<ul><li>Replit employees discovered critical security vulnerabilities in Lovable, a Sweden-based AI-powered coding platform, related to Row Level Security (RLS) policies.</li><li>Matt Palmer from Replit found misconfigurations in RLS policies allowing unauthorized access to sensitive data on Lovable-built apps.</li><li>Lovable introduced security improvements such as a security scanner, deep code security reviews, and collaboration with Supabase for better security measures.</li><li>Users are advised to follow a checklist for secure vibe coded apps to ensure robust security, which includes implementing HTTPS, user input sanitization, API authentication, and more.</li></ul>

When Replit Employees Found a Critical Security Vulnerability in Lovable

Discover more