vibe-coding security lovable data-breach

Lovable Exposed Your Source Code for 48 Days and Called It a Feature

The $6.6 Billion Oopsie

Lovable — the vibe coding darling valued at $6.6 billion with eight million users — just spent the better part of two months hemorrhaging source code, database credentials, and AI chat histories through a hole in their API you could drive a truck through. Any free account could access another user’s entire project in five API calls. Five.

A security researcher reported it on HackerOne back on March 3rd. Lovable’s fix? They patched it for new projects only. Every project created before November 2025 stayed wide open for 48 days. No disclosure. No warning to affected developers. Just vibes.

”Intentional Behavior”

Here’s where it gets beautiful. When the disclosure went public on April 20th, Lovable’s first move was to post on X that they “did not suffer a data breach.” The exposed data? That was “intentional behaviour.” Public means public, right?

Then they blamed their own documentation, saying the word “public” was “unclear.” Then they pivoted to blaming HackerOne, their own bug bounty partner, for the timeline. Three different deflections in under a week. Speedrun.

A backend regression introduced in February had quietly undone security protections the company built throughout 2025. So the guardrails they spent a year building got silently deleted by their own code, and nobody noticed for over a month.

What Was Actually Exposed

Let’s be specific about what “intentional behavior” looked like in practice. Any authenticated user on a free Lovable account could read: source code for other users’ projects, database credentials stored in those projects, complete AI chat histories between users and Lovable’s coding agent, and customer data flowing through those applications.

This wasn’t a sophisticated attack. No zero-days. No nation-state threat actors. Just a broken authorization check that let Account A read Account B’s everything. The kind of bug that gets caught in a code review — if anyone’s reviewing the code.

The Structural Problem

Lovable isn’t some weekend hackathon project. It’s an eight-million-user platform that generates production applications. People are building real businesses on this thing. And the platform itself couldn’t get basic object-level authorization right.

This is the vibe coding paradox in a nutshell. The whole pitch is “you don’t need to understand the code.” But when the platform that’s supposed to abstract away the hard parts ships a regression that undoes its own security model, who catches it? Not the users — they were told they don’t need to worry about that stuff. Not the AI — it generated the code that broke. And apparently not Lovable’s own team, who needed a third-party researcher to tell them their API was a public library.

It Got Worse

Just when you thought 48 days was bad enough, Lovable later admitted the exposure actually lasted 76 days. Their initial fix broke again, re-exposing the same data they’d supposedly patched. Two months of open season on user credentials.

Meanwhile, this was just one of three AI security disasters that hit in the same week. Vercel got breached through Context.ai, an AI evaluation tool. Bitwarden’s CLI got hijacked in a supply chain attack targeting credentials for Claude, Cursor, and Codex. Three platforms, one week, all connected to AI tooling.

The Takeaway

If you’re building on a vibe coding platform, your security posture is whatever that platform decides it is today. And “today” might include a regression that quietly turns off every protection you were counting on. Lovable’s response tells you everything you need to know about how seriously these companies take the problem: deny, deflect, blame the messenger.

Your source code is not a vibe. Your database credentials are not a vibe. Treat them accordingly.

← Back to all posts