←back to thread

Critical vulnerability in AI coding platform Base44 allowing unauthorized access

(www.wiz.io)
122 points waldopat | 5 comments | 30 Jul 25 16:12 UTC | HN request time: 0.944s | source
1. htrp ◴[30 Jul 25 17:40 UTC] No.44737210[source]
Wonder if Wix had any contractual reps/warranties around the state of the Base44 codebase.
replies(1): >>44737379 #
2. financetechbro ◴[30 Jul 25 17:53 UTC] No.44737379[source]
I would expect so to some degree. Part of acquisition process is tech diligence usually done by a third party firm. But it’s not the deepest review. They run some code scans and dig into security policies and procedures, and then create a report with their findings which is used for R&W, insurance, etc.
replies(2): >>44737501 #>>44738099 #
3. DonHopkins ◴[30 Jul 25 18:02 UTC] No.44737501[source]
"Vibe Diligence"
replies(1): >>44739288 #
4. tracker1 ◴[30 Jul 25 18:50 UTC] No.44738099[source]
Security analysis via AI...
5. ryandrake ◴[30 Jul 25 20:43 UTC] No.44739288{3}[source]
HA HA but seriously: I predict someone's going to start a Venture Fund where all the DD is "done by AI" with equally predicable results. I'm calling it now. Bookmark this comment.