CVE-2026-10140
CriticalCVSS 9.6Exploitation Probability (EPSS)
Low risk10th percentile — higher than 10% of all known CVEs
Summary
IBM Langflow OSS versions 1.0.0 through 1.10.0 in voice mode have improper shared-state handling that allows reuse of API clients across tenant boundaries. An authenticated attacker can manipulate cache state to cause requests from other users to be processed using incorrect upstream API credentials, leading to cross-tenant billing and accountability misattribution.
Risk Assessment
The organization is exposed to unauthorized use of API resources by other tenants, potentially resulting in incorrect cost allocation and loss of control over billing and auditing.
Recommendation
Immediately upgrade IBM Langflow OSS to version 1.10.1 or later, which includes a fix for this vulnerability. Until the update is applied, disable voice mode or restrict access to trusted users only.
Original NVD description (English source)
IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains improper shared-state handling that allows reuse of API clients across tenant boundaries. An authenticated attacker can manipulate cache state to cause requests from other users to be processed using incorrect upstream API credentials, leading to cross-tenant billing and accountability misattribution.

