A vulnerability, which was classified as critical , was found in baptisteArno typebot.io up to 3.15.x . Affected by this issue is the function fetch of the file /api/v1/typebots/{typebotId}/preview/startChat of the component Preview Chat Endpoint . Such manipulation leads to missing authorization. This vulnerability is traded as CVE-2026-33712 . The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.