Vulnerabilidades en QuantumNous
10 resultadosCVE-2026-25591HIGHNew API has an SQL LIKE Wildcard Injection DoS via Token SearchEPSS 0.5%CVE-2026-9306MEDIUMQuantumNous new-api Midjourney Image Relay Endpoint relay-router.go GetByOnlyMJId authorizationEPSS 0.3%CVE-2026-32879MEDIUMNew API has passkey-based secure step-up verification bypass for root-only channel secret disclosureEPSS 0.3%CVE-2026-30886MEDIUMNew API: IDOR in VideoProxy allows cross-user video content access via missing ownership checkEPSS 0.3%CVE-2025-62155HIGHQuantumNous New API Has SSRF BypassEPSS 0.3%CVE-2026-41432HIGHNew API: Stripe Webhook Signature Bypass via Empty Secret Enables Unlimited Quota FraudEPSS 0.3%CVE-2026-42339HIGHNew API: SSRF Filter Bypass via 0.0.0.0EPSS 0.3%CVE-2026-25802HIGHNew API has Potential XSS in its MarkdownRenderer componentEPSS 0.2%CVE-2025-59146HIGHNew API has Authenticated Server-Side Request Forgery (SSRF) issueEPSS 0.2%CVE-2026-9305MEDIUMQuantumNous new-api self Endpoint topup.go SearchAllTopUps sql injectionEPSS 0.2%