What is the official website of AWS Training & Certification ?

The official website of AWS Training & Certification is https://aws.amazon.com/training/.

What is AWS Training & Certification's cybersecurity risk score?

AWS Training & Certification has an AI-generated cybersecurity risk score of 770 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has AWS Training & Certification experienced?

According to Rankiteo, AWS Training & Certification currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has AWS Training & Certification been affected by any supply chain cyber incidents ?

According to Rankiteo, AWS Training & Certification has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: npm, Inc. (Incident ID: ELAGITAMAOPENPM1780050263) Socket (Incident ID: AWSSOC1778833973) Braintrust (Incident ID: AMAUSE1778092688) Amazon Web Services (AWS) (Incident ID: LIMAMA1777312775) Vercel (Incident ID: AMAVERGITSTR1775204764) Amazon Web Services (AWS) (Incident ID: AMASTA1775118743) Aqua Security (Incident ID: AQUUSEAMASALCIS1775046662) Amazon Web Services (AWS) (Incident ID: EUR1774635987) Amazon Web Services (AWS) (Incident ID: SALAMAMICPINRED1774269319) NPM (Incident ID: GOOAMANPMGIT1773319158) Amazon Web Services (AWS) (Incident ID: RELLEX1772562253) Amazon Web Services (AWS) (Incident ID: EUR1774628727) Amazon (Incident ID: AMAAPPMIC1770935300) ConnectWise (Incident ID: SMASIMCONAMADAT1775551328) Cisco (Incident ID: CISSAI1773859283) Amazon (Incident ID: LASAMA1769009064) LinkedIn (Incident ID: LINAWS1766995316) Microsoft Security (Incident ID: AMAORAMIC1770695748) Amazon Web Services (AWS) (Incident ID: AMAAWS1770152164) Cisco (Incident ID: SAL5732257091825) Wiz (Incident ID: AMAWIZ1768515615) NPM (Incident ID: GOONPMORGGOVAPPMETTHEAWSTIKK7-1773672350) Fortinet (Incident ID: FORCISAMAJPM1767748297)

Does AWS Training & Certification have SOC 2 Type 1 certification ?

According to Rankiteo, AWS Training & Certification is not certified under SOC 2 Type 1.

Does AWS Training & Certification have SOC 2 Type 2 certification ?

According to Rankiteo, AWS Training & Certification does not hold a SOC 2 Type 2 certification.

Does AWS Training & Certification comply with GDPR ?

According to Rankiteo, AWS Training & Certification is not listed as GDPR compliant.

Does AWS Training & Certification have PCI DSS certification ?

According to Rankiteo, AWS Training & Certification does not currently maintain PCI DSS compliance.

Does AWS Training & Certification comply with HIPAA ?

According to Rankiteo, AWS Training & Certification is not compliant with HIPAA regulations.

Does AWS Training & Certification have ISO 27001 certification ?

According to Rankiteo,AWS Training & Certification is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does AWS Training & Certification operate in ?

AWS Training & Certification operates primarily in the IT Services and IT Consulting industry.

How many employees does AWS Training & Certification have ?

AWS Training & Certification employs approximately None employees people worldwide.

Does AWS Training & Certification own any subsidiaries ?

AWS Training & Certification presently has no subsidiaries across any sectors.

How many LinkedIn followers does AWS Training & Certification have ?

AWS Training & Certification's official LinkedIn profile has approximately 1,449,692 followers.

What is the NAICS classification code for AWS Training & Certification ?

AWS Training & Certification is classified under the NAICS code 5415, which corresponds to Computer Systems Design and Related Services.

Does AWS Training & Certification have a Crunchbase profile ?

No, AWS Training & Certification does not have a profile on Crunchbase.

Does AWS Training & Certification have a LinkedIn profile ?

Yes, AWS Training & Certification maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/aws-training-&-certification.

How many cybersecurity incidents has AWS Training & Certification experienced ?

As of June 14, 2026, Rankiteo reports that AWS Training & Certification has experienced 61 cybersecurity incidents.

How many peer or competitor companies does AWS Training & Certification have ?

AWS Training & Certification has an estimated 40,681 peer or competitor companies worldwide.

What types of cybersecurity incidents has AWS Training & Certification faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability, Data Leak, Ransomware, Breach and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

ATC

Boost Score +25 with badge (5 left)

770

/1000

Fair

795

/1000

Fair

AWS Training & Certification Vendor Cyber Rating & Cyber Score

amazon.com

Add Your Compliance Badge

Organizations across the globe are seeking individuals skilled in the transformative technologies of the cloud. To meet this growing demand, AWS Training and Certification equips the builders of today and tomorrow—experts and novices, practitioners and partners—with the knowledge they need to realize their cloud goals. Designed by the innovators at AWS, our training supports learners of all skill levels and our certifications validate expertise. We’re also upskilling and reskilling workforces through education programs that help businesses tap into a pool of diverse talent. It’s how AWS Training and Certification helps individuals and organizations leverage the power of the AWS Cloud.

ATC A.I CyberSecurity Scoring

Scoring History

ATC

AWS Training & Certification CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Amazon Web Services...

Cyber Attack

100

6/2026

GOOAMA178116664...

Amazon Web Services...

Cyber Attack

5/2026

npm, Inc.

ELAGITAMAOPENPM...

Amazon Science

Vulnerability

5/2026

OPEANTAMAXAI177...

AWS for Healthcare ...

Cyber Attack

5/2026

Socket

AWSSOC177883397...

Amazon Science

Breach

5/2026

Braintrust

AMAUSE177809268...

Amazon Web Services...

Cyber Attack

4/2026

Amazon Web Serv...

LIMAMA177731277...

Amazon

Cyber Attack

4/2026

ELFTEMCOUGRUAMA...

Amazon Web Services...

Cyber Attack

4/2026

Vercel

AMAVERGITSTR177...

Amazon Web Services...

Vulnerability

100

4/2026

Amazon Web Serv...

AMASTA177511874...

AWS Partners

Vulnerability

4/2026

AWSGITSTR177516...

Amazon Web Services...

Vulnerability

100

4/2026

Aqua Security

AQUUSEAMASALCIS...

Amazon Web Services...

Cyber Attack

3/2026

Amazon Web Serv...

EUR1774635987

Amazon Web Services...

Vulnerability

100

3/2026

Amazon Web Serv...

SALAMAMICPINRED...

Amazon Web Services...

Vulnerability

3/2026

AMA1773707045

Amazon Web Services...

Cyber Attack

3/2026

NPM

GOOAMANPMGIT177...

Amazon Web Services...

Vulnerability

3/2026

AMA1772792723

Amazon Web Services...

Cyber Attack

100

3/2026

AMA1772678135

Amazon Web Services...

Breach

100

3/2026

Amazon Web Serv...

RELLEX177256225...

Amazon

Cyber Attack

3/2026

AMA1775744757

Amazon Web Services...

Breach

3/2026

Amazon Web Serv...

EUR1774628727

Amazon

Vulnerability

100

2/2026

Amazon

AMAAPPMIC177093...

Amazon

Cyber Attack

2/2026

ConnectWise

SMASIMCONAMADAT...

Amazon

Breach

2/2026

AMA1770339008

Amazon

Cyber Attack

2/2026

AMAINSCOIGOOFLI...

Amazon

Cyber Attack

2/2026

AMA1773987972

AWS Partners

Breach

1/2026

AWSDIGOVH176978...

Amazon

Vulnerability

100

1/2026

Cisco

CISSAI177385928...

Amazon

Cyber Attack

1/2026

Amazon

LASAMA176900906...

AWS Databases & Ana...

Cyber Attack

1/2026

HUNAWS177273537...

Amazon Web Services...

Vulnerability

100

1/2026

GOOAMAOPEANT177...

AWS Partners

Cyber Attack

12/2025

LINAWS176699531...

Amazon Web Services...

Cyber Attack

100

12/2025

Microsoft Secur...

AMAORAMIC177069...

Amazon

Vulnerability

12/2025

AMAUNIGOOWAK176...

Amazon Web Services...

Cyber Attack

100

12/2025

KUBNVITENALIAMA...

AWS Training & Cert...

Breach

100

11/2025

Amazon Web Serv...

AMAAWS177015216...

Amazon Web Services...

Cyber Attack

11/2025

AMA1765965358

AWS Training & Cert...

Cyber Attack

100

10/2025

AMA023220210212...

AWS Training & Cert...

Cyber Attack

9/2025

AMA409264009232...

AWS Partners

Cyber Attack

100

9/2025

Cisco

SAL573225709182...

Amazon Web Services...

Vulnerability

100

9/2025

Wiz

AMAWIZ176851561...

For Industries

Vulnerability

8/2025

NPM

GOONPMORGGOVAPP...

AWS Training & Cert...

Cyber Attack

7/2025

RIN709072225

AWS Training & Cert...

Vulnerability

6/2025

AMA505082225

AWS Training & Cert...

Ransomware

100

5/2025

AMA503215011212...

Amazon Web Services...

