ChatGPTNextWeb NextChat Artifacts Endpoint route.ts storeUrl server-side request forgery

6.9 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulation of the argument ID causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Basic Information

ID CVE-2026-7178

Source VulDB

Published Apr 27, 2026 at 22:00

Affected Product

Vendor ChatGPTNextWeb

Product NextChat

Version 2.16.0

Affected Versions ChatGPTNextWeb NextChat 2.16.0
ChatGPTNextWeb NextChat 2.16.1

CWE Classification

CWE-918

References

{
    "lastseen": "",
    "description": "A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulation of the argument ID causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.",
    "published": "2026-04-27T22:00:20.342Z",
    "modified": "2026-04-27T22:00:20.342Z",
    "type": "cve",
    "title": "ChatGPTNextWeb NextChat Artifacts Endpoint route.ts storeUrl server-side request forgery",
    "source": "VulDB",
    "references": "https://vuldb.com/vuln/359780\nhttps://vuldb.com/vuln/359780/cti\nhttps://vuldb.com/submit/797646\nhttps://github.com/ChatGPTNextWeb/NextChat/issues/6741\nhttps://gist.github.com/YLChen-007/43252d45d75e8bdd2d45136fd6ffe8a5\nhttps://github.com/ChatGPTNextWeb/NextChat/",
    "id": "CVE-2026-7178",
    "bulletinFamily": "",
    "cwe": [
        "CWE-918"
    ],
    "cvelist": null,
    "sourceData": "ChatGPTNextWeb NextChat 2.16.0\nChatGPTNextWeb NextChat 2.16.1",
    "sourceHref": "",
    "cvss": {
        "score": 6.9,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "NextChat",
    "version": "2.16.0",
    "vendor": "ChatGPTNextWeb",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

ChatGPTNextWeb NextChat Artifacts Endpoint route.ts storeUrl server-side request forgery_CVE-2026-7178