High severityOSV Advisory· Published Jan 22, 2026· Updated Jan 22, 2026
Typebot Vulnerable to Credential Theft via Client-Side Script Execution and API Authorization Bypass
CVE-2025-65098
Description
Typebot is an open-source chatbot builder. In versions prior to 3.13.2, client-side script execution in Typebot allows stealing all stored credentials from any user. When a victim previews a malicious typebot by clicking "Run", JavaScript executes in their browser and exfiltrates their OpenAI keys, Google Sheets tokens, and SMTP passwords. The /api/trpc/credentials.getCredentials endpoint returns plaintext API keys without verifying credential ownership. Version 3.13.2 fixes the issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
@typebot.io/jsnpm | < 0.9.15 | 0.9.15 |
Affected products
2- Range: js-lib-v2.1.4, js-lib-v2.2.0, js-lib-v2.2.1, …
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.