A vulnerability categorized as problematic has been discovered in baptisteArno typebot.io up to 3.15.x . Affected is an unknown function of the file packages/embeds/js . Executing a manipulation can lead to cross site scripting. The identification of this vulnerability is CVE-2026-39964 . The attack may be launched remotely. There is no exploit available. It is advisable to upgrade the affected component.