Vulnerability

100

12/2024

Fortinet

FORCISAMAJPM176...

AWS Training & Cert...

Vulnerability

8/2024

AMA000082124

AWS Training & Cert...

Breach

7/2024

AMA000072524

AWS Training & Cert...

Cyber Attack

100

6/2024

AMA190211910222...

AWS Training & Cert...

Breach

09/2023

WHO04111223

AWS Training & Cert...

Vulnerability

6/2023

AMA016210111072...

AWS Training & Cert...

Data Leak

10/2021

TWI19174123

Amazon Web Services...

Cyber Attack

100

6/2021

AMA1768595116

AWS Training & Cert...

Breach

100

01/2021

RIN01518622

Amazon Web Services...

Cyber Attack

100

6/2020

AMA1780793273

AWS Training & Cert...

Data Leak

01/2020

AMA21461222

AWS Training & Cert...

Data Leak

01/2020

RIN211261222

AWS Training & Cert...

Data Leak

12/2019

RIN2178523

Amazon

Breach

6/2018

TIKAMA176901658...

AWS Training & Cert...

Data Leak

02/2018

AMA350181223

AWS Training & Cert...

Breach

3/2017

WHO631090125

AWS Training & Cert...

Cyber Attack

01/2016

AMA0417522

Loading…

A.I.

ATC Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for ATC

Incidents vs IT Services and IT Consulting Industry Avg (This Year)

No incidents recorded for AWS Training & Certification in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for AWS Training & Certification in 2026.

Incident Types ATC vs IT Services and IT Consulting Industry Avg (This Year)

No incidents recorded for AWS Training & Certification in 2026.

Incident History - ATC (X = Date, Y = Severity)

Loading…

SUBSIDIARY

AWS Training & Certification Subsidiaries

ATC

IT Services and IT Consulting

Website: https://aws.amazon.com/training/

Company Size: 10,001+ employees

AWS DevelopersTechnology, Information and Internet

AWS StartupsIT Services and IT Consulting

AmazonSoftware Development

Whole Foods MarketRetail

TwitchSoftware Development

Twitch AdsInternet Publishing

Amazon ScienceResearch Services

Amazon GamesEntertainment Providers

Amazon Lab126Computers and Electronics Manufacturing

Amazon AdsAdvertising Services

Amazon NewsRetail

Amazon Fulfillment Technologies & RoboticsSoftware Development

Transportation, Shipping, & Logistics at AmazonTransportation, Logistics, Supply Chain and Storage

Amazon CareersSoftware Development

Souq.comTechnology, Information and Internet

Amazon MusicEntertainment Providers

GoodreadsTechnology, Information and Internet

Amazon BusinessRetail

Zappos Family of CompaniesRetail

AudibleSoftware Development

Audible GmbHOnline Audio and Video Media

Sell on AmazonTechnology, Information and Internet

IMDb.comEntertainment Providers

RingComputers and Electronics Manufacturing

Amazon KeyTechnology, Information and Internet

Amazon Development Center PolandSoftware Development

Amazon Alexa DevelopersComputers and Electronics Manufacturing

Amazon PayTechnology, Information and Internet

ShopbopRetail

AbeBooks, an Amazon companyTechnology, Information and Internet

Amazon ClinicHospitals and Health Care

Alexa.comTechnology, Information and Internet

Amazon Ads PartnersAdvertising Services

Amazon AssociatesTechnology, Information and Internet

Amazon DeveloperConsumer Electronics

Woot, Inc.Retail

Amazon Fashion & SportsRetail Apparel and Fashion

CurseComputer Games

Fulfillment by AmazonWarehousing and Storage

Amazon PharmacyRetail Pharmacies

Quidsi Inc., a subsidiary of AmazonRetail

Wag.comManufacturing

Soap.comRetail

YoYo.comConsumer Goods

Casa.comRetail

BeautyBar.comRetail

Amazon LaunchpadInternet Publishing

Amazon KindleRetail

AWS ThinkboxSoftware Development

LOVEFiLMEntertainment Providers

CreateSpaceBook and Periodical Publishing

Buy with PrimeInternet Publishing

Comixology, an Amazon companyEntertainment

Just Walk Out technologyRetail

Annapurna LabsComputer Networking

A9.comTechnology, Information and Internet

Amazon | LiquavistaAppliances, Electrical, and Electronics Manufacturing

PerceiveSemiconductors

Amazon HelpRetail

Amazon AutosRetail Motor Vehicles

Brilliance PublishingBook and Periodical Publishing

Amazon Web Services (AWS)IT Services and IT Consulting

AWS Databases & AnalyticsIT Services and IT Consulting

Loading…

AWS Training & Certification Similar Companies

inDrive

cb inDrive.com

inDrive is a global mobility and urban services platform. The inDrive app has been downloaded over 400 million times, and has been the second most downloaded mobility app for the third consecutive year. In addition to ride-hailing, inDrive provides an expanding list of urban services, including intercity transportation and delivery. In 2023, inDrive launched New Ventures, a venture and M&A arm. inDrive operates in 1065 cities in 48 countries. Driven by its mission of challenging social injustice, the company is committed to having a positive impact on the lives of one billion people by 2030. It pursues this goal both through its core business, which supports local communities via a fair pricing model; and through the work of inVision, its non-profit arm. inVision’s community empowerment programs help to advance education, sports, arts and sciences, gender equality and other vital initiatives. For more information visit www.inDrive.com

Infosys

infosys.com

Infosys is a global leader in next-generation digital services and consulting. We enable clients in more than 50 countries to navigate their digital transformation. With over three decades of experience in managing the systems and workings of global enterprises, we expertly steer our clients through their digital journey. We do it by enabling the enterprise with an AI-powered core that helps prioritize the execution of change. We also empower the business with agile digital at scale to deliver unprecedented levels of performance and customer delight. Our always-on learning agenda drives their continuous improvement through building and transferring digital skills, expertise, and ideas from our innovation ecosystem. Visit www.infosys.com to see how Infosys (NYSE: INFY) can help your enterprise navigate your next.

Kyndryl

cb kyndryl.com

We have the world’s best talent that design, run, and manage the most advanced and reliable technology infrastructure each day. Together, we think holistically about the health of these vital technology ecosystems. We are a focused, independent company that builds on our foundation of excellence by creating systems in new ways. Bringing in the right partners, investing in our business, and working side-by-side with our customers to unlock potential. We're raising the bar. Our experience speaks for itself: We have tens of thousands of highly skilled employees around the world serving most of the Fortune 100 companies. But our purpose is what drives us: Advancing the vital systems that power human progress. Because when a digital ecosystem is healthy, it can more readily adapt and support continuous growth and that opens up a world of possibility for everyone. Together, we are the heart of progress.

Globant

cb globant.link

At Globant, we create the digitally-native products that people love. We bridge the gap between businesses and consumers through technology and creativity, leveraging our experience as an AI powerhouse. We dare to digitally transform organizations and strive to delight their customers. - We have more than 30,000 employees and are present in 33 countries across 5 continents, working for companies like Google, Electronic Arts, and Santander, among others. - We were named a Worldwide Leader in AI Services (2023) and a Worldwide Leader in CX Improvement Services (2020) by IDC MarketScape report. - We are the fastest-growing IT brand and the 5th strongest IT brand globally (2024), according to Brand Finance. - We were featured as a business case study at Harvard, MIT, and Stanford. - We are active members of The Green Software Foundation (GSF) and the Cybersecurity Tech Accord. For more information, visit https://bit.ly/globant_com Follow us: http://www.twitter.com/globant http://www.youtube.com/Globant http://www.facebook.com/Globant https://instagram.com/Globant https://www.tiktok.com/@globant

NTT DATA, Inc.

global.ntt

NTT DATA, Inc. is a trusted global innovator of business and technology services. We're committed to helping clients innovate, optimize and transform for long-term success. Our R&D investments help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity.

Hexaware Technologies

cb hexaware.com

At Hexaware, we're not just a global technology and business process services company; we're a community of 31,600+ Hexawarians dedicated to one singular purpose: creating smiles through the power of great people and technology. With a presence in 58 offices across 28 countries, we empower enterprises worldwide to embark on their digital transformation journey with unparalleled scale and speed. As an employer, we're more than just a workplace. We put our people first, foster diversity and inclusivity, and prioritize their growth through robust learning and development programs. Our culture is a canvas for innovation as we work toward our shared vision of becoming the world’s most loved digital transformation partner. Exciting, isn’t it? Visit www.hexaware.com to join us in embracing the magic of technology, as we passionately advocate for its potential to transform lives today and shape a brighter future. Together, we'll make the digital world a better place.

