VBS-2026-0005CRITICALCVSS 8.6CWE-798AI-generated code frequently calls the OpenAI or Anthropic API directly from client-side React components or includes the key in NEXT_PUBLIC_ env variables. This exposes the key to all users, enabling API abuse, cost manipulation, and data extraction from the LLM context.
// app/chat/page.tsx (client component - bundles to browser):
export const openai = new OpenAI({
apiKey: process.env.NEXT_PUBLIC_OPENAI_API_KEY, // ← exposed
dangerouslyAllowBrowser: true, // ← AI added this flag
})All LLM API calls must go through a server-side API route. Remove NEXT_PUBLIC_ prefix from AI keys. Delete dangerouslyAllowBrowser: true.
How do I check if my Next.js + React app is affected by openAI / Anthropic API key hardcoded in Next.js client component?
AI-generated code frequently calls the OpenAI or Anthropic API directly from client-side React components or includes the key in NEXT_PUBLIC_ env variables. Search your codebase for Next.js, React, Vite, Create React App patterns and verify the remediation has been applied.
Why does Lovable and Bolt.new generate code with CWE-798 (critical severity)?
AI-generated code frequently calls the OpenAI or Anthropic API directly from client-side React components or includes the key in NEXT_PUBLIC_ env variables. This exposes the key to all users, enabling API abuse, cost manipulation, and data extraction from the LLM context.
How do I fix openAI / Anthropic API key hardcoded in Next.js client component?
All LLM API calls must go through a server-side API route. Remove NEXT_PUBLIC_ prefix from AI keys. Delete dangerouslyAllowBrowser: true.
What can an attacker do if my app contains VBS-2026-0005?
With CVSS 8.6 (critical), this vulnerability is high risk — significant data or functionality can be compromised. This exposes the key to all users, enabling API abuse, cost manipulation, and data extraction from the LLM context..