CVE-2026-22663

HighPublic PoC

Published: 03 April 2026

Published

03 April 2026

Modified

13 April 2026

KEV Added

—

Patch

—

CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS Score 0.0004 12.8th percentile

Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2026-22663 is a high-severity Missing Authorization (CWE-862) vulnerability in Fka Prompts.Chat. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 12.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-22 (Publicly Accessible Content) and AC-3 (Access Enforcement).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190). What defenders deploy: see the NIST 800-53 controls recommended below.

Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

AC-3 Access Enforcement good match

prevent

Enforces approved authorizations for logical access to private prompt data, directly addressing the missing isPrivate checks in API endpoints and page metadata generation.

AC-22 Publicly Accessible Content good match

prevent

Ensures publicly accessible content like HTML meta tags does not expose unauthorized private prompt metadata, titles, and descriptions.

AU-13 Monitoring for Information Disclosure partial match

detect

Monitors system components for unauthorized disclosures of sensitive private prompt data such as version history and content.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

Why these techniques?

Auth bypass in public-facing web app directly enables remote unauthenticated access to private data via T1190.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

prompts.chat prior to commit 7b81836 contains multiple authorization bypass vulnerabilities due to missing isPrivate checks across API endpoints and page metadata generation that allow unauthorized users to access sensitive data associated with private prompts. Attackers can exploit these missing authorization…

checks to retrieve private prompt version history, change requests, examples, current content, and metadata including titles and descriptions exposed via HTML meta tags.

Deeper analysisAI

CVE-2026-22663 is a set of multiple authorization bypass vulnerabilities (CWE-862) affecting prompts.chat prior to commit 7b81836. The issues stem from missing isPrivate checks in various API endpoints and page metadata generation, enabling unauthorized access to sensitive data tied to private prompts. Published on 2026-04-03 with a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N), it exposes high confidentiality impacts without requiring privileges, user interaction, or scope changes.

Attackers with network access can exploit these flaws as unauthenticated users to retrieve private prompt data, including version history, change requests, examples, current content, and metadata such as titles and descriptions leaked via HTML meta tags. No special privileges or user interaction are needed, making it straightforward for remote adversaries to enumerate and extract sensitive information from private resources across the application.

Mitigation involves updating to commit 7b81836, as detailed in the project's GitHub commit and pull request #1104. The VulnCheck advisory provides further analysis on the authorization bypass and information disclosure risks, recommending verification of isPrivate enforcement in affected endpoints.