CVE-2026-7177
Published: 27 April 2026
Summary
CVE-2026-7177 is a high-severity SSRF (CWE-918) vulnerability in Nextchat Nextchat. Its CVSS base score is 7.3 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 20.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires identification, reporting, testing, and timely installation of patches for the SSRF flaw in the proxyHandler function, eliminating the vulnerability at its source.
Mandates validation of user-supplied inputs to the proxyHandler function, preventing attackers from forging server-side requests to unauthorized destinations.
Monitors and controls outbound communications at system boundaries, blocking or detecting unauthorized requests triggered by SSRF exploitation.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
This SSRF vulnerability in a public-facing web application directly enables remote exploitation without privileges or user interaction, mapping to T1190 Exploit Public-Facing Application by allowing forged server-side requests to arbitrary internal or external resources.
NVD Description
A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function proxyHandler of the file app/api/[provider]/[...path]/route.ts. The manipulation results in server-side request forgery. The attack may be performed from remote. The exploit…
more
has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
Deeper analysisAI
CVE-2026-7177 is a server-side request forgery (SSRF) vulnerability, classified under CWE-918, affecting ChatGPTNextWeb NextChat versions up to 2.16.1. The flaw resides in the proxyHandler function within the file app/api/[provider]/[...path]/route.ts. Published on April 27, 2026, it carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), indicating high severity due to its network accessibility and lack of prerequisites.
Remote attackers require no privileges or user interaction to exploit this vulnerability, enabling them to manipulate the proxyHandler and forge requests from the server. Successful exploitation results in limited impacts on confidentiality, integrity, and availability, potentially allowing attackers to induce the server to make unintended requests, such as to internal or external resources.
No patches or official mitigations have been released, as the project was informed via GitHub issue #6742 but has not responded. Security practitioners should monitor the repository at https://github.com/ChatGPTNextWeb/NextChat/ and review the public exploit at https://gist.github.com/YLChen-007/da6b00024f5b7e1d4fa0658c19b77fbf, along with VulDB entries at https://vuldb.com/vuln/359779 and https://vuldb.com/submit/797645, for updates.
The exploit has been publicly released, increasing the risk of active attacks against unpatched instances of this ChatGPT-related web application.
Details
- CWE(s)