CVE-2026-33712

Name of the Vulnerable Software and Affected Versions Typebot versions prior to 3.16.0

Description Unauthenticated users can achieve Server-Side Request Forgery (SSRF) by providing a custom typebot definition containing server-side code blocks. The issue exists because the fetch function within the isolated-vm sandbox calls the Node.js native fetch without using the validateHttpReqUrl validation that typically protects the HTTP Request block. This allows the bypass of existing SSRF mitigations. Exploitation can lead to internal network access, data exfiltration, and the theft of cloud credentials for both hosted services and self-hosted deployments. The affected endpoint is 'POST /api/v1/typebots/{typebotId}/preview/startChat'.

Recommendations Update to version 3.16.0.