A vulnerability described as critical has been identified in baptisteArno typebot.io up to 3.16.x . This affects an unknown function of the file /api/blocks/file-input/v3/generate-upload-url of the component Content-Type Handler . Executing a manipulation can lead to path traversal. This vulnerability is registered as CVE-2026-48768 . It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.