CVE-2026-49213
HIGHCVSS v3.1: 8.1
Source data as of:
At a glance
- Severity
- HIGH
- CVSS
- 8.1 v3.1 · NVD
- EPSS
- EPSS not provided by FIRST.org for this CVE
- CISA KEV
- No
- Type
- SSRF · NVD CWE
- Attack conditions (CVSS vector)
- NetworkNo user interaction · Source: NVD Vector
- Published
- 2026-07-10 · Modified: 2026-07-10
- References
- Jump to references (4)
CVSS / EPSS / KEV
Source — CVSS: NVD · EPSS: FIRST.org · KEV: CISA. Data & Sources
Description
TypeBot is a chatbot builder tool. Prior to 3.17.2, Typebot's shared SSRF validator in packages/lib/src/ssrf/validateHttpReqUrl.ts can be bypassed with the IPv6 unspecified address :: because validateIPAddress blocks local, metadata, and private ranges but does not block :: or its expanded form. A workspace editor or creator can configure a server-side HTTP Request block or guarded script fetch to make the Typebot server connect to local HTTP services through safeKy, including flows triggered by POST /v1/typebots/{publicId}/startChat or POST /v1/sessions/{sessionId}/continueChat. This issue is fixed in version 3.17.2.
References
Reference URLs as listed by NVD, grouped by a mechanical match on the link's host/pattern. Labels describe the link type only.
- Patch https://github.com/baptisteArno/typebot.io/commit/f56c3c3f771df13a8c11e88f500dfdd78981bed1
- Reference https://github.com/baptisteArno/typebot.io/pull/2511
- Patch https://github.com/baptisteArno/typebot.io/releases/tag/v3.17.2
- Vendor advisory https://github.com/baptisteArno/typebot.io/security/advisories/GHSA-qx46-p88f-xxm3