Typebot — Vulnerabilities & Security Advisories 1

Browse all 1 CVE security advisories affecting Typebot. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Typebot: Typebot

LowCVE-2025-399672026-05-23

Cross-Typebot Result Data Access via Missing typebotId Filter · Advisory · baptisteArno/typebot.io · GitHub

HighGHSA-f475-7m4x-m6mx2026-05-23

🐛 Fix cross-typebot result data access (GHSA-f475-7m4x-m6mx) (#2431) · baptisteArno/typebot.io@7316263 · GitHub

MediumCVE-2025-39692026-05-23

WhatsApp Webhook Endpoint Missing Signature Verification · Advisory · baptisteArno/typebot.io · GitHub

Medium2026-05-23

IDOR in getLinkedTypebots — async filter() bypasses authorization, leaking cross-workspace bot definitions · Advisory ·

🔧 Protect preview chat with enforced auth · baptisteArno/typebot.io@d96f572 · GitHub

CriticalCVE-2020-390702026-05-23

Critical Security Vulnerability Disclosure Report 01 : Stored Cross-Site Scripting (XSS) via SVG File Upload On Profile

HighCVE-2026-399652026-05-23

SSRF via Open Redirect Bypass in HTTP Request and Code Blocks · Advisory · baptisteArno/typebot.io · GitHub

🐛 Fix SSRF redirect bypass in HTTP Request and Code blocks (#2432) · baptisteArno/typebot.io@23818bb · GitHub

HighCVE-2026-542072026-05-23

SSRF Protection Bypass via DNS-Resolved Hostnames in Webhook / HTTP Request Validation · Advisory · baptisteArno/typebot

CriticalCVE-2026-337122026-05-23

Unauthenticated SSRF via isolated-vm fetch in preview chat endpoint bypasses SSRF controls · Advisory · baptisteArno/typ

🐛 Fix XSS possible on Rating and file upload inputs · baptisteArno/typebot.io@474ecbf · GitHub

HighCVE-2025-650982026-01-27

Credential Theft via Client-Side Script Execution and API Authorization Bypass · Advisory · baptisteArno/typebot.io · Gi

Critical2025-11-14

AWS EKS Credentials Exposure via Server Side Request Forgery in Webhook Block · Advisory · baptisteArno/typebot.io · Git

Medium2025-11-14

IDOR Vulnerability: Unauthorized API Token Deletion and Exposure · Advisory · baptisteArno/typebot.io · GitHub

Showing up to 20 recent security advisories. View all →

This page lists every published CVE security advisory associated with Typebot. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.