CVE-2025-65098
HIGHtypebot < 3.13.2 - Unauthenticated Credential Theft via Malicious Typebot Preview
Title source: llmDescription
Typebot is an open-source chatbot builder. In versions prior to 3.13.2, client-side script execution in Typebot allows stealing all stored credentials from any user. When a victim previews a malicious typebot by clicking "Run", JavaScript executes in their browser and exfiltrates their OpenAI keys, Google Sheets tokens, and SMTP passwords. The `/api/trpc/credentials.getCredentials` endpoint returns plaintext API keys without verifying credential ownership. Version 3.13.2 fixes the issue.
References (1)
Core 1
Core References
Exploit, Vendor Advisory x_refsource_confirm
https://github.com/baptisteArno/typebot.io/security/advisories/GHSA-4xc5-wfwc-jw47
Scores
CVSS v3
7.4
EPSS
0.0030
EPSS Percentile
21.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-522
CWE-79
CWE-639
CWE-284
CWE-862
CWE-200
CWE-311
Status
published
Products (2)
typebot/typebot
< 3.13.2
typebot.io/js
0 - 0.9.15npm
Published
Jan 22, 2026
Tracked Since
Feb 18, 2026