CVE-2026-10140
CRITICALCross-Tenant API Key Reuse and Billing Fraud in Langflow Voice Mode Subsystem
Title source: cnaDescription
IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains improper shared-state handling that allows reuse of API clients across tenant boundaries. An authenticated attacker can manipulate cache state to cause requests from other users to be processed using incorrect upstream API credentials, leading to cross-tenant billing and accountability misattribution.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
patch
https://www.ibm.com/support/pages/node/7278209
Scores
CVSS v3
9.6
EPSS
0.0020
EPSS Percentile
10.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-639
Status
published
Products (2)
IBM/Langflow OSS
1.0.0 - 1.10.0
langflow/langflow
1.0.0 - 1.10.0
Published
Jun 30, 2026
Tracked Since
Jul 01, 2026