{"id":11241,"date":"2026-04-21T18:00:31","date_gmt":"2026-04-21T18:00:31","guid":{"rendered":"https:\/\/wildgreenquest.com\/?p=11241"},"modified":"2026-04-21T18:00:31","modified_gmt":"2026-04-21T18:00:31","slug":"lovable-left-ai-prompts-and-user-data-exposed-one-researcher-found","status":"publish","type":"post","link":"https:\/\/wildgreenquest.com\/?p=11241","title":{"rendered":"Lovable left AI prompts and user data exposed, one researcher found"},"content":{"rendered":"


\n
<\/p>\n

A researcher revealed that the vibe-coding platform Lovable exposed users\u2019 chat histories with AI models to other users accessing the platform through an API (application programming interface).<\/p>\n

X user @weezerOSINT<\/a>, reported the exposure in a post on Monday<\/a>. \u201cI made a Lovable account today and was able to access another user’s source code, database credentials, AI chat histories, and customer data are all readable by any free account,\u201d the researcher wrote. The post included a screenshot of another Lovable user\u2019s project code and chats, along with an unresolved ticket for the bug that allegedly caused the data leak.<\/p>\n

\n
\n
\n

Lovable has a mass data breach affecting every project created before november 2025.
I made a lovable account today and was able to access another users source code, database credentials, AI chat histories, and customer data are all readable by any free account.
nvidia,\u2026 pic.twitter.com\/QcVvz9cNZl<\/a><\/p>\n

— impulsive (@weezerOSINT) April 20, 2026<\/a><\/p><\/blockquote>\n<\/div>\n<\/figure>\n

In a follow-up conversation with Fast Company<\/em>, @weezerOSINT (who did not share his real name) says it took 30 minutes using xAI\u2019s Grok 4.2 model to conduct the research, adding that before AI, finding similar exposures would take hours or days.<\/p>\n

@weezerOSINT reported the issue via HackerOne, a cybersecurity company that runs bug bounty and vulnerability disclosure programs, in early March. On Monday, the researcher showed that Lovable projects created before November 2025 still expose the data.<\/p>\n

Lovable declined to provide an executive to explain the situation, and pointed to its public statement on X.<\/p>\n

Lovable initially said on X<\/a> that no \u201cdata breach\u201d had occurred, and that exposing project code was \u201cintentional behavior.\u201d When users mark their projects \u201cpublic,\u201d the company explained, they opt to have their code visible to other users.<\/p>\n

\n
\n
\n

We were made aware of concerns regarding the visibility of chat messages and code on Lovable projects with public visibility settings.
To be clear: We did not suffer a data breach.
Our documentation of what \u201cpublic\u201d implies was unclear, and that\u2019s a failure on us.
Specifically\u2026<\/p>\n

— Lovable (@Lovable) April 20, 2026<\/a><\/p><\/blockquote>\n<\/div>\n<\/figure>\n

But that did not account for the exposure of users\u2019 chats and prompts with the AI model, which Lovable made accessible for public projects until recently.<\/p>\n

\u201cWe also retroactively patched our API so public project chats couldn’t be accessed, no matter what,\u201d Lovable said in a second, clarifying post<\/a> on X. \u201cUnfortunately, in February, while unifying permissions in our backend, we accidentally re-enabled access to chats on public projects.”<\/p>\n

\n
\n
\n

We\u2019re sorry our initial statement didn't properly address our mistake. Here's what a public project on Lovable means, and how we got to where we are today:
In the early days, people didn't know what Lovable was capable of. So we wanted to make it easy to explore what others were\u2026 https:\/\/t.co\/8X2LMjETaS<\/a><\/p>\n

— Lovable (@Lovable) April 20, 2026<\/a><\/p><\/blockquote>\n<\/div>\n<\/figure>\n

As for @weezerOSINT\u2019s early-March report to HackerOne, Lovable says the ticket had been closed because its \u201cHackerOne partners\u201d believed that viewing public projects\u2019 chats was \u201cthe intended behavior.\u201d<\/p>\n

As a vibe-coding platform, Lovable treats natural-language prompts used to generate code as a core part of the building process. The company initially believed its community would benefit from seeing how other developers used prompts to build features, functions, components, or database schemas, so chats were treated as standard project metadata.<\/p>\n

But the risk of exposing sensitive information in those chat histories appears to have outweighed that benefit. Lovable says that in December 2025 it made all new projects \u201cprivate by default\u201d for all users.<\/p>\n

Lovable\u2019s most recent funding round<\/a> came in December 2025, when it raised $330 million from CapitalG, Menlo Ventures, Khosla Ventures, and others. After the round, the company was valued at $6.6 billion, reportedly tripling its valuation in about five months.<\/p>\n