What is the official website of Amazon ?

The official website of Amazon is https://www.aboutamazon.com/.

What is Amazon's cybersecurity risk score?

Amazon has an AI-generated cybersecurity risk score of 796 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Amazon experienced?

According to Rankiteo, Amazon currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Amazon been affected by any supply chain cyber incidents ?

According to Rankiteo, Amazon has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: npm, Inc. (Incident ID: ELAGITAMAOPENPM1780050263) Socket (Incident ID: AWSSOC1778833973) Braintrust (Incident ID: AMAUSE1778092688) Amazon Web Services (AWS) (Incident ID: LIMAMA1777312775) Vercel (Incident ID: AMAVERGITSTR1775204764) Amazon Web Services (AWS) (Incident ID: AMASTA1775118743) Aqua Security (Incident ID: AQUUSEAMASALCIS1775046662) Amazon Web Services (AWS) (Incident ID: EUR1774635987) Amazon Web Services (AWS) (Incident ID: SALAMAMICPINRED1774269319) NPM (Incident ID: GOOAMANPMGIT1773319158) Amazon Web Services (AWS) (Incident ID: RELLEX1772562253) Amazon Web Services (AWS) (Incident ID: EUR1774628727) Amazon (Incident ID: AMAAPPMIC1770935300) ConnectWise (Incident ID: SMASIMCONAMADAT1775551328) Cisco (Incident ID: CISSAI1773859283) Amazon (Incident ID: LASAMA1769009064) LinkedIn (Incident ID: LINAWS1766995316) Microsoft Security (Incident ID: AMAORAMIC1770695748) Amazon Web Services (AWS) (Incident ID: AMAAWS1770152164) Cisco (Incident ID: SAL5732257091825) Wiz (Incident ID: AMAWIZ1768515615) NPM (Incident ID: GOONPMORGGOVAPPMETTHEAWSTIKK7-1773672350) Fortinet (Incident ID: FORCISAMAJPM1767748297)

Does Amazon have SOC 2 Type 1 certification ?

According to Rankiteo, Amazon is not certified under SOC 2 Type 1.

Does Amazon have SOC 2 Type 2 certification ?

According to Rankiteo, Amazon does not hold a SOC 2 Type 2 certification.

Does Amazon comply with GDPR ?

According to Rankiteo, Amazon is not listed as GDPR compliant.

Does Amazon have PCI DSS certification ?

According to Rankiteo, Amazon does not currently maintain PCI DSS compliance.

Does Amazon comply with HIPAA ?

According to Rankiteo, Amazon is not compliant with HIPAA regulations.

Does Amazon have ISO 27001 certification ?

According to Rankiteo,Amazon is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Amazon operate in ?

Amazon operates primarily in the Software Development industry.

How many employees does Amazon have ?

Amazon employs approximately 772,896 people worldwide.

Does Amazon own any subsidiaries ?

Amazon presently has no subsidiaries across any sectors.

How many LinkedIn followers does Amazon have ?

Amazon's official LinkedIn profile has approximately 35,933,128 followers.

What is the NAICS classification code for Amazon ?

Amazon is classified under the NAICS code 5112, which corresponds to Software Publishers.

Does Amazon have a Crunchbase profile ?

Yes, Amazon has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/amazon.

Does Amazon have a LinkedIn profile ?

Yes, Amazon maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/amazon.

How many cybersecurity incidents has Amazon experienced ?

As of June 12, 2026, Rankiteo reports that Amazon has experienced 62 cybersecurity incidents.

How many peer or competitor companies does Amazon have ?

Amazon has an estimated 30,069 peer or competitor companies worldwide.

What types of cybersecurity incidents has Amazon faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach, Cyber Attack, Ransomware, Vulnerability and Data Leak.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Amazon

Boost Score +25 with badge (5 left)

796

/1000

Fair

821

/1000

Good

Amazon Vendor Cyber Rating & Cyber Score

aboutamazon.com

cb in

Add Your Compliance Badge

Amazon is guided by four principles: customer obsession rather than competitor focus, passion for invention, commitment to operational excellence, and long-term thinking. We are driven by the excitement of building technologies, inventing products, and providing services that change lives. We embrace new ways of doing things, make decisions quickly, and are not afraid to fail. We have the scope and capabilities of a large company, and the spirit and heart of a small one. Together, Amazonians research and develop new technologies from Amazon Web Services to Alexa on behalf of our customers: shoppers, sellers, content creators, and developers around the world. Our mission is to be Earth's most customer-centric company. Our actions, goals,

Amazon A.I CyberSecurity Scoring

Scoring History

Amazon

Amazon CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Amazon Web Services...

Cyber Attack

100

6/2026

GOOAMA178116664...

Amazon Web Services...

Cyber Attack

5/2026

npm, Inc.

ELAGITAMAOPENPM...

Amazon Science

Vulnerability

5/2026

OPEANTAMAXAI177...

AWS for Healthcare ...

Cyber Attack

5/2026

Socket

AWSSOC177883397...

Amazon Science

Breach

5/2026

Braintrust

AMAUSE177809268...

Amazon Web Services...

Cyber Attack

4/2026

Amazon Web Serv...

LIMAMA177731277...

Amazon

Cyber Attack

4/2026

ELFTEMCOUGRUAMA...

Amazon Web Services...

Cyber Attack

4/2026

Vercel

AMAVERGITSTR177...

Amazon Web Services...

Vulnerability

100

4/2026

Amazon Web Serv...

AMASTA177511874...

AWS Partners

Vulnerability

4/2026

AWSGITSTR177516...

Amazon Web Services...

Vulnerability

100

4/2026

Aqua Security

AQUUSEAMASALCIS...

Amazon Web Services...

Cyber Attack

3/2026

Amazon Web Serv...

EUR1774635987

Amazon Web Services...

Vulnerability

100

3/2026

Amazon Web Serv...

SALAMAMICPINRED...

Amazon Web Services...

Vulnerability

3/2026

AMA1773707045

Amazon Web Services...

Cyber Attack

3/2026

NPM

GOOAMANPMGIT177...

Amazon Web Services...

Vulnerability

3/2026

AMA1772792723

Amazon Web Services...

Cyber Attack

100

3/2026

AMA1772678135

Amazon Quick

Vulnerability

3/2026

AMA1778761660

Amazon Web Services...

Breach

100

3/2026

Amazon Web Serv...

RELLEX177256225...

Amazon

Cyber Attack

3/2026

AMA1775744757

Amazon Web Services...

Breach

3/2026

Amazon Web Serv...

EUR1774628727

Amazon

Vulnerability

100

2/2026

Amazon

AMAAPPMIC177093...

Amazon

Cyber Attack

2/2026

ConnectWise

SMASIMCONAMADAT...

Amazon

Breach

2/2026

AMA1770339008

Amazon

Cyber Attack

2/2026

AMAINSCOIGOOFLI...

Amazon

Cyber Attack

2/2026

AMA1773987972

AWS Partners

Breach

1/2026

AWSDIGOVH176978...

Amazon

Vulnerability

100

1/2026

Cisco

CISSAI177385928...

Amazon

Cyber Attack

1/2026

Amazon

LASAMA176900906...

AWS Databases & Ana...

Cyber Attack

1/2026

HUNAWS177273537...

Amazon Web Services...

Vulnerability

100

1/2026

GOOAMAOPEANT177...

AWS Partners

Cyber Attack

12/2025

LINAWS176699531...

Amazon Web Services...

Cyber Attack

100

12/2025

Microsoft Secur...

AMAORAMIC177069...

Amazon

Vulnerability

12/2025

AMAUNIGOOWAK176...

Amazon Web Services...

Cyber Attack

100

12/2025

KUBNVITENALIAMA...

Amazon Web Services...

Breach

100

11/2025

Amazon Web Serv...

