"I made a Lovable account today and was able to access another user's source code, database credentials, AI chat histories, and customer data are all readable by any free account."
"Lovable initially said on X that no 'data breach' had occurred, and that exposing project code was 'intentional behavior.'"
"We were made aware of concerns regarding the visibility of chat messages and code on Lovable projects with public visibility settings."
Lovable's platform has been found to expose users' chat histories and project data to others through an API. A researcher reported that creating a free account allowed access to another user's source code, database credentials, and AI chat histories. The issue affects all projects created before November 2025. Lovable initially denied a data breach, claiming that exposing project code was intentional when users set their projects to public. The company has not provided further clarification on the situation.
Read at Fast Company
Unable to calculate read time
Collection
[
|
...
]