CVE-2026-44342 in new-apiinfo

Summary

by MITRE • 07/10/2026

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to 0.12.0-alpha.1, the email and WeChat account binding endpoints GET /api/oauth/email/bind and GET /api/oauth/wechat/bind used GET requests for state-changing account operations, allowing an attacker to trigger a logged-in user's browser to bind an attacker-controlled email address or OAuth identity in deployments where session cookies could be sent on cross-site navigations. This issue is fixed in version 0.12.0-alpha.1.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Analysis

by VulDB Data Team • 07/10/2026

This vulnerability affects New API, a large language model gateway and artificial intelligence asset management system that serves as a central platform for AI operations and user account management. The security flaw stems from improper handling of state-changing operations within the authentication flow, specifically targeting the email and WeChat account binding endpoints. These endpoints are designed to allow users to link their accounts with external services, but they were implemented using GET requests for operations that should typically be performed via POST methods.

The technical implementation flaw creates a cross-site request forgery vulnerability where attackers can manipulate logged-in users into performing unintended account binding operations. When users navigate to malicious sites or click on compromised links, their browsers automatically execute GET requests to the vulnerable endpoints without their knowledge or consent. This occurs because browsers automatically send session cookies along with cross-site requests when the user is authenticated, allowing attackers to impersonate legitimate users and bind their own email addresses or OAuth identities to victim accounts.

The operational impact of this vulnerability is significant as it enables account takeover attacks where malicious actors can gain unauthorized control over user accounts by simply tricking victims into visiting compromised websites. Once an attacker successfully binds their credentials to a victim's account, they can potentially access all associated AI resources, modify configurations, or perform other unauthorized operations within the system. This type of vulnerability directly violates security principles outlined in the OWASP Top Ten 2021 and aligns with CWE-352 Cross-Site Request Forgery, which specifically addresses the improper handling of state-changing requests.

The fix implemented in version 0.12.0-alpha.1 corrects this issue by changing the HTTP method used for account binding operations from GET to POST, which prevents automatic execution of these sensitive operations through browser navigation. This remediation aligns with security best practices recommended by the MITRE ATT&CK framework under the technique T1531 Account Access Removal and T1078 Valid Accounts, as it prevents unauthorized account modifications while maintaining proper authentication controls. Organizations using this system should ensure immediate deployment of the patched version to mitigate the risk of account compromise and maintain the integrity of their AI asset management infrastructure.

The vulnerability demonstrates a common pattern in web application development where security considerations are overlooked during API endpoint design, particularly around the distinction between safe and unsafe HTTP methods for operations that modify user state. This issue highlights the importance of implementing proper input validation, output encoding, and secure coding practices as outlined in industry standards such as ISO/IEC 27001 and NIST SP 800-53. The fix represents a critical security improvement that aligns with defense-in-depth principles by ensuring that state-changing operations require explicit user interaction through POST requests rather than automatic browser behavior.

Responsible

GitHub M

Reservation

05/05/2026

Disclosure

07/10/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!