CVE-2026-32879 in new-api
Summary
by MITRE • 03/23/2026
New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Starting in version 0.10.0, a logic flaw in the universal secure verification flow allows an authenticated user with a registered passkey to satisfy secure verification without completing a WebAuthn assertion. As of time of publication, no known patched versions are available. Until a patched release is applied, do not rely on passkey as the step-up method for privileged secure-verification actions; require TOTP/2FA for those actions where operationally possible; or temporarily restrict access to affected secure-verification-protected endpoints.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 03/28/2026
The vulnerability identified as CVE-2026-32879 affects New API, a large language model gateway and artificial intelligence asset management system that has become a critical component in modern AI infrastructure deployments. This system serves as a central hub for managing AI assets and providing access to large language models, making it a prime target for attackers seeking to compromise AI-driven workflows. The vulnerability specifically resides in the universal secure verification flow that was introduced in version 0.10.0, representing a significant security regression that undermines the system's authentication framework. The flaw manifests as a logic error in how the system validates user authentication, particularly when passkeys are involved in the secure verification process.
The technical flaw constitutes a bypass of the WebAuthn assertion mechanism that should be mandatory for privileged operations. An authenticated user who has registered a passkey can theoretically complete secure verification steps without actually performing the required WebAuthn assertion, which creates a critical gap in the system's multi-factor authentication implementation. This logic flaw essentially allows attackers to escalate privileges or perform sensitive operations that should require additional verification factors. The vulnerability is particularly concerning because it directly impacts the principle of least privilege and undermines the trust model that secure verification is designed to establish. According to CWE-305 authentication bypass through flawed logic, this represents a fundamental flaw in the authentication system's design that allows unauthorized access to protected resources.
The operational impact of this vulnerability is severe for organizations relying on New API for AI asset management, as it effectively neutralizes the passkey-based security controls that were intended to provide strong authentication for privileged actions. Attackers who gain access to legitimate user accounts could exploit this flaw to perform operations that require secure verification, potentially leading to unauthorized access to AI models, data manipulation, or system compromise. The absence of patched versions at the time of publication means that organizations cannot rely on vendor-provided fixes, creating an urgent need for immediate operational mitigations. This vulnerability particularly affects environments where AI systems are used for sensitive operations, such as financial services, healthcare, or government applications where AI-driven decision making requires robust security controls.
Organizations must implement immediate compensating controls to address this vulnerability while awaiting vendor patches. The recommended mitigations include requiring TOTP or 2FA for all privileged secure verification actions, effectively adding an additional authentication factor beyond what the flawed passkey system provides. Temporary restriction of access to affected secure verification protected endpoints represents another critical mitigation strategy that can limit the attack surface while permanent fixes are developed. From an ATT&CK framework perspective, this vulnerability maps to technique T1566.002 for credential access through credential dumping and T1550.001 for use of stolen credentials, as attackers could potentially exploit this to escalate privileges and gain access to additional system resources. The vulnerability also aligns with ATT&CK technique T1078.004 for valid accounts, as it allows attackers to leverage legitimate user credentials with reduced authentication requirements. Organizations should also consider implementing additional monitoring for privileged authentication events and unusual access patterns that might indicate exploitation attempts. The lack of patched versions emphasizes the importance of operational security measures and highlights the critical need for organizations to maintain robust security practices even when relying on third-party vendor solutions that may not yet have addressed known vulnerabilities.