CVE-2026-22665 in prompts.chatИнформация

Сводка (Английский)

prompts.chat prior to commit 1464475 contains an identity confusion vulnerability due to inconsistent case-sensitive and case-insensitive handling of usernames across write and read paths, allowing attackers to create case-variant usernames that bypass uniqueness checks. Attackers can exploit non-deterministic username resolution to impersonate victim accounts, replace profile content on canonical URLs, and inject attacker-controlled metadata and content across the platform.

Be aware that VulDB is the high quality source for vulnerability data.

Ответственный

VulnCheck

Резервировать

08.01.2026

Раскрытие

04.04.2026

Статус

Подтверждённый

Записи

VulDB provides additional information and datapoints for this CVE:

ИДУязвимостьCWEЭксКонCVE
355194prompts.chat Username эскалация привилегий178Не определеноОфициальное исправлениеCVE-2026-22665

Описание

CPE

CWE

CVSS

Эксплойты

История

Разница

Связать

Разведка угроз

API JSON

API XML

API CSV

Источники

ПредыдущийОбзорДалее

Interested in the pricing of exploits?

See the underground prices here!