CVE-2026-49213
Received Received - Intake

Typebot Server-Side Request Forgery via IPv6 Unspecified Address

Vulnerability report for CVE-2026-49213, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-10

Last updated on: 2026-07-10

Assigner: GitHub, Inc.

Description

TypeBot is a chatbot builder tool. Prior to 3.17.2, Typebot's shared SSRF validator in packages/lib/src/ssrf/validateHttpReqUrl.ts can be bypassed with the IPv6 unspecified address :: because validateIPAddress blocks local, metadata, and private ranges but does not block :: or its expanded form. A workspace editor or creator can configure a server-side HTTP Request block or guarded script fetch to make the Typebot server connect to local HTTP services through safeKy, including flows triggered by POST /v1/typebots/{publicId}/startChat or POST /v1/sessions/{sessionId}/continueChat. This issue is fixed in version 3.17.2.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-10
Last Modified
2026-07-10
Generated
2026-07-11
AI Q&A
2026-07-11
EPSS Evaluated
N/A
NVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
typebot typebot to 3.17.2 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-918 The web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, but it does not sufficiently ensure that the request is being sent to the expected destination.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability affects TypeBot, a chatbot builder tool, in versions prior to 3.17.2. The issue lies in the shared SSRF (Server-Side Request Forgery) validator, which can be bypassed using the IPv6 unspecified address (::). The validator blocks local, metadata, and private IP ranges but does not block the unspecified IPv6 address or its expanded form. As a result, a workspace editor or creator can configure a server-side HTTP Request block or guarded script fetch to make the TypeBot server connect to local HTTP services, potentially allowing unauthorized internal network access.

Impact Analysis

This vulnerability can lead to unauthorized access to internal HTTP services by bypassing SSRF protections. An attacker with workspace editor or creator privileges could exploit this to make the TypeBot server connect to local services that are normally protected, potentially exposing sensitive data or internal resources. The CVSS score of 8.1 indicates a high severity with high impact on confidentiality and integrity.

Mitigation Strategies

To mitigate this vulnerability, upgrade TypeBot to version 3.17.2 or later, where the SSRF validator properly blocks the IPv6 unspecified address (::) and its expanded form.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-49213. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart