CVE-2025-62155

Name of the Vulnerable Software and Affected Versions New API versions prior to 0.9.6

Description New API is a large language model (LLM) gateway and artificial intelligence (AI) asset management system. A Server-Side Request Forgery (SSRF) condition existed in versions prior to 0.9.6. A previous security fix was susceptible to bypass through the use of HTTP 302 redirects. The initial fix only applied security restrictions to the first URL request, allowing attackers to leverage redirects to access internal network resources. The issue involves bypassing existing security measures to access the intranet.

Recommendations Update to New API version 0.9.6.