Investigation Finds Thousands of AI-Built Apps Leaking Sensitive Data Across Lovable Replit and Base44

--- headline: "Investigation Finds Thousands of AI-Built Apps Leaking Sensitive Data Across Lovable, Replit, and Base44" slug: vibe-coding-apps-data-leak-crisis category: policy story_number: "10" date: 2026-05-07 ---

# Investigation Finds Thousands of AI-Built Apps Leaking Sensitive Data Across Lovable, Replit, and Base44

A sweeping security investigation has found that more than 5,000 web applications built with popular AI "vibe coding" platforms are leaking medical records, financial data, and corporate secrets onto the open internet, exposing a systemic failure in the tools that have made software development accessible to millions of non-engineers.

Israeli cybersecurity firm RedAccess scanned 380,000 publicly accessible assets built with platforms including Lovable, Base44, Replit, and Netlify, and found that roughly 5,000 had little to no authentication protecting them. Anyone who stumbled onto the right URL could walk in. Nearly 40 percent of those exposed apps contained sensitive data, including hospital work assignments with personally identifiable information, active clinical trial records for a health company, unredacted customer service conversations for a cabinet supplier, and internal financial information for a Brazilian bank.

"We found entire databases sitting wide open on the internet," Dor Zvi, the RedAccess researcher who led the investigation, told reporters. Many of the applications had privacy settings configured to make them publicly accessible by default, and because search engines had indexed them, the data was effectively one Google query away from anyone who cared to look.

The findings, first reported by WIRED and independently verified by Axios, land at a moment when vibe coding has become one of the fastest-growing categories in software. Lovable, the highest-profile platform in the space, hit $4 million in annual recurring revenue within its first four weeks and is now valued at $6.6 billion with eight million users. Collins English Dictionary named "vibe coding" its Word of the Year for 2025. Gartner forecasts that 60 percent of all new code will be AI-generated by the end of 2026.

But the security data across the category is alarming. Between 40 and 62 percent of AI-generated code contains security vulnerabilities, depending on the study. A first-quarter 2026 assessment of more than 200 vibe-coded applications found that 91.5 percent contained at least one vulnerability traceable to AI hallucination. More than 60 percent exposed API keys or database credentials in public repositories. AI-written code produces flaws at 2.74 times the rate of human-written code, according to an analysis of 470 GitHub pull requests.

The root cause is deceptively simple. AI coding assistants optimize for making apps that work, not apps that are secure. When a user asks for a page that displays messages, the model builds one that displays messages. It does not pause to ask who should be allowed to see them. "AI coding tools only do what is asked of them," security researcher Joel Margolis told WIRED. "So if a user does not ask for security explicitly, the app may not be secure by default."

The architectural pattern that vibe coding tools push makes the problem worse. Most generate a frontend that talks directly to a hosted backend like Supabase or Firebase, using an API key embedded in the client code. Both services provide per-table access rules, but those rules are frequently left in their default, wide-open configuration. Alex Stamos, former chief security officer at Facebook, captured the risk succinctly when discussing the practice of connecting users directly to a database: "You can do it correctly. The odds of doing it correctly are extremely low."

Lovable has been at the center of repeated incidents. In February, a tech entrepreneur found 16 vulnerabilities, six of them critical, in a single app featured on Lovable"s own Discover page with more than 100,000 views. The app, an AI-powered education tool, exposed 18,697 user records, including 4,538 student accounts from UC Berkeley and UC Davis. In April, a researcher disclosed a broken object-level authorization flaw in Lovable"s API that had been open for 48 days after the company closed the initial bug bounty report without escalation. The vulnerability exposed source code, database credentials, and user data for projects that had employees at Nvidia, Microsoft, Uber, and Spotify tied to affected accounts.

Platform responses have ranged from deflection to denial. Replit CEO Amjad Masad wrote on X that some users had published apps on the open web that should have been private, calling publicly accessible apps "expected behavior." Lovable initially posted that it "did not suffer a data breach," calling exposed data "intentional behaviour," before blaming its documentation, then its bug bounty partner, and finally issuing a partial apology. Base44 parent company Wix stated that public access reflects user configuration choices rather than a platform vulnerability.

The regulatory landscape is struggling to keep pace. The EU AI Act"s high-risk obligations take effect on August 2, requiring transparency and human oversight for AI systems, but none of the current regulations specifically address the security of code generated by AI models for end users. California"s S.B. 53 and New York"s RAISE Act require frontier AI developers to publish safety frameworks, yet the gap between regulatory intent and the speed of deployment continues to widen. Financial services and healthcare, the two most regulated sectors, show the lowest vibe coding adoption rates at 34 and 28 percent respectively, a signal that the market itself recognizes the compliance risks even where formal rules have not yet caught up.

Why This Matters

The vibe coding data leak crisis is not a story about a few careless developers. It is a structural failure baked into the economics of an industry that has prioritized accessibility and growth over basic security hygiene. Eighty-seven percent of Fortune 500 companies have adopted at least one vibe coding platform. Enterprise adoption grew 340 percent year over year, while non-technical user adoption surged 520 percent. Every one of those new users is building applications without the security training that traditional software engineers receive, and the platforms they are using do not compensate for that gap.

The comparison Zvi drew is instructive: this is the new wave of exposed Amazon S3 buckets, except the scale is larger, the users are less technical, and the data is more diverse. Thirty-five CVEs were disclosed in March alone from AI-generated code, up from six in January, and Georgia Tech estimates the actual figure is five to ten times higher than what is detected. Until vibe coding platforms build security defaults that protect users who do not know to ask for them, the volume of leaked data will only grow.

What to Watch Next

Security firms are raising capital specifically to address the gap. Escape raised $18 million to build AI agents that scan vibe-coded applications, reporting more than 2,000 high-impact vulnerabilities found in live production systems. Lovable partnered with Aikido for automated penetration testing. Whether these aftermarket fixes can keep up with a market that is shipping millions of new applications per quarter remains the central question, and one that regulators in Brussels, Sacramento, and Albany are only beginning to ask.