Gainwell Technologies

gainwelltechnologies.com

For 50 years, our nation’s federal Medicaid program has worked to improve the health, safety and well-being of America’s most vulnerable populations: low-income families, women and children, seniors, and those with disabilities. With positive health and cost outcomes that pierce inequities and impact economies, the success of these programs is inextricably tied to the prosperity of communities, individual states and the nation as a whole. We think that demands respect and, more importantly, is deserving of a lifetime commitment from innovators who can help those who operate within and around health and human services evolve — in any market at any stage. At Gainwell Technologies, that’s our sole focus. Built across more than five decades, Gainwell has intentionally seized opportunities to advance its digitally enabled services to meet agencies, health plans and MCOs where they are on their modernization journeys and propel them into the future of public health. Our commitment to innovation, deep experience and ability to leverage insights from customers across 50 states has allowed us to expand on next-generation, cloud-enabled technologies. Today, Gainwell offers one of the most comprehensive suites of scalable services and solutions on the market — all proven to deliver cost savings, better patient outcomes and an improved provider experience. Equally important to our expanding technologies and results: We bring ideas that bring policies to life.

TD SYNNEX North America

tdsynnex.com

We’re TD SYNNEX (NYSE: SNX), a leading distributor and solutions aggregator for the IT ecosystem. We’re 22,000 of the IT industry’s best and brightest, who share an unwavering passion for bringing compelling technology products, services and solutions to the world. We’re an innovative partner that helps our customers maximize the value of IT investments, demonstrate business outcomes and unlock growth opportunities. At our core, we’re a company that cares. We care about our partners, our co-workers, our investors and the world around us. And we’re committed to being a diverse, inclusive employer of choice and a good corporate citizen.

Appen

appen.com

Appen has been a leader in AI training data for over 25 years, providing high-quality, diverse datasets that power the world's leading AI models. Our end-to-end platform, deep expertise, and scalable human-in-the-loop services enable AI innovators to build and optimize cutting-edge models. We specialize in creating bespoke, human-generated data to train, fine-tune, and evaluate AI models across multiple domains, including generative AI, large language models (LLMs), computer vision, speech recognition, and more. Our solutions support critical AI functions such as supervised fine-tuning, reinforcement learning with human feedback (RLHF), model evaluation, and bias mitigation. Our advanced AI-assisted data annotation platform, combined with a global crowd of more than 1M contributors in over 200 countries, ensures the delivery of accurate and diverse datasets. Our commitment to quality, scalability, and ethical AI practices makes Appen a trusted partner for enterprises aiming to develop and deploy effective AI solutions. At Appen, we foster a culture of innovation, collaboration, and excellence. We value curiosity, accountability, and a commitment to delivering the highest-quality AI solutions. We support work-life balance with flexible work arrangements and a dynamic, results-driven environment. Employees have access to competitive pay, comprehensive benefits, and opportunities for continuous learning and career growth. Our team works closely with the world’s top technology companies and enterprises, tackling exciting challenges and shaping the future of artificial intelligence.

Loading…

NEWS

AWS Training & Certification CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 19, 2026 08:00 AM

March sessions of the Amazon Quick Suite Learning Series

We provide live weekly webinars to give users of all technical backgrounds an on-demand experience to learn from our technical experts.

Read Article

February 02, 2026 08:00 AM

Best AWS Certification to Choose in 2026 – Complete Guide

Explore the best AWS certification options in 2026. Learn about courses, career paths, salaries, and how to choose the right AWS...

Read Article

January 27, 2026 08:00 AM

New courses and certification updates from AWS Training and Certification in January 2026

Welcome to January's post announcing new training course launches and certification launches — helping equip you and your teams with the...

Read Article

January 27, 2026 08:00 AM

AWS Generative AI Essentials: New learning now available on Coursera and edX

Using AI effectively isn't just a nice-to-have skill—it's essential for career growth, team and organizational success. AWS generative AI...

Read Article

January 22, 2026 08:00 AM

Level Up Your End User Computing Skills: AWS Digital Course to Badge Success

The AWS End User Computing Specialty Badge comprises three progressive courses plus a comprehensive 60-question certification exam. Each course...

Read Article

December 17, 2025 08:00 AM

Upgraded AWS Certification exam guides are now available

Starting today, you can find all AWS Certification exam guides in one place through AWS Documentation. On AWS Documentation, you'll have...

Read Article

December 17, 2025 08:00 AM

Collaborative AI Model Training with Rhino Federated Computing on AWS

Conclusion. Rhino FCP on AWS enables collaborative AI model development in HCLS through its integration of FC capabilities with AWS' security...

Read Article

December 16, 2025 08:00 AM

New courses and certification updates from AWS Training and Certification in December 2025

New courses and certification updates from AWS Training and Certification in December 2025 · New AWS Skill Builder subscription features · Free...

Read Article

December 16, 2025 08:00 AM

Hands-on with AWS: New Lab Series launches on Coursera

Transform your cloud skills from theory to practice with our newest hands-on learning experiences. Employers seek candidates with practical...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…