Vibe-Coded Apps Expose Sensitive Data on Open Web

Vibe-Coded Apps Expose Sensitive Data on Open Web

First seen 9 May 2026, 09:12 UTC Rss.SlashdotVenturebeatescape.techUk.PcmagAu.Pcmag+1 85% similarity 69.0

Article Content

Browse articles
ThreatCluster

Recent research revealed that over 5,000 vibe-coded applications, created using platforms like Lovable and Base44, exposed sensitive corporate and personal data. The cybersecurity firm RedAccess found that approximately 40% of these apps lacked proper security measures, allowing unauthorized access to sensitive information. The vulnerabilities included medical records, financial data, and internal corporate documents. Escape.tech also reported identifying over 2,000 vulnerabilities across 5,600 analyzed vibe-coded applications, with many being live production systems. The ease of creating and deploying these applications without security checks has raised significant concerns among security professionals. Phishing sites impersonating major corporations were also discovered, further highlighting the risks associated with vibe coding. The findings emphasize the urgent need for better security practices among non-developers using these tools.

Key Points: • Over 5,000 vibe-coded apps exposed sensitive data due to inadequate security. • RedAccess identified that 40% of these apps allowed unauthorized access to critical information. • Escape.tech found over 2,000 vulnerabilities in 5,600 analyzed vibe-coded applications.

ThreatCluster AI

Timeline

2025-05-30
CVE-2025-48757 published
Vulnerability assigned a CVE identifier and published in the National Vulnerability Database.
MITRE
2026-05-08
Report highlights security risks of vibe coding
Thousands of vibe-coded applications were found to lack security, exposing sensitive data and allowing easy access.
Rss.Slashdot
2026-05-09
Escape.tech reports vulnerabilities in vibe-coded apps
Escape.tech analyzed 5,600 vibe-coded applications, finding over 2,000 vulnerabilities and 400 exposed secrets.
escape.tech
2026-05-09
RedAccess reveals data exposure in vibe-coded apps
RedAccess discovered 5,000 publicly accessible vibe-coded apps, with 40% exposing sensitive corporate and personal data.
Venturebeat

Community

Browse all →