CVE-2026-42339 HIGH

CVE-2026-42339: New API: SSRF Filter Bypass via 0.0.0.0

Vendor Quantumnous
Product new-api
Weakness CWE-918 · SSRF
Published May 8, 2026
Last update May 11, 2026
View on NVD All CVEs

CVSS base score

7.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. In versions 0.11.9-alpha.1 and prior, the SSRF protection introduced in v0.9.0.5 (CVE-2025-59146) and hardened in v0.9.6 (CVE-2025-62155) does not block the unspecified address 0.0.0.0. A regular (non-admin) user holding any valid API token can send a multimodal request to /v1/chat/completions, /v1/responses, or /v1/messages with 0.0.0.0 as the image/file URL host, bypassing the private-IP filter and causing the server to issue HTTP requests to localhost. This constitutes at minimum a blind SSRF; when the request is routed through an AWS/Bedrock Claude adaptor, the fetched content is inlined into the model response, upgrading it to a full-read SSRF. At time of publication, there are no publicly available patches.

Key dates

02Disclosure timeline

May 8, 2026 CVE published
May 11, 2026 Record updated

Related vulnerabilities

04Related CVE

CVE-2026-4302 WowOptin: Next-Gen Popup Maker <= 1.4.29 - Unauthenticated Server-Side Request Forgery via 'link' Parameter in REST API CVE-2026-5417 Dataease SQLbot Elasticsearch es_engine.py get_es_data_by_http server-side request forgery CVE-2025-2116 Beijing Founder Electronics Founder Enjoys All-Media Acquisition and Editing System File Protocol imageProxy.do server-side request forgery CVE-2023-46730 Server-Side Request Forgery in groupoffice CVE-2022-3189