Skip to content
Threat Feed

Product

NextChat (<= 2.16.1)

1 brief RSS
medium advisory

ChatGPTNextWeb NextChat Improper Authorization Vulnerability (CVE-2026-7644)

CVE-2026-7644 is an improper authorization vulnerability in the addMcpServer function of ChatGPTNextWeb NextChat version 2.16.1 and earlier, allowing for potential remote exploitation following public disclosure of the exploit.

NextChat authorization cve-2026-7644 web-application
1r 1t 1c