Skip to main content

Prompts Chat CVE-2026-22664

| EUVDEUVD-2026-18827 HIGH
Server-Side Request Forgery (SSRF) (CWE-918)
2026-04-03 VulnCheck GHSA-43rw-xw76-9g92
7.1
CVSS 4.0 · Vendor: VulnCheck
Share

Severity by source

Vendor (VulnCheck) PRIMARY
7.1 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from Vendor (VulnCheck) · only source for this CVE.

CVSS VectorVendor: VulnCheck

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
EUVD ID Assigned
Apr 03, 2026 - 20:45 euvd
EUVD-2026-18827
Analysis Generated
Apr 03, 2026 - 20:45 vuln.today
Patch released
Apr 03, 2026 - 20:45 nvd
Patch available
CVE Published
Apr 03, 2026 - 20:27 nvd
HIGH 7.1

DescriptionCVE.org

prompts.chat prior to commit 30a8f04 contains a server-side request forgery vulnerability in Fal.ai media status polling that allows authenticated users to perform arbitrary outbound requests by supplying attacker-controlled URLs in the token parameter. Attackers can exploit the lack of URL validation to disclose the FAL_API_KEY in the Authorization header, enabling credential theft, internal network probing, and abuse of the victim's Fal.ai account.

AnalysisAI

Server-side request forgery (SSRF) in prompts.chat allows authenticated users to force the server to make arbitrary HTTP requests with the application's FAL_API_KEY exposed in Authorization headers. Attackers can exploit unvalidated URL parameters in Fal.ai media status polling to exfiltrate API credentials, probe internal networks, and abuse the victim's Fal.ai account resources. Patch available via GitHub commit 30a8f04. No public exploit identified at time of analysis, though CVSS vector indicates low attack complexity with network-based attack vector requiring only low privileges.

Technical ContextAI

This vulnerability affects prompts.chat (cpe:2.3:a:f:prompts.chat), a web application that integrates with Fal.ai for media processing. The flaw is classified as CWE-918 (Server-Side Request Forgery), occurring in the media status polling mechanism for Fal.ai operations. The application accepts a token parameter containing URLs for polling media generation status but fails to validate or sanitize these URLs before making outbound HTTP requests. When the server performs these requests, it includes the FAL_API_KEY in the Authorization header, allowing attackers to redirect requests to attacker-controlled endpoints. This creates a classic SSRF condition where user-supplied input directly controls backend HTTP request destinations without proper allowlist validation or URL scheme restrictions, compounded by credential leakage through header forwarding.

RemediationAI

Organizations should immediately upgrade to prompts.chat commit 30a8f0470e0ba45e6be9c9f55220f4a9a6b91c99 or later, which addresses the SSRF vulnerability by implementing proper URL validation in the Fal.ai media status polling mechanism. The patch is available from the official GitHub repository at https://github.com/f/prompts.chat/commit/30a8f0470e0ba45e6be9c9f55220f4a9a6b91c99. After patching, organizations should rotate FAL_API_KEY credentials immediately to invalidate any keys potentially exfiltrated through prior exploitation. As an interim mitigation if immediate patching is not possible, restrict network egress from the prompts.chat server to only necessary Fal.ai endpoints using firewall rules or network policies, and implement authentication log monitoring to detect suspicious authenticated user activity targeting media polling endpoints. Review application logs for unusual outbound requests or polling behavior that may indicate historical exploitation attempts. Complete remediation guidance is available in the VulnCheck advisory at https://www.vulncheck.com/advisories/prompts-chat-ssrf-via-fal-ai-media-status-polling.

Share

CVE-2026-22664 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy