The vulnerability identified as CVE-2025-64706 affects the open-source chatbot builder typebot.io in versions from 3.9.0 up to but excluding 3.13.0. It is classified as an Insecure Direct Object Reference (IDOR) vulnerability, specifically CWE-639, which allows an authenticated attacker to bypass authorization controls in the API token management endpoint. By knowing a target user's ID and token ID, the attacker can delete any user's API token or retrieve its value without proper authorization checks. This means that an attacker with low privileges can manipulate or steal API tokens belonging to other users, potentially gaining unauthorized access to chatbot services or integrations that rely on these tokens. The vulnerability impacts the confidentiality (exposure of API tokens), integrity (unauthorized deletion of tokens), and availability (disruption of token-based services) of the system. The CVSS 3.1 base score is 5.0, indicating a medium severity level, with attack vector being network-based, requiring low privileges and no user interaction, but with high attack complexity. The issue was resolved in version 3.13.0 of typebot.io. No known exploits are currently reported in the wild. The vulnerability stems from insufficient authorization checks in the API token management endpoint, a critical security oversight in access control mechanisms.

For European organizations, this vulnerability poses a risk to the security of chatbot integrations and automation workflows that rely on typebot.io API tokens. Unauthorized access to API tokens can lead to data leakage, manipulation of chatbot behavior, or disruption of services dependent on these tokens. This could result in exposure of sensitive customer interactions, unauthorized commands executed via chatbots, or denial of service through token deletion. Organizations in sectors such as finance, healthcare, and e-commerce that use chatbots for customer engagement or internal automation may face compliance issues under GDPR if personal data is exposed. The medium severity rating suggests moderate risk, but the ease of exploitation by authenticated users and the potential for lateral movement within organizations elevate the concern. The lack of user interaction requirement means attackers can automate exploitation once they have valid credentials or access to a low-privilege account.

1. Upgrade all instances of typebot.io to version 3.13.0 or later, where the vulnerability is patched. 2. Implement strict role-based access controls (RBAC) to limit which users can manage API tokens, minimizing the number of accounts with token management privileges. 3. Monitor API token management endpoints for unusual activity, such as deletion or retrieval requests from unexpected user accounts or IP addresses. 4. Enforce multi-factor authentication (MFA) for all users with access to token management features to reduce the risk of compromised credentials. 5. Conduct regular audits of API tokens and their usage to detect anomalies or unauthorized access. 6. If upgrading immediately is not feasible, consider implementing compensating controls such as network segmentation or API gateway filtering to restrict access to token management endpoints. 7. Educate developers and administrators about the importance of authorization checks and secure API design to prevent similar vulnerabilities.