Growing security problem with "vibe coding" app and building tools | ecode10.com

Growing security problem with "vibe coding" app and building tools

Vibe coding refers to building apps by describing

Monday, May 11, 2026

Mauricio Junior SHARE

What “vibe coding” means

“Vibe coding” refers to building apps by describing what you want in natural language while AI generates much of the code. Platforms such as Replit, Netlify, Lovable, and Base44 make it possible for non-programmers to publish working web apps quickly.

The main issue

Researchers from RedAccess found a large number of publicly accessible AI-built apps exposed on the open web. According to recent reporting, about 380,000 public assets were identified, and roughly 5,000 contained sensitive corporate or personal information. Some exposed apps reportedly included medical records, financial information, internal business documents, customer conversations, and personally identifiable information.

Why this is happening

The problem is often configuration, not necessarily malicious hacking. Many people using these tools can create functional apps, but may not understand security basics like:

authentication and access controls
private vs public deployment settings
database permissions
API key protection
limiting search engine indexing

In several cases, apps were accessible simply because they were published publicly without strong restrictions.

Why the article matters

The bigger takeaway is that AI has made software creation much easier, but it has also made it easier to accidentally publish sensitive data at scale. Instead of a few experienced developers making isolated mistakes, large numbers of new users can now deploy apps very quickly, which multiplies exposure risk.