CVE-2026-39965

HIGH 7.7

TypeBot: SSRF via Open Redirect Bypass in HTTP Request and Code Blocks

CVSS Score

7.7

EPSS Score

0.0%

EPSS Percentile

0th

TypeBot is a chatbot builder tool. Versions 3.15.2 and prior contain an SSRF via Open Redirect Bypass as the HTTP Request block and Code block validate the initial request URL via validateHttpReqUrl() to block private IPs and cloud metadata hostnames. However, the HTTP clients (ky and fetch) follow 302 redirects without re-validating the redirect destination. An authenticated user can point a bot block to an attacker-controlled server that responds with a redirect to an internal IP, causing the Typebot server to reach internal services. An authenticated Typebot user can reach AWS metadata (169.254.169.254), private subnets, and container-internal services. Exploitable to extract cloud IAM credentials or probe internal APIs inaccessible from the internet. This issue has been fixed in version 3.16.0.

CWE	CWE-918
Vendor	baptistearno
Product	typebot.io
Published	May 22, 2026
Last Updated	May 22, 2026

Stay Ahead of the Next One

Get instant alerts for baptistearno typebot.io

Be the first to know when new high vulnerabilities affecting baptistearno typebot.io are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

None

Availability

None

Affected Versions

baptisteArno / typebot.io

< 3.16.0

References

NVD ↗ CVE.org ↗ EPSS Data ↗

github.com: https://github.com/baptisteArno/typebot.io/security/advisories/GHSA-jxv3-m939-w95c github.com: https://github.com/baptisteArno/typebot.io/releases/tag/v3.16.0