Live disclosure tracker · updated continuously

Technology & Software Data Breaches

SaaS platforms, cloud providers, developer tooling, and app-layer infrastructure are concentrated attack surfaces. One tech vendor breach can expose thousands of downstream customers. Below is every tech-sector breach LeakTrace has indexed.

98B+
Records Exposed
3008
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 2026 Index

Technology & Software Data Breaches (3008 indexed)

high · tech · Jun 29, 2026

SimpleHelp SimpleHelp

SimpleHelp Authentication Bypass Vulnerability — SimpleHelp contains an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login

View incident → Original disclosure Indexed 1 week, 6 days ago
medium · tech · Jun 26, 2026

American Tower

216,601 records exposed — Email addresses, Job titles, Names, Phone numbers and 1 more

View incident → Indexed 2 weeks, 2 days ago
high · tech · Jun 25, 2026

PTC Windchill and FlexPLM

PTC Windchill and FlexPLM Improper Input Validation Vulnerability — PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary code by

View incident → Original disclosure Indexed 2 weeks, 3 days ago
high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Improper Access Control Vulnerability — Ubiquiti UniFi OS contains an improper access control vulnerability which could allow a malicious actor with access to the network to make unauthorized changes to

View incident → Original disclosure Indexed 2 weeks, 5 days ago
high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Path Traversal Vulnerability — Ubiquiti UniFi OS contains a path traversal vulnerability which could allow a malicious actor with access to the network to access files on the underlying system that coul

View incident → Original disclosure Indexed 2 weeks, 5 days ago
high · tech · Jun 23, 2026

Ubiquiti UniFi OS

Ubiquiti UniFi OS Improper Input Validation Vulnerability — Ubiquiti UniFi OS contains an improper input validation vulnerability which could allow a malicious actor with access to the network to conduct command injectio

View incident → Original disclosure Indexed 2 weeks, 5 days ago
high · tech · Jun 23, 2026

Lantronix EDS5000

Lantronix EDS5000 Code Injection Vulnerability — Lantronix EDS5000 contains a code injection vulnerability that could allow attackers to inject arbitrary OS commands into the username parameter. Injected commands are exe

View incident → Original disclosure Indexed 2 weeks, 5 days ago
high · tech · Jun 18, 2026

Splunk Enterprise

Splunk Enterprise Missing Authentication for Critical Function Vulnerability — Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create o

View incident → Original disclosure Indexed 3 weeks, 3 days ago
high · tech · Jun 15, 2026

Cisco Catalyst SD-WAN Manager

Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability — Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a

View incident → Original disclosure Indexed 3 weeks, 6 days ago
high · tech · Jun 15, 2026

LiteSpeed cPanel Plugin

LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability — LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access

View incident → Original disclosure Indexed 3 weeks, 6 days ago
high · tech · Jun 11, 2026

Ivanti Sentry

Ivanti Sentry OS Command Injection Vulnerability — Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a remote unauthenticated user to achieve root-level

high · tech · Jun 9, 2026

Cisco Catalyst SD-WAN Manager

Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability — Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerab

high · tech · Jun 9, 2026

Google Chromium V8

Google Chromium V8 Out-of-Bounds Read and Write Vulnerability — Google Chromium V8 out-of-bounds read and write vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HT

critical · tech · Jun 8, 2026

Check Point Security Gateway

Check Point Security Gateway Improper Authentication Vulnerability — Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacke

high · tech · Jun 8, 2026

BerriAI LiteLLM

BerriAI LiteLLM Command Injection Vulnerability — BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrar

high · tech · Jun 5, 2026

SolarWinds Serv-U

SolarWinds Serv-U Uncontrolled Resource Consumption Vulnerability — SolarWinds Serv-U contains an uncontrolled resource consumption vulnerability that allows specially crafted POST requests using the Content-Encoding: de

View incident → Original disclosure Indexed 1 month, 1 week ago
high · tech · Jun 2, 2026

Android Framework

Android Framework Integer Overflow Vulnerability — Android Framework contains an integer overflow vulnerability that allows for code execution that could allow for local privilege escalation.

View incident → Original disclosure Indexed 1 month, 1 week ago
high · tech · Jun 2, 2026

Linux Kernel

Linux Kernel Improper Authentication Vulnerability — Linux Kernel contains an improper authentication vulnerability which could allow for privilege escalation via the cgroups v1 release_agent feature.

View incident → Original disclosure Indexed 1 month, 1 week ago