Back to Vulnerability Hub
CriticalAI-Generated Code Vulnerability

Missing Supabase RLS

Tables without restrictive Row Level Security policies allow unauthorized reads and writes.

Affected Platforms
LovableBolt.newReplitv0
Severity
Critical
Remediate immediately

How to detect it

  • 1Enumerate table policy coverage
  • 2Test anonymous and authenticated role access
  • 3Check for service_role usage in frontend code

How to fix it

  • 1Enable RLS on all sensitive tables
  • 2Apply default deny policy model
  • 3Add policy tests and deployment guardrails
Check if your app is affected
VibeMeds automatically detects this and 41 other vulnerability patterns.
Scan Your App Free →