CVE-2026-7178
published 2026-04-27CVE-2026-7178: A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the…
PriorityP349high7.3CVSS 3.1
AVNACLPRNUINSUCLILAL
EPSS
0.34%
26.3th percentile
A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulation of the argument ID causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chatgptnextweb | nextchat | — | — |
| chatgptnextweb | nextchat | — | — |
| nextchat | nextchat | — | — |
| nextchat | nextchat | — | — |
CVSS provenance
nvdv3.17.3HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
nvdv4.05.5MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p35r-jg68-wccx: A weakness has been identified in ChatGPTNextWeb NextChat up to 2
ghsa_unreviewed·2026-04-28
CVE-2026-7178 [MEDIUM] CWE-918 GHSA-p35r-jg68-wccx: A weakness has been identified in ChatGPTNextWeb NextChat up to 2
A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulation of the argument ID causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
VulDB
ChatGPTNextWeb NextChat up to 2.16.1 Artifacts Endpoint route.ts storeUrl ID server-side request forgery (Issue 6741 / EUVD-2026-25931)
vuldb·2026-04-28·CVSS 6.9
CVE-2026-7178 [MEDIUM] ChatGPTNextWeb NextChat up to 2.16.1 Artifacts Endpoint route.ts storeUrl ID server-side request forgery (Issue 6741 / EUVD-2026-25931)
A vulnerability was found in ChatGPTNextWeb NextChat up to 2.16.1. It has been rated as critical. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulation of the argument ID causes server-side request forgery.
The identification of this vulnerability is CVE-2026-7178. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
The project was informed of the problem early through an issue report but has not responded yet.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2026-04-27
Published