Package impact
GO / github.com/QuantumNous/new-api
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-41432 | high | 8.2 | 8.2 | 22d ago | New API: Stripe Webhook Signature Bypass via Empty Secret Enables Unlimited Quota Fraud | |||
| CVE-2026-42339 | high | 7.1 | 7.1 | 22d ago | QuantumNous/new-api has an SSRF Filter Bypass via 0.0.0.0 |