CVE-2026-22662
MediumCVSS 4.3Exploitation Probability (EPSS)
Low risk9th percentile - higher than 9% of all known CVEs
Summary
The vulnerability in prompts.chat prior to commit 1464475 allows authenticated users to perform blind server-side request forgery (SSRF) via the inputImageUrl parameter in the Wiro media generator. Attackers can send POST requests to the /api/media-generate endpoint to probe internal networks, access internal services, and exfiltrate data through the upstream Wiro service.
Risk Assessment
The risk includes unauthorized access to internal network resources, potential data confidentiality breaches, and the possibility of launching further attacks on the organization's internal infrastructure.
Recommendation
Immediately update prompts.chat to a version containing commit 1464475 or later, and restrict access to the /api/media-generate endpoint to trusted users only.
Original NVD description (English source)
prompts.chat prior to commit 1464475 contains a blind server-side request forgery vulnerability in the Wiro media generator that allows authenticated users to perform server-side fetches of user-controlled inputImageUrl parameters. Attackers can exploit this vulnerability by sending POST requests to the /api/media-generate endpoint to probe internal networks, access internal services, and exfiltrate data through the upstream Wiro service without receiving direct response bodies.

