Cybersecurity firm RedAccess identified more than 5,000 web applications built with AI-assisted development platforms Lovable, Replit, Base44, and Netlify carrying no authentication controls, leaving them open to anyone with the correct URL, according to RedAccess research published May 7, 2026.
Of 380,000 publicly accessible assets the firm examined, close to 2,000 appeared to expose genuine private data. WIRED independently verified multiple exposed applications were still live at the time of reporting.
Exposed apps included a hospital’s work assignments with doctor personally identifiable information (PII), a retailer’s chatbot logs with customer names and contact details, cargo records from a shipping company, and corporate strategy presentations. RedAccess cofounder Dor Zvi said researchers also found patient conversations from a children’s long-term care facility and incident response records from a security company.
RedAccess additionally found phishing sites built on Lovable and hosted on the platform’s own domain, impersonating Bank of America, Costco, FedEx, Trader Joe’s, and McDonald’s.
While Replit, Lovable, and Base44 pushed back on the findings, Netlify did not respond to requests for comment. Replit CEO Amjad Masad said on X that “public apps being accessible on the internet is expected behavior.”
A Lovable spokesperson said “how an app is configured is ultimately the creator’s responsibility.”
Replit launched Security Center 2.0, a vulnerability audit tool for deployed projects, on May 7, the same day WIRED published the findings. The platform did not indicate whether the tool addresses applications already publicly exposed.
Next up in our commitment to security: Security Center 2.0.
We’ve made it dramatically easier to understand your security posture across every Replit app you manage, and take action across all of them in bulk.
With Security Center 2.0, you can:
– Instantly identify risky apps
-… pic.twitter.com/hCuyn0hi7w— Replit ⠕ (@Replit) May 7, 2026
Zvi compared the pattern to the wave of misconfigured Amazon S3 storage buckets that previously left data from companies including Verizon accessible on the open web. “Anyone from your company at any moment can generate an app, and this is not going through any development cycle or any security check,” he said. “People can just start using it in production without asking anyone. And they do.”
