HomeCritical Flaw in NewAPI System Exposes Unsecured Keys to Unlimited Free Use
AIbase Report, April 16, 2026 — The widely used AI large-model interface aggregation and management system QuantumNous/new-api (commonly known as NewAPI), popular in open-source communities and among self-hosted site administrators, has been confirmed to contain a high-risk vulnerability in its payment logic. When the Stripe payment key is not properly configured, attackers can forge Webhook events to bypass the actual payment process, enabling "zero-cost" recharges of arbitrary amounts.
The attack methodology and mitigation strategies for this vulnerability have sparked extensive discussion on developer forums and public technical communities like X (formerly Twitter). Given that the system is often used for commercial operations or token-based billing, the discoverer has temporarily withheld the full proof-of-concept exploit code (PoC) to prevent malicious exploitation and potential financial losses.
Vulnerability Principle Analysis
NewAPI is a management system that handles intermediate processing, billing, and recharge functions for large-model interfaces such as OpenAI and Claude. The core of the exposed vulnerability lies in its failure to rigorously validate empty Stripe keys within the payment success callback (asynchronous Webhook processing logic).
Based on attack flow analysis circulating in technical communities, when the server-side Stripe webhook_secret is not configured (i.e., left as an empty string), it creates a critical trust breakdown:
Signature Mechanism Failure: The HMAC-SHA256 algorithm does not generate an error when processing an empty key. This allows any attacker to compute a forged signature that perfectly matches the server's validation logic for a custom payload.
Constructing a Malicious Event: Attackers only need to obtain or guess the order number format to forge a checkout.session.completed event and set an arbitrarily high amount_total (recharge amount) in the data packet.
Funds Credited Without Actual Payment: After sending the forged request to the server's Webhook endpoint, the server validates the signature using the empty key. Upon successful validation, the system incorrectly treats it as a legitimate paid order and credits the attacker's account balance.
The Final Outcome: Stripe receives $0, and no transaction records appear in the official Stripe dashboard. However, the server logs show normal Webhook callbacks, and the attacker's account balance is successfully increased.
Vulnerability Impact Scope
This vulnerability only affects instances where the Stripe Secret Key is not properly configured. Many administrators overlook configuring this key when setting up test environments or when their sites primarily rely on other payment methods (such as WeChat or Alipay) and do not use the Stripe module, leaving them highly vulnerable.
Official Fix and Recommendations
In response to this serious security risk, the project team acted swiftly and released the latest v0.12.10 version today. The update log clearly indicates the fix direction: “Improved Stripe payment processing to better handle asynchronous webhook events,” addressing the security blind spot in callback verification at a fundamental level.
Security experts strongly recommend all NewAPI users take the following actions:
Upgrade Immediately: Update your instance to the latest v0.12.10 or a higher version (it is recommended to directly pull the latest release or nightly build).
Enforce Key Configuration: Even if your site does not plan to use Stripe payments, after upgrading, you must configure the Stripe Secret Key in the backend. It is recommended to use a randomly generated strong password string or strictly control it via environment variables to eliminate the possibility of an empty key.
Conduct a Billing Self-Audit: Immediately review existing user orders and recharge records within the system (especially in test environments), cross-reference them with actual funds received, and check for any fraudulent high-value recharges.
Improve Payment Authentication: For production environments, it is recommended to thoroughly review the asynchronous callback logic for all payment channels to ensure dual verification of both signature validity and order status authenticity.
The technical details of this vulnerability are now public. Due to its relatively low exploitation barrier, it is recommended that all relevant administrators take immediate action to perform self-inspections and upgrades to prevent potential digital asset losses.
Related article
Ali's Large Model Push: Qwen Digital Human Debuts, Core Ecosystem Integrates
As the AI competition moves into the application layer phase, Alibaba has made a key move by integrating its AI ecosystems. On April 22, Alibaba officially unveiled a unified AI digital persona named 'Qwen Xiaojiuwo,' which gives Tongyi Qianwen a mor
Alibaba Q4 Fiscal 2026 Report: AI Revenue Surges, BaiLian Platform ARR Tops 10 Billion Yuan
Alibaba Group today released its Q4 and full-year 2026 financial results, indicating that its AI-driven cloud business is experiencing explosive growth. The report shows that revenue for the fourth fiscal quarter reached 243.38 billion yuan, up 11% y
Elon Musk Loses Lawsuit Against Sam Altman and OpenAI
Elon Musk's assertion that OpenAI's co-founders wronged him collapsed when nine California jurors unanimously ruled that his lawsuits were filed too late.Musk alleged that Sam Altman, Greg Brockman, OpenAI, and Microsoft "stole a charity" by establis
Related Special Topic Recommendations
chatbot
AI Multi-Agent Orchestrators: Design Complex Automated Workflows through Natural Language
2026 Latest: Discover the best AI multi-agent orchestrators to design complex automated workflows through natural language. Our curated list features top-rated, powerful platforms for seamless task automation and intelligent process management. Compare free vs paid options with real-world insights. Unlock your AI edge with XIX.AI's expert weekly updated rankings.
