A single missing ownership check exposed tens of thousands of Lovable.dev projects – source code, credentials, customer data, AI chat history – to anyone with a free account. This is what BOLA looks like in the vibe-coding era. And it’s only getting more common.
When researchers disclosed the Lovable.dev vulnerability this week, the headline made it sound like a sophisticated attack. It wasn’t. There was no exploit. No zero-day. No credential theft or social engineering. An attacker with a free account made five API calls and walked away with another user’s source code, live database credentials, AI conversation history, and real customer data.
The root cause? Lovable’s /projects/{id}/* endpoints verified that a valid Firebase authentication token was present. They just never checked whether that token belonged to the owner of the project being requested.
| ✓ Authentication present | ✗ Authorization missing |
One missing check. Tens of thousands of projects exposed. A bug report that sat open for 48 days while Lovable quietly patched new projects and said nothing to the users already affected.
This is Broken Object Level Authorization — BOLA — OWASP API Security #1. Not because it’s rare. Because it’s everywhere, and almost nobody is looking for it in the right way.
Why AI Can’t Write the Logic That Matters Most
The Lovable incident is a preview of what happens when AI-generated code ships at production scale without a security layer that understands business rules.
AI coding tools are extraordinarily good at what they do. They generate endpoints, scaffold authentication flows, wire up databases. What they cannot do is encode ownership logic — because ownership logic doesn’t live in code. It lives in the rules your business runs on.
Which user owns which object. Which role is permitted to perform which action. Which sequence of API calls constitutes legitimate use — and which constitutes abuse.
These are business decisions. They exist in your product spec, in your compliance requirements, in the implicit assumptions your engineering team makes when they design a data model. An AI that hasn’t read your business can’t encode them. And without them, every API it generates is a potential BOLA waiting to surface.
The AI writes authentication. Nobody writes ownership. That’s the gap attackers walk through.
Why Your Existing Security Stack Is Blind to This
When a Lovable attacker called /projects/4821 with a valid token, every layer of traditional security saw exactly what it was designed to see: a clean, authenticated, well-formed request. Nothing to flag. Nothing to alert on.
A WAF inspects the request for malicious payloads — SQL injection, XSS, known attack signatures. There are none. Request passes.
A SIEM logs an authenticated API session. The token is valid. The endpoint exists. The call completes with 200 OK. Looks fine.
An API gateway counts the request toward rate limits. It’s well under threshold. No anomaly detected.
None of these tools know that project 4821 belongs to user A, not user B. That knowledge doesn't live in the request. It lives in the relationship between your data model and your business rules — and no infrastructure tool in your current stack has access to it.
This is why BOLA remains #1 on the OWASP list year after year. It’s not that security teams don’t care. It’s that the tools they rely on were designed for a different class of threat — network-level attacks, malformed payloads, known exploit patterns. Business logic abuse is structurally invisible to all of them.
How AppSentinels Catches What Everything Else Misses
AppSentinels was built specifically for this gap. Our approach starts with a runtime model of your API’s object ownership structure — what we call the Business Logic Graph.
The Business Logic Graph maps every API object, every ownership relationship, and every access path across your entire API surface. It encodes the logic your business intends — who can touch what, under which conditions, in which sequence. Then it continuously red-teams your live APIs against that model, probing for three failure classes that everything else misses:
Had AppSentinels been running on Lovable’s API surface, the missing ownership check on /projects/{id}/* would have surfaced immediately — not as part of a post-breach investigation, but as a continuous runtime finding before a single project was exposed.
The Broader Pattern
The vibe-coding wave isn’t creating the business logic problem. It’s accelerating one that has always existed. Every organization that has ever shipped APIs — built by humans, frameworks, or AI — has shipped business logic assumptions that were never formally validated. The attack surface has always been there. Most teams just didn’t know how to measure it.
What’s changing is the rate. AI-native development platforms are compressing weeks of API development into hours. The ownership logic gap that might have accumulated over a quarter is now accumulating over a morning. The risk scales with the speed.
For security leaders running coverage for engineering teams that have adopted AI-assisted development — and most of you have — the question worth asking is not whether your APIs have business logic vulnerabilities. They do. The question is whether you have any visibility into them before an attacker finds them first.
See how AppSentinels identifies the vulnerabilities your WAF, SIEM, and API gateway can’t detect. Request a demo today.
Frequently Asked Questions
What is Broken Object Level Authorization (BOLA)?
Why are BOLA vulnerabilities so difficult to detect?
Does AI-generated code increase the risk of BOLA vulnerabilities?
How is BOLA different from authentication failures?
How does AppSentinels identify business logic vulnerabilities like BOLA?
