CVE-2026-33655
Undergoing Analysis Undergoing Analysis - In Progress

SSRF Bypass in New API via Hostname Resolution

Vulnerability report for CVE-2026-33655, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-09

Last updated on: 2026-07-10

Assigner: GitHub, Inc.

Description

New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management system. Prior to 0.12.0-alpha.1, the default SSRF protection configuration did not apply IP filtering to hostnames; with ApplyIPFilterForDomain disabled by default, URL validation checked domain allow/block rules but did not resolve a hostname and validate the resolved IP address, allowing authenticated users to configure Webhook, Bark, or Gotify notification URLs that point at an internal or metadata IP address. This issue is fixed in version 0.12.0-alpha.1.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-09
Last Modified
2026-07-10
Generated
2026-07-11
AI Q&A
2026-07-10
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
quantumnous new-api to 0.12.0-alpha.1 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in the New API, a large language model gateway and AI asset management system. Before version 0.12.0-alpha.1, the default Server-Side Request Forgery (SSRF) protection did not apply IP filtering to hostnames. Specifically, the configuration option ApplyIPFilterForDomain was disabled by default, meaning that while URL validation checked domain allow/block rules, it did not resolve hostnames to validate their IP addresses. As a result, authenticated users could configure notification URLs (such as Webhook, Bark, or Gotify) that pointed to internal or metadata IP addresses, potentially allowing unauthorized access to internal network resources.

Impact Analysis

This vulnerability can allow authenticated users to bypass intended network restrictions by configuring notification URLs that point to internal or metadata IP addresses. This could lead to unauthorized access to internal services or sensitive metadata endpoints, potentially exposing sensitive information or enabling further attacks within the internal network.

Mitigation Strategies

To mitigate this vulnerability, you should upgrade New API to version 0.12.0-alpha.1 or later, where the issue is fixed.

Additionally, ensure that the ApplyIPFilterForDomain setting is enabled to apply IP filtering to hostnames, preventing authenticated users from configuring notification URLs that point to internal or metadata IP addresses.

Compliance Impact

The vulnerability allows authenticated users to configure URLs that point to internal or metadata IP addresses, potentially exposing sensitive internal data through timing, errors, or response-dependent behavior.

Such exposure of sensitive internal data could lead to non-compliance with data protection regulations like GDPR or HIPAA, which require strict controls to prevent unauthorized access or disclosure of sensitive information.

Mitigations such as upgrading to the fixed version, enabling IP filtering, restricting notification domains, or enforcing network-level filtering help reduce the risk of data exposure and support compliance efforts.

Detection Guidance

This vulnerability involves Server-Side Request Forgery (SSRF) due to insufficient IP filtering on hostnames in notification URLs configured by authenticated users. Detection can focus on identifying unauthorized or suspicious internal or metadata IP address requests originating from the affected system.

To detect exploitation attempts or presence of this vulnerability on your network or system, you can monitor outgoing HTTP requests from the new-api server to internal IP ranges or metadata IP addresses.

  • Use network monitoring tools like tcpdump or Wireshark to capture outgoing traffic and filter for internal IP ranges (e.g., 169.254.169.254 for metadata service, 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16). Example command: tcpdump -i eth0 dst net 10.0.0.0/8 or dst host 169.254.169.254
  • Check application logs for configured notification URLs (Webhook, Bark, Gotify) that point to internal or metadata IP addresses.
  • If you have access to the new-api system, verify the configuration setting ApplyIPFilterForDomain is enabled. You can check configuration files or environment variables depending on your deployment.
  • Use curl or wget commands to test if internal IP addresses are reachable from the server, which may indicate potential SSRF exploitation paths. For example: curl http://169.254.169.254/latest/meta-data/

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-33655. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart