Avast
Company Details
Linkedin ID:
avast
Website:
Employees number:
881
Number of followers:
42,334
NAICS:
541514
Industry Type:
Homepage:
avast.com
IP Addresses:
1347
Company ID:
AVA_1261706
Scan Status:
Completed
Avast Company CyberSecurity Posture
avast.com
Cybersecurity • Business Security • Security Software • Mobile Security Avast is part of Gen™—a global company dedicated to powering Digital Freedom through a family of trusted consumer brands. (NortonLifeLock and Avast have merged and are now Gen™). We strive to give everyone the power to explore our shared digital world freely and safely. Our team is working to help shape the digital world to be a freer, fairer and safer place through the application of science, technology and human ingenuity, and we are looking for people who share our passion to contribute to a better online world. Avast safeguards more than 435 million people worldwide, protecting their digital data, identity, and privacy. Avast is always looking for creative and innovative people to join our team. We have offices in the Czech Republic, USA, and Europe. https://www.avast.com/careers Website: https://www.avast.com User forum: https://forum.avast.com/ Blog: https://blog.avast.com/ Facebook: https://www.facebook.com/avast Twitter: https://twitter.com/avast_antivirus YouTube: https://www.youtube.com/avast
Avast A.I CyberSecurity Scoring
Avast Risk Score (AI oriented)Between 700 and 749
Avast
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Avast Global Score (TPRM)XXXX
Avast
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Avast Company CyberSecurity News & History
Past Incidents
7
Attack Types
4
Avast
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: In May 2014, the Avast anti-virus forum was hacked and 423k member records were exposed online. The Simple Machines Based forum included usernames, email addresses and password hashes of about 422,959 individuals.
Avast
Ransomware
Rankiteo Explanation
Attack threatening the organization’s existence
Description: Avast successfully developed a decryptor for the DoNex ransomware family, identifying a flaw that allowed victims to recover their files without charge. Previously known as Muse and DarkRace, DoNex, which emerged in April 2022, targeted individuals and organizations, causing disruptions mainly in the US, Italy, and Belgium. By encrypting files with a ChaCha20 symmetric key and further securing the symmetric file key with RSA-4096 encryption, the ransomware demanded a ransom for file decryption. Avast’s decryptor has been distributed in secrecy since March 2024, in collaboration with law enforcement, to avoid alerting the ransomware authors. The company also provided the public with Indicators of Compromise to help identify and mitigate this security threat.
Avast
Vulnerability
Rankiteo Explanation
Attack threatening the organization’s existence
Description: A malware campaign has been discovered targeting systems using a vulnerable Avast Anti-Rootkit driver. This driver allowed malware to disable security tools and assume control over the system. The compromise affected various security products from multiple companies, with the malware utilizing kernel-level access to terminate security processes. Organizations were advised to instate protections against BYOVD (Bring Your Own Vulnerable Driver) tactics, which use legitimate but compromised drivers to evade detection. Indicators of compromise have been provided to assist in thwarting such attacks, highlighting the importance of protecting systems against kernel-level threats posed by flawed security drivers.
Gen™
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Gen Digital claimed to have been a victim of a cyberattack, and threat actors had taken advantage of the recently discovered MOVEit Transfer vulnerability CVE-2023-34362. The business acknowledged that threat actors had access to employee personal data. Names, residences, dates of birth, and corporate email addresses are among the data that have been exposed. The business informed the concerned third parties as well as the data protection authorities.
NortonLifeLock Inc.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The Vermont Office of the Attorney General reported on January 9, 2023, that NortonLifeLock Gen Digital experienced a data breach, where unauthorized third parties likely accessed customer usernames and passwords for accounts created before December 1, 2022. The breach began around December 1, 2022, and potentially exposed customer first names, last names, phone numbers, and mailing addresses. The number of affected individuals is currently unknown.
