SUCCESS
253,510 records exposed — Device information, Email addresses, IP addresses, Names and 4 more
2026 continues the year-over-year growth trend in confirmed disclosures. The list below updates as new breaches are reported by Verizon DBIR partners and major security news outlets.
253,510 records exposed — Device information, Email addresses, IP addresses, Names and 4 more
144,250 records exposed — Avatars, Display names, Email addresses
Citrix NetScaler Out-of-Bounds Read Vulnerability — Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability wh
339,778 records exposed — Email addresses, Passwords, Usernames
F5 BIG-IP Stack-Based Buffer Overflow Vulnerability — F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote code execution.
128,683 records exposed — Display names, Email addresses, IP addresses, Passwords and 1 more
292,993 records exposed — Email addresses, Names, Passwords
Aquasecurity Trivy Embedded Malicious Code Vulnerability — Aquasecurity Trivy contains an embedded malicious code vulnerability that could allow an attacker to gain access to everything in the CI/CD environment, includin
Langflow Code Injection Vulnerability — Langflow contains a code injection vulnerability that could allow building public flows without requiring authentication.
222,762 records exposed — Email addresses, IP addresses, Passwords, Usernames
Apple Multiple Products Classic Buffer Overflow Vulnerability — Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain a classic buffer overflow vulnerability which could allow a malicious application to cause une
Apple Multiple Products Buffer Overflow Vulnerability — Apple Safari, iOS, watchOS, visionOS, iPadOS, macOS, and tvOS contain a buffer overflow vulnerability that could allow the processing of maliciously crafted web con
Craft CMS Code Injection Vulnerability — Craft CMS contains a code injection vulnerability that allows a remote attacker to execute arbitrary code.
Laravel Livewire Code Injection Vulnerability — Laravel Livewire contain a code injection vulnerability that could allow unauthenticated attackers to achieve remote command execution in specific scenarios.
Apple Multiple Products Improper Locking Vulnerability — Apple watchOS, iOS, iPadOS, macOS, visionOS, and tvOS contain an improper locking vulnerability that could allow a malicious application to cause unexpected change
Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability — Cisco Secure Firewall Management Center (FMC) Software a
903,080 records exposed — Customer service records, Email addresses, IP addresses, Names and 2 more
Microsoft SharePoint Deserialization of Untrusted Data Vulnerability — Microsoft SharePoint contains a deserialization of untrusted data vulnerability that allows an unauthorized attacker to execute code over a network.
Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting Vulnerability — Synacor Zimbra Collaboration Suite (ZCS) contains a cross-site scripting vulnerability in the Classic UI where attackers could abuse Cascading
Wing FTP Server Information Disclosure Vulnerability — Wing FTP Server contains a generation of error message containing sensitive information vulnerability when using a long value in the UID cookie.
1,266,822 records exposed — Dates of birth, Email addresses, Genders, Geographic locations and 5 more
105,814 records exposed — Email addresses, Purchases, Usernames
Google Chromium V8 Improper Restriction of Operations Within the Bounds of a Memory Buffer Vulnerability — Google Chromium V8 contains an improper restriction of operations within the bounds of a memory buffer vulnerabil
Google Skia Out-of-Bounds Write Vulnerability — Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerabil