QSearchQSearch

CVE-2026-39968

7.1 HIGH

TypeBot is a chatbot builder tool

Published: 2026-05-22 · Last updated: 2026-05-26

Severity and scoring

CVSS
7.1 HIGH
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
CWE
CWE-284, CWE-522, CWE-639

Description

TypeBot is a chatbot builder tool. In versions 3.15.2 and prior, the fix for GHSA-4xc5-wfwc-jw47 ("Credential Theft via Client-Side Script Execution and API Authorization Bypass") is incomplete. While the builder's getCredentials tRPC endpoint was patched with workspace membership checks, the bot-engine runtime still allows any authenticated user to use credentials from any workspace via the preview chat endpoint. The bot-engine's getCredentials() utility function uses a falsy check (if (workspaceId && ...)) for workspace ownership validation. Since the preview endpoint accepts a client-controlled workspaceId field and the Zod schema allows empty strings, an attacker can supply workspaceId: "" to bypass credential ownership verification entirely. Exploitation can result in credential exfiltration, external service abuse, financial damage and a data breach.

Source: NVD

References

Related CVEs

Same CWE

  • CVE-2026-53863 OpenClaw before 2026.4.25 contains an input validation vulnerability in tool group policy callers that accept unvalidated group IDs (7.1 HIGH)
  • CVE-2026-53840 OpenClaw before 2026.5.12 contains an information disclosure vulnerability in streamable-http MCP servers that forwards operator-configur... (7.1 HIGH)
  • CVE-2026-10780 The Static Block plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.2 (4.3 MEDIUM)
  • CVE-2026-48599 Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify res...
  • CVE-2026-52699 Unauthenticated Insecure Direct Object References (IDOR) in VikRentCar <= 1.4.5 versions (7.5 HIGH)