CVE-2025-65098: Typebot affected by Credential Theft via Client-Side Script Execution and API Authorization Bypass

January 22, 2026

Client-side script execution in Typebot allows stealing all stored credentials from any user. When a victim previews a malicious typebot by clicking “Run”, JavaScript executes in their browser and exfiltrates their OpenAI keys, Google Sheets tokens, and SMTP passwords. The /api/trpc/credentials.getCredentials endpoint returns plaintext API keys without verifying credential ownership

References

github.com/advisories/GHSA-4xc5-wfwc-jw47
github.com/baptisteArno/typebot.io
github.com/baptisteArno/typebot.io/commit/a68f0c91790af8f52f17557f4aa202e966e7e579
github.com/baptisteArno/typebot.io/security/advisories/GHSA-4xc5-wfwc-jw47
nvd.nist.gov/vuln/detail/CVE-2025-65098

Code Behaviors & Features

Detect and mitigate CVE-2025-65098 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →