What is the official website of Audible ?

The official website of Audible is http://www.audible.com/about.

What is Audible's cybersecurity risk score?

Audible has an AI-generated cybersecurity risk score of 766 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Audible experienced?

According to Rankiteo, Audible currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Audible been affected by any supply chain cyber incidents ?

According to Rankiteo, Audible has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: npm, Inc. (Incident ID: ELAGITAMAOPENPM1780050263) Socket (Incident ID: AWSSOC1778833973) Braintrust (Incident ID: AMAUSE1778092688) Amazon Web Services (AWS) (Incident ID: LIMAMA1777312775) Vercel (Incident ID: AMAVERGITSTR1775204764) Amazon Web Services (AWS) (Incident ID: AMASTA1775118743) Aqua Security (Incident ID: AQUUSEAMASALCIS1775046662) Amazon Web Services (AWS) (Incident ID: EUR1774635987) Amazon Web Services (AWS) (Incident ID: SALAMAMICPINRED1774269319) NPM (Incident ID: GOOAMANPMGIT1773319158) Amazon Web Services (AWS) (Incident ID: RELLEX1772562253) Amazon Web Services (AWS) (Incident ID: EUR1774628727) Amazon (Incident ID: AMAAPPMIC1770935300) ConnectWise (Incident ID: SMASIMCONAMADAT1775551328) Cisco (Incident ID: CISSAI1773859283) Amazon (Incident ID: LASAMA1769009064) LinkedIn (Incident ID: LINAWS1766995316) Microsoft Security (Incident ID: AMAORAMIC1770695748) Amazon Web Services (AWS) (Incident ID: AMAAWS1770152164) Cisco (Incident ID: SAL5732257091825) Wiz (Incident ID: AMAWIZ1768515615) NPM (Incident ID: GOONPMORGGOVAPPMETTHEAWSTIKK7-1773672350) Fortinet (Incident ID: FORCISAMAJPM1767748297)

Does Audible have SOC 2 Type 1 certification ?

According to Rankiteo, Audible is not certified under SOC 2 Type 1.

Does Audible have SOC 2 Type 2 certification ?

According to Rankiteo, Audible does not hold a SOC 2 Type 2 certification.

Does Audible comply with GDPR ?

According to Rankiteo, Audible is not listed as GDPR compliant.

Does Audible have PCI DSS certification ?

According to Rankiteo, Audible does not currently maintain PCI DSS compliance.

Does Audible comply with HIPAA ?

According to Rankiteo, Audible is not compliant with HIPAA regulations.

Does Audible have ISO 27001 certification ?

According to Rankiteo,Audible is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Audible operate in ?

Audible operates primarily in the Software Development industry.

How many employees does Audible have ?

Audible employs approximately 3,308 people worldwide.

Does Audible own any subsidiaries ?

Audible presently has no subsidiaries across any sectors.

How many LinkedIn followers does Audible have ?

Audible's official LinkedIn profile has approximately 115,110 followers.

What is the NAICS classification code for Audible ?

Audible is classified under the NAICS code 5112, which corresponds to Software Publishers.

Does Audible have a Crunchbase profile ?

Yes, Audible has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/audible.

Does Audible have a LinkedIn profile ?

Yes, Audible maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/audible.

How many cybersecurity incidents has Audible experienced ?

As of June 16, 2026, Rankiteo reports that Audible has experienced 61 cybersecurity incidents.

How many peer or competitor companies does Audible have ?

Audible has an estimated 30,082 peer or competitor companies worldwide.

What types of cybersecurity incidents has Audible faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability, Data Leak, Ransomware, Breach and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Audible

Boost Score +25 with badge (5 left)

766

/1000

Fair

791

/1000

Fair

Audible Vendor Cyber Rating & Cyber Score

audible.com

cb in

Add Your Compliance Badge

Stories are transformative. They have the power to create new possibilities—for our lives, and for those around us. That’s why we work with some of the world’s greatest creators, producing Originals, audiobooks and podcasts that ignite imaginations and bring new ideas and voices to our millions of listeners around the globe each day. With this customer-centric approach to innovation, Audible has reinvented a media category and is the driving force behind the audio entertainment revolution.

Audible A.I CyberSecurity Scoring

Scoring History

Audible

Audible CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Amazon Web Services...

Cyber Attack

100

6/2026

GOOAMA178116664...

Amazon Web Services...

Cyber Attack

5/2026

npm, Inc.

ELAGITAMAOPENPM...

Amazon Science

Vulnerability

5/2026

OPEANTAMAXAI177...

AWS for Healthcare ...

Cyber Attack

5/2026

Socket

AWSSOC177883397...

Amazon Science

Breach

5/2026

Braintrust

AMAUSE177809268...

Amazon Web Services...

Cyber Attack

4/2026

Amazon Web Serv...

LIMAMA177731277...

Amazon

Cyber Attack

4/2026

ELFTEMCOUGRUAMA...

Amazon Web Services...

Cyber Attack

4/2026

Vercel

AMAVERGITSTR177...

Amazon Web Services...

Vulnerability

100

4/2026

Amazon Web Serv...

AMASTA177511874...

AWS Partners

Vulnerability

4/2026

AWSGITSTR177516...

Amazon Web Services...

Vulnerability

100

4/2026

Aqua Security

AQUUSEAMASALCIS...

Amazon Web Services...

Cyber Attack

3/2026

Amazon Web Serv...

EUR1774635987

Amazon Web Services...

Vulnerability

100

3/2026

Amazon Web Serv...

SALAMAMICPINRED...

Amazon Web Services...

Vulnerability

3/2026

AMA1773707045

Amazon Web Services...

Cyber Attack

3/2026

NPM

GOOAMANPMGIT177...

Amazon Web Services...

Vulnerability

3/2026

AMA1772792723

Amazon Web Services...

Cyber Attack

100

3/2026

AMA1772678135

Amazon Web Services...

Breach

100

3/2026

Amazon Web Serv...

RELLEX177256225...

Amazon

Cyber Attack

3/2026

AMA1775744757

Amazon Web Services...

Breach

3/2026

Amazon Web Serv...

EUR1774628727

Amazon

Vulnerability

100

2/2026

Amazon

AMAAPPMIC177093...

Amazon

Cyber Attack

2/2026

ConnectWise

SMASIMCONAMADAT...

Amazon

Breach

2/2026

AMA1770339008

Amazon

Cyber Attack

2/2026

AMAINSCOIGOOFLI...

Amazon

Cyber Attack

2/2026

AMA1773987972

AWS Partners

Breach

1/2026

AWSDIGOVH176978...

Amazon

Vulnerability

100

1/2026

Cisco

CISSAI177385928...

Amazon

Cyber Attack

1/2026

Amazon

LASAMA176900906...

AWS Databases & Ana...

Cyber Attack

1/2026

HUNAWS177273537...

Amazon Web Services...

Vulnerability

100

1/2026

GOOAMAOPEANT177...

AWS Partners

Cyber Attack

12/2025

LINAWS176699531...

Amazon Web Services...

Cyber Attack

100

12/2025

Microsoft Secur...

AMAORAMIC177069...

Amazon

Vulnerability

12/2025

AMAUNIGOOWAK176...

Amazon Web Services...

Cyber Attack

100

12/2025

KUBNVITENALIAMA...

Amazon Web Services...

Breach

100

11/2025

Amazon Web Serv...

AMAAWS177015216...

Amazon Web Services...

Cyber Attack

11/2025

AMA1765965358

Audible

Cyber Attack

100

10/2025

AMA023220210212...

Audible

Cyber Attack

9/2025

AMA409264009232...

AWS Partners

Cyber Attack

100

9/2025

Cisco

SAL573225709182...

Amazon Web Services...

Vulnerability

100

9/2025

Wiz

AMAWIZ176851561...

For Industries

Vulnerability

8/2025

NPM

GOONPMORGGOVAPP...

Audible

Cyber Attack

7/2025

RIN709072225

Audible

Vulnerability

6/2025

AMA505082225

Audible

Ransomware

100

5/2025

AMA503215011212...

Amazon Web Services...

Vulnerability

100

12/2024

Fortinet

FORCISAMAJPM176...

Audible

Vulnerability

8/2024

AMA000082124

Audible

Breach

7/2024

AMA000072524

Audible

Cyber Attack

100

6/2024

AMA190211910222...

Audible

Breach

09/2023

WHO04111223

Audible

Vulnerability

6/2023

AMA016210111072...

Audible

Data Leak

10/2021

TWI19174123

Amazon Web Services...

Cyber Attack

100

6/2021

AMA1768595116

Audible

Breach

100

01/2021

RIN01518622

Amazon Web Services...

Cyber Attack

100

6/2020

AMA1780793273

Audible

Data Leak

01/2020

AMA21461222

Audible

Data Leak

01/2020

RIN211261222

Audible

Data Leak

12/2019

RIN2178523

Amazon

Breach

6/2018

TIKAMA176901658...

Audible

Data Leak

02/2018

AMA350181223

Audible

Breach

3/2017

WHO631090125

Audible

Cyber Attack

01/2016

AMA0417522

Loading…

A.I.

Audible Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Audible

Incidents vs Software Development Industry Avg (This Year)

No incidents recorded for Audible in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Audible in 2026.

Incident Types Audible vs Software Development Industry Avg (This Year)

No incidents recorded for Audible in 2026.

Incident History - Audible (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Audible Subsidiaries

Audible

Software Development

Website: http://www.audible.com/about

Company Size: 3,308

AmazonSoftware Development

Amazon PharmacyRetail Pharmacies

TwitchSoftware Development

Twitch AdsInternet Publishing

Amazon Web Services (AWS)IT Services and IT Consulting

AWS for Retail and Consumer GoodsIT Services and IT Consulting

AWS AIIT Services and IT Consulting

AWS for TelecomIT Services and IT Consulting

AWS PartnersIT Services and IT Consulting

AWS Databases & AnalyticsIT Services and IT Consulting

AWS On AirTechnology, Information and Internet

AWS for AutomotiveIT Services and IT Consulting

KiroTechnology, Information and Internet

Artificial Intelligence Machine LearningIT Services and IT Consulting

AWS for M&ESoftware Development

AWS for Energy & UtilitiesIT Services and IT Consulting

AWS EventsIT Services and IT Consulting

Machine LearningIT Services and IT Consulting

AWS for Financial ServicesIT Services and IT Consulting

T VIT Services and IT Consulting

AWS SupportTechnology, Information and Internet

AWS ProductsTechnology, Information and Internet

AWS CareersIT Services and IT Consulting

AWS for Healthcare & Life SciencesIT Services and IT Consulting

For IndustriesIT Services and IT Consulting

Machine LearningIT Services and IT Consulting

AWS Training & CertificationIT Services and IT Consulting

AWS Executive InsightsInformation Technology & Services

Amazon re:MARSInformation Technology & Services

For TVIT Services and IT Consulting

AWS StartupsIT Services and IT Consulting

AWS DevelopersTechnology, Information and Internet

AWS for Aerospace & SatelliteIT Services and IT Consulting

Whole Foods MarketRetail

GoodreadsTechnology, Information and Internet

Souq.comTechnology, Information and Internet

Amazon Fulfillment Technologies & RoboticsSoftware Development

Amazon Lab126Computers and Electronics Manufacturing

Amazon BusinessRetail

Zappos Family of CompaniesRetail

RingComputers and Electronics Manufacturing

Amazon KeyTechnology, Information and Internet

IMDb.comEntertainment Providers

Amazon MusicEntertainment Providers

ShopbopRetail

CurseComputer Games

Annapurna LabsComputer Networking

Alexa.comTechnology, Information and Internet

Amazon Development Center PolandSoftware Development

AbeBooks, an Amazon companyTechnology, Information and Internet

CreateSpaceBook and Periodical Publishing

Amazon HelpRetail

Brilliance PublishingBook and Periodical Publishing

PerceiveSemiconductors

Comixology, an Amazon companyEntertainment

LOVEFiLMEntertainment Providers

AWS ThinkboxSoftware Development

Amazon | LiquavistaAppliances, Electrical, and Electronics Manufacturing

A9.comTechnology, Information and Internet

Woot, Inc.Retail

Quidsi Inc., a subsidiary of AmazonRetail

Wag.comManufacturing

YoYo.comConsumer Goods

BeautyBar.comRetail

Soap.comRetail

Casa.comRetail

Amazon AdsAdvertising Services

Amazon GamesEntertainment Providers

Amazon TodayTechnology, Information and Internet

Amazon PayTechnology, Information and Internet

Sell on AmazonTechnology, Information and Internet

Amazon AutosRetail Motor Vehicles

Amazon AssociatesTechnology, Information and Internet

Amazon Ads PartnersAdvertising Services

Amazon DesignInternet Publishing

Amazon CareersSoftware Development

Amazon KindleRetail

Amazon Alexa DevelopersComputers and Electronics Manufacturing

Amazon ScienceResearch Services

Amazon ClinicHospitals and Health Care

Amazon DeveloperConsumer Electronics

Amazon Fashion & SportsRetail Apparel and Fashion

Amazon LaunchpadInternet Publishing

Buy with PrimeInternet Publishing

Transportation, Shipping, & Logistics at AmazonTransportation, Logistics, Supply Chain and Storage

Fulfillment by AmazonWarehousing and Storage

Just Walk Out technologyRetail

Audible GmbHOnline Audio and Video Media

Loading…

Audible Similar Companies

VMware

cb broadcom.com

Broadcom's VMware software manages cloud complexity so customers can modernize infrastructure, accelerate app development, and protect workloads, wherever these reside. Our flagship cloud solutions provide the security and performance of private cloud combined with the scale and agility of public cloud. Modern app, edge infrastructure, and private AI products extend these capabilities, while security and disaster recovery help ensure that customers’ operations continue uninterrupted. From the data center to the cloud and apps to the edge, we help enterprises around the globe become more innovative, connected, resilient and secure.

Adobe

cb adobe.com

Adobe is the global leader in digital media and digital marketing solutions. Our creative, marketing and document solutions empower everyone – from emerging artists to global brands – to bring digital creations to life and deliver immersive, compelling experiences to the right person at the right moment for the best results. In short, Adobe is everywhere, and we’re changing the world through digital experiences.

OpenText

opentext.com

OpenText is a leading Cloud and AI company that provides organizations around the world with a comprehensive suite of Business AI, Business Clouds, and Business Technology. We help organizations grow, innovate, become more efficient and effective, and do so in a trusted and secure way—through Information Management. OpenText (NASDAQ/TSX: OTEX), founded in 1991 in Waterloo, has a rich history of helping customers manage their most important asset—information. Originating from a collaboration to digitize the Oxford English Dictionary, OpenText has grown into a global leader in information management. With over 120,000 enterprise customers across 180 countries, OpenText supports 98 of the top 100 global companies. A wide breadth of offerings uniquely positions OpenText to help customers unlock the value of that information using Al, cloud, and security innovations. At OpenText, our culture is at the heart of everything we do—and today, that includes being proudly AI-first. We’re creating a workplace where everyone can thrive, with artificial intelligence integrated into how we work, solve problems, and innovate together. By fostering a collaborative and inclusive environment, we empower digital knowledge workers and drive forward-thinking solutions that shape the future of information management. We believe our success comes from the strength of our team—talent that AI can’t replace—and we’re committed to attracting and supporting those who bring unique insight, adaptability, and creativity. Because at OpenText, people aren’t just our greatest asset—they’re the reason we shine in an AI-powered world. Join us at OpenText and become part of a team where your talents and ideas are truly valued.

ServiceNow

servicenow.com

ServiceNow (NYSE: NOW) makes the world work better for everyone. Our cloud-based platform and solutions help digitize and unify organizations so that they can find smarter, faster, better ways to make work flow. So employees and customers can be more connected, more innovative, and more agile. And we can all create the future we imagine. The world works with ServiceNow. For more information, visit www.servicenow.com.

