Schemata

Request a Demo

Please fill out the form below and we'll get back to you soon.

Uncheck if you do not want product news and updates from Schemata.

Back to Security

Security disclosure: notice and response (Updated May 22, 2026)

James Brown
James Brown
CEO

Originally posted May 6, 2026

Schemata is committed to building secure software for the customers we serve. This is an update to our May 6, 2026 disclosure regarding a vulnerability in our platform that was brought to our attention by a security researcher and patched the same day.

The vulnerability involved our API and could, under certain conditions, allow an authenticated user to access data belonging to other organizations on our platform. After we received actionable details from the security researcher and confirmed they appeared to be legitimate, our team remediated the issue the same day, and the researcher independently verified the fix before publishing their findings.

Since our initial post, we engaged outside counsel and a reputable third-party forensics firm to investigate. Based on the investigation to date, we have not identified any breach. We have no evidence that the vulnerability was exploited by any third party beyond the researcher's own testing, and no evidence of compromise or impact to customer data, including sensitive government information governed by DFARS 252.204-7012. We proactively reported the matter to the relevant government authorities and have been coordinating with them throughout. We have also been in direct contact with the customers most relevant to the disclosure.

We are continuing the security buildout we committed to in our initial post. That includes accelerating our timeline for third-party security certifications, expanding our internal security team with dedicated security engineering leadership, and establishing third-party penetration testing as an ongoing practice. We are also standing up a formal vulnerability disclosure program so that security researchers have a clear, supported channel to report findings to us.

We appreciate the security researcher who brought the original issue to our attention, and the broader research community that helps keep platforms like ours safe and accountable. We will continue to update this post as warranted.

For media inquiries, please contact press@schemata.com. For customer inquiries, please contact your account manager or security@schemata.com.

— James Brown, CEO, Schemata

Schemata

Experience the future of spatial intelligence

Home

FeaturesIn the ClassroomIn the FieldTestimonials

Company

CareersNewsSecurity

Community

Terms and Conditions

© Copyright 2026