What is the official website of Santander ?

The official website of Santander is https://www.santander.com.

What is Santander's cybersecurity risk score?

Santander has an AI-generated cybersecurity risk score of 662 out of 1000, indicating a Weak security posture according to Rankiteo's assessment.

How many security incidents has Santander experienced?

According to Rankiteo, Santander currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Santander been affected by any supply chain cyber incidents ?

According to Rankiteo, Santander has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: Snowflake (Incident ID: BANSNOTIC1771979968) Snowflake (Incident ID: 23A1764346412) Snowflake (Incident ID: SNO000110624)

Does Santander have SOC 2 Type 1 certification ?

According to Rankiteo, Santander is not certified under SOC 2 Type 1.

Does Santander have SOC 2 Type 2 certification ?

According to Rankiteo, Santander does not hold a SOC 2 Type 2 certification.

Does Santander comply with GDPR ?

According to Rankiteo, Santander is not listed as GDPR compliant.

Does Santander have PCI DSS certification ?

According to Rankiteo, Santander does not currently maintain PCI DSS compliance.

Does Santander comply with HIPAA ?

According to Rankiteo, Santander is not compliant with HIPAA regulations.

Does Santander have ISO 27001 certification ?

According to Rankiteo,Santander is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Santander operate in ?

Santander operates primarily in the Banking industry.

How many employees does Santander have ?

Santander employs approximately 141,634 people worldwide.

Does Santander own any subsidiaries ?

Santander presently has no subsidiaries across any sectors.

How many LinkedIn followers does Santander have ?

Santander's official LinkedIn profile has approximately 2,081,304 followers.

What is the NAICS classification code for Santander ?

Santander is classified under the NAICS code 52211, which corresponds to Commercial Banking.

Does Santander have a Crunchbase profile ?

Yes, Santander has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/banco-santander.

Does Santander have a LinkedIn profile ?

Yes, Santander maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/banco-santander.

How many cybersecurity incidents has Santander experienced ?

As of June 19, 2026, Rankiteo reports that Santander has experienced 4 cybersecurity incidents.

How many peer or competitor companies does Santander have ?

Santander has an estimated 7,391 peer or competitor companies worldwide.

What types of cybersecurity incidents has Santander faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Santander

Boost Score +25 with badge (5 left)

662

/1000

Weak

687

/1000

Weak

Santander Vendor Cyber Rating & Cyber Score

santander.com

cb in

Add Your Compliance Badge

Banco Santander (SAN SM, STD US, BNC LN) is a leading commercial bank, founded in 1857 and headquartered in Spain and one of the largest banks in the world by market capitalization. The group’s activities are consolidated into five global businesses: Retail & Commercial Banking, Digital Consumer Bank, Corporate & Investment Banking (CIB), Wealth Management & Insurance and Payments (PagoNxt and Cards). This operating model allows the bank to better leverage its unique combination of global scale and local leadership. Santander aims to be the best open financial services platform providing services to individuals, SMEs, corporates, financial institutions and governments. The bank’s purpose is to help people and businesses prosper in a

Santander A.I CyberSecurity Scoring

Scoring History

Santander

Santander CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Santander

Breach

5/2026

METORATICBANYAH...

Santander

Breach

2/2026

Snowflake

BANSNOTIC177197...

Santander

Breach

11/2025

Snowflake

23A1764346412

Santander

Breach

100

11/2024

Snowflake

SNO000110624

Loading…

A.I.

Santander Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Santander

Incidents vs Banking Industry Avg (This Year)

Santander has 8.11% more incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs All-Companies Average (This Year)

Santander has 88.68% more incidents than the average of all companies with at least one recorded incident.

Incident Types Santander vs Banking Industry Avg (This Year)

Santander reported 2 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 2 data breaches, compared to industry peers with at least 1 incident.

Incident History - Santander (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Santander Subsidiaries

Santander

Banking

Website: https://www.santander.com

Company Size: 10,001+ employees

Santander BrasilBanking

Santander ArgentinaBanking

Santander MéxicoBanking

Santander PortugalBanking

OpenbankBanking

Loading…

Santander Similar Companies

Banco Azteca

bancoazteca.com.mx

Banco Azteca es un banco mexicano fundado en el año 2002 y es una compañía de Grupo Salinas del empresario Mexicano Ricardo Salinas Pliego. Cuenta con 1,500 sucursales en México, Panamá, Argentina, Honduras, El Salvador, Brasil y Perú; es uno de los dos bancos más grandes en México en términos de cobertura. Además de otorgar créditos al consumo de bienes (Credimax), Banco Azteca ofrece tarjetas de crédito (Tarjeta Azteca), préstamos personales, así como financiamiento para automóviles, hipotecas y otros. Adicionalmente, Banco Azteca ofrece servicios de pago de nómina, es agente del programa de financiamiento agrícola del gobierno, Procampo. Cuenta con una avanzada página de internet que permite la consulta de saldo, estado de cuenta, múltiples pagos de servicios, traspasos nacionales e internacionales, apertura de cuentas en línea y movimientos bajo los sistema de seguridad Token o con Huella Digital. Su director es Carlos Septién Michel, reconocido ejecutivo del sector bancario. A lo largo de su carrera se ha desempeñado como directivo en diversas instituciones financieras, previo a su incursión en Banco Azteca. Septién es ingeniero industrial y cuenta con una Maestría en Administración por la Universidad de Purdue.

Emirates NBD

cb emiratesnbd.com

About Emirates NBD Emirates NBD (DFM: Emirates NBD) is a leading banking group in the MENAT (Middle East, North Africa and Türkiye) region with a presence in 13 countries, serving over 20 million customers. As at 30th September 2023, total assets were AED 836 billion, (equivalent to approx. USD 228 billion). The Group has operations in the UAE, Egypt, India, Türkiye, the Kingdom of Saudi Arabia, Singapore, the United Kingdom, Austria, Germany, Russia and Bahrain and representative offices in China and Indonesia with a total of 853 branches and 4,213 ATMs / SDMs. Emirates NBD is the leading financial services brand in the UAE with a Brand value of USD 3.89 billion. Emirates NBD Group serves its customers (individuals, businesses, governments, and institutions) and helps them realise their financial objectives through a range of banking products and services including retail banking, corporate and institutional banking, Islamic banking, investment banking, private banking, asset management, global markets and treasury, and brokerage operations. The Group is a key participant in the global digital banking industry with 97% of all financial transactions and requests conducted outside of its branches. The Group also operates Liv, the lifestyle digital bank by Emirates NBD, with close to half a million users, it continues to be the fastest-growing bank in the region. Emirates NBD contributes to the construction of a sustainable future as an active participant and supporter of the UAE’s main development and sustainability initiatives, including financial wellness and the inclusion of people of determination. Emirates NBD is committed to supporting the UAE’s Year of Sustainability as Principal Banking Partner of COP28 and an early supporter to the Dubai Can sustainability initiative, a city-wide initiative aimed to reduce use of single-use plastic bottled water.

Bank of Communications Co., Ltd. London Branch

bankcomm.com.hk

Founded in 1908, Bank of Communications Co., Ltd. ("the Bank") is one of the oldest banks in China as well as one of the note-issuing banks in modern China. The Bank was listed on the Hong Kong Stock Exchange in June 2005 and on the Shanghai Stock Exchange in May 2007. The Bank currently has 182 domestic branches, comprising 30 provincial branches, 7 branches directly managed by the Head Office and 145 managed by provinces. It has also established 2,701 banking outlets in 202 cities and 144 counties nationwide. In addition, the Bank has set up 12 overseas institutions, comprising branches in Hong Kong, New York, San Francisco, Tokyo, Singapore, Seoul, Frankfurt, Sydney, Macau, Ho Chi Minh City, Taipei and Bank of Communications (UK) Co., Ltd. According to the "Top 1000 World Banks 2012" published by the British magazine "The Banker", the Bank was ranked number 30 in terms of its Tier 1 Capital, moving 5 positions forward as compared with the prior year, and was among the top 50 for the fourth consecutive year. The Bank is one of the major financial services providers in China. The Bank's business scope includes commercial banking, securities services, trust services, financial leasing, fund management, insurance and offshore financial services. Its wholly-owned subsidiaries include BOCOM International Holdings Company Limited, China BOCOM Insurance Co., Ltd and Bank of Communications Finance Leasing Co., Ltd. Subsidiaries controlled by the Bank include Bank of Communications Schroder Fund Management Co., Ltd, Bank of Communications International Trust Co., Ltd, BoCommLife Insurance Company Limited, Dayi Bocomm Xingmin Rural Bank, Zhejiang Anji BOCOM Rural Bank Ltd, Xinjiang Shihezi BOCOM Rural Bank and Qingdao Laoshan BOCOM Rural Bank. In addition, the Bank is the largest shareholder of Jiangsu Changshu Rural Commercial Bank Co., Ltd.

