Description
TypeBot is a chatbot builder tool. In versions prior to 3.16.0, SSRF protection for Webhook / HTTP Request blocks validates only the URL string, blocked hostname literals, and literal IP formats. It does not resolve DNS before allowing the request. As a result, a hostname such as ssrf-repro.example that resolves to 127.0.0.1, 169.254.169.254, or RFC1918/private space passes validation and is later fetched by the backend HTTP client. This enables server-side request forgery to loopback, cloud metadata, and private network targets. This issue has been resolved in version 3.16.0.
Published: 2026-05-22
Score: 7.6 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

TypeBot, a chatbot builder platform, implements SSRF protection for its Webhook and HTTP Request blocks by validating only the raw URL string, hostname literals, and literal IP formats. It does not perform DNS resolution before forwarding requests, allowing name‑based hostnames that resolve to internal or loopback addresses to bypass the filter. A hostname such as ssrf‑repro.example, which maps to 127.0.0.1, 169.254.169.254, or other RFC1918 spaces, passes validation and is subsequently fetched by the backend HTTP client. This enables server‑side request forgery to access loopback, cloud‑metadata, and private network targets, potentially exposing sensitive data and compromising system integrity. The issue has been resolved in version 3.16.0.

Affected Systems

Typebot.io (baptisteArno) – the TypeBot chatbot builder tool. Versions prior to 3.16.0 are vulnerable; the problem is fixed in 3.16.0 and later.

Risk and Exploitability

The CVSS score of 7.6 indicates a high risk level. EPSS information is not available, and the vulnerability is not listed in CISA’s KEV catalog, so the known exploitation probability is uncertain. The likely attack vector involves submitting a malicious webhook or HTTP request configuration that contains a DNS‑resolved hostname; victim servers will then reach out to internal or metadata endpoints. The absence of DNS checks during validation makes this flaw easy to exploit if the attacker has access to create or modify such requests.

Generated by OpenCVE AI on May 22, 2026 at 19:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade TypeBot to version 3.16.0 or later.\n
  • Restrict webhook and HTTP request destinations by configuring a whitelist of trusted domains and blocking RFC1918, 127.0.0.1, and 169.254.169.254 addresses as a temporary workaround.\n
  • Implement server‑side DNS resolution checks before forwarding requests to validate that resolved addresses are outside prohibited ranges.

Generated by OpenCVE AI on May 22, 2026 at 19:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 22 May 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 22 May 2026 18:00:00 +0000

Type Values Removed Values Added
Description TypeBot is a chatbot builder tool. SSRF protection for Webhook / HTTP Request blocks validates only the URL string, blocked hostname literals, and literal IP formats. It does not resolve DNS before allowing the request. As a result, a hostname such as ssrf-repro.example that resolves to 127.0.0.1, 169.254.169.254, or RFC1918/private space passes validation and is later fetched by the backend HTTP client. This enables server-side request forgery to loopback, cloud metadata, and private network targets. This issue has been resolved in version 3.16.0. TypeBot is a chatbot builder tool. In versions prior to 3.16.0, SSRF protection for Webhook / HTTP Request blocks validates only the URL string, blocked hostname literals, and literal IP formats. It does not resolve DNS before allowing the request. As a result, a hostname such as ssrf-repro.example that resolves to 127.0.0.1, 169.254.169.254, or RFC1918/private space passes validation and is later fetched by the backend HTTP client. This enables server-side request forgery to loopback, cloud metadata, and private network targets. This issue has been resolved in version 3.16.0.

Fri, 22 May 2026 17:15:00 +0000

Type Values Removed Values Added
Description TypeBot is a chatbot builder tool. SSRF protection for Webhook / HTTP Request blocks validates only the URL string, blocked hostname literals, and literal IP formats. It does not resolve DNS before allowing the request. As a result, a hostname such as ssrf-repro.example that resolves to 127.0.0.1, 169.254.169.254, or RFC1918/private space passes validation and is later fetched by the backend HTTP client. This enables server-side request forgery to loopback, cloud metadata, and private network targets. This issue has been resolved in version 3.16.0.
Title TypeBot: SSRF Protection Bypass via DNS-Resolved Hostnames in Webhook / HTTP Request Validation
Weaknesses CWE-20
CWE-918
References
Metrics cvssV3_1

{'score': 7.6, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-05-22T18:30:06.009Z

Reserved: 2026-03-26T15:57:52.323Z

Link: CVE-2026-34207

cve-icon Vulnrichment

Updated: 2026-05-22T18:29:57.802Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-22T19:30:44Z

Weaknesses