Platform
nodejs
Component
openai-realtime-ui
Fixed in
188.0.1
A server-side request forgery (SSRF) vulnerability has been identified in openai-realtime-ui, affecting versions up to 188ccde27fdf3d8fab8da81f3893468f53b2797c. This flaw allows attackers to manipulate the Query argument within the API Proxy Endpoint, potentially enabling them to initiate unauthorized requests to internal or external resources. A public exploit is available, highlighting the urgency of remediation. The patched version is 54f8f50f43af97c334a881af7b021e84b5b8310f.
Successful exploitation of CVE-2026-5803 allows an attacker to perform server-side request forgery (SSRF). This means the attacker can trick the server into making requests to arbitrary URLs, potentially exposing internal services, sensitive data, or even allowing the attacker to interact with internal systems as if they were the server itself. The ability to initiate requests to internal resources bypasses typical network segmentation and can lead to data exfiltration, privilege escalation, or even remote code execution if the targeted internal service is vulnerable. The public availability of an exploit significantly increases the risk of immediate exploitation.
This vulnerability has a public proof-of-concept available, indicating a high likelihood of exploitation. The vulnerability was disclosed on 2026-04-08. It is not currently listed on CISA KEV, but the public exploit suggests a medium to high probability of exploitation in the wild. The continuous delivery model means that new versions are frequently released, so timely patching is crucial.
Exploit Status
EPSS
0.05% (14% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2026-5803 is to upgrade to the patched version, 54f8f50f43af97c334a881af7b021e84b5b8310f. Given the continuous delivery model of openai-realtime-ui, this should be a rolling release. If upgrading immediately is not feasible, consider implementing input validation on the Query parameter to restrict the URLs that can be accessed. Web application firewalls (WAFs) configured to detect and block SSRF attempts can provide an additional layer of defense. Monitor API Proxy Endpoint logs for unusual outbound requests. After upgrading, confirm the fix by attempting to trigger the SSRF vulnerability with a known malicious URL and verifying that the request is blocked.
Install the patched version 54f8f50f43af97c334a881af7b021e84b5b8310f to mitigate the server-side request forgery (SSRF) vulnerability. Review the project documentation for specific upgrade instructions. Ensure all dependencies are updated to avoid potential compatibility issues.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2026-5803 is a server-side request forgery vulnerability in openai-realtime-ui versions up to 188ccde27fdf3d8fab8da81f3893468f53b2797c, allowing attackers to manipulate requests through the API Proxy Endpoint.
If you are using openai-realtime-ui versions prior to 54f8f50f43af97c334a881af7b021e84b5b8310f, you are potentially affected by this SSRF vulnerability.
Upgrade to version 54f8f50f43af97c334a881af7b021e84b5b8310f. Implement input validation as a temporary workaround if immediate patching isn't possible.
A public exploit exists, indicating a high probability of active exploitation. Prompt remediation is strongly recommended.
Refer to the openai-realtime-ui project's release notes and documentation for the official advisory regarding CVE-2026-5803.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.