CVE-2026-7643 Overview
CVE-2026-7643 affects ChatGPTNextWeb NextChat versions up to 2.16.1. The flaw resides in an unspecified function within the Next.js API endpoint component and allows a permissive cross-domain policy with untrusted domains [CWE-346: Origin Validation Error]. Attackers can exploit the issue remotely over the network with low attack complexity, although user interaction is required. A public exploit has been disclosed, and the maintainers were notified through a GitHub issue but have not responded. The flaw enables limited integrity impact by permitting untrusted origins to interact with the application's API surface.
Critical Impact
Permissive cross-origin configuration in the NextChat API endpoint allows untrusted domains to issue requests against the application, exposing users to cross-origin attacks when they visit attacker-controlled pages.
Affected Products
- ChatGPTNextWeb NextChat versions up to and including 2.16.1
- The vulnerable component is the Next.js API endpoint within NextChat
- No fixed version has been published by the project at the time of disclosure
Discovery Timeline
- 2026-05-02 - CVE-2026-7643 published to NVD
- 2026-05-05 - Last updated in NVD database
Technical Details for CVE-2026-7643
Vulnerability Analysis
The vulnerability is an origin validation flaw classified under [CWE-346]. NextChat's API endpoint is implemented through Next.js and accepts cross-origin requests from untrusted domains without sufficient restriction. When a browser-based client visits a malicious site, that site can issue requests to a NextChat instance using the victim's session context. The application accepts these requests because the cross-domain policy is overly permissive.
The issue carries a low integrity impact and no direct confidentiality or availability impact. Exploitation requires user interaction, typically the victim navigating to an attacker-controlled page that issues background requests to the NextChat backend.
Root Cause
The root cause is missing or improperly configured origin validation on the NextChat API endpoint. Cross-origin resource sharing (CORS) headers, or equivalent middleware checks within the Next.js request pipeline, do not restrict request origins to a trusted allowlist. As a result, any web origin can interact with the API surface.
Attack Vector
An attacker hosts a malicious web page that issues requests to a victim's NextChat deployment. When the victim loads the page, the browser sends authenticated requests using stored credentials or session tokens. The permissive policy allows the response to be processed or the action to succeed, yielding limited integrity impact against the NextChat instance. The exploit has been published, lowering the barrier to attack.
The vulnerability mechanism is described in the GitHub Issue #6756 and the VulDB entry #360755. No verified exploit code is reproduced here.
Detection Methods for CVE-2026-7643
Indicators of Compromise
- Unexpected cross-origin requests to NextChat API endpoints originating from external referrers
- HTTP responses returning permissive Access-Control-Allow-Origin headers such as * or reflected arbitrary origins
- Anomalous API calls to NextChat occurring while users are browsing unrelated third-party sites
Detection Strategies
- Inspect web server and reverse proxy logs for Origin headers that do not match the expected NextChat deployment domain
- Audit Next.js middleware and route handlers in the NextChat codebase for missing CORS validation
- Use a browser developer console or proxy tool to confirm whether the API endpoint reflects untrusted origins
Monitoring Recommendations
- Forward NextChat application and proxy logs to a centralized logging or SIEM platform and alert on cross-origin request spikes
- Monitor outbound CORS preflight (OPTIONS) traffic patterns for requests originating from unknown referrers
- Track GitHub issue #6756 for upstream remediation status
How to Mitigate CVE-2026-7643
Immediate Actions Required
- Restrict NextChat API access to trusted internal networks or place it behind an authenticated reverse proxy that enforces origin checks
- Add a strict CORS allowlist at the reverse proxy or Next.js middleware layer, rejecting requests from unapproved origins
- Require additional anti-CSRF tokens on state-changing API routes to reduce risk from cross-origin requests
Patch Information
No official patch is available. According to the VulDB advisory, the project was informed through an issue report but has not responded. Operators should monitor the NextChat repository for an upstream fix and apply it once released.
Workarounds
- Configure the reverse proxy (nginx, Caddy, Cloudflare) to drop or rewrite Origin headers that do not match the deployment domain
- Disable public exposure of the NextChat API endpoint and require VPN or zero-trust access
- Implement SameSite=Strict cookies for session tokens to limit cross-origin credential reuse
# Example nginx configuration enforcing a strict origin allowlist
map $http_origin $cors_ok {
default 0;
"https://nextchat.example.com" 1;
}
server {
location /api/ {
if ($cors_ok = 0) { return 403; }
add_header Access-Control-Allow-Origin $http_origin always;
add_header Vary Origin always;
proxy_pass http://nextchat_upstream;
}
}
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
