CVE-2025-62155 – QuantumNous New API Has SSRF Bypass

CVE ID : CVE-2025-62155

Published : Nov. 25, 2025, 12:15 a.m. | 1 hour, 7 minutes ago

Description : New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to version 0.9.6, a recently patched SSRF vulnerability contains a bypass method that can bypass the existing security fix and still allow SSRF to occur.
Because the existing fix only applies security restrictions to the first URL request, a 302 redirect can bypass existing security measures and successfully access the intranet. This issue has been patched in version 0.9.6.

Severity: 8.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…