Comparison Overview
Affinity Health Plan

Affinity Health Plan
1776 Eastchester Road, Bronx, NY, US, 10461
Last Update: 20/03/2026
The mission of Affinity by Molina Healthcare (formerly Affinity Health Plan) is to improve the health and lives of its members by delivering high-quality health care. Affinity was acquired by Molina Healthcare of New York in 2021 and serves members in New York City as w...

Suncorp Group
80 Ann St, Brisbane, 4000, AU
Last Update: 02/04/2026
Suncorp offers insurance products and services through some of Australia and New Zealand’s most recognised brands. Our purpose is to build futures and protect what matters – the focus of our company for more than 100 years. With the passion of our people, and our por...
Compliance Ranges Comparison

Affinity Health Plan







Suncorp Group






Benchmark & Cyber Underwriting Signals
Incidents vs Insurance Industry Avg (This Year)
No incidents recorded for Affinity Health Plan in 2026.
Incidents vs Insurance Industry Avg (This Year)
No incidents recorded for Suncorp Group in 2026.
Incident History - Affinity Health Plan (X = Date, Y = Severity)
Affinity Health Plan cyber incidents detection timeline including parent company and subsidiaries.
Incident History - Suncorp Group (X = Date, Y = Severity)
Suncorp Group cyber incidents detection timeline including parent company and subsidiaries.
Notable Incidents

Affinity Health Plan

Suncorp Group
FAQ
Latest Global CVEs
Spinnaker is an open source, multi-cloud continuous delivery platform. Prior to versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 on their respective release lines, Kustomize bake operations allow unsafe YAML tag processing in rosco manifests. This can lead to remote code execution on rosco pods when performing Kustomize bakes. This issue is fixed in versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4.
- https://github.com/spinnaker/spinnaker/commit/2d75818b85cc4c35144d5e5ed45e7340fcab5dfe
- https://github.com/spinnaker/spinnaker/commit/bbc30c9b9034a056e95f012fa1b34e9fd703cae7
- https://github.com/spinnaker/spinnaker/commit/de5a7a05af35aee19eb71d289cd0b77f67509009
- https://github.com/spinnaker/spinnaker/commit/df32d568e82519d9f3896fc9007baba0077c87fd
- https://github.com/spinnaker/spinnaker/commit/f5cec213f8cf207843ed5a6929395960a1ca094f
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2025.3.4
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2025.4.4
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2026.0.3
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2026.1.1
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2026.2.0
- https://github.com/spinnaker/spinnaker/security/advisories/GHSA-p68j-q7hf-3qcp
Multiple connections to the backend using the same charging station ID are allowed, which could allow an attacker to deploy multiple instances of malicious OCPP clients to overwhelm the backend.
Previously, there was no throttling on repeated authentication attempts to the charging station backend, which could allow an attacker to execute a denial-of-service attack.
The charging station websocket endpoint accepts connections without proper authentication, which could lead to privilege escalation.
vulnerability in Drupal Commerce guest registration allows . This issue affects Commerce guest registration versions: *.*.