AI startup Lovable is facing criticism over its handling of a security vulnerability that allowed users to access sensitive information belonging to others. The flaw, identified as a Broken Object Level Authorization (BOLA) bug, potentially exposed source code, database credentials, and chat histories for projects created before November 2025.
.
.
.
.
