CVE-2026-10140 - Cross-Tenant API Key Reuse and Billing Fraud in Langflow Voice Mode Subsystem
CVE ID :CVE-2026-10140 Published : June 30, 2026, 7:55 p.m. | 1 hour, 17 minutes ago Description :IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains improper shared-state handling that allows reuse of API clients across tenant boundaries. An authenticated attacker can manipulate cache...