Server-Side Request Forgery Vulnerability in TypeBot Chatbot Builder by Baptiste Arno
CVE-2026-48764

8.2HIGH

Key Information:

Vendor

Baptistearno

Status
Typebot.io
Vendor
CVE Published:
17 June 2026

What is CVE-2026-48764?

TypeBot, a chatbot builder by Baptiste Arno, is affected by a server-side request forgery (SSRF) vulnerability in versions prior to 3.17.2. The flaw arises from a failure in validating outbound requests due to a time-of-check to time-of-use gap. Initially, a hostname is resolved and checked against a forbidden range; however, this validation can be bypassed via DNS rebinding. An attacker can exploit this vulnerability by supplying a URL to a public bot, enabling unauthorized access to internal network services or metadata endpoints. This could lead to serious consequences such as the exposure of sensitive metadata, unauthorized access to internal admin panels, and potential credential theft from internal services. The issue has been addressed in version 3.17.2.

Affected Version(s)

typebot.io < 3.17.2

References

https://github.com/baptisteArno/typebot.io/security/advis...
x_refsource_CONFIRM
https://github.com/baptisteArno/typebot.io/commit/f56c3c3...
x_refsource_MISC
https://github.com/baptisteArno/typebot.io/releases/tag/v...
x_refsource_MISC

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
Low
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.