Vendor
medium
advisory
ChatGPTNextWeb NextChat Server-Side Request Forgery Vulnerability
2 rules 1 TTP 1 CVEA server-side request forgery (SSRF) vulnerability in ChatGPTNextWeb NextChat up to version 2.16.1 allows remote attackers to manipulate the proxyHandler function, potentially leading to unauthorized internal resource access.
NextChat
ssrf
cve-2026-7177
web-application
2r
1t
1c
high
threat
ChatGPTNextWeb NextChat SSRF Vulnerability (CVE-2026-7178)
2 rules 1 TTP 1 CVEChatGPTNextWeb NextChat versions up to 2.16.1 are vulnerable to server-side request forgery (SSRF) due to improper input validation in the storeUrl function, allowing remote attackers to potentially access internal resources or conduct other malicious activities.
exploited
NextChat
ssrf
cve
vulnerability
web-application
2r
1t
1c
medium
advisory
ChatGPTNextWeb NextChat Improper Authorization Vulnerability (CVE-2026-7644)
1 rule 1 TTP 1 CVECVE-2026-7644 is an improper authorization vulnerability in the addMcpServer function of ChatGPTNextWeb NextChat version 2.16.1 and earlier, allowing for potential remote exploitation following public disclosure of the exploit.
NextChat
authorization
cve-2026-7644
web-application
1r
1t
1c