U.S. Bank

cb usbank.com

At U.S. Bank, we help millions of clients achieve their goals with a balance of best-in-class technology and human expertise tailored to individual needs. As the fifth-largest commercial bank in the United States, we’ve built a reputation for strength and stability across a diversified mix of businesses, including commercial and institutional banking, business banking, payments, wealth management and consumer banking. We’ve been named one of the World’s Most Ethical Companies® by the Ethisphere Institute and the most admired superregional bank by Fortune. In addition to thousands of branches serving consumers, U.S. Bank offers a complete suite of products, services and strategic partnerships for business. Within our Wealth, Corporate, Commercial and Institutional Banking division, we serve more than half a million clients across the country and around the world, ranging from wealthy individuals and families to the largest corporations, including 90% of Fortune 1000 companies. We’re also consistently recognized as a great place to work. We’re shaping our company culture with intention, focused on creating a workplace where it’s safe to speak up, share ideas and try new things. We’re proud to be recognized as a “Best for Vets” employer by the Military Times and included on Fair360’s (formerly DiversityInc.) list of Top 50 Companies for Diversity. U.S. Bank, NA. Member FDIC. Equal Housing Lender.

Crédit Mutuel

creditmutuel.com

Un modèle mutualiste au service des clients et des salariés. Réseau bancaire mutualiste constitué de 2124 Caisses locales le Crédit Mutuel se compose de 18 fédérations régionales, couvrant tout le territoire français. Société de personnes et non de capitaux, le Crédit Mutuel n’est pas coté en Bourse. Sa stratégie est ainsi dégagée de la recherche de la seule rentabilité à court terme, au profit d’un développement pensé sur le long terme. Son objectif central : rendre un service de qualité au coût le plus juste à tous ses sociétaires. Son organisation décentralisée favorise ainsi la qualité de service aux clients et la réactivité, par des circuits de décision courts. Reconnu à la fois par ses clients et les professionnels de la finance, le Crédit Mutuel décroche régulièrement des titres qui confortent son modèle mutualiste et ses valeurs de solidarité, responsabilité, égalité, proximité et responsabilité sociale portées par les salariés et les clients- sociétaires. Au-delà de son réseau, le Crédit Mutuel constitue un Groupe qui comprend également plusieurs filiales dont certaines sont implantées à l’étranger. Les nouveaux collaborateurs du Crédit Mutuel apprécient tout particulièrement : - un circuit de recrutement court, axé sur des entretiens évaluant notamment la personnalité et la motivation ; - un parcours d’intégration précis, suivi par la fonction Ressources Humaines. Les salariés apprécient tout particulièrement : - le Système d’Information au service du développement commercial ; - un management au travers d’objectifs collectifs ; - des démarches et outils de gestion des carrières et des compétences facilitant la progression dans l’entreprise ; - la qualité des formations de préparation ou d’accompagnement des changements d’emploi ; - la diversité des opportunités d’évolution, principalement commerciale, sur tous les marchés, dans toutes les entités du Groupe.

Türkiye İş Bankası

cb isbank.com.tr

In the nearly 100 years since its founding by the Great Leader Mustafa Kemal Atatürk on August 26, 1924, İşbank has undertaken various roles and made significant contributions to the development of our country in many fields, especially in industry and trade. İşbank offers products and services to its customers in corporate, commercial, SME, retail and private banking areas with its around 22 thousand employees, nearly 1,200 domestic branches and approximately 6,400 ATMs by the end of 2021, together with its advanced digital banking channels. İşbank also operates abroad with its branches abroad located in the Turkish Republic of Northern Cyprus, England, Kosovo, Iraq and Bahrain; 100% owned subsidiaries in Germany, Russia and Georgia; and with its representative offices in China and Egypt. The Bank is the largest private bank in Turkey in terms of total assets, loans, deposits and shareholders’equity; number of branches and ATMs. The largest share of the Bank's capital is held by the İşbank Pension Fund, which was founded by its employees. İşbank, an organization synonymous with trust, consistency and dignity, works for an inclusive and environment-friendly economy with its sense of responsibility stemming from its history. For further deteails, you can visit https://www.isbank.com.tr/en/about-us page.

National Bank of Canada

bnc.ca

At National Bank, we believe in the potential of each individual, and that even the smallest gestures can make a big difference. When we help others accomplish their projects, we help empower them and the community at large. We try to make a difference through innovation, but above all, by putting people first. By taking the time to listen and letting our actions speak for themselves. By remaining bold and passionate. By developing lasting relationships as partners and allies. Together we can achieve great things and create a positive impact. Want to learn more about us? For advice on your personal finances, visit: nbc.ca/advice For advice on your business, visit: nbc.ca/business For career opportunities, visit: jobs.nbc.ca For all the latest news, visit: nbc.ca/news By clicking "Follow" above, you may receive communications from National Bank, either in your LinkedIn inbox or by other means via LinkedIn, about products and services that could interest you. Learn more at: www.nbc.ca/socialnetworks.

OCBC

ocbc.com

OCBC is the longest established Singapore bank, formed in 1932 from the merger of three local banks, the oldest of which was founded in 1912. It is now the second largest financial services group in Southeast Asia by assets and one of the world’s most highly-rated banks, with an Aa1 rating from Moody’s. Recognised for its financial strength and stability, OCBC is consistently ranked among the World’s Top 50 Safest Banks by Global Finance and has been named Best Managed Bank in Singapore by The Asian Banker. OCBC and its subsidiaries offer a broad array of commercial banking, specialist financial and wealth management services, ranging from consumer, corporate, investment, private and transaction banking to treasury, insurance, asset management and stockbroking services. OCBC’s key markets are Singapore, Malaysia, Indonesia and Greater China. It has more than 570 branches and representative offices in 19 countries and regions. These include about 300 branches and offices in Indonesia under subsidiary Bank OCBC NISP, and over 90 branches and offices in Mainland China, Hong Kong SAR and Macau SAR under OCBC Wing Hang. OCBC’s private banking services are provided by its wholly-owned subsidiary Bank of Singapore, which operates on a unique open-architecture product platform to source for the best-in-class products to meet its clients’ goals. OCBC's insurance subsidiary, Great Eastern Holdings, is the oldest and most established life insurance group in Singapore and Malaysia. Its asset management subsidiary, Lion Global Investors, is one of the largest private sector asset management companies in Southeast Asia.

Akbank

cb akbank.com

Akbank was founded as a local bank in Adana in January 1948. Established originally with the core objective to provide funding to local cotton producers, the Bank opened its first branch in the Sirkeci district of Istanbul on July 14, 1950. In 1954, after relocating its Head Office to Istanbul, the Bank rapidly expanded its branch network and had automated all banking operations by 1963. Floated to the public in 1990, Akbank shares began trading on international markets and as an American Depository Receipt (ADR) after its secondary public offering in 1998. Akbank established AKSecurities in 1996, AKInvestment Trust in 1998, AKAssetManagement Company and its Private Banking Department in 2000 and Ak Pension Company in 2003. Akbank acquired AKLease in 2005 and Ak Pension Company was sold to Ak Insurance in February 2006. Akbank conducts overseas operations through its subsidiaries in Germany (Akbank AG), the Netherlands (Akbank NV) and Dubai (Akbank Dubai Limited) as well as a branch in Malta. As part of the initiative to restructure its overseas subsidiaries, Akbank decided to consolidate Akbank AG and Akbank NV under the corporate umbrella of Akbank AG; the merger is currently underway. In addition to its core banking activities, Akbank offers a wide range of consumer, commercial and SME, corporate and private banking services as well as foreign trade financing. For more information about Akbank, please visit at http://www.akbank.com.

Loading…

NEWS

Santander CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 05, 2026 08:00 AM

Santander Bank tech chief takes on CIO role at USAA

After a leadership shakeup, Dan Griffiths will succeed Amala Duggirala, who is now Delta's chief digital and technology officer.

Read Article

October 16, 2025 05:00 AM

Staying safe in a digital world: Cyber security tips for businesses

The way we do business has never been more digital. Unfortunately, so are the threats we face. Here are some steps you can take to help protect your business.

Read Article

October 15, 2025 07:00 AM

Mastercard Europe brings multi-sector cyber defense exercise to Europe for the first time

Cross-sector teams from BT Group, Deutsche Bank, ING, Proximus and Santander join Mastercard's European Cyber Resilience Centre in Belgium...

Read Article

September 19, 2025 07:00 AM

Spain: AEPD fines Santander Consumer Finance €500,000 for data security failures following data breach

Santander Consumer Finance was fined €500000 by the AEPD for failing to ensure data security following a ransomware attack on a...

Read Article

September 15, 2025 07:00 AM

LISTEN: Personal Cyber Security| Money Talks – Santander International

Finance may be Jersey's biggest industry, but that doesn't mean everyone is an expert. Money Talks is a six-episode series covering a range...

Read Article

September 05, 2025 07:00 AM

How to Detect and Remove Malware: Protect Your Devices from Cybercriminals

Learn how to detect and remove malware from your phone or computer. Safeguard your data, privacy, and online banking from cybercriminals.

Read Article

August 12, 2025 07:00 AM

Santander’s data & AI-first strategy accelerates through OpenAI collaboration

In today's fast-moving financial landscape, competitive edge comes not just from adopting artificial intelligence, but from embedding it...

Read Article

July 28, 2025 07:25 AM

Zenobe secures ‘ground-breaking’ £25 million funding from Santander to pursue further growth

UK battery storage firm Zenobe has secured £25 million in funding from Santander as it looks to continue its growth.

Read Article

July 22, 2025 07:00 AM

Santander’s AI Strategy: Analysis of Dominance in Global Finance

Santander's AI strategy unifies global scale, strategic partnerships, and risk-aware innovation—positioning it as the ultimate integrator in...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-56078

SUMMARY

PraisonAI before 1.5.115 contains a path traversal vulnerability in MultiAgentMonitor that fails to sanitize agent IDs when building file paths. Attackers can include traversal sequences like ../ in agent IDs to read, write, or overwrite arbitrary files, enabling sensitive disclosure, denial of service, or code execution.

Published

Date2026-06-18

Updated

Date2026-06-18

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-56077

SUMMARY

PraisonAI before 1.5.115 contains an information disclosure vulnerability in the MultiAgentLedger component that allows attackers to access sensitive data by registering agents with duplicate IDs. Attackers can exploit the lack of agent ID uniqueness enforcement to share ledger instances and expose system prompts and conversation history between agents.

Published

Date2026-06-18

Updated

Date2026-06-18

RISK INFORMATION (Score: 6.5)

cvss3

Base Score: 6.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

cvss4

Base Score: 7.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.6

Exploitability

2.8

REFERENCES

CVE-2026-56076

SUMMARY

PraisonAI before 1.5.128 contains a cross-origin agent execution vulnerability in the AGUI endpoint that allows remote attackers to trigger arbitrary agent execution. The POST /agui endpoint lacks authentication and hardcodes Access-Control-Allow-Origin: * headers, combined with Starlette's Content-Type-agnostic JSON parsing, enabling attackers to bypass CORS preflight checks via simple requests and exfiltrate sensitive agent responses including tool execution results and environment data.

Published

Date2026-06-18

Updated

Date2026-06-18

RISK INFORMATION (Score: 8.1)

cvss3

Base Score: 8.1

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

cvss4

Base Score: 8.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.2

Exploitability

2.8

REFERENCES

CVE-2026-56075

SUMMARY

PraisonAI before 4.5.128 contains an arbitrary shell command execution vulnerability where the UI modules hardcode approval_mode to auto, overriding administrator configuration from PRAISON_APPROVAL_MODE environment variable. Authenticated attackers can instruct the LLM agent to execute arbitrary shell commands via subprocess.run with shell=True, bypassing the manual approval gate and insufficient command sanitization blocklists.

Published

Date2026-06-18

Updated

Date2026-06-18

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-56074

SUMMARY

PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent execute_command calls to bypass approval prompts. Attackers can exploit this by obtaining initial approval for a benign command, then silently exfiltrate API keys and credentials via subsequent shell commands without user consent.

Published

Date2026-06-18

Updated

Date2026-06-18

RISK INFORMATION (Score: 5.5)

cvss3

Base Score: 5.5

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

cvss4

Base Score: 6.8

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.6

Exploitability

1.8

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…