10 tools
xix.ai
Image editing
Best AI Noise Reduction Software: Remove Grain & Artifacts from Low-Light Night Photography
Discover the 2026 best AI noise reduction software for low-light night photography. Our top-rated, curated list compares free vs paid tools, featuring real-world tests and weekly updated rankings. Remove grain & artifacts effortlessly. Unlock your AI edge at XIX.AI.
10 tools
xix.ai
chatbot
Best Custom AI Girlfriend Generators: Design Unique Personalities, Hobbies, and Backstories
Discover the 2026 best custom AI girlfriend generators on XIX.AI. Explore our top-rated, curated list for designing unique personalities, hobbies, and deep backstories. Compare free vs paid options with real-world insights. Unlock your perfect creative companion today.
10 tools
xix.ai
Productivity
AI Architecture Designers: Build Scalable System Architectures Using Natural Language
Discover the 2026 best AI architecture design tools on XIX.AI. Our curated, top-rated list features powerful, game-changing solutions to build scalable system architectures using natural language. Compare free vs paid options with real-world insights. Unlock your AI edge and streamline development today.
10 tools
xix.ai
Comic Creation
AI Character Profile Creators: Generate Detailed Backstories & Visual Refs for Manga Leads
2026 Latest Best AI Character Profile Creators: Discover top-rated tools to generate detailed backstories and visual references for your manga leads. Our curated, weekly-updated list compares free vs paid options based on real-world tests. Find powerful, game-changing solutions to craft compelling characters and streamline your creative workflow. Explore the rankings on XIX.AI and unlock your perfect storytelling ally today.
10 tools
xix.ai
Health & Wellness
AI Pregnancy Copilots: Generate Safe Trimester-by-Trimester Workout & Nutrition Plans
Discover the 2026 best AI pregnancy copilots for safe, personalized trimester-by-trimester workout and nutrition plans. Get top-rated, curated recommendations with free vs paid comparisons and real-world insights. Unlock your healthiest pregnancy journey with XIX.AI's expert guide. Explore now.
10 tools
xix.ai
Comments (0)
0/500
AIbase Report, April 16, 2026 — The widely used AI large-model interface aggregation and management system QuantumNous/new-api (commonly known as NewAPI), popular in open-source communities and among self-hosted site administrators, has been confirmed to contain a high-risk vulnerability in its payment logic. When the Stripe payment key is not properly configured, attackers can forge Webhook events to bypass the actual payment process, enabling "zero-cost" recharges of arbitrary amounts.
The attack methodology and mitigation strategies for this vulnerability have sparked extensive discussion on developer forums and public technical communities like X (formerly Twitter). Given that the system is often used for commercial operations or token-based billing, the discoverer has temporarily withheld the full proof-of-concept exploit code (PoC) to prevent malicious exploitation and potential financial losses.
Vulnerability Principle Analysis
NewAPI is a management system that handles intermediate processing, billing, and recharge functions for large-model interfaces such as OpenAI and Claude. The core of the exposed vulnerability lies in its failure to rigorously validate empty Stripe keys within the payment success callback (asynchronous Webhook processing logic).
Based on attack flow analysis circulating in technical communities, when the server-side Stripe webhook_secret is not configured (i.e., left as an empty string), it creates a critical trust breakdown:
Signature Mechanism Failure: The HMAC-SHA256 algorithm does not generate an error when processing an empty key. This allows any attacker to compute a forged signature that perfectly matches the server's validation logic for a custom payload.
Constructing a Malicious Event: Attackers only need to obtain or guess the order number format to forge a checkout.session.completed event and set an arbitrarily high amount_total (recharge amount) in the data packet.
Funds Credited Without Actual Payment: After sending the forged request to the server's Webhook endpoint, the server validates the signature using the empty key. Upon successful validation, the system incorrectly treats it as a legitimate paid order and credits the attacker's account balance.
