Live disclosure tracker · updated continuously

Technology & Software Data Breaches

SaaS platforms, cloud providers, developer tooling, and app-layer infrastructure are concentrated attack surfaces. One tech vendor breach can expose thousands of downstream customers. Below is every tech-sector breach LeakTrace has indexed.

98B+
Records Exposed
1095
Incidents
94+
Countries
+104%
Breach Velocity YoY
View Live Map → Run Free Exposure Scan RSS
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026

Technology & Software Data Breaches (1095 indexed)

high · tech · Dec 19, 2025

WatchGuard Firebox

WatchGuard Firebox Out of Bounds Write Vulnerability — WatchGuard Fireware OS iked process contains an out of bounds write vulnerability in the OS iked process. This vulnerability may allow a remote unauthenticated attac

View incident → Original disclosure Indexed 3 months, 3 weeks ago
high · tech · Dec 17, 2025

ASUS Live Update

ASUS Live Update Embedded Malicious Code Vulnerability — ASUS Live Update contains an embedded malicious code vulnerability client were distributed with unauthorized modifications introduced through a supply chain compro

View incident → Original disclosure Indexed 3 months, 3 weeks ago
high · tech · Dec 17, 2025

Cisco Multiple Products

Cisco Multiple Products Improper Input Validation Vulnerability — Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input validation vulnerability that allows thr

View incident → Original disclosure Indexed 3 months, 3 weeks ago
high · tech · Dec 17, 2025

SonicWall SMA1000 appliance

SonicWall SMA1000 Missing Authorization Vulnerability — SonicWall SMA1000 contains a missing authorization vulnerability that could allow for privilege escalation appliance management console (AMC) of affected devices.

View incident → Original disclosure Indexed 3 months, 3 weeks ago
high · tech · Dec 16, 2025

Fortinet Multiple Products

Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability — Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulner

View incident → Original disclosure Indexed 3 months, 3 weeks ago
high · tech · Dec 15, 2025

Gladinet CentreStack and Triofox

Gladinet CentreStack and Triofox Hard Coded Cryptographic Vulnerability — Gladinet CentreStack and TrioFox contain a hardcoded cryptographic keys vulnerability for their implementation of the AES cryptoscheme. This vulne

View incident → Original disclosure Indexed 3 months, 4 weeks ago
high · tech · Dec 15, 2025

Apple Multiple Products

Apple Multiple Products Use-After-Free WebKit Vulnerability — Apple iOS, iPadOS, macOS, and other Apple products contain a use-after-free vulnerability in WebKit. Processing maliciously crafted web content may lead to me

View incident → Original disclosure Indexed 3 months, 4 weeks ago
high · tech · Dec 12, 2025

Google Chromium

Google Chromium Out of Bounds Memory Access Vulnerability — Google Chromium contains an out of bounds memory access vulnerability in ANGLE that could allow a remote attacker to perform out of bounds memory access via a c

View incident → Original disclosure Indexed 4 months ago
high · tech · Dec 12, 2025

Sierra Wireless AirLink ALEOS

Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability — Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. A specially crafted H

View incident → Original disclosure Indexed 4 months ago
high · tech · Dec 11, 2025

OSGeo GeoServer

OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability — OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the application accep

View incident → Original disclosure Indexed 4 months ago
high · tech · Dec 9, 2025

RARLAB WinRAR

RARLAB WinRAR Path Traversal Vulnerability — RARLAB WinRAR contains a path traversal vulnerability allowing an attacker to execute code in the context of the current user.

View incident → Original disclosure Indexed 4 months ago
high · tech · Dec 9, 2025

Microsoft Windows

Microsoft Windows Use After Free Vulnerability — Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally.

View incident → Original disclosure Indexed 4 months ago
high · tech · Dec 8, 2025

D-Link Routers

D-Link Routers Buffer Overflow Vulnerability — D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and availability. The impacted products could be end-of-life (E

View incident → Original disclosure Indexed 4 months ago
critical · tech · Dec 5, 2025

Meta React Server Components

Meta React Server Components Remote Code Execution Vulnerability — Meta React Server Components contains a remote code execution vulnerability that could allow unauthenticated remote code execution by exploiting a flaw i

View incident → Original disclosure Indexed 4 months, 1 week ago
high · tech · Dec 3, 2025

OpenPLC ScadaBR

OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability — OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload a

View incident → Original disclosure Indexed 4 months, 1 week ago