What is British Pullman, A Belmond Train's cybersecurity risk score?

British Pullman, A Belmond Train has an AI-generated cybersecurity risk score of 756 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has British Pullman, A Belmond Train experienced?

According to Rankiteo, British Pullman, A Belmond Train currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has British Pullman, A Belmond Train been affected by any supply chain cyber incidents ?

According to Rankiteo, British Pullman, A Belmond Train has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: Salesforce (Incident ID: TIFLVMCHR1770865579) Salesforce (Incident ID: LOUPARVOLTIFJAP1770908674)

Does British Pullman, A Belmond Train have SOC 2 Type 1 certification ?

According to Rankiteo, British Pullman, A Belmond Train is not certified under SOC 2 Type 1.

Does British Pullman, A Belmond Train have SOC 2 Type 2 certification ?

According to Rankiteo, British Pullman, A Belmond Train does not hold a SOC 2 Type 2 certification.

Does British Pullman, A Belmond Train comply with GDPR ?

According to Rankiteo, British Pullman, A Belmond Train is not listed as GDPR compliant.

Does British Pullman, A Belmond Train have PCI DSS certification ?

According to Rankiteo, British Pullman, A Belmond Train does not currently maintain PCI DSS compliance.

Does British Pullman, A Belmond Train comply with HIPAA ?

According to Rankiteo, British Pullman, A Belmond Train is not compliant with HIPAA regulations.

Does British Pullman, A Belmond Train have ISO 27001 certification ?

According to Rankiteo,British Pullman, A Belmond Train is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does British Pullman, A Belmond Train operate in ?

British Pullman, A Belmond Train operates primarily in the Travel Arrangements industry.

How many employees does British Pullman, A Belmond Train have ?

British Pullman, A Belmond Train employs approximately 21 people worldwide.

Does British Pullman, A Belmond Train own any subsidiaries ?

British Pullman, A Belmond Train presently has no subsidiaries across any sectors.

How many LinkedIn followers does British Pullman, A Belmond Train have ?

British Pullman, A Belmond Train's official LinkedIn profile has approximately 1,902 followers.

What is the NAICS classification code for British Pullman, A Belmond Train ?

British Pullman, A Belmond Train is classified under the NAICS code 5615, which corresponds to Travel Arrangement and Reservation Services.

Does British Pullman, A Belmond Train have a Crunchbase profile ?

No, British Pullman, A Belmond Train does not have a profile on Crunchbase.

Does British Pullman, A Belmond Train have a LinkedIn profile ?

Yes, British Pullman, A Belmond Train maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/belmond_british_pullman.

How many cybersecurity incidents has British Pullman, A Belmond Train experienced ?

As of June 14, 2026, Rankiteo reports that British Pullman, A Belmond Train has experienced 16 cybersecurity incidents.

How many peer or competitor companies does British Pullman, A Belmond Train have ?

British Pullman, A Belmond Train has an estimated 4,985 peer or competitor companies worldwide.

What types of cybersecurity incidents has British Pullman, A Belmond Train faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Ransomware, Breach and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

BPBT

Boost Score +25 with badge (5 left)

756

/1000

Fair

781

/1000

Fair

British Pullman, A Belmond Train Vendor Cyber Rating & Cyber Score

belmond.com

Add Your Compliance Badge

Whisking guests away on escapes around the UK, the British Pullman combines sumptuous art deco interiors with decadent dining and a palpable spirit of joie de vivre. Expect luxury, glamour and a dash of adventure on an unforgettable trip through the British countryside. From London Victoria station, scenic and gourmet excursions take in vibrant cities, historic houses, world-class sporting events, immersive theatre journey and Michelin-starred dinners.

BPBT A.I CyberSecurity Scoring

Scoring History

BPBT

British Pullman, A Belmond Train CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

SEPHORA

Cyber Attack

6/2026

SEPTHE178049083...

SEPHORA

Breach

4/2026

SEP1780946094

Christian Dior Cout...

Breach

3/2026

CHR1773773151

Christian Dior Cout...

Breach

2/2026

Salesforce

TIFLVMCHR177086...

British Pullman, A ...

Breach

100

9/2025

PAR353253509232...

British Pullman, A ...

Breach

9/2025

CHR159271509302...

British Pullman, A ...

Breach

7/2025

LVM852071225

British Pullman, A ...

Breach

7/2025

LOU026510209062...

Christian Dior Cout...

Ransomware

100

5/2025

CHRMAR176950442...

