Vibe-Coded Apps Are Leaking Sensitive Data at Scale
Thousands of Vibe-Coded Apps Are Exposing Corporate and Personal Data on the Open Web
A wave of security research published between early 2025 and mid-2026 has exposed a systemic data security crisis inside the vibe coding industry. Applications built by non-technical users on platforms like Lovable, Base44, Replit, and Bolt.new are leaking names, email addresses, financial records, medical data, and secret API keys to anyone who knows where to look — not because of sophisticated attacks, but because of basic, structural security failures baked into the AI-generated code itself.
The term "vibe coding" was coined by OpenAI co-founder Andrej Karpathy in February 2025 to describe an AI-assisted development approach where users describe what they want in plain language and a large language model generates the entire application — frontend, backend, and database configuration — without the user writing a single line of code. Platforms enabling this workflow have grown explosively: Lovable, a Swedish startup, is now valued at $6.6 billion with eight million users. Replit was valued at approximately $3 billion in a September 2025 fundraising round and was reportedly nearing a new round that would value it at $9 billion. The speed is real. So is the risk.
How the Vulnerabilities Were Found — and How Bad They Are
The first major documented incident came on March 20, 2025, when Replit employee Matt Palmer discovered that a Lovable-created website called Linkable had a misconfigured Supabase database that exposed the email addresses of roughly 500 users. Palmer and his Replit colleague Kody Low then scanned 1,645 Lovable-created web apps featured on the company's own site. Their findings: 170 of those apps — approximately 10.3% — allowed anyone on the internet to access user information including names, email addresses, financial information, and secret API keys for AI services, according to Semafor.
That investigation led directly to CVE-2025-48757, a critical vulnerability in Lovable's Row-Level Security (RLS) implementation that Palmer formally disclosed. The CVE, published May 29, 2025, after a 45-day responsible disclosure window expired with no meaningful remediation from Lovable, received a CVSS score of 9.3 — Critical. It affected any Lovable project using a database created on or before April 15, 2025. In his disclosure, Palmer stated that "applications developed using its platform often lack secure RLS configurations, allowing unauthorized actors to access sensitive user data and inject malicious data."
Separate research published by The Next Web documented a broken object-level authorization (BOLA) vulnerability in Lovable, reported by a security researcher on March 3, 2025, that allowed anyone with a free account to access another user's profile, public projects, source code, and database credentials in as few as five API calls. The vulnerability remained open for 48 days after Lovable's bug bounty partner HackerOne closed the report without escalation.
Among the affected projects was one belonging to Connected Women in AI, a Danish nonprofit. Its exposed data contained real user records including names, job titles, LinkedIn profiles, and Stripe customer IDs, with records linked to individuals at Accenture Denmark and Copenhagen Business School, according to The Next Web.
In a separate February 2025 investigation by tech entrepreneur Taimur Khan, a single Lovable-hosted application was found to contain 16 vulnerabilities, six of them critical. One of those critical flaws involved inverted authentication logic that granted anonymous users full access while blocking authenticated users. That single app exposed 18,697 user records, including 4,538 student accounts from institutions including UC Berkeley and UC Davis, The Next Web reported.
Lovable's security record was further damaged in February 2026 when an update to the platform's permission management backend accidentally re-enabled access to chat histories for public projects created before December 2025. According to Halborn, Lovable initially described this as "intentional behavior" before later blaming its own documentation.
The Base44 Authentication Bypass and Broader Industry-Wide Findings
Lovable is not the only platform with documented critical failures. On July 9, 2025, Wiz Research discovered a critical authentication bypass vulnerability in Base44, a vibe coding platform recently acquired by Wix. The flaw allowed unauthorized users to register and access private applications by bypassing authentication systems including Single Sign-On (SSO). According to Wiz Research, exploitation required only basic API knowledge — specifically knowing a publicly accessible app_id value. The applications exposed included enterprise tools used for internal chatbots, knowledge bases, personally identifiable information (PII), and HR operations.
Wiz security researcher Gal Nagli described the mechanics plainly: "After confirming our email address, we could just login via the SSO within the application page, and successfully bypass the authentication. This vulnerability meant that private applications hosted on Base44 could be accessed without authorization." The vulnerability was patched within 24 hours, and Wix confirmed no evidence of exploitation in the wild.
