Live disclosure tracker · updated continuously

2026 Data Breaches Year-to-Date

2026 continues the year-over-year growth trend in confirmed disclosures. The list below updates as new breaches are reported by Verizon DBIR partners and major security news outlets.

98B+
Records Exposed
747
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 2026 Index

2026 Data Breaches Year-to-Date (747 indexed)

high · tech · May 21, 2026

Langflow Langflow

Langflow Origin Validation Error Vulnerability — Langflow contains an origin validation error vulnerability in which an overly permissive CORS configuration combined with a refresh token cookie configured as SameSite=Non

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · tech · May 21, 2026

Dragonica Lunaris

126,293 records exposed — Dates of birth, Email addresses, Names, Passwords and 2 more

View incident → Indexed 1 month, 3 weeks ago
high · tech · May 20, 2026

Microsoft Internet Explorer

Microsoft Internet Explorer Use-After-Free Vulnerability — Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code by accessing a pointer associate

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · tech · May 20, 2026

Microsoft DirectX

Microsoft DirectX NULL Byte Overwrite Vulnerability — Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · tech · May 20, 2026

Adobe Acrobat and Reader

Adobe Acrobat and Reader Heap-Based Buffer Overflow Vulnerability — Adobe Acrobat and Reader contain a heap-based buffer overflow vulnerability which could allow remote attackers to execute arbitrary code via a crafted P

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · tech · May 20, 2026

Microsoft Internet Explorer

Microsoft Internet Explorer Use-After-Free Vulnerability — Microsoft Internet Explorer contains an use-after-free vulnerability that could allow remote attackers to execute arbitrary code via vectors involving access to

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · tech · May 20, 2026

Microsoft Defender

Microsoft Defender Link Following Vulnerability — Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally.

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · tech · May 20, 2026

Microsoft Windows

Microsoft Windows Buffer Overflow Vulnerability — Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request

View incident → Original disclosure Indexed 1 month, 3 weeks ago
medium · tech · May 19, 2026

CTT

468,124 records exposed — Email addresses, Names, Phone numbers

View incident → Indexed 1 month, 3 weeks ago
critical · finance · May 18, 2026

Addi

34,532,941 records exposed — Age groups, Credit scores, Device information, Email addresses and 9 more

View incident → Indexed 1 month, 3 weeks ago
high · tech · May 15, 2026

Microsoft Microsoft

Microsoft Exchange Server Cross-Site Scripting Vulnerability — Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditi

View incident → Original disclosure Indexed 1 month, 3 weeks ago
high · finance · May 14, 2026

Abrigo

711,099 records exposed — Email addresses, Employers, Job titles, Names and 2 more

View incident → Indexed 1 month, 4 weeks ago
high · tech · May 14, 2026

Cisco Catalyst SD-WAN

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability — Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass a

View incident → Original disclosure Indexed 1 month, 4 weeks ago
medium · government · May 12, 2026

Cushman & Wakefield

310,431 records exposed — Email addresses, Job titles, Names, Phone numbers and 2 more

View incident → Indexed 2 months ago
medium · finance · May 8, 2026

Zara

197,376 records exposed — Email addresses, Geographic locations, Purchases, Support tickets

View incident → Indexed 2 months ago