CVE-2026-11465 - Vulnerability Details

- songquanpeng one-api Redemption Code Top-Up Endpoint redemption.go Redeem logic error

Description

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotely. The attack requires a high level of complexity. The exploitation is known to be difficult. The exploit has been released to the public and may be used for attacks. The pull request to fix this issue awaits acceptance.

Published: 2026-06-07

Score: 2.3 Low

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

Impact

A logic flaw in the Redeem function of the Redemption Code Top‑Up Endpoint allows a remote attacker to craft requests that result in incorrect handling of redemption operations. The error can lead to unauthorized addition or removal of credits via the API, disrupting the intended business flow. The vulnerability does not provide direct data exfiltration or code execution capabilities, but it can compromise the integrity of the credit system.

Affected Systems

All versions of songquanpeng one‑api up to 0.6.11‑preview.7 are vulnerable, as newer releases are not documented in the CVE data.

Risk and Exploitability

The CVSS score is 2.3, indicating low severity. EPSS data is not available, and the vulnerability is not listed in the CISA KEV catalog. A public exploit exists but is described as requiring high complexity and is considered difficult; consequently the overall risk is low to moderate, mainly impacting business process rather than system security.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

songquanpeng

one-api

affected

Version	Status	Constraints
`0.6.11-preview.0`	affected	—
`0.6.11-preview.1`	affected	—
`0.6.11-preview.2`	affected	—
`0.6.11-preview.3`	affected	—
`0.6.11-preview.4`	affected	—
`0.6.11-preview.5`	affected	—
`0.6.11-preview.6`	affected	—
`0.6.11-preview.7`	affected	—

No data.

No data available yet.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

Merge the pull request that corrects the redeem logic (https://github.com/songquanpeng/one-api/pull/2399) and deploy the updated application version.
If the pull request is not yet merged, consider temporarily disabling or blocking use of the redemption endpoint until a fix is applied.
After a fix is released, upgrade to the patched version or apply the merged changes to ensure the logic error is resolved.

Generated by OpenCVE AI on June 8, 2026 at 03:52 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

Attack Vector Network

Attack Complexity High

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity High

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00032.

Exploitation poc

Automatable no

Technical Impact partial

References

Link	Providers
https://github.com/songquanpeng/one-api/
https://github.com/songquanpeng/one-api/issues/2397
https://github.com/songquanpeng/one-api/pull/2399
https://vuldb.com/cve/CVE-2026-11465
https://vuldb.com/submit/833320
https://vuldb.com/vuln/369085
https://vuldb.com/vuln/369085/cti

History

Mon, 08 Jun 2026 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 08 Jun 2026 01:00:00 +0000

Type	Values Removed	Values Added
Description		A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotely. The attack requires a high level of complexity. The exploitation is known to be difficult. The exploit has been released to the public and may be used for attacks. The pull request to fix this issue awaits acceptance.
Title		songquanpeng one-api Redemption Code Top-Up Endpoint redemption.go Redeem logic error
First Time appeared		Songquanpeng Songquanpeng one-api
Weaknesses		CWE-840
CPEs		cpe:2.3:a:songquanpeng:one-api::::::::
Vendors & Products		Songquanpeng Songquanpeng one-api
References		https://github.com/songquanpeng/one-api/ https://github.com/songquanpeng/one-api/issues/2397 https://github.com/songquanpeng/one-api/pull/2399 https://vuldb.com/cve/CVE-2026-11465 https://vuldb.com/submit/833320 https://vuldb.com/vuln/369085 https://vuldb.com/vuln/369085/cti
Metrics		cvssV2_0 `{'score': 2.1, 'vector': 'AV:N/AC:H/Au:S/C:N/I:P/A:N/E:POC/RL:ND/RC:UR'}` cvssV3_0 `{'score': 3.1, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}` cvssV3_1 `{'score': 3.1, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:R'}` cvssV4_0 `{'score': 2.3, 'vector': 'CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}`

Subscriptions

Songquanpeng One-api

MITRE

Status: PUBLISHED

Assigner: VulDB

Published: 2026-06-07T22:45:09.068Z

Updated: 2026-06-08T13:04:02.291Z

Reserved: 2026-06-07T09:01:03.731Z

Link: CVE-2026-11465

Vulnrichment

Updated: 2026-06-08T13:03:58.941Z

NVD

Status : Deferred

Published: 2026-06-07T23:16:42.060

Modified: 2026-06-08T14:57:14.757

Link: CVE-2026-11465

Redhat

No data.

OpenCVE Enrichment

Updated: 2026-06-08T04:00:06Z

Weaknesses

CWE-840

Impact

Affected Systems

Risk and Exploitability

Tracking

Attack Vector Network

Attack Complexity High

Privileges Required Low

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact Low

Vulnerable System Availability Impact None

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact Low

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity High

Authentication Single

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Exploitation poc

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object