Comparison Overview

Abri Group

VS

World Vision

Abri Group

Collins House, Eastleigh, GB
Last Update: 2026-01-03
View Profile
Between 700 and 749
https://www.abri.co.uk/

We’re Abri, a housing association based in the south of England. One of the largest in fact. We own own and manage more than 58,000 homes and various community assets, serving around 113,000 customers across the South of England. There aren’t enough homes for everyone who needs one. And we don’t think that’s right. So we build, own, look after and sell homes that people can afford. Including homes for affordable and social rent. And homes to buy through things like Shared Ownership and Help to Buy. We also have houses for market rent and sale too. And that’s not the half of it… Find out more about what we do on our website!

NAICS: 8135
NAICS Definition: Others
Employees: 902
Subsidiaries: 0
12-month incidents
1
Known data breaches
1
Attack type number
1
View Profile

World Vision

London, GB
Last Update: 2026-01-01
Between 800 and 849
http://www.wvi.org

World Vision is the largest child-focused private charity in the world. Our 33,000+ staff members working in nearly 100 countries have united with our incredible supporters to impact the lives of over 200 million vulnerable children by tackling the root causes of poverty. Through World Vision every 60 seconds…a family gets water…a hungry child is fed…a family receives the tools to overcome poverty. Motivated by our faith and guided by our deep experience and expertise, we are a Christian humanitarian, development and advocacy organisation devoted to improving the lives of children, families and their communities around the world and creating lasting impact that will live on in generations to come. We serve all people, regardless of religion, race, ethnicity, or gender.

NAICS: 8135
NAICS Definition: Others
Employees: 19,191
Subsidiaries: 5
12-month incidents
0
Known data breaches
0
Attack type number
0

Compliance Badges Comparison

Security & Compliance Standards Overview

https://images.rankiteo.com/companyimages/abri-group.jpeg
Abri Group
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
https://images.rankiteo.com/companyimages/worldvision.jpeg
World Vision
ISO 27001
ISO 27001 certification not verified
Not verified
SOC2 Type 1
SOC2 Type 1 certification not verified
Not verified
SOC2 Type 2
SOC2 Type 2 certification not verified
Not verified
GDPR
GDPR certification not verified
Not verified
PCI DSS
PCI DSS certification not verified
Not verified
HIPAA
HIPAA certification not verified
Not verified
Compliance Summary
Abri Group
100%
Compliance Rate
0/4 Standards Verified
World Vision
0%
Compliance Rate
0/4 Standards Verified

Benchmark & Cyber Underwriting Signals

Incidents vs Non-profit Organizations Industry Average (This Year)

Abri Group has 0.0% fewer incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs Non-profit Organizations Industry Average (This Year)

No incidents recorded for World Vision in 2026.

Incident History — Abri Group (X = Date, Y = Severity)

Abri Group cyber incidents detection timeline including parent company and subsidiaries

Incident History — World Vision (X = Date, Y = Severity)

World Vision cyber incidents detection timeline including parent company and subsidiaries

Notable Incidents

Last 3 Security & Risk Events by Company

https://images.rankiteo.com/companyimages/abri-group.jpeg
Abri Group
Incidents

Date Detected: 1/2026
Type:Breach
Blog: Blog
https://images.rankiteo.com/companyimages/worldvision.jpeg
World Vision
Incidents

No Incident

FAQ

World Vision company demonstrates a stronger AI Cybersecurity Score compared to Abri Group company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Abri Group company has historically faced a number of disclosed cyber incidents, whereas World Vision company has not reported any.

In the current year, Abri Group company has reported more cyber incidents than World Vision company.

Neither World Vision company nor Abri Group company has reported experiencing a ransomware attack publicly.

Abri Group company has disclosed at least one data breach, while the other World Vision company has not reported such incidents publicly.

Neither World Vision company nor Abri Group company has reported experiencing targeted cyberattacks publicly.

Neither Abri Group company nor World Vision company has reported experiencing or disclosing vulnerabilities publicly.

Neither Abri Group nor World Vision holds any compliance certifications.

Neither company holds any compliance certifications.

World Vision company has more subsidiaries worldwide compared to Abri Group company.

World Vision company employs more people globally than Abri Group company, reflecting its scale as a Non-profit Organizations.

Neither Abri Group nor World Vision holds SOC 2 Type 1 certification.

Neither Abri Group nor World Vision holds SOC 2 Type 2 certification.

Neither Abri Group nor World Vision holds ISO 27001 certification.

Neither Abri Group nor World Vision holds PCI DSS certification.

Neither Abri Group nor World Vision holds HIPAA certification.

Neither Abri Group nor World Vision holds GDPR certification.

Latest Global CVEs (Not Company-Specific)

Description

REDAXO is a PHP-based content management system. Prior to version 5.20.2, authenticated users with backup permissions can read arbitrary files within the webroot via path traversal in the Backup addon's file export functionality. The Backup addon does not validate the `EXPDIR` POST parameter against the UI-generated allowlist of permitted directories. An attacker can supply relative paths containing `../` sequences (or even absolute paths inside the document root) to include any readable file in the generated `.tar.gz` archive. Version 5.20.2 fixes this issue.

Published
Date
2026-01-07
Updated
Date
2026-01-07
Risk Information
cvss4
Base: 8.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

MONAI (Medical Open Network for AI) is an AI toolkit for health care imaging. In versions up to and including 1.5.1, a Path Traversal (Zip Slip) vulnerability exists in MONAI's `_download_from_ngc_private()` function. The function uses `zipfile.ZipFile.extractall()` without path validation, while other similar download functions in the same codebase properly use the existing `safe_extract_member()` function. Commit 4014c8475626f20f158921ae0cf98ed259ae4d59 fixes this issue.

Published
Date
2026-01-07
Updated
Date
2026-01-07
Risk Information
cvss3
Base: 5.3
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N
References
Description

axios4go is a Go HTTP client library. Prior to version 0.6.4, a race condition vulnerability exists in the shared HTTP client configuration. The global `defaultClient` is mutated during request execution without synchronization, directly modifying the shared `http.Client`'s `Transport`, `Timeout`, and `CheckRedirect` properties. Impacted applications include that that use axios4go with concurrent requests (multiple goroutines, `GetAsync`, `PostAsync`, etc.), those where different requests use different proxy configurations, and those that handle sensitive data (authentication credentials, tokens, API keys). Version 0.6.4 fixes this issue.

Published
Date
2026-01-07
Updated
Date
2026-01-07
Risk Information
cvss4
Base: 8.2
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description

pnpm is a package manager. Versions 6.25.0 through 10.26.2 have a Command Injection vulnerability when using environment variable substitution in .npmrc configuration files with tokenHelper settings. An attacker who can control environment variables during pnpm operations could achieve Remote Code Execution (RCE) in build environments. This issue is fixed in version 10.27.0.

Published
Date
2026-01-07
Updated
Date
2026-01-07
Risk Information
cvss3
Base: 7.5
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
References
Description

User interface (ui) misrepresentation of critical information in Microsoft Edge for Android allows an authorized attacker to perform spoofing over a network.

Published
Date
2026-01-07
Updated
Date
2026-01-07
Risk Information
cvss3
Base: 5.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
References