Browse all 8 CVE security advisories affecting QuantumNous. AI-powered Chinese analysis, POCs, and references for each vulnerability.
QuantumNous develops AI-powered security analytics platforms for threat detection and vulnerability management. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with six CVEs documented to date. The platform's complex integrations with third-party APIs have introduced additional attack surfaces. While no major public security incidents have been reported, the consistent pattern of authentication bypass flaws in earlier versions suggests implementation challenges in access control mechanisms. Recent releases show improved input validation, though legacy deployments may remain exposed to known exploit chains.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-42339 | New API: SSRF Filter Bypass via 0.0.0.0 — new-apiCWE-918 | 8.1AI | HighAI | 2026-05-08 |
| CVE-2026-41432 | New API: Stripe Webhook Signature Bypass via Empty Secret Enables Unlimited Quota Fraud — new-apiCWE-345 | 7.1 | High | 2026-05-08 |
| CVE-2026-32879 | New API has passkey-based secure step-up verification bypass for root-only channel secret disclosure — new-apiCWE-287 | 4.9 | Medium | 2026-03-23 |
| CVE-2026-30886 | New API: IDOR in VideoProxy allows cross-user video content access via missing ownership check — new-apiCWE-639 | 6.5 | Medium | 2026-03-23 |
| CVE-2026-25802 | New API has Potential XSS in its MarkdownRenderer component — new-apiCWE-79 | 7.6 | High | 2026-02-24 |
| CVE-2026-25591 | New API has an SQL LIKE Wildcard Injection DoS via Token Search — new-apiCWE-943 | 6.5AI | MediumAI | 2026-02-24 |
| CVE-2025-62155 | QuantumNous New API Has SSRF Bypass — new-apiCWE-918 | 8.5 | High | 2025-11-24 |
| CVE-2025-59146 | New API has Authenticated Server-Side Request Forgery (SSRF) issue — new-apiCWE-918 | 8.5 | High | 2025-10-09 |
This page lists every published CVE security advisory associated with QuantumNous. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.