NortonLifeLock
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Gen Digital, previously Symantec Corporation, and NortonLifeLock, alerted its clients to the fact that threat actors had compromised Norton Password Manager accounts through credential-stuffing assaults. The company stated that while none of its systems had been penetrated, the attack may have utilized credentials that came from another source. NortonLifeLock has not yet made public how many customers are affected. Threat actors could have accessed Password Manager accounts and seen information such as first and last names, phone numbers, and mailing addresses. NortonLifeLock has announced the adoption of additional security measures for the affected accounts and reset Norton passwords on those accounts in response to the incident.
NortonLifeLock
Vulnerability
Rankiteo Explanation
Attack limited on finance or reputation
Description: Identity theft protection firm LifeLock have exposed customers to additional attacks from ID thieves and phishers. The company just fixed a vulnerability on its site that allowed anyone with a Web browser to index email addresses associated with millions of customer accounts, or to unsubscribe users from all communications from the company.
Avast Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Avast
Incidents vs Computer and Network Security Industry Average (This Year)
No incidents recorded for Avast in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Avast in 2025.
Incident Types Avast vs Computer and Network Security Industry Avg (This Year)
No incidents recorded for Avast in 2025.
Incident History — Avast (X = Date, Y = Severity)
Avast cyber incidents detection timeline including parent company and subsidiaries
Avast Company Subsidiaries
Cybersecurity • Business Security • Security Software • Mobile Security Avast is part of Gen™—a global company dedicated to powering Digital Freedom through a family of trusted consumer brands. (NortonLifeLock and Avast have merged and are now Gen™). We strive to give everyone the power to explore our shared digital world freely and safely. Our team is working to help shape the digital world to be a freer, fairer and safer place through the application of science, technology and human ingenuity, and we are looking for people who share our passion to contribute to a better online world. Avast safeguards more than 435 million people worldwide, protecting their digital data, identity, and privacy. Avast is always looking for creative and innovative people to join our team. We have offices in the Czech Republic, USA, and Europe. https://www.avast.com/careers Website: https://www.avast.com User forum: https://forum.avast.com/ Blog: https://blog.avast.com/ Facebook: https://www.facebook.com/avast Twitter: https://twitter.com/avast_antivirus YouTube: https://www.youtube.com/avast
Loading...
Avast Similar Companies
CrowdStrike
CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk — endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-clas
Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest s
.png)
Avast CyberSecurity News
November 26, 2025 06:11 PM
The Best Free Antivirus Software We've Tested for 2025
Microsoft Defender isn't bad, but it's not enough to fully protect your PC. You don't have to pay extra, though—just use one of the top free...
November 26, 2025 09:37 AM
We've tested the best antivirus software to protect your computer and these are the 6 we recommend
Protect your computer and smartphone right now without breaking the bank — one of the best antivirus apps is even free!
November 24, 2025 05:50 PM
Avast’s AI Scam Shield Goes Free: Battling Phishing in a Hybrid World
In a bold move to democratize advanced cybersecurity, Avast has rolled out Scam Guardian as a free, AI-powered tool worldwide, targeting the...
November 21, 2025 05:17 PM
Best Free Antivirus Software for Device Protection in 2025
Want to keep your devices safe? These tried-and-true free antivirus tools can protect your computer, phone and other devices -- without...
November 18, 2025 02:22 PM
Zyxel Networks announces strategic partnership with Avast
Integration of business security solution and firewalls provides unified visibility and protection across networks and endpoints.
November 06, 2025 08:00 AM
The Best Free Antivirus Software in 2025: Our Top 6
We tested several internet security tools and created a shortlist of the six best free antivirus solutions for desktop and mobile.
November 05, 2025 08:00 AM
Your Guide to the Best Free Antivirus Solutions of 2025
The best free antivirus software is an excellent way to protect your devices without having to spend money on a premium subscription – but...
October 31, 2025 07:00 AM
The best antivirus software of 2025: Stay safe from online attacks and ransomware scams
Computer viruses haven't gone away, and while they've evolved over the years, so has antivirus software. The latest cyber attacks use...
October 30, 2025 07:00 AM
Avast Antivirus Review 2025 – Is It a Good Choice?