British Pullman, A ...

Cyber Attack

5/2025

CHR316343111172...

British Pullman, A ...

Breach

1/2025

CHR706072225

British Pullman, A ...

Breach

1/2025

PAR711072225

Louis Vuitton

Breach

1/2025

Salesforce

LOUPARVOLTIFJAP...

British Pullman, A ...

Breach

100

11/2024

CHR243322409162...

British Pullman, A ...

Cyber Attack

6/2024

PAR517090325

British Pullman, A ...

Breach

07/2019

SEP2372423

Loading…

A.I.

BPBT Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for BPBT

Incidents vs Travel Arrangements Industry Avg (This Year)

No incidents recorded for British Pullman, A Belmond Train in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for British Pullman, A Belmond Train in 2026.

Incident Types BPBT vs Travel Arrangements Industry Avg (This Year)

No incidents recorded for British Pullman, A Belmond Train in 2026.

Incident History - BPBT (X = Date, Y = Severity)

Loading…

SUBSIDIARY

British Pullman, A Belmond Train Subsidiaries

BPBT

Travel Arrangements

Website: https://www.belmond.com/trains/europe/uk/belmond-british-pullman/?utm_source=LinkedIn&utm_medium=Organic-Social&utm_campaign=ProfileLink-PUL

Company Size: 21

103

BelmondHospitality

LVMHRetail Luxury Goods and Jewelry

Louis VuittonRetail Luxury Goods and Jewelry

SEPHORARetail

FendiRetail Luxury Goods and Jewelry

BvlgariRetail Luxury Goods and Jewelry

Christian Dior CoutureRetail Luxury Goods and Jewelry

Benefit CosmeticsPersonal Care Product Manufacturing

Life at Benefit: We're in the Feelgood Business!Personal Care Product Manufacturing

LoeweRetail Luxury Goods and Jewelry

GIVENCHYRetail Luxury Goods and Jewelry

Moët HennessyBeverage Manufacturing

HennessyBeverage Manufacturing

Moët & ChandonBeverage Manufacturing

RuinartBeverage Manufacturing

Veuve ClicquotBeverage Manufacturing

The Glenmorangie CompanyBeverage Manufacturing

CHANDONBeverage Manufacturing

KRUG ChampagneWine & Spirits

Moët Hennessy Diageo MalaysiaBeverage Manufacturing

Moët Hennessy Diageo ChinaBeverage Manufacturing

Moët Hennessy Wine EstatesBeverage Manufacturing

Cloudy Bay VineyardsBeverage Manufacturing

Belvedere VodkaBeverage Manufacturing

EminenteBeverage Manufacturing

Château GaloupetBeverage Manufacturing

敖云 Ao Yun VineyardBeverage Manufacturing

Newton VineyardFood and Beverage Manufacturing

Moët Hennessy Diageo FranceBeverage Manufacturing

Moët Hennessy Diageo SingaporeBeverage Manufacturing

CELINERetail Luxury Goods and Jewelry

MAKE UP FOR EVERPersonal Care Product Manufacturing

GuerlainPersonal Care Product Manufacturing

Loro PianaRetail Luxury Goods and Jewelry

TAG HeuerRetail Luxury Goods and Jewelry

Marc JacobsRetail Apparel and Fashion

LVMH Fragrance BrandsPersonal Care Product Manufacturing

Parfums GivenchyFabrication de parfums et de produits pour la toilette

KENZO ParfumsFabrication de parfums et de produits pour la toilette

HublotRetail Luxury Goods and Jewelry

CHAUMETRetail Luxury Goods and Jewelry

RIMOWARetail Luxury Goods and Jewelry

DFS Group LimitedRetail

Samaritaine Paris Pont-NeufRetail

ZENITH WatchesRetail Luxury Goods and Jewelry

KENZO ModeRetail Apparel and Fashion

BerlutiRetail Luxury Goods and Jewelry

24SRetail Apparel and Fashion

Maison Francis KurkdjianPersonal Care Product Manufacturing

ThéliosRetail Luxury Goods and Jewelry

Moët Hennessy Diageo Hong Kong & MacauBeverage Manufacturing

FRED JewelryRetail Luxury Goods and Jewelry

NOWNESSBook and Periodical Publishing

Royal Van Lent ShipyardShipbuilding

LVMH Fashion Group North America Retail Luxury Goods and Jewelry

Moët Hennessy Diageo JapanFood and Beverage Services

Nona SourceRetail Apparel and Fashion

HeristoriaRetail Luxury Goods and Jewelry

Acqua di ParmaRetail Luxury Goods and Jewelry

GROUPE BON MARCHÉ : Le Bon Marché Rive Gauche et La Grande Epicerie de Paris.Retail

