CVE-2026-39968

Published: Mag 22, 2026 Last Modified: Mag 22, 2026
ExploitDB:
Other exploit source:
Google Dorks:

Description

AI Translation Available

TypeBot is a chatbot builder tool. In versions 3.15.2 and prior, the fix for GHSA-4xc5-wfwc-jw47 ('Credential Theft via Client-Side Script Execution and API Authorization Bypass') is incomplete. While the builder's getCredentials tRPC endpoint was patched with workspace membership checks, the bot-engine runtime still allows any authenticated user to use credentials from any workspace via the preview chat endpoint. The bot-engine's getCredentials() utility function uses a falsy check (if (workspaceId && ...)) for workspace ownership validation. Since the preview endpoint accepts a client-controlled workspaceId field and the Zod schema allows empty strings, an attacker can supply workspaceId: '' to bypass credential ownership verification entirely. Exploitation can result in credential exfiltration, external service abuse, financial damage and a data breach.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0004
Percentile
0,1th
Updated

Single Data Point

Only one EPSS measurement is available for this CVE. Trend analysis requires multiple data points over time.