Live disclosure tracker · updated continuously

Technology & Software Data Breaches

SaaS platforms, cloud providers, developer tooling, and app-layer infrastructure are concentrated attack surfaces. One tech vendor breach can expose thousands of downstream customers. Below is every tech-sector breach LeakTrace has indexed.

98B+
Records Exposed
6229
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 2026 Index

Technology & Software Data Breaches (6229 indexed)

high · tech · Apr 20, 2026

Cisco Catalyst SD-WAN Manager

Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability — Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authenticated, local

View incident → Original disclosure Indexed 2 months, 3 weeks ago
critical · tech · Apr 20, 2026

PaperCut NG/MF

PaperCut NG/MF Improper Authentication Vulnerability — PaperCut NG/MF contains an improper authentication vulnerability that could allow remote attackers to bypass authentication on affected installations via the Securit

View incident → Original disclosure Indexed 2 months, 3 weeks ago
high · tech · Apr 20, 2026

Kentico Kentico Xperience

Kentico Xperience Path Traversal Vulnerability — Kentico Xperience contains a path traversal vulnerability that could allow an authenticated user's Staging Sync Server to upload arbitrary data to path relative locations.

View incident → Original disclosure Indexed 2 months, 3 weeks ago
high · tech · Apr 20, 2026

Cisco Catalyst SD-WAN Manager

Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability — Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability

View incident → Original disclosure Indexed 2 months, 3 weeks ago
high · tech · Apr 20, 2026

Cisco Catalyst SD-WAN Manger

Cisco Catalyst SD-WAN Manager Incorrect Use of Privileged APIs Vulnerability — Cisco Catalyst SD-WAN Manager contains an incorrect use of privileged APIs vulnerability due to improper file handling on the API interface o

View incident → Original disclosure Indexed 2 months, 3 weeks ago
high · tech · Apr 16, 2026

Apache ActiveMQ

Apache ActiveMQ Improper Input Validation Vulnerability — Apache ActiveMQ contains an improper input validation vulnerability that allows for code injection.

high · tech · Apr 14, 2026

Microsoft SharePoint Server

Microsoft SharePoint Server Improper Input Validation Vulnerability — Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a networ

high · tech · Apr 14, 2026

Microsoft Office

Microsoft Office Remote Code Execution — Microsoft Office Excel contains a remote code execution vulnerability that could allow an attacker to take complete control of an affected system if a user opens a specially craft

high · tech · Apr 13, 2026

Fortinet FortiClient EMS

Fortinet FortiClient EMS SQL Injection Vulnerability — Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically

high · tech · Apr 13, 2026

Microsoft Windows

Microsoft Windows Out-of-Bounds Read Vulnerability — Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation

critical · tech · Apr 13, 2026

Microsoft Exchange Server

Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability — Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution. —

medium · tech · Apr 8, 2026

My Lovely AI

106,271 records exposed — Email addresses, Social media profiles

View incident → Indexed 3 months, 1 week ago
high · tech · Apr 6, 2026

Fortinet FortiClient EMS

Fortinet FortiClient EMS Improper Access Control Vulnerability — Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or comma

View incident → Original disclosure Indexed 3 months, 1 week ago
high · tech · Apr 4, 2026

SongTrivia2

291,739 records exposed — Auth tokens, Avatars, Email addresses, Names and 2 more

View incident → Indexed 3 months, 1 week ago
high · tech · Apr 2, 2026

TrueConf Client

TrueConf Client Download of Code Without Integrity Check Vulnerability — TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path ca

View incident → Original disclosure Indexed 3 months, 2 weeks ago
high · tech · Apr 1, 2026

Google Dawn

Google Dawn Use-After-Free Vulnerability — Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML pag

View incident → Original disclosure Indexed 3 months, 2 weeks ago
high · tech · Mar 30, 2026

Citrix NetScaler

Citrix NetScaler Out-of-Bounds Read Vulnerability — Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability wh

View incident → Original disclosure Indexed 3 months, 2 weeks ago
high · tech · Mar 27, 2026

F5 BIG-IP

F5 BIG-IP Stack-Based Buffer Overflow Vulnerability — F5 BIG-IP APM contains a stack-based buffer overflow vulnerability that could allow a threat actor to achieve remote code execution.

View incident → Original disclosure Indexed 3 months, 2 weeks ago