NUDE SkincarePersonal Care Product Manufacturing

Starboard Cruise ServicesRetail

REPOSSIRetail Luxury Goods and Jewelry

Les EchosNewspaper Publishing

Les Echos STARTNewspaper Publishing

Les Echos Leadership & ManagementInformation Services

The InnovatorÉdition de journaux

Les Echos Entrepreneurs Médias en ligne

Parfums Christian DiorPersonal Care Product Manufacturing

Copacabana Palace, A Belmond HotelHospitality

Le Manoir aux Quat'Saisons, A Belmond HotelHospitality

Hotel Cipriani, A Belmond HotelHospitality

Venice Simplon-Orient-ExpressHospitality

Mount Nelson, A Belmond HotelHospitality

Splendido, A Belmond HotelHospitality

Grand Hotel Timeo, A Belmond HotelHospitality

Reid's Palace, A Belmond HotelHospitality

La Residencia, A Belmond HotelHospitality

Caruso, A Belmond HotelHospitality

Miraflores Park, A Belmond HotelHospitality

Rio Sagrado, A Belmond HotelHospitality

Sanctuary Lodge, A Belmond HotelHospitality

Les Bateaux BelmondHospitality

Jimbaran Puri, A Belmond HotelHospitality

Cap Juluca, A Belmond HotelHospitality

Las Casitas, A Belmond HotelHospitality

Napasai, A Belmond HotelHospitality

Monasterio, A Belmond HotelHospitality

Casa de Sierra Nevada, A Belmond HotelHospitality

21 ClubRestaurants

Royal Scotsman, A Belmond TrainTravel Arrangements

The Cadogan, A Belmond HotelHospitality

Palacio Nazarenas, A Belmond HotelHospitality

Hotel das Cataratas, A Belmond HotelHospitality

Villa San Michele, A Belmond HotelHospitality

Belmond SafarisTravel Arrangements

El Encanto, A Belmond HotelHospitality

Castello di Casole, A Belmond HotelHospitality

Villa Sant'Andrea, A Belmond HotelHospitality

La Samanna, A Belmond HotelHospitality

Eastern & Oriental Express, A Belmond TrainHospitality

Maroma, A Belmond HotelHospitality

Grand Hotel EuropeHospitality

Loading…

British Pullman, A Belmond Train Similar Companies

Europcar Mobility Group

europcar-mobility-group.com

Europcar Mobility Group is a global mobility player, with 75 years of mobility services expertise and a leading position in Europe. “We help to change the way you move” is what we stand for and brings us together. More than ever, we're committed to delivering simple, seamless, innovative solutions that make mobility easy, enjoyable and increasingly eco-friendly. To do this, we offer to individuals and businesses a wide range of car and van rental services, be it for a few hours, a few days, a week, a month or more, on-demand or on subscription, relying on a fleet of more than 250.000 vehicles, equipped with the latest engines including an increasing share of electric vehicles. Our brands address differentiated needs, use cases and expectations: Europcar® - a global leader of car rental and light commercial vehicle rental, Goldcar® - a frontrunner at providing low-cost car rental services in Europe, and Fox Rent A Car®, one of the main players in the car rental market in the US, with a "value for money" positioning. The Group also operates the "myEuropcar" platform for vehicle subscription, and "Europcar on Demand", a roundtrip car-sharing service present in key cities in Europe. Customers’ satisfaction is at the heart of the Group’s ambition and that of our more than 8,000 employees, everywhere we deliver our mobility solutions, thanks to a strong network in over 130 countries (including 16 wholly owned subsidiaries completed by franchisees and alliance partners).

Avis Budget Group

avisbudgetgroup.com

Avis Budget Group, Inc. is a leading global provider of transportation solutions, both through its Avis and Budget brands, which have more than 11,000 rental locations in approximately 180 countries around the world, and through its Zipcar brand, which is the world's leading car sharing network, with more than one million members. Avis Budget Group operates most of its car rental offices in North America, Europe and Australasia directly, and operates primarily through licensees in other parts of the world. Avis Budget Group is headquartered in Parsippany, N.J.

