Typebot CVE-2026-39968
HIGHCVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Lifecycle Timeline
2DescriptionNVD
TypeBot is a chatbot builder tool. In versions 3.15.2 and prior, the fix for GHSA-4xc5-wfwc-jw47 ("Credential Theft via Client-Side Script Execution and API Authorization Bypass") is incomplete. While the builder's getCredentials tRPC endpoint was patched with workspace membership checks, the bot-engine runtime still allows any authenticated user to use credentials from any workspace via the preview chat endpoint. The bot-engine's getCredentials() utility function uses a falsy check (if (workspaceId && ...)) for workspace ownership validation. Since the preview endpoint accepts a client-controlled workspaceId field and the Zod schema allows empty strings, an attacker can supply workspaceId: "" to bypass credential ownership verification entirely. Exploitation can result in credential exfiltration, external service abuse, financial damage and a data breach.
AnalysisAI
Authorization bypass in Typebot chatbot builder versions 3.15.2 and prior allows any authenticated user to access credentials from arbitrary workspaces via the preview chat endpoint. The bot-engine's getCredentials() utility uses a falsy check on workspaceId, so supplying an empty string bypasses ownership validation entirely, enabling credential theft, external service abuse, and data breach. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Identify all Typebot instances running versions 3.15.2 or earlier; restrict preview chat endpoint access to explicitly authorized users only; inventory which workspaces store sensitive credentials. Within 7 days: Rotate all API keys, service credentials, and authentication tokens accessible through affected Typebot instances; review access logs for suspicious credential retrieval patterns; audit workspace access permissions. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today