ChatGPTNextWeb NextChat SSRF Vulnerability (CVE-2026-7177) Exposed

/HIGH /CVSS 7.3/10
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW vulnerabilitycvehigh-severityserver-side-request-forgerycwe-918
ChatGPTNextWeb NextChat SSRF Vulnerability (CVE-2026-7177) Exposed

A high-severity Server-Side Request Forgery (SSRF) vulnerability, identified as CVE-2026-7177, has been discovered in ChatGPTNextWeb NextChat versions up to 2.16.1. According to the National Vulnerability Database, this flaw resides within the proxyHandler function in the app/api/[provider]/[...path]/route.ts file. The manipulation allows for remote execution of SSRF attacks, posing a significant risk.

This vulnerability carries a CVSS score of 7.3 (HIGH) and is classified under CWE-918. The National Vulnerability Database indicates that an exploit for this issue has already been publicly released, meaning attackers can readily leverage it. The project maintainers were reportedly informed via an issue report but have not yet responded, leaving affected instances exposed.

SSRF vulnerabilities enable attackers to coerce the server-side application into making requests to an arbitrary domain of their choosing. This can lead to internal network enumeration, access to sensitive internal services, and potential data exfiltration. The public availability of an exploit significantly increases the urgency for defenders to address this threat.

What This Means For You

  • If your organization utilizes ChatGPTNextWeb NextChat, you are directly exposed to CVE-2026-7177. This is not a theoretical threat; a public exploit exists. Immediately verify your NextChat version and prepare for an urgent patch or mitigation. Assume attackers are actively scanning for vulnerable instances.

Related ATT&CK Techniques

T1190 Exploit Public-Facing Application Initial Access T1571 Non-Standard Port Command and Control T1071.001 Web Protocols Command and Control

🛡️ Detection Rules

3 rules · 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

high T1190 Initial Access

CVE-2026-7177 - ChatGPTNextWeb NextChat SSRF via proxyHandler

Sigma YAML — free preview 
title: CVE-2026-7177 - ChatGPTNextWeb NextChat SSRF via proxyHandler
id: scw-2026-04-27-ai-1
status: experimental
level: high
description: |
  Detects potential exploitation of CVE-2026-7177 in ChatGPTNextWeb NextChat. This rule looks for requests targeting the '/api/proxy/' endpoint with a 'url=' parameter in the query string, indicative of the SSRF vulnerability in the proxyHandler function. A 200 status code suggests a successful, albeit potentially malicious, response.
author: SCW Feed Engine (AI-generated)
date: 2026-04-27
references:
  - https://shimiscyberworld.com/posts/nvd-CVE-2026-7177/
tags:
  - attack.initial_access
  - attack.t1190
logsource:
    category: webserver
detection:
  selection:
      uri|contains:
          - '/api/proxy/'
      cs-uri-query|contains:
          - 'url='
      cs-method:
          - 'GET'
      sc-status:
          - '200'
  condition: selection
falsepositives:
  - Legitimate administrative activity

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Indicators of Compromise

IDTypeIndicator
CVE-2026-7177 SSRF ChatGPTNextWeb NextChat up to 2.16.1
CVE-2026-7177 SSRF Vulnerable function: proxyHandler in app/api/[provider]/[...path]/route.ts

Written by SCW Vulnerability Desk

Source & Attribution
Source PlatformNVD
ChannelNational Vulnerability Database
PublishedApril 28, 2026 at 01:16 UTC

This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.

Believe this infringes your rights? Submit a takedown request.

Related coverage

CVE-2026-7199: SQL Injection in Pharmacy Sales and Inventory System

CVE-2026-7199 — A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file...

vulnerabilityCVEhigh-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /HIGH /7.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-7196 — CodeAstro Online Classroom SQL Injection

CVE-2026-7196 — A security vulnerability has been detected in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /guestdetails. Such manipulation of...

vulnerabilityCVEmedium-severitysql-injectioncwe-74cwe-89
/SCW Vulnerability Desk /MEDIUM /6.3 /⚑ 3 IOCs /⚙ 3 Sigma

CVE-2026-41372 — OpenClaw before 2026.4.2 fails to normalize trailing-dot

CVE-2026-41372 — OpenClaw before 2026.4.2 fails to normalize trailing-dot localhost hosts in remote CDP discovery responses, allowing bypass of loopback protections. Attackers can craft hostile...

vulnerabilityCVEmedium-severitycwe-639
/SCW Vulnerability Desk /MEDIUM /5.8 /⚑ 2 IOCs /⚙ 1 Sigma