CVE-2026-48759

HIGH EPSS 10.3%
Published Jun 17, 20262w ago · Modified Jun 22, 20261w ago
7.1 CVSS 3.1
High
Find Similar
Published Jun 17, 2026 2w ago
Last Modified Jun 22, 2026 1w ago

Description

TypeBot is a chatbot builder tool. Versions 3.15.2 and below have an Insecure Direct Object Reference vulnerability through cross-workspace Theme Template modification and deletion. The handleSaveThemeTemplate and handleDeleteThemeTemplate handlers validate that the authenticated user is a non-guest member of the provided workspaceId, but then operate on themeTemplateId via Prisma queries that do NOT include workspaceId in the WHERE clause. This allows any authenticated user to modify or delete theme templates belonging to any other workspace and may expose Template IDs via shared typebots or network traffic. This issue has been fixed in version 3.16.0.

CVSS Details

Base Score
7.1
Exploitability
2.8
Impact
4.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity High
Availability Low

Threat Intelligence

EPSS Exploit Probability
10.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-639

References 2

  • github.com https://github.com/baptisteArno/typebot.io/releases/tag/v3.16.0
  • github.com https://github.com/baptisteArno/typebot.io/security/advisories/GHSA-qv4p-4mp3-pvpv

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.