CVE-2026-25802
Received Received - Intake
Cross-Site Scripting in New API MarkdownRenderer Component

Publication date: 2026-02-24

Last updated on: 2026-02-25

Assigner: GitHub, Inc.

Description
New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to version 0.10.8-alpha.9, a potential unsafe operation occurs in component `MarkdownRenderer.jsx`, allowing for Cross-Site Scripting(XSS) when the model outputs items containing `<script>` tag. Version 0.10.8-alpha.9 fixes the issue.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-24
Last Modified
2026-02-25
Generated
2026-06-16
AI Q&A
2026-02-24
EPSS Evaluated
2026-06-15
NVD
CVE-2026-25802
Affected Vendors & Products
Showing 9 associated CPEs
Vendor Product Version / Range
newapi new_api to 0.10.8 (exc)
newapi new_api 0.10.8
newapi new_api 0.10.8
newapi new_api 0.10.8
newapi new_api 0.10.8
newapi new_api 0.10.8
newapi new_api 0.10.8
newapi new_api 0.10.8
newapi new_api 0.10.8
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'CVE-2026-25802 is a high-severity Cross-Site Scripting (XSS) vulnerability found in the MarkdownRenderer component of the QuantumNous new-api project before version 0.10.8-alpha.9.'}, {'type': 'paragraph', 'content': "The issue occurs because the component uses React's dangerouslySetInnerHTML to render HTML output generated by the AI model without sanitizing it. This allows malicious scripts, such as injected <script> tags, to execute in the user's browser."}, {'type': 'paragraph', 'content': 'An example exploit involves prompting the model to generate a script that redirects the browser to another site like google.com without user consent.'}] [1]

Impact Analysis

This vulnerability can lead to malicious scripts running in your browser when interacting with the affected playground feature of the new-api.

Such scripts can perform unauthorized actions like redirecting your browser to malicious sites, potentially compromising your session or data integrity.

Because the exploit can be stored in chat records, it may persist and re-trigger when reopening the affected pages, making it difficult to remove.

Overall, it impacts the integrity of your interactions and availability of the service, with a CVSS score indicating high severity.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by testing if the MarkdownRenderer component renders unsanitized HTML containing script tags, which leads to Cross-Site Scripting (XSS). A proof-of-concept involves prompting the model with a phrase that causes it to output a script tag, such as a request to write a script that redirects the browser to another site.'}, {'type': 'paragraph', 'content': 'To detect this on your system, you can attempt to input or simulate AI-generated content containing <script> tags in the playground environment and observe if the script executes in the browser.'}, {'type': 'paragraph', 'content': "There are no specific command-line tools or commands provided in the resources for automated detection, but manual testing by injecting payloads like <script>alert('XSS')</script> in the playground input and monitoring browser behavior can reveal the vulnerability."}] [1]

Mitigation Strategies

[{'type': 'paragraph', 'content': 'The immediate mitigation step is to upgrade the New API software to version 0.10.8-alpha.9 or later, where the vulnerability is fixed.'}, {'type': 'paragraph', 'content': 'If upgrading is not immediately possible, a suggested workaround is to render the AI-generated HTML preview inside a sandboxed iframe to block script execution and sanitize dangerous HTML strings before rendering.'}, {'type': 'list_item', 'content': "Replace usage of React's dangerouslySetInnerHTML with a sandboxed iframe component that restricts script execution."}, {'type': 'list_item', 'content': 'Escape HTML entities in AI-generated content to prevent injection of executable code.'}, {'type': 'paragraph', 'content': "These mitigations reduce the risk of XSS attacks by preventing malicious scripts from executing in the user's browser."}] [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-25802. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart