD

+ const WebSearchPrice

+ const WebSearchPriceHigh

+ var AutomaticDisableKeywords = []string

+ var AutomaticDisableStatusCodeRanges = []StatusCodeRange

+ var AutomaticRetryStatusCodeRanges = []StatusCodeRange

+ var CustomCallbackAddress = ""

+ var DemoSiteEnabled = false

+ var EpayId = ""

+ var EpayKey = ""

+ var MinTopUp = 1

+ var PayAddress = ""

+ var PayMethods = []map[string]string

+ var Price = 7.3

+ var SelfUseModeEnabled = false

+ var USDExchangeRate = 7.3

+ func AutomaticDisableKeywordsFromString(s string)

+ func AutomaticDisableKeywordsToString() string

+ func AutomaticDisableStatusCodesFromString(s string) error

+ func AutomaticDisableStatusCodesToString() string

+ func AutomaticRetryStatusCodesFromString(s string) error

+ func AutomaticRetryStatusCodesToString() string

+ func ContainsPayMethod(method string) bool

+ func GetCheckinQuotaRange() (min, max int)

+ func GetClaudeWebSearchPricePerThousand() float64

+ func GetCurrencySymbol() string

+ func GetFileSearchPricePerThousand() float64

+ func GetGPTImage1PriceOnceCall(quality string, size string) float64

+ func GetGeminiInputAudioPricePerMillionTokens(modelName string) float64

+ func GetQuotaDisplayType() string

+ func GetUsdToCurrencyRate(usdToCny float64) float64

+ func GetWebSearchPricePerThousand(modelName string, contextSize string) float64

+ func IsCNYDisplay() bool

+ func IsCheckinEnabled() bool

+ func IsCurrencyDisplay() bool

+ func PayMethods2JsonString() string

+ func ShouldDisableByStatusCode(code int) bool

+ func ShouldRetryByStatusCode(code int) bool

+ func UpdatePayMethodsByJsonString(jsonString string) error

+ type ChannelAffinityKeySource struct

+ Key string

+ Path string

+ Type string

+ type ChannelAffinityRule struct

+ IncludeRuleName bool

+ IncludeUsingGroup bool

+ KeySources []ChannelAffinityKeySource

+ ModelRegex []string

+ Name string

+ PathRegex []string

+ SkipRetryOnFailure bool

+ TTLSeconds int

+ UserAgentInclude []string

+ ValueRegex string

+ type ChannelAffinitySetting struct

+ DefaultTTLSeconds int

+ Enabled bool

+ MaxEntries int

+ Rules []ChannelAffinityRule

+ SwitchOnSuccess bool

+ func GetChannelAffinitySetting() *ChannelAffinitySetting

+ type CheckinSetting struct

+ Enabled bool

+ MaxQuota int

+ MinQuota int

+ func GetCheckinSetting() *CheckinSetting

+ type GeneralSetting struct

+ CustomCurrencyExchangeRate float64

+ CustomCurrencySymbol string

+ DocsLink string

+ PingIntervalEnabled bool

+ PingIntervalSeconds int

+ QuotaDisplayType string

+ func GetGeneralSetting() *GeneralSetting

+ type MonitorSetting struct

+ AutoTestChannelEnabled bool

+ AutoTestChannelMinutes float64

+ func GetMonitorSetting() *MonitorSetting

+ type PaymentSetting struct

+ AmountDiscount map[int]float64

+ AmountOptions []int

+ func GetPaymentSetting() *PaymentSetting

+ type QuotaSetting struct

+ EnableFreeModelPreConsume bool

+ func GetQuotaSetting() *QuotaSetting

+ type StatusCodeRange struct

+ End int

+ Start int

+ func ParseHTTPStatusCodeRanges(input string) ([]StatusCodeRange, error)

Jan 29, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Jan 26, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Jan 21, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Jan 14, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Jan 12, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Jan 11, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Jan 5, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Jan 3, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 28, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Jan 2, 2026 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 30, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 29, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 26, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 25, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 21, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 20, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 13, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 13, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 13, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 12, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 12, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 12, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 12, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 11, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 9, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 2, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 2, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Dec 1, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 30, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 30, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 30, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 23, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 20, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 20, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 16, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 18, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 14, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 11, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 12, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 11, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 10, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 7, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 6, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 3, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 5, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 31, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Nov 1, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 31, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 29, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 30, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 29, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 29, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 29, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 28, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 18, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 15, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 17, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 16, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 16, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 15, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 15, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 15, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 15, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 14, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 14, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 12, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 13, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

Oct 12, 2025 GO-2025-4154 +2 more

  GO-2025-4154: new-api is vulnerable to SSRF Bypass in one-api

  GO-2026-4531: New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

  GO-2026-4532: New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api