Dassault Systèmes

3ds.com

Dassault Systèmes is a catalyst for human progress. Since 1981, the company has pioneered virtual worlds to improve real life for consumers, patients and citizens. With Dassault Systèmes’ 3DEXPERIENCE platform, 370,000 customers of all sizes, in all industries, can collaborate, imagine and create sustainable innovations that drive meaningful impact. For more information, visit: https://www.3ds.com

Microsoft

microsoft.com

Every company has a mission. What's ours? To empower every person and every organization to achieve more. We believe technology can and should be a force for good and that meaningful innovation contributes to a brighter world in the future and today. Our culture doesn’t just encourage curiosity; it embraces it. Each day we make progress together by showing up as our authentic selves. We show up with a learn-it-all mentality. We show up cheering on others, knowing their success doesn't diminish our own. We show up every day open to learning our own biases, changing our behavior, and inviting in differences. Because impact matters. Microsoft operates in 190 countries and is made up of approximately 228,000 passionate employees worldwide.

Wolt

wolt.com

Wolt is a Helsinki-based technology company with a mission to bring joy, simplicity and earnings to the neighborhoods of the world. Wolt develops a local commerce platform that connects people looking to order food, groceries, and other goods with people interested in selling and delivering them. Wolt was founded in 2014 and joined forces with DoorDash (NASDAQ: DASH) in 2022. Together, we operate in more than 30 countries today.

IGT

IGT.com

IGT is a leading global provider of gaming, digital and financial technology solutions, formed through the combination of International Game Technology PLC’s Gaming & Digital Business and Everi Holdings Inc. IGT’s offering spans gaming machines, game content and systems, iGaming, sports betting, cash access, loyalty and player engagement solutions, enabling it to deliver integrated, customer-centric experiences across land-based and digital environments. Organized into Gaming, Digital and FinTech business units, IGT drives innovation, efficiency and value for casino, digital and hospitality operators worldwide. The company is headquartered in Las Vegas.

Instagram

instagram.com

More than one billion people around the world use Instagram, and we’re proud to be bringing them closer to the people and things they love. Instagram inspires people to see the world differently, discover new interests, and express themselves. Since launching in 2010, our community has grown at a rapid pace. Our teams are growing fast, too, and we’re looking for talent across engineering, product management, design, research, analytics, technical program management, operations, and more. In addition to our headquarters in Menlo Park, we have thriving offices in New York City and San Francisco where teams are doing impactful work every day.

Loading…

NEWS

Audible CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 27, 2026 02:25 PM

SURGE COMPONENTS INC SEC 10-K Report

SURGE COMPONENTS INC, a key player in the electronic components industry, has released its annual Form 10-K report, showcasing significant...

Read Article

February 22, 2026 02:55 AM

Audible Launches 'Read & Listen' Syncing for Kindle Ebooks and Audiobooks

Audible, the Amazon-owned audiobook platform, has launched a new 'Read & Listen' feature that allows users to read Kindle ebooks while...

Read Article

January 16, 2026 08:00 AM

A riveting tale of cyber intrigue and personal redemption

EARLIER this month, listeners were treated to a new addition to the audio landscape with the release of The Hive, a stirring thriller...

Read Article

December 22, 2025 08:00 AM

A comprehensive list of 2025 tech layoffs

A complete list of all the known layoffs in tech, from Big Tech to startups, broken down by month throughout 2024 and 2025.

Read Article

November 24, 2025 08:00 AM

The SolarWinds dismissal: a reprieve, not a pardon

COMMENTARY: News last week that the SEC dismissed its case against SolarWinds and its CISO, Tim Brown, seemingly was met with an audible...

Read Article

October 23, 2025 07:00 AM

Researchers find a way to use a computer mouse for eavesdropping

Mic-E-Mouse: a theoretical attack that could allow eavesdropping on conversations in a room through a computer mouse's optical sensor.

Read Article

October 16, 2025 07:00 AM

Pro-Hamas hackers hijack airport screens and loudspeakers

A co-ordinated cyberattack breached PA and FIDS systems at three airports in Canada and one in the US, broadcasting chants and altering...

