CVE-2026-39966 | baptisteArno typebot.io up to 3.15.x getLinkedTypebots API Endpoint Array.filter authorization (GHSA-3fr5-999r-84qj)
A vulnerability classified as problematic has been found in baptisteArno typebot.io up to 3.15.x. This issue affects the function Array.filter of the component getLinkedTypebots API Endpoint. Performing a manipulation results in incorrect authorization.
This vulnerability is cataloged as CVE-2026-39966. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.