Avast is one of the most popular cybersecurity tools. Check out my Avast antivirus review to learn about its capabilities and whether it's a...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Avast CyberSecurity History Information
Official Website of Avast
The official website of Avast is https://www.avast.com.
Avast’s AI-Generated Cybersecurity Score
According to Rankiteo, Avast’s AI-generated cybersecurity score is 703, reflecting their Moderate security posture.
How many security badges does Avast’ have ?
According to Rankiteo, Avast currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Avast have SOC 2 Type 1 certification ?
According to Rankiteo, Avast is not certified under SOC 2 Type 1.
Does Avast have SOC 2 Type 2 certification ?
According to Rankiteo, Avast does not hold a SOC 2 Type 2 certification.
Does Avast comply with GDPR ?
According to Rankiteo, Avast is not listed as GDPR compliant.
Does Avast have PCI DSS certification ?
According to Rankiteo, Avast does not currently maintain PCI DSS compliance.
Does Avast comply with HIPAA ?
According to Rankiteo, Avast is not compliant with HIPAA regulations.
Does Avast have ISO 27001 certification ?
According to Rankiteo,Avast is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Avast
Avast operates primarily in the Computer and Network Security industry.
Number of Employees at Avast
Avast employs approximately 881 people worldwide.
Subsidiaries Owned by Avast
Avast presently has no subsidiaries across any sectors.
Avast’s LinkedIn Followers
Avast’s official LinkedIn profile has approximately 42,334 followers.
NAICS Classification of Avast
Avast is classified under the NAICS code 541514, which corresponds to Others.
Avast’s Presence on Crunchbase
Yes, Avast has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/avast.
Avast’s Presence on LinkedIn
Yes, Avast maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/avast.
Cybersecurity Incidents Involving Avast
As of December 02, 2025, Rankiteo reports that Avast has experienced 7 cybersecurity incidents.
Number of Peer and Competitor Companies
Avast has an estimated 2,887 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Avast ?
Incident Types: The types of cybersecurity incidents that have occurred include Data Leak, Vulnerability, Breach and Ransomware.
How does Avast detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with fixed vulnerability, and communication strategy with informed concerned third parties and data protection authorities, and containment measures with adoption of additional security measures, containment measures with password resets, and communication strategy with customer alerts, and third party assistance with avast, and and remediation measures with protections against byovd tactics..
Incident Details
Can you provide details on each incident ?
Title: LifeLock Vulnerability Exposes Customer Emails and Communication Preferences
Description: Identity theft protection firm LifeLock have exposed customers to additional attacks from ID thieves and phishers. The company just fixed a vulnerability on its site that allowed anyone with a Web browser to index email addresses associated with millions of customer accounts, or to unsubscribe users from all communications from the company.
Type: Data Exposure
Attack Vector: Web Application Vulnerability
Vulnerability Exploited: Email Indexing and Unsubscribe Vulnerability
Title: Avast Anti-Virus Forum Hack
Description: In May 2014, the Avast anti-virus forum was hacked and 423k member records were exposed online.
Date Detected: 2014-05-01
Type: Data Breach
Title: Gen Digital Cyberattack
Description: Gen Digital claimed to have been a victim of a cyberattack, and threat actors had taken advantage of the recently discovered MOVEit Transfer vulnerability CVE-2023-34362. The business acknowledged that threat actors had access to employee personal data. Names, residences, dates of birth, and corporate email addresses are among the data that have been exposed. The business informed the concerned third parties as well as the data protection authorities.
Type: Data Breach
Attack Vector: Exploiting software vulnerability
Vulnerability Exploited: CVE-2023-34362
Title: Norton Password Manager Accounts Compromised by Credential-Stuffing Attacks
Description: Gen Digital, previously Symantec Corporation, and NortonLifeLock, alerted its clients to the fact that threat actors had compromised Norton Password Manager accounts through credential-stuffing assaults. The company stated that while none of its systems had been penetrated, the attack may have utilized credentials that came from another source. NortonLifeLock has not yet made public how many customers are affected. Threat actors could have accessed Password Manager accounts and seen information such as first and last names, phone numbers, and mailing addresses. NortonLifeLock has announced the adoption of additional security measures for the affected accounts and reset Norton passwords on those accounts in response to the incident.
