A vulnerability has been found in QuantumNous new-api up to 0.12.0-alpha.0 and classified as problematic. This issue affects some unknown processing of the file /api/oauth/email/bind of the component Account Binding. This manipulation causes state issue.

The identification of this vulnerability is CVE-2026-44342. It is possible to initiate the attack remotely. There is no exploit available.