{"id":10073,"date":"2026-04-21T10:46:22","date_gmt":"2026-04-21T10:46:22","guid":{"rendered":"https:\/\/www.europesays.com\/ai\/10073\/"},"modified":"2026-04-21T10:46:22","modified_gmt":"2026-04-21T10:46:22","slug":"lovables-api-flaw-exposed-private-project-data-from-the-6-6-billion-ai-app-builder-used-by-nvidia-and-microsoft-teams-startup-fortune","status":"publish","type":"post","link":"https:\/\/www.europesays.com\/ai\/10073\/","title":{"rendered":"Lovable\u2019s API flaw exposed private project data from the $6.6 billion AI app builder used by Nvidia and Microsoft teams \u2013 Startup Fortune"},"content":{"rendered":"

\"Lovable's<\/a><\/p>\n

A security vulnerability in Lovable\u2019s API allowed any authenticated user to access chat histories, source code, and database credentials from projects created before November 2025, raising serious questions about data handling at one of AI\u2019s fastest-growing development platforms.<\/p>\n

Lovable, the Swedish AI app builder valued at $6.6 billion and deployed by teams at Nvidia, Microsoft, and a growing list of enterprise clients, has confirmed a security flaw that exposed sensitive user data across older projects. The vulnerability, first reported through HackerOne in March 2026, stemmed from missing ownership checks on API endpoints including \/projects\/{id}, meaning any logged-in user could query project data that wasn\u2019t theirs to see.<\/p>\n

The exposure wasn\u2019t theoretical. Researchers identified real-world impact in at least one documented case involving a Danish nonprofit whose project contained genuine speaker information tied to events connected with Accenture and Copenhagen Business School. That kind of data sitting openly accessible via a predictable API endpoint isn\u2019t a minor edge case. It\u2019s the sort of finding that forces security teams to audit everything upstream.<\/p>\n

The range of potentially compromised data is what makes this incident more serious than a typical misconfiguration. Beyond chat histories from AI-assisted development sessions, affected projects could have exposed source code and embedded credentials, including Supabase API keys. Supabase keys carry real access privileges to backend databases, so a developer who embedded one in a project before November 2025 may have handed an unknown number of authenticated Lovable users a live credential without ever knowing it.<\/p>\n

Lovable has since patched the chat visibility issue on public projects and points to the argument that code visibility aligns with what you\u2019d expect from a public GitHub repository. Security researchers pushing back on that framing say the problem ran deeper than public project listings. Private or semi-private older work appears to have been reachable through the same endpoint pattern, and the company\u2019s fix may not have fully addressed what was accessible before the patch landed.<\/p>\n

The Vibe-Coding Trust Problem<\/p>\n

Lovable sits at the center of the so-called vibe-coding movement, where developers and non-developers alike describe products to an AI and receive working application code in return. The appeal is obvious and the adoption has been rapid. But the model introduces a specific security wrinkle: users routinely connect live database credentials, third-party API keys, and production environment variables directly inside the platform\u2019s project context to help the AI build functional integrations. That makes Lovable and its competitors a concentrated target. A single API flaw doesn\u2019t just expose a chat log. It can expose the keys to an entire production stack.<\/p>\n

The HackerOne disclosure timeline matters here. The vulnerability was reported in March 2026, which means there was a window between the initial report and Lovable\u2019s fix during which the issue was known to at least some outside the company. The company hasn\u2019t disclosed whether it has evidence of active exploitation beyond researcher-identified cases, and that silence will likely remain a source of unease for affected users.<\/p>\n

What Affected Users Should Do Now<\/p>\n

The practical response for anyone who used Lovable before November 2025 is straightforward but non-trivial: rotate every credential that touched the platform. That means Supabase keys, any third-party API tokens embedded in project context, and database connection strings. The assumption should be that those values were visible to other authenticated users for an indeterminate period. Treat them as compromised until they\u2019re replaced.<\/p>\n

For enterprise teams at companies like Nvidia and Microsoft where Lovable has found a foothold, the incident will likely trigger an internal review of what was built on the platform during that window and what credentials were in scope. Whether those reviews surface additional exposures will probably never be publicly known, but the audit overhead alone represents a real cost.<\/p>\n

The broader implication is about the security standards being applied to the new generation of AI development tools. Lovable\u2019s growth has been extraordinary, but the same speed that carried it to a $6.6 billion valuation appears to have outpaced some foundational security controls. As vibe-coding platforms push further into enterprise workflows, the expectation that they\u2019ll meet enterprise-grade security posture is going to harden. The next platform to skip ownership checks on API endpoints may not get the relatively quiet resolution Lovable managed here.<\/p>\n

Also read: GPT-Image-2 reviews and corrects its own output before you ever see it<\/a> \u2022 Amazon bets up to $25 billion on Anthropic as it locks in a $100 billion cloud commitment over the next decade<\/a> \u2022 GPT-5.4 stumbles badly on launch day and Gemini is right there to say so<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"A security vulnerability in Lovable\u2019s API allowed any authenticated user to access chat histories, source code, and database…\n","protected":false},"author":2,"featured_media":10074,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11],"tags":[1710,8571,420,7829,7332,8572,8573,320,7828,8574,8575,1631],"class_list":{"0":"post-10073","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-microsoft","8":"tag-ai-security","9":"tag-api-vulnerability","10":"tag-azure","11":"tag-azure-ai","12":"tag-data-breach","13":"tag-hackerone","14":"tag-lovable","15":"tag-microsoft","16":"tag-microsoft-ai","17":"tag-startup-security","18":"tag-supabase","19":"tag-vibe-coding"},"_links":{"self":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts\/10073","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/comments?post=10073"}],"version-history":[{"count":0,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/posts\/10073\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/media\/10074"}],"wp:attachment":[{"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/media?parent=10073"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/categories?post=10073"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.europesays.com\/ai\/wp-json\/wp\/v2\/tags?post=10073"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}