Read Article

October 16, 2025 07:00 AM

Deepfakes and Insurance Policy Hot Takes: Securing Coverage for AI Risks

In this episode of Don't Take No For An Answer, new Lowenstein partner Jeremy M. King joins host Lynda A. Bennett to discuss AI...

Read Article

October 04, 2025 07:00 AM

Motion sensors in high-performance mice can be used as a microphone to spy on users, thanks to AI — Mic-E-Mouse technique harnesses mouse sensors, converts acoustic vibrations into speech

A group of researchers from the University of California, Irvine, have developed a way to use the sensors in high-quality optical mice to...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-53430

SUMMARY

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Message modules) allows a denial of service via a gzip decompression bomb. This vulnerability is associated with program files lib/grpc/compressor/gzip.ex, lib/grpc/message.ex and program routines 'Elixir.GRPC.Compressor.Gzip':decompress/1, 'Elixir.GRPC.Message':from_data/2. 'Elixir.GRPC.Compressor.Gzip':decompress/1 calls :zlib.gunzip/1 directly on attacker-controlled bytes with no decompressed-size limit, ratio check, or incremental decoding. Because this module is the registered gzip GRPC.Compressor implementation, it is invoked automatically whenever an incoming gRPC frame carries the grpc-encoding: gzip header. :zlib.gunzip/1 allocates the entire decompressed result as a single binary, so a small highly compressible payload (for example a few kilobytes of zeros, which gzip compresses at roughly 1000:1) expands to multiple gigabytes inside a single call. The max_receive_message_length limit is enforced only against the already-decompressed message, so it provides no protection. An unauthenticated remote peer can send a single crafted frame to exhaust the BEAM node's heap and trigger an out-of-memory kill. This issue affects grpc: from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48854

SUMMARY

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BEAM's memory and crash the server by streaming a large or slow-trickle unary request body. 'Elixir.GRPC.Server.Adapters.Cowboy.Handler':read_full_body/3 (lib/grpc/server/adapters/cowboy/handler.ex) accumulates every received chunk into a single growing binary with no size cap. Additionally, when the client omits the grpc-timeout header, the per-chunk read timeout resolves to :infinity, allowing a slow-trickle client to keep the connection alive indefinitely while memory grows. A single connection is sufficient to exhaust server memory and crash the node. This issue affects grpc from 0.3.1 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48853

SUMMARY

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unauthenticated attackers to crash the BEAM node via atom table exhaustion and, when a decoded term flows into a call site that invokes it, achieve remote code execution on the server. 'Elixir.GRPC.Codec.Erlpack':decode/2 (lib/grpc/codec/erlpack.ex) calls :erlang.binary_to_term/1 on the raw gRPC message body without the :safe option, no size bound, and no type guard. Any unauthenticated peer that sends a request with Content-Type: application/grpc+erlpack can send a crafted payload that mints arbitrary new atoms (which are never garbage-collected, exhausting the bounded atom table and crashing the VM) or that encodes a fun term which, if applied anywhere downstream, executes attacker-controlled code inside the server process. This issue affects grpc from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 9.2

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48723

SUMMARY

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable to OS command injection via the cypress_config_file configuration parameter. In readCypressConfigUtil.js, the loadJsFile() function constructs a shell command by interpolating the user-controlled cypress_config_filepath value into a template literal, then executes it via child_process.execSync(). Shell metacharacters in the config path (specifically " and ;) allow breaking out of the quoted argument and injecting arbitrary commands. This issue has been fixed in version 1.36.6.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: 7.8)

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-48599

SUMMARY

Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. In 'Elixir.GRPC.Server.Transcode':map_request/5 (lib/grpc/server/transcode.ex), all three clauses use Map.merge/2 with path bindings as the first argument, giving them the lowest merge precedence. A request such as GET /users/me/profile?user_id=victim (or a POST with {"user_id": "victim"} when body: "*") yields a decoded protobuf struct where the path-bound field carries the attacker-supplied value rather than the router-extracted value. Any handler that uses the path-bound field for authorization, multi-tenancy scoping, or ownership checks is silently bypassed. This issue affects grpc from 0.8.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 7.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…