The Final Outcome: Stripe receives $0, and no transaction records appear in the official Stripe dashboard. However, the server logs show normal Webhook callbacks, and the attacker's account balance is successfully increased.
Vulnerability Impact Scope
This vulnerability only affects instances where the Stripe Secret Key is not properly configured. Many administrators overlook configuring this key when setting up test environments or when their sites primarily rely on other payment methods (such as WeChat or Alipay) and do not use the Stripe module, leaving them highly vulnerable.
Official Fix and Recommendations
In response to this serious security risk, the project team acted swiftly and released the latest v0.12.10 version today. The update log clearly indicates the fix direction: “Improved Stripe payment processing to better handle asynchronous webhook events,” addressing the security blind spot in callback verification at a fundamental level.
Security experts strongly recommend all NewAPI users take the following actions:
Upgrade Immediately: Update your instance to the latest v0.12.10 or a higher version (it is recommended to directly pull the latest release or nightly build).
Enforce Key Configuration: Even if your site does not plan to use Stripe payments, after upgrading, you must configure the Stripe Secret Key in the backend. It is recommended to use a randomly generated strong password string or strictly control it via environment variables to eliminate the possibility of an empty key.
Conduct a Billing Self-Audit: Immediately review existing user orders and recharge records within the system (especially in test environments), cross-reference them with actual funds received, and check for any fraudulent high-value recharges.
Improve Payment Authentication: For production environments, it is recommended to thoroughly review the asynchronous callback logic for all payment channels to ensure dual verification of both signature validity and order status authenticity.
The technical details of this vulnerability are now public. Due to its relatively low exploitation barrier, it is recommended that all relevant administrators take immediate action to perform self-inspections and upgrades to prevent potential digital asset losses.
Ali's Large Model Push: Qwen Digital Human Debuts, Core Ecosystem Integrates
As the AI competition moves into the application layer phase, Alibaba has made a key move by integrating its AI ecosystems. On April 22, Alibaba officially unveiled a unified AI digital persona named 'Qwen Xiaojiuwo,' which gives Tongyi Qianwen a mor
Alibaba Q4 Fiscal 2026 Report: AI Revenue Surges, BaiLian Platform ARR Tops 10 Billion Yuan
Alibaba Group today released its Q4 and full-year 2026 financial results, indicating that its AI-driven cloud business is experiencing explosive growth. The report shows that revenue for the fourth fiscal quarter reached 243.38 billion yuan, up 11% y
Elon Musk Loses Lawsuit Against Sam Altman and OpenAI
Elon Musk's assertion that OpenAI's co-founders wronged him collapsed when nine California jurors unanimously ruled that his lawsuits were filed too late.Musk alleged that Sam Altman, Greg Brockman, OpenAI, and Microsoft "stole a charity" by establis
2026 Latest: Discover the best AI multi-agent orchestrators to design complex automated workflows through natural language. Our curated list features top-rated, powerful platforms for seamless task automation and intelligent process management. Compare free vs paid options with real-world insights. Unlock your AI edge with XIX.AI's expert weekly updated rankings.
10 tools
xix.ai
Discover the 2026 best AI noise reduction software for low-light night photography. Our top-rated, curated list compares free vs paid tools, featuring real-world tests and weekly updated rankings. Remove grain & artifacts effortlessly. Unlock your AI edge at XIX.AI.
10 tools
xix.ai
Discover the 2026 best custom AI girlfriend generators on XIX.AI. Explore our top-rated, curated list for designing unique personalities, hobbies, and deep backstories. Compare free vs paid options with real-world insights. Unlock your perfect creative companion today.
10 tools
xix.ai
Discover the 2026 best AI architecture design tools on XIX.AI. Our curated, top-rated list features powerful, game-changing solutions to build scalable system architectures using natural language. Compare free vs paid options with real-world insights. Unlock your AI edge and streamline development today.
10 tools
xix.ai
2026 Latest Best AI Character Profile Creators: Discover top-rated tools to generate detailed backstories and visual references for your manga leads. Our curated, weekly-updated list compares free vs paid options based on real-world tests. Find powerful, game-changing solutions to craft compelling characters and streamline your creative workflow. Explore the rankings on XIX.AI and unlock your perfect storytelling ally today.
10 tools
xix.ai
Discover the 2026 best AI pregnancy copilots for safe, personalized trimester-by-trimester workout and nutrition plans. Get top-rated, curated recommendations with free vs paid comparisons and real-world insights. Unlock your healthiest pregnancy journey with XIX.AI's expert guide. Explore now.
10 tools
xix.ai
