Live disclosure tracker · updated continuously

Technology & Software Data Breaches

SaaS platforms, cloud providers, developer tooling, and app-layer infrastructure are concentrated attack surfaces. One tech vendor breach can expose thousands of downstream customers. Below is every tech-sector breach LeakTrace has indexed.

98B+
Records Exposed
6229
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 2026 Index

Technology & Software Data Breaches (6229 indexed)

critical · tech · Jul 8, 2026

KDDI Japan

14.2M email credentials exposed across six ISPs

View incident → Indexed 1 week, 1 day ago
high · tech · Jul 7, 2026

Adobe ColdFusion

Adobe ColdFusion Path Traversal Vulnerability — Adobe ColdFusion contains a path traversal vulnerability that could lead to arbitrary code execution in the context of the current user.

View incident → Original disclosure Indexed 1 week, 2 days ago
high · tech · Jul 7, 2026

Joomlack Page Builder

Joomlack Page Builder Improper Access Control Vulnerability — Joomlack Page Builder contains an improper access control vulnerability that could allow for remote code execution via unauthenticated arbitrary file upload.

View incident → Original disclosure Indexed 1 week, 2 days ago
high · tech · Jul 7, 2026

Langflow Langflow

Langflow Authorization Bypass Through User-Controlled Key Vulnerability — Langflow contains an authorization bypass through user-controlled key vulnerability which allows an authenticated attacker to execute any flow bel

View incident → Original disclosure Indexed 1 week, 2 days ago
high · tech · Jul 7, 2026

JoomShaper SP Page Builder

JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability — JoomShaper SP Page Builder contains an unrestricted upload of file with dangerous type vulnerability that allows unauthenticated

View incident → Original disclosure Indexed 1 week, 2 days ago
high · tech · Jul 1, 2026

Microsoft SharePoint Server

Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability — Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to execute code ove

View incident → Original disclosure Indexed 2 weeks, 1 day ago
high · tech · Jun 29, 2026

SimpleHelp SimpleHelp

SimpleHelp Authentication Bypass Vulnerability — SimpleHelp contains an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login

View incident → Original disclosure Indexed 2 weeks, 3 days ago
medium · tech · Jun 26, 2026

American Tower

216,601 records exposed — Email addresses, Job titles, Names, Phone numbers and 1 more

View incident → Indexed 2 weeks, 6 days ago
high · tech · Jun 25, 2026

PTC Windchill and FlexPLM

PTC Windchill and FlexPLM Improper Input Validation Vulnerability — PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary code by

high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Improper Access Control Vulnerability — Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to the network to make unauthorized changes to

View incident → Original disclosure Indexed 3 weeks, 2 days ago
high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Path Traversal Vulnerability — Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the network to access files on the underlying system that coul

View incident → Original disclosure Indexed 3 weeks, 2 days ago
high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Improper Input Validation Vulnerability — Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to the network to conduct command injectio

View incident → Original disclosure Indexed 3 weeks, 2 days ago
high · tech · Jun 23, 2026

Lantronix EDS5000

Lantronix EDS5000 Code Injection Vulnerability — Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are exe

View incident → Original disclosure Indexed 3 weeks, 2 days ago
high · tech · Jun 18, 2026

Splunk Enterprise

Splunk Enterprise Missing Authentication for Critical Function Vulnerability — Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create o

high · tech · Jun 15, 2026

Cisco Catalyst SD-WAN Manager

Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability — Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a

high · tech · Jun 15, 2026

LiteSpeed cPanel Plugin

LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability — LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access

high · tech · Jun 11, 2026

Ivanti Sentry

Ivanti Sentry OS Command Injection Vulnerability — Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a remote unauthenticated user to achieve root-level

high · tech · Jun 9, 2026

Cisco Catalyst SD-WAN Manager

Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability — Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerab

View incident → Original disclosure Indexed 1 month, 1 week ago