Severity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
A security vulnerability has been detected in QuantumNous new-api up to 0.12.1. This affects the function RelayMidjourneyImage/GetByOnlyMJId of the file router/relay-router.go of the component Midjourney Image Relay Endpoint. Such manipulation leads to authorization bypass. The attack can be launched remotely. The attack requires a high level of complexity. The exploitability is reported as difficult. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
Authorization bypass in QuantumNous new-api versions up to 0.12.1 allows remote attackers to access Midjourney image relay endpoints without proper authentication. The vulnerability resides in RelayMidjourneyImage and GetByOnlyMJId functions within relay-router.go. Despite high attack complexity (CVSS AC:H) and CVSS score of only 3.7, a publicly available proof-of-concept exploit exists (disclosed via GitHub Gist), reducing the technical barrier. The vendor did not respond to early disclosure attempts. EPSS data not provided, but the combination of public exploit and unauthenticated network access (PR:N) warrants attention for organizations using this API gateway for Midjourney integration.
Technical ContextAI
The vulnerability affects the Midjourney image relay functionality in new-api, a Go-based API gateway/relay service developed by QuantumNous. The flaw manifests in relay-router.go, specifically in functions handling Midjourney image operations (RelayMidjourneyImage and GetByOnlyMJId). According to the CWE-639 classification, this represents an authorization bypass through user-controlled key, meaning attackers can manipulate request parameters to access resources without proper authorization checks. The CPE identifier (cpe:2.3:a:quantumnous:new-api) confirms this affects the core new-api application. Given the Midjourney integration context, this likely involves API endpoints that proxy or cache image generation requests to Midjourney's service, where improper validation of image identifiers or session tokens allows unauthorized retrieval.
RemediationAI
No vendor-released patch identified at time of analysis - QuantumNous did not respond to early disclosure attempts, and no fix version beyond 0.12.1 is confirmed in available data. Organizations should implement compensating controls while monitoring for upstream patches: First, if Midjourney image relay functionality is not business-critical, disable the affected endpoints entirely by removing or commenting out the RelayMidjourneyImage and GetByOnlyMJId route handlers in relay-router.go (requires source modification and recompilation; eliminates vulnerability but loses Midjourney integration). Second, implement authentication proxy or API gateway in front of new-api to enforce authentication before requests reach vulnerable endpoints (adds latency and infrastructure complexity; requires maintaining separate auth layer). Third, restrict network access to the Midjourney relay endpoints using firewall rules or reverse proxy ACLs to trusted IP ranges only (reduces attack surface but does not eliminate risk from internal or VPN-connected attackers). Fourth, implement request rate limiting and logging for Midjourney endpoint access to detect exploitation attempts (detection-only; does not prevent exploitation but enables incident response). Monitor QuantumNous GitHub repository and VulDB entry https://vuldb.com/vuln/365253 for patch announcements. Consider migrating to alternative API gateway solutions if vendor remains unresponsive.
New API LLM gateway versions before 0.10.8-alpha.9 are vulnerable to stored cross-site scripting through the MarkdownRen
Denial of service in New API's `/api/token/search` endpoint allows authenticated users to exhaust database resources thr
SQL injection in QuantumNous new-api versions up to 0.12.1 allows authenticated remote attackers to manipulate database
QuantumNous new-api v.0.8.5.2 is vulnerable to Cross Site Scripting (XSS). Rated high severity (CVSS 8.8), this vulnerab
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-31542
GHSA-cgrh-9fc9-55f9