We use cookies to improve your experience on our site.
AVID-2026-R0248
Description
Misconfigured database exposes sensitive API keys
Details
Moltbook, an AI social network, suffered a significant security breach due to a misconfigured Supabase database that allowed unauthenticated access to sensitive data. This exposure included 1.5 million API keys, 35,000 email addresses, and private messages between agents. The vulnerability stemmed from the lack of Row Level Security (RLS) policies, enabling full read and write access to all platform data. The issue was disclosed and resolved within hours, but it raised critical concerns about security practices in rapidly developed AI applications.
References
Affected or Relevant Artifacts
- Developer: Moltbook
- Deployer:
- Artifact Details:
| Type | Name |
|---|---|
| System | Moltbook Platform |
Impact
- (none)
Other information
- Report Type: Advisory
- Credits: Wiz Research
- Date Reported: 2026-03-04
- Version: 0.3.2
- AVID Entry