Description
prompts.chat prior to commit 30a8f04 contains a server-side request forgery vulnerability in Fal.ai media status polling that allows authenticated users to perform arbitrary outbound requests by supplying attacker-controlled URLs in the token parameter. Attackers can exploit the lack of URL validation to disclose the FAL_API_KEY in the Authorization header, enabling credential theft, internal network probing, and abuse of the victim's Fal.ai account.
Published: 2026-04-03
Score: 7.1 High
EPSS: < 1% Very Low
KEV: No
Impact: Credential Theft
Action: Apply Patch
AI Analysis

Impact

A server‑side request forgery flaw in Fal.ai media status polling allows an authenticated user to supply an attacker‑controlled URL in the token parameter. This lack of URL validation enables the server to issue arbitrary outbound requests and expose the Fal.ai API key in the Authorization header. The result is credential theft, internal network probing, and the abusive use of the victim’s Fal.ai account.

Affected Systems

The vulnerability is present in prompts.chat deployments running any code prior to commit 30a8f04. Users and administrators should verify the version in use and determine whether the affected code base remains in production.

Risk and Exploitability

The flaw has a CVSS score of 7.1, indicating moderate‑to‑high severity, yet the EPSS score is below 1% and it is not listed in the CISA KEV catalog, suggesting a low probability of widespread exploitation. The attack requires authentication to the service, which limits the attack surface, but the potential to exfiltrate sensitive keys and probe internal resources makes it a significant risk if unpatched.

Generated by OpenCVE AI on April 13, 2026 at 20:06 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update prompts.chat to the version that includes commit 30a8f04
  • Confirm that the Fal.ai media status polling endpoint no longer accepts arbitrary URLs in the token parameter
  • If immediate update is not feasible, restrict authenticated users from triggering media status polling or block outbound connections to external hosts

Generated by OpenCVE AI on April 13, 2026 at 20:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 13 Apr 2026 18:15:00 +0000

Type Values Removed Values Added
First Time appeared Fka
Fka prompts.chat
CPEs cpe:2.3:a:fka:prompts.chat:*:*:*:*:*:*:*:*
Vendors & Products Fka
Fka prompts.chat

Tue, 07 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
First Time appeared F
F prompts.chat
Vendors & Products F
F prompts.chat

Fri, 03 Apr 2026 21:30:00 +0000

Type Values Removed Values Added
Description prompts.chat prior to commit 30a8f04 contains a server-side request forgery vulnerability in Fal.ai media status polling that allows authenticated users to perform arbitrary outbound requests by supplying attacker-controlled URLs in the token parameter. Attackers can exploit the lack of URL validation to disclose the FAL_API_KEY in the Authorization header, enabling credential theft, internal network probing, and abuse of the victim's Fal.ai account.
Title prompts.chat SSRF via Fal.ai Media Status Polling
Weaknesses CWE-918
References
Metrics cvssV3_1

{'score': 7.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N'}

cvssV4_0

{'score': 7.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N'}

Subscriptions

F Prompts.chat
Fka Prompts.chat
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-07T14:19:51.012Z

Reserved: 2026-01-08T19:04:26.364Z

Link: CVE-2026-22664

cve-icon Vulnrichment

Updated: 2026-04-07T14:19:39.533Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-03T21:17:09.513

Modified: 2026-04-13T18:13:53.827

Link: CVE-2026-22664

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-14T16:41:43Z

Weaknesses