Every CVE whose affected-product data names Nextchat, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-49785 — CVSS 9.1 (critical): NextChat, also known as ChatGPT-Next-Web, is a cross-platform chat user interface for use with ChatGPT. Versions 2.11.2 and prior are…
CVE-2025-50735 — CVSS 7.5 (high): Directory traversal vulnerability in NextChat thru 2.16.0 due to the WebDAV proxy failing to canonicalize or reject dot path segments in…
CVE-2026-7177 — CVSS 7.3 (high): A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function proxyHandler of the…
CVE-2026-7178 — CVSS 7.3 (high): A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file…