A critical Broken Object Level Authorization (BOLA) vulnerability in Lovable, the popular AI-powered app builder platform, is reportedly allowing unauthorized users to access sensitive project data, including source code, database credentials, AI chat histories, and real customer information from thousands of projects created before November 2025. The flaw, classified as a Broken Object Level Authorization […] The post Lovable AI App Builder Reportedly Exposes Thousands of Projects Data via API Flaw appeared first on Cyber Security News.