LG Electronics
780K customer records compromised in supply chain attack
Technology & Software Data Breaches (1145 indexed)
OVHcloud (France)
920K customer records and server configurations exposed via compromised management portal
Cisco SD-WAN
Cisco SD-WAN Path Traversal Vulnerability — Cisco SD-WAN CLI contains a path traversal vulnerability that could allow an authenticated local attacker to gain elevated privileges via improper access controls on commands w
Cisco Catalyst SD-WAN Controller and Manager
Cisco Catalyst SD-WAN Controller and Manager Authentication Bypass Vulnerability — Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, contain an authenti
Bell Canada (2026)
2.2M customer records exposed via compromised residential internet provisioning system
Soliton Systems K.K FileZen
Soliton Systems K.K FileZen OS Command Injection Vulnerability — Soliton Systems K.K FileZen contains an OS command injection vulnerability when an user logs-in to the affected product and sends a specially crafted HTTP
CarGurus
12,461,887 records exposed — Email addresses, IP addresses, Names, Phone numbers and 1 more
Atlassian Confluence Cloud
4.8M wiki pages from enterprise customers exposed via critical authentication bypass
Roundcube Webmail
RoundCube Webmail Deserialization of Untrusted Data Vulnerability — RoundCube Webmail contains a deserialization of untrusted data vulnerability that allows remote code execution by authenticated users because the _from
Roundcube Webmail
RoundCube Webmail Cross-site Scripting Vulnerability — RoundCube Webmail contains a cross-site scripting vulnerability via the animate tag in an SVG document.
GitLab GitLab
GitLab Server-Side Request Forgery (SSRF) Vulnerability — GitLab contains a server-side request forgery (SSRF) vulnerability when requests to the internal network for webhooks are enabled.
Dell RecoverPoint for Virtual Machines (RP4VMs)
Dell RecoverPoint for Virtual Machines (RP4VMs) Use of Hard-coded Credentials Vulnerability — Dell RecoverPoint for Virtual Machines (RP4VMs) contains an use of hard-coded credentials vulnerability that could allow an un
Synacor Zimbra Collaboration Suite
Synacor Zimbra Collaboration Suite (ZCS) Server-Side Request Forgery Vulnerability — Synacor Zimbra Collaboration Suite (ZCS) contains a server-side request forgery vulnerability if WebEx zimlet installed and zimlet JSP
TeamT5 ThreatSonar Anti-Ransomware
TeamT5 ThreatSonar Anti-Ransomware Unrestricted Upload of File with Dangerous Type Vulnerability — TeamT5 ThreatSonar Anti-Ransomware contains an unrestricted upload of file with dangerous type vulnerability. ThreatSonar
NEC Corporation (Japan)
540K defense contractor employee records and project data accessed over multi-year intrusion
Google Chromium
Google Chromium CSS Use-After-Free Vulnerability — Google Chromium CSS contains a use-after-free vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulne
Microsoft Windows
Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability — Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constr
APOIA.se
450,764 records exposed — Email addresses, Names, Physical addresses
Equinix Data Centers
740K enterprise customer metadata and colocation records exposed in Netscaler vulnerability exploit
Zoom Communications (2026)
780K enterprise meeting recordings and transcripts accessed via compromised admin portal
Odido (Dutch Telecom)
6.2M customer records including passport and bank account numbers leaked by ShinyHunters
BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)
BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) OS Command Injection Vulnerability — BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA)contain an OS command injection vulnerability. Suc
Lyft Inc.
290K driver and rider records exposed via compromised third-party background check vendor
Microsoft Configuration Manager
Microsoft Configuration Manager SQL Injection Vulnerability — Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this vulnerability by sending specially cra