AMAAWS177015216...

Amazon Web Services...

Cyber Attack

11/2025

AMA1765965358

Amazon

Cyber Attack

100

10/2025

AMA023220210212...

Amazon

Cyber Attack

9/2025

AMA409264009232...

AWS Partners

Cyber Attack

100

9/2025

Cisco

SAL573225709182...

Amazon Web Services...

Vulnerability

100

9/2025

Wiz

AMAWIZ176851561...

For Industries

Vulnerability

8/2025

NPM

GOONPMORGGOVAPP...

Amazon

Cyber Attack

7/2025

RIN709072225

Amazon

Vulnerability

6/2025

AMA505082225

Amazon

Ransomware

100

5/2025

AMA503215011212...

Amazon Web Services...

Vulnerability

100

12/2024

Fortinet

FORCISAMAJPM176...

Amazon

Vulnerability

8/2024

AMA000082124

Amazon

Breach

7/2024

AMA000072524

Amazon

Cyber Attack

100

6/2024

AMA190211910222...

Amazon

Breach

09/2023

WHO04111223

Amazon

Vulnerability

6/2023

AMA016210111072...

Amazon

Data Leak

10/2021

TWI19174123

Amazon Web Services...

Cyber Attack

100

6/2021

AMA1768595116

Amazon

Breach

100

01/2021

RIN01518622

Amazon Web Services...

Cyber Attack

100

6/2020

AMA1780793273

Amazon

Data Leak

01/2020

AMA21461222

Amazon

Data Leak

01/2020

RIN211261222

Amazon

Data Leak

12/2019

RIN2178523

Amazon

Breach

6/2018

TIKAMA176901658...

Amazon

Data Leak

02/2018

AMA350181223

Amazon

Breach

3/2017

WHO631090125

Amazon

Cyber Attack

01/2016

AMA0417522

Loading…

A.I.

Amazon Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Amazon

Incidents vs Software Development Industry Avg (This Year)

Amazon has 741.12% more incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs All-Companies Average (This Year)

Amazon has 733.33% more incidents than the average of all companies with at least one recorded incident.

Incident Types Amazon vs Software Development Industry Avg (This Year)

Amazon reported 9 incidents this year: 6 cyber attacks, 0 ransomware, 2 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.

Incident History - Amazon (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Amazon Subsidiaries