Type: Credential-Stuffing Attack
Attack Vector: Credential-Stuffing
Motivation: Unauthorized Access
Title: DoNex Ransomware Incident
Description: Avast developed a decryptor for the DoNex ransomware, allowing victims to recover files without charge. Known as Muse and DarkRace, DoNex targeted individuals and organizations, causing disruptions mainly in the US, Italy, and Belgium. The ransomware encrypted files with ChaCha20 symmetric key and RSA-4096 encryption, demanding a ransom for decryption. Avast's decryptor, distributed since March 2024, was kept secret to avoid alerting the authors. Indicators of Compromise were provided to help identify and mitigate the threat.
Date Detected: April 2022
Type: Ransomware
Threat Actor: DoNex Ransomware
Motivation: Financial gain
Title: Malware Campaign Exploiting Avast Anti-Rootkit Driver
Description: A malware campaign has been discovered targeting systems using a vulnerable Avast Anti-Rootkit driver. This driver allowed malware to disable security tools and assume control over the system. The compromise affected various security products from multiple companies, with the malware utilizing kernel-level access to terminate security processes. Organizations were advised to instate protections against BYOVD (Bring Your Own Vulnerable Driver) tactics, which use legitimate but compromised drivers to evade detection. Indicators of compromise have been provided to assist in thwarting such attacks, highlighting the importance of protecting systems against kernel-level threats posed by flawed security drivers.
Type: Malware Campaign
Attack Vector: Vulnerable Driver Exploit
Vulnerability Exploited: Avast Anti-Rootkit driver
Title: NortonLifeLock Gen Digital Data Breach
Description: Unauthorized third parties likely accessed customer usernames and passwords for accounts created before December 1, 2022. The breach potentially exposed customer first names, last names, phone numbers, and mailing addresses.
Date Detected: 2023-01-09
Date Publicly Disclosed: 2023-01-09
Type: Data Breach
Threat Actor: Unauthorized third parties
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Data Leak.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Compromised Credentials from Another Source and Vulnerable Avast Anti-Rootkit driver.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Exposure NOR013101122
Data Compromised: Email addresses, Communication preferences
Systems Affected: Web Application
Identity Theft Risk: High
Incident : Data Breach AVA221624123
Data Compromised: Usernames, Email addresses, Password hashes
Systems Affected: Forum
Incident : Data Breach GEN111718923
Data Compromised: Names, Residences, Dates of birth, Corporate email addresses
Incident : Credential-Stuffing Attack NOR225881023
Data Compromised: First and last names, Phone numbers, Mailing addresses
Systems Affected: Norton Password Manager
Incident : Malware Campaign AVA000112624
Systems Affected: Various security products from multiple companies
Incident : Data Breach NOR153072525
Data Compromised: Usernames, Passwords, First names, Last names, Phone numbers, Mailing addresses
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Email Addresses, Communication Preferences, , Usernames, Email Addresses, Password Hashes, , Personal Information, , Personally Identifiable Information, , Usernames, Passwords, First Names, Last Names, Phone Numbers, Mailing Addresses and .
Which entities were affected by each incident ?
Incident : Data Exposure NOR013101122
Entity Name: LifeLock
Entity Type: Company
Industry: Identity Theft Protection
Customers Affected: Millions
Incident : Data Breach AVA221624123
Entity Name: Avast
Entity Type: Company
Industry: Cybersecurity
Customers Affected: 422959
Incident : Credential-Stuffing Attack NOR225881023
Entity Name: Gen Digital (previously Symantec Corporation, and NortonLifeLock)
Entity Type: Company
Industry: Cybersecurity
Incident : Ransomware AVA915071024
Location: USItalyBelgium
Incident : Data Breach NOR153072525
Entity Name: NortonLifeLock Gen Digital
Entity Type: Company
Industry: Cybersecurity
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Exposure NOR013101122
Containment Measures: Fixed Vulnerability
Incident : Data Breach GEN111718923
Communication Strategy: Informed concerned third parties and data protection authorities
Incident : Credential-Stuffing Attack NOR225881023
Containment Measures: Adoption of Additional Security MeasuresPassword Resets
Communication Strategy: Customer Alerts
Incident : Ransomware AVA915071024
Third Party Assistance: Avast
Incident : Malware Campaign AVA000112624
Remediation Measures: Protections against BYOVD tactics
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Avast.
