CVE-2026-42339

Name of the Vulnerable Software and Affected Versions New API versions 0.11.9-alpha.1 and earlier

Description New API, a large language model (LLM) gateway and artificial intelligence (AI) asset management system, contains a Server-Side Request Forgery (SSRF) flaw. This issue occurs due to insufficient SSRF protection, allowing requests to be sent to an unspecified address.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.