Skip to content
CVSS 7.3 · HIGH

CVE-2026-7178

A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulation of the argument ID causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Ver en NVD

Análisis

ChatGPTNextWeb (NextChat) versions up to 2.16.1 are vulnerable to a Server-Side Request Forgery (SSRF) in the Artifacts Endpoint. If you self-host this tool, remote attackers can use your server to probe internal network services or access cloud metadata; as a public exploit exists and the project has not yet released a fix, extra caution is advised when exposing this service.

Severidad

Puntaje: 7.3(HIGH)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
AV: NETWORK
AC: LOW
PR: NONE
UI: NONE
S: UNCHANGED
C: LOW
I: LOW
A: LOW
Tipo de falla (CWE): CWE-918

EPSS

Probabilidad de explotación (próx. 30 días): 0.0007 (0.1%)
Percentil: 20.3%
EPSS: 2026-05-06

Afecta

nextchat:nextchat

Descripción técnica

A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulation of the argument ID causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Publicada: 27/4/2026, 22:16:19
Última modificación: 30/4/2026, 19:26:52

Referencias

InicioEventosBlogRecursosEquipo