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Exposure NOR013101122
Type of Data Compromised: Email addresses, Communication preferences
Number of Records Exposed: Millions
Personally Identifiable Information: Email Addresses
Incident : Data Breach AVA221624123
Type of Data Compromised: Usernames, Email addresses, Password hashes
Number of Records Exposed: 422959
Incident : Data Breach GEN111718923
Type of Data Compromised: Personal information
Sensitivity of Data: High
Personally Identifiable Information: NamesResidencesDates of birthCorporate email addresses
Incident : Credential-Stuffing Attack NOR225881023
Type of Data Compromised: Personally identifiable information
Sensitivity of Data: Medium
Personally Identifiable Information: First and Last NamesPhone NumbersMailing Addresses
Incident : Ransomware AVA915071024
Data Encryption: ChaCha20 symmetric key and RSA-4096 encryption
Incident : Data Breach NOR153072525
Type of Data Compromised: Usernames, Passwords, First names, Last names, Phone numbers, Mailing addresses
Personally Identifiable Information: first nameslast namesphone numbersmailing addresses
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Protections against BYOVD tactics, .
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by fixed vulnerability, , adoption of additional security measures, password resets and .
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware AVA915071024
Ransomware Strain: DoNex
Data Encryption: ChaCha20 symmetric key and RSA-4096 encryption
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Breach GEN111718923
Regulatory Notifications: Informed data protection authorities
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Malware Campaign AVA000112624
Lessons Learned: Importance of protecting systems against kernel-level threats posed by flawed security drivers.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Importance of protecting systems against kernel-level threats posed by flawed security drivers.
References
Where can I find more information about each incident ?
Incident : Data Breach NOR153072525
Source: Vermont Office of the Attorney General
Date Accessed: 2023-01-09
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Vermont Office of the Attorney GeneralDate Accessed: 2023-01-09.
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Informed Concerned Third Parties And Data Protection Authorities and Customer Alerts.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Credential-Stuffing Attack NOR225881023
Entry Point: Compromised Credentials from Another Source
Incident : Malware Campaign AVA000112624
Entry Point: Vulnerable Avast Anti-Rootkit driver
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Malware Campaign AVA000112624
Root Causes: Vulnerable Avast Anti-Rootkit driver
Corrective Actions: Protections against BYOVD tactics
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Avast.
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Protections against BYOVD tactics.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an DoNex Ransomware and Unauthorized third parties.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2014-05-01.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2023-01-09.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Email Addresses, Communication Preferences, , usernames, email addresses, password hashes, , Names, Residences, Dates of birth, Corporate email addresses, , First and Last Names, Phone Numbers, Mailing Addresses, , usernames, passwords, first names, last names, phone numbers, mailing addresses and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Web Application and Forum and Norton Password Manager and Various security products from multiple companies.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was Avast.
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident were Fixed Vulnerability and Adoption of Additional Security MeasuresPassword Resets.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were password hashes, passwords, last names, Residences, phone numbers, Phone Numbers, Email Addresses, Communication Preferences, Mailing Addresses, mailing addresses, Corporate email addresses, Dates of birth, first names, Names, First and Last Names, usernames and email addresses.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 1.4K.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Importance of protecting systems against kernel-level threats posed by flawed security drivers.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Vermont Office of the Attorney General.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Vulnerable Avast Anti-Rootkit driver and Compromised Credentials from Another Source.
.png)
Latest Global CVEs (Not Company-Specific)
Description
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Description
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=avast' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