The industry-wide scope of the problem is documented in research from Escape.tech, which analyzed over 5,600 publicly available vibe-coded applications and identified more than 2,000 vulnerabilities, over 400 exposed secrets including API keys and access tokens, and 175 instances of PII including medical records, IBANs, phone numbers, and emails. Their scan covered approximately 4,000 or more Lovable applications, 159 Base44 applications, and 449 Create.xyz applications, among others.
Wiz Research separately found that 20% of vibe-coded apps have serious vulnerabilities or configuration errors, according to a report cited by Kaspersky. A scan of 1,003 vibe-coded apps documented by DEV Community found that 7% of Lovable apps and 6% of Bolt apps have Supabase database tables with Row-Level Security left entirely open.
The problem extends beyond vibe coding platforms into AI-generated code more broadly. Veracode's 2025 GenAI Code Security report found that AI-generated code produced by 100 leading LLMs across 80 curated tasks was insecure 45% of the time, with no real improvement observed across newer or larger models, according to IT Pro. Meanwhile, GitGuardian counted 28.65 million hardcoded secrets in public GitHub repositories in 2025 — a 34% year-over-year increase — with AI services specifically seeing 1,275,105 leaked keys, up 81%.
Why This Is Happening: The Structural Failure of AI-Generated Security
Security researchers and platform executives have pointed to the same root cause: AI code generators optimize for functionality, not security, and the non-technical users building these apps typically have no way to know what they don't know.
Wiz co-founder and CTO Ami Luttwak framed the problem in terms of awareness: "When someone who is non-technical creates this amazing application, many times they don't think about security and they don't even know what's inside the application because they didn't even create it on their own." On the specific danger of internet exposure, Luttwak added: "What happens is that many times when people create those applications, they expose them to the internet, and that's the problem. As long as it runs on your own computer, it's risky, but at least it's not dangerous."
Wiz Research has identified four recurring security misconfigurations in vibe-coded applications: client-side authentication logic that can be bypassed by stripping authorization headers, hardcoded secrets exposed inside frontend JavaScript bundles, insecure data access policies such as missing or misconfigured RLS, and internal applications deployed publicly to the internet without any authentication layer.
Replit CEO Amjad Masad, whose own employees uncovered the Lovable vulnerability, offered a pointed take on where responsibility should lie: "Vibe coding has done wonders to democratize software development. We can't expect novice developers to audit low-level security configs. If a tool makes it easy to deploy an app, it should also make it hard to accidentally expose sensitive data."
Wiz's Gal Nagli drew the same conclusion from the Base44 investigation: "Our discovery highlights that fundamental controls, including proper authentication and secure API design, are paramount."
What Comes Next for Vibe Coding Security
The documented incidents have exposed a gap between how vibe coding platforms market themselves — as tools that empower anyone to build software — and the security infrastructure required to do that safely at scale. Lovable has faced three documented security incidents exposing source code, database credentials, and thousands of user records. Its CVE-2025-48757 was only published after the responsible disclosure window expired without meaningful action from the company. Base44's critical flaw was patched within 24 hours by Wix after acquisition, suggesting that enterprise ownership may accelerate security response — but also that the vulnerabilities were present before that ownership existed.
For individuals and organizations using these platforms, the documented failure modes suggest concrete questions worth asking before deploying any AI-generated application: Are database tables protected by properly configured Row-Level Security? Are API keys or credentials embedded anywhere in the frontend code? Is the application exposed to the public internet when it should require authentication? Has any security review — automated or manual — been conducted on the generated code?
None of these questions require deep technical expertise to ask. But as the research consistently shows, the platforms themselves have not made the answers easy to find — or the defaults safe enough to rely on.
For more tech news, visit our news section.
Why This Matters for Your Health and Productivity Data
Many of the applications built on vibe coding platforms handle sensitive personal information — from student records to medical data to financial credentials. If you use any app built on these platforms, your data may be more exposed than you realize. Staying informed about which tools handle your information securely is no longer optional — it's a core part of protecting your digital health. Join the Moccet waitlist to stay ahead of the curve.