GO-2026-4813 — Vulnetix

GO-2026-4813 PUBLISHED

New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure in github.com/QuantumNous/new-api

Affected Products

Vendor	Product	Versions
github.com	QuantumNous/new-api	0.10.0, 0.10.0

Timeline

Mar 26, 2026 CVE Published
Mar 26, 2026 CVE Updated

References

https://github.com/QuantumNous/new-api/security/advisories/GHSA-5353-f8fq-65vc advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›