Taimur Khan, a tech entrepreneur with a background in software engineering, found 16 vulnerabilities — six of which he said were critical — in a Lovable-hosted app that leaked the data of more than 18,000 people.
He declined to reveal the name of the app during the disclosure process, although it was hosted on Lovable’s platform and featured on its Discover page. At the time Khan began his investigation, the app had more than 100,000 views and nearly 400 upvotes.
The main issue, Khan said, was that all Vibe-coded apps on Lovable’s platform ship with their backend powered by SupaBase, which handles authentication, file storage and real-time updates through a PostgreSQL database connection.
However, when the developer – in this case the AI – or human project owner fails to explicitly implement critical security features like SupaBase’s row-level security and role-based access, code will be generated that looks functional but is actually flawed.
An example of this was a malformed authentication function. The AI that vibe-coded the SupaBase backend, which uses remote procedure calls, implemented it with flawed access control logic, essentially blocking authenticated users and allowing access to unauthenticated users.
Khan said the intention was to prevent non-admins from accessing parts of the app, but the faulty implementation blocked all logged-in users – an error he said was repeated across several critical functions.
“It’s backwards,” Khan said. “The guard blocks those it should allow and allows those it should block. A classic logic inversion that a human security reviewer would catch in seconds – but an AI code generator, optimizing for ‘code that works’, is deployed to production and production.”
Because the app itself was a platform for creating exam questions and viewing grades, the user base naturally includes teachers and students. Some were from top US universities like UC Berkeley and UC Davis, while “there were also K-12 institutions with minors on the platform,” Khan said.
For example, with security flaws, an unauthenticated attacker could access every user record, send bulk emails through the platform, delete any user account, grade student test submissions, and access organizations’ administrator emails.
Of the total 18,697 user records exposed, 14,928 contained unique email addresses. The dataset included 4,538 student accounts – all with email addresses – 10,505 enterprise users, and 870 users whose full PII was exposed.
The security flaws here aren’t just limited to apps hosted by Lovable; This issue has been widely and well reported by now.
Vibe coding, Collins Dictionary’s Word of the Year for 2025, promises to break down the arduous learning curve of software development and empower any quick jockey to bring their app ideas to life.
However, when AI isn’t generating sloppy bug reports in exchange for lucrative bug bounties or horribly dropping instructions, it can be found spewing out shiny-looking apps full of vulnerabilities.
For example, Veracode recently found that 45 percent of AI-generated code had security flaws, not to mention the countless stories of woe it reported. register in recent months.
Khan said he believed Lovable should take responsibility for the security of the apps it hosts, and he was particularly angry when, after reporting his findings through company support, his ticket was reportedly closed without any response.
Khan said, “If Lovable is going to market itself as a platform that produces production-ready apps with authentication, it takes some responsibility for the security posture of the apps it produces and promotes.”
“You can’t expose an app to 100,000 people, host it on your infrastructure, and then close a ticket when someone tells you it’s leaking user data. At a minimum, a basic security scan of the exposed applications would have caught every significant finding in this report.”
Lovable said register The company has contacted the owner of the app in question and “takes any such findings extremely seriously.”
Regarding the closed ticket, Lovable CISO Igor Andryushchenko said the company only received a “proper disclosure report” on the evening of February 26 and took action on the findings “within minutes.”
“Any project created with Lovable includes a free security scan before publishing,” Andryushchenko explains. register. “This scan investigates vulnerabilities and, if found, provides recommendations on actions to be taken to resolve prior to publication.
“Ultimately, it is at the user’s discretion to implement these recommendations. In this case, that implementation did not occur.
“This project also contains code that is not generated by Lovable and vulnerable databases not hosted by Lovable. We are in contact with the creator of the app, who is now addressing the issue.” ®
<a href