## Critical Supabase RLS Failure: ZombieLabsV2 Project Database Exposed Publicly
A critical security vulnerability has left a Supabase database completely exposed, allowing anyone with the project URL to read, edit, and delete all data without any authentication. The flaw, detected on April 13, 2026, stems from Row-Level Security (RLS) being disabled on one or more tables within the project identified as `ejvavmpieilvigjktugh`, associated with `zombielabsv2`. This configuration error effectively bypasses all access controls, turning the database into a publicly writable endpoint.

The issue, classified as `rls_disabled_in_public` with a 'Critical' severity rating, impacts the Supabase project `ejvavmpieilvigjktugh`. The exposure means that any data stored in the affected tables—potentially including user information, application state, or proprietary content—is accessible and modifiable by anyone on the internet. Supabase has issued a direct security advisory, urging immediate remediation to prevent potential data breaches, unauthorized manipulation, or complete data loss.

The required action is explicit: project administrators must immediately log into the Supabase dashboard, identify the specific tables with RLS disabled, and enable the security feature. Furthermore, they must craft and apply appropriate RLS policies to restore secure, role-based access without breaking legitimate application functionality. This incident serves as a stark warning for development teams relying on platform-managed services, highlighting how a single misconfiguration can nullify all security layers and expose core data assets to the public web.
---
- **Source**: GitHub Issues
- **Sector**: The Lab
- **Tags**: Data Breach, Cloud Security, Misconfiguration, Supabase, Database
- **Credibility**: unverified
- **Published**: 2026-04-15 23:22:53
- **ID**: 66391
- **URL**: https://whisperx.ai/en/intel/66391