Amazon

Software Development

Website: https://www.aboutamazon.com/

Company Size: 10,001+ employees

Amazon Web Services (AWS)IT Services and IT Consulting

AWS for Retail and Consumer GoodsIT Services and IT Consulting

AWS AIIT Services and IT Consulting

AWS for TelecomIT Services and IT Consulting

AWS On AirTechnology, Information and Internet

AWS PartnersIT Services and IT Consulting

AWS Databases & AnalyticsIT Services and IT Consulting

Artificial Intelligence Machine LearningIT Services and IT Consulting

AWS EventsIT Services and IT Consulting

AWS for AutomotiveIT Services and IT Consulting

AWS for M&ESoftware Development

AWS for Energy & UtilitiesIT Services and IT Consulting

AWS CareersIT Services and IT Consulting

AWS for Healthcare & Life SciencesIT Services and IT Consulting

KiroTechnology, Information and Internet

AWS SupportTechnology, Information and Internet

AWS for Financial ServicesIT Services and IT Consulting

Machine LearningIT Services and IT Consulting

AWS NewsroomTechnology, Information and Internet

Amazon QuickTechnology, Information and Internet

Amazon Quick SuiteTechnology, Information and Internet

AWS JapanIT Services and IT Consulting

AWS for Aerospace & SatelliteIT Services and IT Consulting

T VIT Services and IT Consulting

For IndustriesIT Services and IT Consulting

AWS for ManufacturingIT Services and IT Consulting

Machine LearningIT Services and IT Consulting

Amazon re:MARSInformation Technology & Services

AWS StartupsIT Services and IT Consulting

For TVIT Services and IT Consulting

AWS DevelopersTechnology, Information and Internet

AWS ProductsTechnology, Information and Internet

AWS Executive InsightsInformation Technology & Services

AWS Training & CertificationIT Services and IT Consulting

Whole Foods MarketRetail

TwitchSoftware Development

Twitch AdsInternet Publishing

Amazon AdsAdvertising Services

Amazon NewsRetail

Amazon ScienceResearch Services

Loading…

Amazon Similar Companies

Xiaomi Technology

cb mi.com

Xiaomi Corporation was founded in April 2010 and listed on the Main Board of the Hong Kong Stock Exchange on July 9, 2018 (1810.HK). Xiaomi is a consumer electronics and smart manufacturing company with smartphones and smart hardware connected by an IoT platform at its core. Embracing our vision of “Make friends with users and be the coolest company in the users’ hearts”, Xiaomi continuously pursues innovations, high-quality user experience and operational efficiency. The company relentlessly builds amazing products with honest prices to let everyone in the world enjoy a better life through innovative technology. Xiaomi is one of the world's leading smartphone companies. The company has also established the world’s leading consumer AIoT (AI+IoT) platform,reached 558 million smart devices connected to its platform (excluding smartphones,laptops and tablets) as of September 30 2022. Xiaomi products are present in more than 100 countries and regions around the world. In August 2022, Xiaomi was included in the Fortune Global 500 list for the fourth year in a row, ranking 266th. The company is the fastest-rising Chinese technology conglomerate during the four-year period. Xiaomi is a constituent of the Hang Seng Index, Hang Seng China Enterprises Index, Hang Seng TECH Index and Hang Seng China 50 Index.

GoTo Group

cb gotocompany.com

GoTo is the largest technology group in Indonesia, combining on-demand and financial services through the Gojek and GoTo Financial brands. It is the first platform in Southeast Asia to host these two essential use cases in one ecosystem, capturing a majority of Indonesian consumer household expenditure. GoTo’s mission is to “Empower Progress” by offering an unparalleled selection of goods and services through a comprehensive merchant and partner network and promoting financial inclusion through its leading payments and financial services business.

Snowflake

snowflake.com

Snowflake delivers the AI Data Cloud — a global network where thousands of organizations mobilize data with near-unlimited scale, concurrency, and performance. Inside the AI Data Cloud, organizations unite their siloed data, easily discover and securely share governed data, and execute diverse analytic workloads. Wherever data or users live, Snowflake delivers a single and seamless experience across multiple public clouds. Snowflake’s platform is the engine that powers and provides access to the AI Data Cloud, creating a solution for data warehousing, data lakes, data engineering, data science, data application development, and data sharing. Join Snowflake customers, partners, and data providers already taking their businesses to new frontiers in the AI Data Cloud.

Autodesk

autodesk.com

Autodesk is changing how the world is designed and made. Our technology spans architecture, engineering, construction, product design, manufacturing, and media and entertainment. We empower innovators everywhere to solve challenges, big and small. From greener buildings to smarter products and more mesmerizing blockbusters, Autodesk software helps our customers design and make a better world for all. Over 100 million people use Autodesk software, like AutoCAD, Revit, Maya, 3ds Max, Fusion 360, SketchBook, and more, to unlock their creativity and solve important design, business, and environmental challenges. Our software runs on both personal computers and mobile devices. It taps the infinite computing power of the cloud to help teams around the world collaborate, design, simulate, and fabricate their ideas in 3D. We provide exceptional compensation and benefit packages, and we’d love for you to join us. We’re proud to be an equal opportunity employer, and we consider all qualiﬁed applicants without regard to race, gender, disability, veteran status, or other protected category. To see our culture in action, check out #AutodeskLife. We are headquartered in the San Francisco Bay Area and have over 10,000 employees worldwide.

