When the bug report sits open for 48 days and employees from Nvidia, Microsoft, Uber, and Spotify have their code exposed, you're not looking at a security incident anymore—you're looking at what happens when AI coding tools move faster than the people building them.
The Summary
- A user with a free Lovable account accessed other users' code, AI chat histories, and customer data in what the Swedish AI-coding startup initially denied was a breach, then walked back after X backlash.
- The security flaw affected projects created before November 2025, and the bug was reported 48 days before going public, marked as duplicate, and left open.
- Lovable's defense: public projects were viewable "by design" to let users explore what others were building, but the messaging landed like a confession wrapped in a feature request.
The Signal
This is the security tax for vibe coding. Lovable lets non-technical users describe apps in plain English and ships working code. The pitch is compelling: skip the bootcamp, skip the CS degree, just describe what you want and the AI builds it. The problem is that when you abstract away the complexity of building software, you also abstract away the discipline that keeps data secure.
A user named "Impulsive" on X accessed another user's code, AI conversation logs, and customer data through a free account. Not through social engineering. Not through a zero-day exploit. Through the front door, because Lovable defaulted projects to public and didn't make that clear enough for people shipping production apps with real user data.
"The bug was reported 48 days ago. It's not fixed. They marked it as duplicate and left it open."
Here's what makes this particularly ugly: employees from Nvidia, Microsoft, Uber, and Spotify all had accounts. That means people at companies with mature security practices were using a tool that didn't have basic access controls locked down. Lovable eventually admitted it switched off public visibility by default in December 2024, but projects created before that stayed exposed until someone on X forced their hand.
The first response from Lovable was worse than the bug. They denied it was a breach and said public project visibility was intentional. After the backlash, they issued a second statement trying to clarify. That two-step is the tell. If your security model requires a second statement to explain why users' production data was visible to strangers, your security model is wrong.
Key points on why this matters beyond one startup's mistake:
- AI coding tools are proliferating. Lovable competes with Cursor, Replit, v0, and labs at Anthropic and OpenAI building similar products.
- The people using these tools often lack the security habits that come from years of shipping code and getting burned.
- When the AI handles the implementation, users don't see the defaults. They don't review access controls. They just assume it's locked down because the output looks professional.
This incident is a preview of what happens when millions of people start shipping apps they didn't write. The code works. The UI looks good. But somewhere in the settings they didn't check, the database is wide open and the API keys are committed to a public repo. Traditional software engineering culture developed security practices through decades of painful lessons. Vibe coding is speed-running that education, and the tuition is paid in exposed customer data.
The Implication
If you're building with AI coding tools, treat every project like it's public until you verify otherwise. Check the defaults. Read the access control docs. Don't assume the AI knows your threat model. And if you're a company in this space, understand that "move fast" doesn't mean "move carelessly." The users adopting these tools don't have security instincts yet. That's your job to encode, not theirs to discover through incidents.
For developers skeptical of AI coding, this is ammunition. But it's also a blueprint. The companies that figure out how to ship vibe coding tools with security guardrails baked in—defaults that protect users even when they don't know what they're doing—will win the next wave. Lovable's stumble is a gift to whoever builds that right.