{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-10140: Cross-Tenant API Key Reuse and Billing Fraud in Langflow Voice Mode Subsystem","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-10140","status":"final","version":"1","initial_release_date":"2026-06-30T19:55:31.022Z","current_release_date":"2026-06-30T19:55:31.022Z","revision_history":[{"date":"2026-06-30T19:55:31.022Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains improper shared-state handling that allows reuse of API clients across tenant boundaries. An authenticated attacker can manipulate cache state to cause requests from other users to be processed using incorrect upstream API credentials, leading to cross-tenant billing and accountability misattribution.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-10140 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-10140"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-10140"},{"category":"external","summary":"ibm.com","url":"https://www.ibm.com/support/pages/node/7278209"}]},"product_tree":{"branches":[{"category":"vendor","name":"IBM","branches":[{"category":"product_name","name":"Langflow OSS","branches":[{"category":"product_version_range","name":">=1.0.0 <=1.10.0","product":{"name":"IBM Langflow OSS >=1.0.0 <=1.10.0","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:ibm:langflow_oss:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-10140","title":"Cross-Tenant API Key Reuse and Billing Fraud in Langflow Voice Mode Subsystem","notes":[{"category":"description","text":"IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains improper shared-state handling that allows reuse of API clients across tenant boundaries. An authenticated attacker can manipulate cache state to cause requests from other users to be processed using incorrect upstream API credentials, leading to cross-tenant billing and accountability misattribution.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1"]},"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N","baseScore":9.6,"baseSeverity":"CRITICAL"},"products":["CSAFPID-1"]}],"remediations":[{"category":"none_available","details":"No fixed version is published yet. Monitor the upstream advisory.","product_ids":["CSAFPID-1"]}]}]}