Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
A weakness has been identified in QuantumNous new-api up to 0.12.1. The impacted element is the function SearchUserTopUps/SearchAllTopUps of the file model/topup.go of the component self Endpoint. This manipulation causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
SQL injection in QuantumNous new-api versions up to 0.12.1 allows authenticated remote attackers to manipulate database queries through the SearchUserTopUps and SearchAllTopUps functions in the self endpoint. The vulnerability exists in model/topup.go with confirmed public exploit code available on GitHub. With EPSS data unavailable and CVSS 6.3 (medium severity), the primary risk stems from the low-complexity exploitation requiring only low-level authentication, enabling attackers to exfiltrate sensitive data, modify records, or potentially execute denial-of-service attacks against the database layer.
Technical ContextAI
This is a classic SQL injection vulnerability (CWE-89) in the QuantumNous new-api Go application, specifically affecting the topup model's search functions. The vulnerability resides in model/topup.go where the SearchUserTopUps and SearchAllTopUps functions process user input without proper sanitization or parameterized queries. As a Go-based API service (cpe:2.3:a:quantumnous:new-api), the application likely uses direct SQL string concatenation or unsafe query building methods when searching topup records through the self endpoint. SQL injection occurs when attacker-controlled input is directly embedded into SQL statements, allowing malicious actors to break out of the intended query context and inject arbitrary SQL commands. The network-accessible (AV:N) self endpoint accepts authenticated requests (PR:L) that can deliver crafted payloads to these vulnerable search functions, manipulating the underlying database queries without requiring complex attack techniques (AC:L).
RemediationAI
No vendor-released patch has been identified at time of analysis, as the vendor did not respond to early disclosure attempts per the CVE description and no fix version is documented in available intelligence sources. Organizations should implement immediate compensating controls: First, restrict network access to the self endpoint containing SearchUserTopUps and SearchAllTopUps functions using firewall rules or reverse proxy ACLs to trusted IP ranges only, understanding this limits legitimate remote access. Second, implement Web Application Firewall (WAF) rules targeting SQL injection patterns in requests to /topup or /self endpoints, with careful tuning to avoid false positives on legitimate search queries. Third, enforce principle of least privilege by reviewing user authentication tokens and restricting low-privilege accounts from accessing topup search functionality if business logic permits, though this may impact user experience. Fourth, enable comprehensive SQL query logging and monitoring to detect exploitation attempts showing UNION, SELECT, OR 1=1, or other SQLi indicators in search parameters. Consider engaging application security consultants to develop and apply a source code patch for model/topup.go implementing parameterized queries or ORM-based database access. Monitor the project repository and VulDB advisories (https://vuldb.com/vuln/365252/cti) for vendor updates, though continued vendor silence suggests evaluating alternative API gateway solutions for long-term risk management.
New API LLM gateway versions before 0.10.8-alpha.9 are vulnerable to stored cross-site scripting through the MarkdownRen
Denial of service in New API's `/api/token/search` endpoint allows authenticated users to exhaust database resources thr
Authorization bypass in QuantumNous new-api versions up to 0.12.1 allows remote attackers to access Midjourney image rel
QuantumNous new-api v.0.8.5.2 is vulnerable to Cross Site Scripting (XSS). Rated high severity (CVSS 8.8), this vulnerab
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-31541
GHSA-hqv7-8cjm-q98x