Zero-Authorization API Flaw Exposed Schemata’s DoD Training Data Across Tenants
6 min. read 
Published on
A serious authorization flaw in Schemata’s API exposed sensitive military training data, user records, and direct file links across customer tenants. The issue affected Schemata, an AI virtual training company that works with defense and enterprise customers.
The bug allowed a low-privilege account to access data outside its own organization. In practical terms, the platform failed to check whether a user belonged to the tenant whose data they were requesting.
Access content across the globe at the highest speed rate.
70% of our readers choose Private Internet Access
70% of our readers choose ExpressVPN
Browse the web from multiple devices with industry-standard security protocols.
Faster dedicated servers for specific actions (currently at summer discounts)
Strix, an open-source AI security testing tool, found the issue while testing Schemata’s application. The researchers said the flaw exposed user lists, enrollment information, military base details, organization data, course metadata, and links to confidential training material.
What happened
Schemata builds AI-driven virtual training and simulation tools for defense and enterprise use. Its platform creates immersive 3D learning environments, AI-guided instruction, and training analytics for high-stakes work.
That made the API flaw especially sensitive. The vulnerable endpoints were tied to a platform that handled military training courses, service member data, and proprietary training content.
Strix said its agent started with a normal low-privilege account. It mapped reachable API endpoints, replayed requests, and found that the backend returned platform-wide data instead of limiting responses to the test account’s own tenant.
| Detail | What researchers reported |
|---|---|
| Company affected | Schemata |
| Platform type | AI-powered virtual training and simulation |
| Main issue | Missing tenant isolation and API authorization checks |
| Access needed | Low-privilege authenticated account |
| Data exposed | User records, enrollment data, base information, course data, and S3 file links |
| Patch status | Researchers said the issue was fixed before publication |
Why the flaw was so dangerous
This was a multi-tenant authorization failure. Multi-tenant platforms separate data between customers, organizations, agencies, or teams. When those checks fail, one user can sometimes view data belonging to everyone else.
According to Strix, the Schemata API returned global data from several endpoints. A user-listing endpoint exposed names, email addresses, enrollments, and the military bases where service members were stationed.
That information could support targeted phishing, identity profiling, harassment, or doxing. Military personnel data carries extra risk because attackers can use it to identify units, roles, locations, and relationships between people and organizations.
Training content was also exposed
The exposure did not stop at personal information. Researchers said course and organization endpoints leaked metadata and direct AWS S3 links to training documents.
The exposed materials reportedly included hundreds of military training files. Some related to naval maintenance training, while others involved Army field manuals and explosive ordnance procedures.
Even when documents do not qualify as classified, this type of material can still create operational security concerns. Training content can reveal procedures, equipment handling, maintenance steps, or internal readiness workflows.
- User names and email addresses
- Enrollment and training participation records
- Military base information
- Organization and course metadata
- Direct AWS S3 links to training material
- Proprietary 3D training content
- Military manuals and procedural documents
Write access raised the risk further
Strix also reported that some write-enabled routes lacked proper authorization checks. That means an attacker may not have been limited to reading sensitive data.
If abused, weak write controls could allow a malicious user to modify course content, alter training records, or delete material. In a defense training environment, that risk goes beyond privacy.
Training systems need strong integrity controls because personnel may rely on them to learn procedures, practice maintenance, and prepare for field tasks. Tampered content can mislead users or damage trust in the training platform.
The disclosure took months
Strix said it first reported the issue to Schemata on December 2, 2025. The researchers described the flaw as critical and sent follow-up messages after the initial disclosure.
The issue remained unresolved for months, according to the disclosure timeline. Schemata later acknowledged the exposed endpoints and patched the bug on May 1, 2026, after a final notice before publication.
The researchers said they verified the remediation. That means the specific cross-tenant access path they reported no longer worked after the fix.
| Date | Event |
|---|---|
| December 2, 2025 | Strix privately reported the vulnerability |
| Following months | Researchers sent follow-up warnings about the issue |
| May 1, 2026 | Schemata acknowledged the exposed endpoints and patched the flaw |
| After patch | Strix said it verified remediation |
Why this matters for defense contractors
Schemata’s own website describes its platform as a virtual training system for defense operators and enterprise teams. The company also highlights secure field operations, AI guidance, instructor analytics, and immersive 3D training.
Owl Ventures said in 2025 that Schemata had been awarded $3.4 million in Department of Defense contracts over the previous eight months. The same report said the company raised $5 million in seed funding.
Defense contractors face strict cybersecurity expectations when they handle federal contract information or controlled unclassified information. CMMC and NIST SP 800-171 both focus on protecting sensitive government-related data in nonfederal systems.
What affected customers should ask
The key question now is whether anyone accessed exposed data before the fix. A patch closes the vulnerability, but it does not answer what happened during the exposure window.
Customers should ask for access logs, tenant access reviews, S3 access history, and any evidence of unusual API activity. They should also ask whether affected users will receive formal notification.
For platforms that serve government or defense customers, authorization needs testing at every route. A login system does not protect data if the backend fails to check which tenant a user belongs to.
- How long were the vulnerable endpoints exposed?
- Did any unknown accounts access cross-tenant data?
- Were S3 file links accessed or downloaded?
- Were write-enabled routes abused?
- Were affected users and organizations notified?
- Were audit logs preserved for review?
- Has Schemata completed a third-party security review after the patch?
FAQ
Strix said Schemata patched the exposed endpoints on May 1, 2026, and the researchers verified the remediation.
It was an API authorization failure that allowed a low-privilege account to access data across tenants. The issue affected user records, training data, course metadata, and direct file links.
Yes. The reported issue involved a low-privilege authenticated account. The main failure was missing authorization and tenant isolation after login.
Researchers said the exposed data included names, emails, enrollment records, military base information, organization data, course metadata, and AWS S3 links to training materials.
Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more
Improve this guide
User forum
0 messages