Walmart Global Tech

walmart.com

Walmart has a long history of transforming retail and using technology to deliver innovations that improve how the world shops and empower our 2.1 million associates. It began with Sam Walton and continues today with Global Tech associates working together to power Walmart and lead the next retail disruption. Our world-class software engineers, data scientists and engineers, cybersecurity professionals, product managers and business service professionals work with top talent on cutting-edge technologies that create unique and innovative experiences for our associates, customers and members across Walmart, Sam’s Club and Walmart International. At Walmart Global Tech, one line of code or bold idea can make life easier for hundreds of millions of people – talk about epic impact at a global scale.

ByteDance

bytedance.com

ByteDance is a global incubator of platforms at the cutting edge of commerce, content, entertainment and enterprise services - over 2.5bn people interact with ByteDance products including TikTok. Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. At ByteDance, we create together and grow together. That's how we drive impact - for ourselves, our company, and the users we serve. We are committed to building a safe, healthy and positive online environment for all our users. We have over 110,000 employees based in more than 30 countries globally. Join us.

PhonePe

cb phonepe.com

PhonePe Group is India’s leading fintech company, proudly recognized as India’s #1 Trusted Digital Payments* Brand for three consecutive years. Our flagship product, the PhonePe app was launched in August 2016, has rapidly become the preferred consumer payments app in India. In just eight years, PhonePe has gained over 57 crore + registered users and established a digital payments acceptance network of over 4 crore+ merchants spread across Tier 2,3 cites and beyond, covering 99% of the postal codes in the country. Building on our leadership in digital payments, PhonePe Group has expanded into financial services—including insurance, lending, and wealth management—along with new consumer tech ventures such as Pincode, a hyperlocal ecommerce platform, Indus App Store - India’s first localized app store, and Share.Market- A wealth and investment platform (app & website), catering to investors and traders needs. Headquartered in India, PhonePe Group aligns its diverse portfolio of businesses with our vision We're committed to empowering every Indian by unlocking the flow of money and providing equal access to easy & secure payments and financial services.

Amdocs

cb amdocs.com

Who are we? Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers’ innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our employees around the globe are here to accelerate service providers’ migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $5.00 billion in fiscal 2024. For more information, visit http://www.amdocs.com/ At Amdocs, our mission is to empower our employees to 'Live Amazing, Do Amazing' every day. We believe in creating a workplace where you not only excel professionally but also thrive personally. Through our culture of making a real impact, fostering growth, embracing flexibility, and building connections, we enable them to live meaningful lives while making a difference in the world.

DiDi

didiglobal.com

DiDi Global Inc. is a leading mobility technology platform. It offers a wide range of app-based services across Asia Pacific, Latin America, and other global markets, including ride hailing, taxi hailing, designated driving, hitch and other forms of shared mobility as well as certain energy and vehicle services, food delivery, and intra-city freight services. DiDi provides car owners, drivers, and delivery partners with flexible work and income opportunities. It is committed to collaborating with policymakers, the taxi industry, the automobile industry, and the communities to solve the world’s transportation, environmental, and employment challenges through the use of AI technology and localized smart transportation innovations. DiDi strives to create better life experiences and greater social value, by building a safe, inclusive, and sustainable transportation and local services ecosystem for cities of the future.

Loading…

NEWS

Amazon CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

May 22, 2026 02:37 PM

Kaspersky Warns: Phishers are Hijacking Amazon SES Accounts to Bypass Spam Filters

Kaspersky has detected phishing and business email compromise (BEC) attacks that are leveraging Amazon Simple Email Service (SES) – a...

Read Article

May 19, 2026 01:40 PM

Dow rallies after Trump halts Iran attack; expert eyes Amazon, cybersecurity

Gradient Investments senior portfolio manager Keith Gangl discusses market volatility, resilient company earnings, and his top stock picks,...

Read Article

May 14, 2026 03:26 PM

Amazon Quick Bug Exposed AI Chat Agents to Users Blocked by Custom Permissions

Researchers found an auth bypass in Amazon Q AI Chat Agents that let blocked users access enterprise AI tools.

