Skip to main content

Prompts Chat

5 CVEs product

Monthly

CVE-2026-22665 HIGH PATCH This Week

Identity confusion in prompts.chat (prior to commit 1464475) enables authenticated attackers to impersonate users and hijack profile URLs by creating case-variant usernames (e.g., 'Alice' vs 'alice'). Inconsistent case-handling between write and read operations allows bypass of uniqueness validation, letting attackers inject malicious content on canonical victim profiles. EPSS data not available; no public exploit identified at time of analysis, though attack complexity is low (CVSS:4.0 AC:L) requiring only low-privilege access (PR:L). VulnCheck disclosed this vulnerability with vendor patch released via GitHub commit.

Information Disclosure Canonical Prompts Chat
NVD GitHub VulDB
CVSS 4.0
8.6
EPSS
0.0%
CVE-2026-22664 HIGH PATCH This Week

Server-side request forgery (SSRF) in prompts.chat allows authenticated users to force the server to make arbitrary HTTP requests with the application's FAL_API_KEY exposed in Authorization headers. Attackers can exploit unvalidated URL parameters in Fal.ai media status polling to exfiltrate API credentials, probe internal networks, and abuse the victim's Fal.ai account resources. Patch available via GitHub commit 30a8f04. No public exploit identified at time of analysis, though CVSS vector indicates low attack complexity with network-based attack vector requiring only low privileges.

SSRF Prompts Chat
NVD GitHub VulDB
CVSS 4.0
7.1
EPSS
0.0%
CVE-2026-22663 HIGH PATCH This Week

Authorization bypass vulnerabilities in prompts.chat (pre-commit 7b81836) expose private prompt data to unauthenticated remote attackers. Missing isPrivate validation checks across multiple API endpoints and metadata generation functions allow unauthorized retrieval of version history, change requests, examples, content, and HTML meta tag information for prompts marked private. No public exploit identified at time of analysis, though CVSS 8.7 reflects network-accessible, low-complexity attack requiring no privileges. Vendor-released patch available via GitHub commit 7b81836b21.

Authentication Bypass Information Disclosure Prompts Chat
NVD GitHub VulDB
CVSS 4.0
8.7
EPSS
0.0%
CVE-2026-22662 MEDIUM PATCH This Month

Blind server-side request forgery in prompts.chat media generator allows authenticated users to manipulate the inputImageUrl parameter in /api/media-generate POST requests to perform arbitrary server-side HTTP fetches, enabling internal network reconnaissance, access to internal services, and potential data exfiltration through the upstream Wiro service without receiving direct response bodies. The vulnerability affects prompts.chat prior to commit 1464475 and requires valid user authentication; patch availability has been confirmed through vendor repository.

SSRF Prompts Chat
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2026-22661 HIGH PATCH This Week

Path traversal in prompts.chat skill file extraction allows unauthenticated remote attackers to write arbitrary files and execute code on client systems through malicious ZIP archives. The vulnerability (CVSS 8.6) stems from missing server-side filename validation enabling ../ sequences in archive filenames that overwrite shell initialization files during extraction. VulnCheck identified this issue; vendor-released patch available in commit 0f8d4c3. No public exploit identified at time of analysis, though EPSS data not available for risk quantification.

Path Traversal RCE Prompts Chat
NVD GitHub VulDB
CVSS 4.0
8.6
EPSS
0.0%
EPSS 0% CVSS 8.6
HIGH PATCH This Week

Identity confusion in prompts.chat (prior to commit 1464475) enables authenticated attackers to impersonate users and hijack profile URLs by creating case-variant usernames (e.g., 'Alice' vs 'alice'). Inconsistent case-handling between write and read operations allows bypass of uniqueness validation, letting attackers inject malicious content on canonical victim profiles. EPSS data not available; no public exploit identified at time of analysis, though attack complexity is low (CVSS:4.0 AC:L) requiring only low-privilege access (PR:L). VulnCheck disclosed this vulnerability with vendor patch released via GitHub commit.

Information Disclosure Canonical Prompts Chat
NVD GitHub VulDB
EPSS 0% CVSS 7.1
HIGH PATCH This Week

Server-side request forgery (SSRF) in prompts.chat allows authenticated users to force the server to make arbitrary HTTP requests with the application's FAL_API_KEY exposed in Authorization headers. Attackers can exploit unvalidated URL parameters in Fal.ai media status polling to exfiltrate API credentials, probe internal networks, and abuse the victim's Fal.ai account resources. Patch available via GitHub commit 30a8f04. No public exploit identified at time of analysis, though CVSS vector indicates low attack complexity with network-based attack vector requiring only low privileges.

SSRF Prompts Chat
NVD GitHub VulDB
EPSS 0% CVSS 8.7
HIGH PATCH This Week

Authorization bypass vulnerabilities in prompts.chat (pre-commit 7b81836) expose private prompt data to unauthenticated remote attackers. Missing isPrivate validation checks across multiple API endpoints and metadata generation functions allow unauthorized retrieval of version history, change requests, examples, content, and HTML meta tag information for prompts marked private. No public exploit identified at time of analysis, though CVSS 8.7 reflects network-accessible, low-complexity attack requiring no privileges. Vendor-released patch available via GitHub commit 7b81836b21.

Authentication Bypass Information Disclosure Prompts Chat
NVD GitHub VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Blind server-side request forgery in prompts.chat media generator allows authenticated users to manipulate the inputImageUrl parameter in /api/media-generate POST requests to perform arbitrary server-side HTTP fetches, enabling internal network reconnaissance, access to internal services, and potential data exfiltration through the upstream Wiro service without receiving direct response bodies. The vulnerability affects prompts.chat prior to commit 1464475 and requires valid user authentication; patch availability has been confirmed through vendor repository.

SSRF Prompts Chat
NVD GitHub VulDB
EPSS 0% CVSS 8.6
HIGH PATCH This Week

Path traversal in prompts.chat skill file extraction allows unauthenticated remote attackers to write arbitrary files and execute code on client systems through malicious ZIP archives. The vulnerability (CVSS 8.6) stems from missing server-side filename validation enabling ../ sequences in archive filenames that overwrite shell initialization files during extraction. VulnCheck identified this issue; vendor-released patch available in commit 0f8d4c3. No public exploit identified at time of analysis, though EPSS data not available for risk quantification.

Path Traversal RCE Prompts Chat
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy