{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata — refreshed continuously.","feed_url":"https://feed.craftedsignal.io/tags/cve-2026-7644/","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cves":[{"cvss":7.3,"id":"CVE-2026-7644"}],"_cs_exploited":false,"_cs_products":["NextChat (\u003c= 2.16.1)"],"_cs_severities":["medium"],"_cs_tags":["authorization","cve-2026-7644","web-application"],"_cs_type":"advisory","_cs_vendors":["ChatGPTNextWeb"],"content_html":"\u003cp\u003eA vulnerability, CVE-2026-7644, affects ChatGPTNextWeb NextChat up to version 2.16.1. The flaw exists within the \u003ccode\u003eaddMcpServer\u003c/code\u003e function located in the \u003ccode\u003eapp/mcp/actions.ts\u003c/code\u003e file. This vulnerability allows for improper authorization, potentially enabling unauthorized actions. The exploit has been publicly disclosed, increasing the risk of exploitation. The vendor was notified, but there has been no response as of the time of this writing. This vulnerability allows for remote exploitation, meaning an attacker does not need local access to the system to exploit it. Defenders should prioritize patching or mitigating this vulnerability to prevent unauthorized access and potential data breaches.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eAttacker identifies a ChatGPTNextWeb NextChat instance running version 2.16.1 or earlier.\u003c/li\u003e\n\u003cli\u003eAttacker sends a crafted request to the \u003ccode\u003eaddMcpServer\u003c/code\u003e function in \u003ccode\u003eapp/mcp/actions.ts\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe application fails to properly authorize the request due to the vulnerability in \u003ccode\u003eaddMcpServer\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eThe attacker bypasses authorization checks.\u003c/li\u003e\n\u003cli\u003eThe attacker successfully adds a malicious MCP server configuration.\u003c/li\u003e\n\u003cli\u003eThe application uses the malicious MCP server configuration, potentially leading to further unauthorized actions.\u003c/li\u003e\n\u003cli\u003eAttacker gains unauthorized access to sensitive data or functionality.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of CVE-2026-7644 could lead to unauthorized access to a NextChat instance. An attacker could potentially manipulate MCP server configurations, leading to further compromise of the application and associated data. Since the exploit is publicly available, the risk of exploitation is significantly elevated, potentially affecting all unpatched instances of NextChat version 2.16.1 or earlier.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade ChatGPTNextWeb NextChat to a version higher than 2.16.1 to patch CVE-2026-7644.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for suspicious requests targeting the \u003ccode\u003eaddMcpServer\u003c/code\u003e function in \u003ccode\u003eapp/mcp/actions.ts\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule to detect unauthorized calls to the \u003ccode\u003eaddMcpServer\u003c/code\u003e function.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2024-01-03T12:00:00Z","date_published":"2024-01-03T12:00:00Z","id":"/briefs/2024-01-nextchat-auth-bypass/","summary":"CVE-2026-7644 is an improper authorization vulnerability in the addMcpServer function of ChatGPTNextWeb NextChat version 2.16.1 and earlier, allowing for potential remote exploitation following public disclosure of the exploit.","title":"ChatGPTNextWeb NextChat Improper Authorization Vulnerability (CVE-2026-7644)","url":"https://feed.craftedsignal.io/briefs/2024-01-nextchat-auth-bypass/"}],"language":"en","title":"CraftedSignal Threat Feed — Cve-2026-7644","version":"https://jsonfeed.org/version/1.1"}