CVE Catalog

CVE-2026-33712

Critical
Published: Translated: NVD NIST

Summary

Typebot is a chatbot builder tool that in versions 3.15.2 and prior has a vulnerability allowing unauthenticated users to perform a Server-Side Request Forgery (SSRF) attack by supplying a custom typebot definition with server-side code blocks. The fetch function in the isolated environment does not validate the URL, allowing SSRF mitigations to be bypassed.

Risk Assessment

Exploitation of this vulnerability can lead to cloud credential theft, internal network access, and data exfiltration for any self-hosted Typebot deployments and hosted services.

Recommendation

It is recommended to upgrade to version 3.16.0, where the issue has been fixed, to minimize the risk associated with this vulnerability.

Original NVD description (English source)

Typebot is a chatbot builder tool. In versions 3.15.2 and prior, the preview chat endpoint (POST /api/v1/typebots/{typebotId}/preview/startChat) allows unauthenticated users to achieve Server-Side Request Forgery (SSRF) by supplying a custom typebot definition with server-side code blocks. The fetch function exposed inside the isolated-vm sandbox calls Node.js native fetch without the SSRF validation (validateHttpReqUrl) that protects the HTTP Request block. This bypasses all SSRF mitigations added after GHSA-8gq9-rw7v-3jpr. Exploitation of this unauthenticated SSRF vulnerability can lead to cloud credential theft, internal network access and data exfiltration for any self-hosted Typebot deployments and hosted services. This issue has been fixed in version 3.16.0.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS