Severity by source
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
Insecure Direct Object Reference (IDOR) vulnerability in 1millionbot Millie chat that allows private conversations of other users being viewed by simply changing the conversation ID. The vulnerability is present in the endpoint 'api.1millionbot.com/api/public/conversations/' and, if exploited, could allow a remote attacker to access other users private chatbot conversations, revealing sensitive or confidential data without requiring credentials or impersonating users. In order for the vulnerability to be exploited, the attacker must have the user's conversation ID.
AnalysisAI
Insecure Direct Object Reference (IDOR) in 1millionbot Millie chat allows unauthenticated remote attackers to access other users' private chatbot conversations by manipulating conversation IDs in API requests to 'api.1millionbot.com/api/public/conversations/'. An attacker with knowledge of a target conversation ID can retrieve sensitive or confidential data without authentication. No public exploit code or active exploitation has been independently confirmed at the time of analysis.
Technical ContextAI
The vulnerability exists in the 'api.1millionbot.com/api/public/conversations/' endpoint, which fails to implement proper authorization controls to validate that the requesting user owns or has permission to access the requested conversation resource. This is a classic Insecure Direct Object Reference (CWE-639) where the application exposes direct references to backend objects (conversation records) without verifying access rights. The endpoint likely accepts a conversation ID as a parameter and returns conversation data based solely on that ID without cross-referencing the authenticated user's conversation inventory. The affected product is 1millionbot Millie chat, which is a chatbot communication platform.
RemediationAI
Implement proper authorization controls on the 'api.1millionbot.com/api/public/conversations/' endpoint to validate that the authenticated user owns or has explicit permission to access the requested conversation before returning data. All API endpoints that expose conversation data should implement server-side access control checks that verify the requesting user's identity and permissions against the conversation ownership record. Contact 1millionbot for a patched version; interim mitigation may include restricting API access to authenticated users only and implementing rate limiting on conversation ID queries. Refer to the INCIBE advisory at https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-1millionbot-millie-chatbot for additional guidance and coordinated disclosure status.
More in Millie Chat
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-17359