Read Article

May 06, 2026 07:00 AM

Amazon Infrastructure Weaponized As Compromised Credentials Used In Attacks

Cybercriminals are using compromised Amazon credentials to launch attacks that leverage infrastructure trusted by users and security systems...

Read Article

May 04, 2026 07:00 AM

Amazon (AMZN) Embraces New Cybersecurity Standards for Defense C

AWS's proactive approach to adapt its services to meet these new standards positions it as a key player in the cybersecurity space, especially...

Read Article

April 24, 2026 07:00 AM

Amazon Leo Routers Exempt from FCC Ban

WASHINGTON, April 24, 2026 – Federal regulators exempted an Amazon subsidiary from its ban on foreign-made Wi-Fi routers Wednesday.

Read Article

April 23, 2026 03:36 PM

Nvidia, Amazon, Apple partner with Anthropic on AI cybersecurity effort — here’s what Project Glasswing is about

Anthropic on Tuesday announced that it has launched 'Project Glasswing,' a new cybersecurity initiative alongside major technology companies including Nvidia...

Read Article

April 21, 2026 07:00 AM

Anthropic Secures $5B From Amazon While NSA Quietly Uses Its Restricted Cybersecurity AI

The NSA's use of Mythos sits awkwardly alongside an ongoing Pentagon legal dispute, in which the Department of Defense has labelled Anthropic a...

Read Article

April 16, 2026 07:00 AM

Quick exit: Reston cybersecurity startup acquired less than a year after its launch

Less than a year after emerging from stealth, a Reston-based startup founded by former Amazon executives has been acquired by one of the...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-47238

SUMMARY

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #133, a normal authenticated user can edit another user's video subtitles because of a lack of authorization. They can upload subtitles, edit their name or delete them. This issue has been patched in version 5.5.3 - #133.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: 6.5)

cvss3

Base Score: 6.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Impact Score

2.5

Exploitability

3.9

REFERENCES

https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-x468-whmw-c863

CVE-2026-45418

SUMMARY

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #132, any authenticated user who can upload videos can add multiple subtitles from different files and change their title (English, Spanish...). The POST /actions/subtitle_edit.php request used to change their title includes a number parameter which is vulnerable to SQL Injection. A boolean-based blind SQL injection can be used to exfiltrate sensitive data. This issue has been patched in version 5.5.3 - #132.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

2.8

REFERENCES

https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-q233-m544-6jqr

CVE-2026-45060

SUMMARY

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #129, the actions/progress_video.php endpoint is vulnerable to blind SQL injection. Any unauthenticated user can exploit the ids parameter to execute SQL queries and exfiltrate sensitive data. This issue has been patched in version 5.5.3 - #129.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

3.9

REFERENCES

https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-wpq3-gxx7-c76h

CVE-2026-42846

SUMMARY

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.3 - #140, ClipBucket's Remote Play feature allows any authenticated user to add a video by importing an external URL as the source. Some shell commands are run with the URL as a parameter. The URL is concatenated directly into shell commands without escaping then executed, so any shell metacharacter in the URL is interpreted. This results in arbitrary command execution. This issue has been patched in version 5.5.3 - #140.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

3.9

REFERENCES

https://github.com/MacWarrior/clipbucket-v5/security/advisories/GHSA-hvfx-hxmr-28c7

CVE-2026-6250

SUMMARY

An authenticated format string vulnerability exists in the ONVIF service of Tapo C110 v2 due to improper handling of user-controlled input. Externally controlled data is interpreted as a format string, which can be used to manipulate stack memory, including control flow data such as return addresses. A remote authenticated attacker may redirect execution flow to existing internal functions, triggering an unauthorized factory reset, leading to loss of configuration, deletion of stored credentials and service disruption.

Published

Date2026-06-11

Updated

Date2026-06-11

RISK INFORMATION (Score: )

cvss4

Base Score: 7.0

Complexity: LOW

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…