American Express Global Business Travel

cb amexgbt.com

Business travel doesn’t just move people from A to B, it helps ideas and innovation move forward, too. And with the most valuable marketplace, software, and services in travel, there is nowhere they can’t go with American Express Global Business Travel. With us, your Great Ideas Travel. GBT Travel Services UK Limited (GBT UK) and its authorized sublicensees (including Ovation Travel Group, Egencia and CWT) use certain trademarks and service marks of American Express Company or its subsidiaries (American Express) in the “American Express Global Business Travel” and “American Express GBT Meetings & Events” brands and in connection with its business for permitted uses only under a limited license from American Express (Licensed Marks). The Licensed Marks are trademarks or service marks of, and the property of, American Express. GBT UK is a subsidiary of Global Business Travel Group, Inc. (NYSE: GBTG). American Express holds a minority interest in GBTG, which operates as a separate company from American Express.

BCD Travel

bcdtravel.com

BCD Travel helps companies travel smart and achieve more. We drive program adoption, cost savings and talent retention through digital experiences that simplify business travel. Our 15,000+ dedicated team members service clients in 170+ countries as we shape a sustainable future for business travel. BCD’s leading meetings and events management and global consultancy services complete our comprehensive suite of solutions for all aspects of corporate travel. In 2024, BCD achieved US$22.9 billion in sales. For more information, visit our website. You can also subscribe to our newsletter for the latest industry insights, thought-leader analysis and top tips to drive your successful travel program. Go to: http://ow.ly/N73i50Mhc9Y

Norwegian Cruise Line Holdings Ltd.

nclhltd.com

Norwegian Cruise Line Holdings Ltd. (NYSE: NCLH) is a leading global cruise company which operates Norwegian Cruise Line, Oceania Cruises and Regent Seven Seas Cruises. With a combined fleet of 32 ships and approximately 66,500 berths, NCLH offers itineraries to approximately 700 destinations worldwide. NCLH expects to add 13 additional ships across its three brands through 2036, which will add approximately 41,000 berths to its fleet.

Hertz

cb hertz.com

Hertz is one of the world’s largest mobility companies, and through its indirect subsidiary, The Hertz Corporation, operates the Hertz, Dollar, and Thrifty vehicle rental brands throughout North America, Europe, the Caribbean, Latin America, Africa, the Middle East, Asia, Australia, and New Zealand. Hertz pioneered the car rental industry, and the Hertz brand is one of the most recognized brands globally. For more than a century, Hertz has offered innovative, differentiated products in an effort to make every rental experience seamless and special. Customers choose Hertz for its wide selection of top-rated vehicles, for its free Hertz Gold Plus Rewards® loyalty program, and because of Hertz’s thousands of convenient locations. Hertz also operates the Firefly car rental brand and Hertz 24/7 car sharing business in international markets and additionally rents vehicles to rideshare drivers through dedicated partnerships with Uber, Lyft, and others. Hertz also sells vehicles to consumers at Hertz Car Sales locations throughout the United States.

Carnival Cruise Line

carnival.com

Since our founding in 1972, Carnival Cruise Line — "The World’s Most Popular Cruise Line®” — carries millions of passengers every year. We offer a fun and unique career destination for a wide range of professionals in Marketing, IT, Accounting/Audit, Finance, Marine Operations and Human Resources, just to mention a few. We also offer remote opportunities flexibility for select positions. Headquartered in sunny South Florida, team members have access to a multi-station cafeteria, Starbucks (with cafecitos! - It's a Miami thing...), car wash, in-person TechBar services, an onsite floral vendor and a fully equipped gym. We offer top of line benefits including: health, dental, 401K matching, commitment to continued learning & development, employee stock purchase discount, cruise discounts for employees and more! We are committed to a culture of diversity, equity and inclusion for our shoreside and shipboard team members, as well as our guests. We are proud to be part of a family of companies owned by Carnival Corporation & plc, a Fortune 200 Company, which includes sister lines Princess Cruises, Holland America Line and Cunard Line, among others. We pride ourselves on delivering fun, memorable vacations to our guests by offering a wide array of quality cruises which present outstanding value for the money.

Princess Cruises

spr.ly

Princess is the world’s leading premium cruise line operating a fleet of modern ships visiting over 380 destinations around the globe on more than 160 itineraries. Each moment on Princess is one of wonderful discovery where guests can relax and explore. The choices are endless, from invigorating activities to more relaxing pursuits, and enable guests to share special moments with family and friends and enjoy unique travel experiences that create inspiring memories. At the forefront of innovation, Princess MedallionClass elevates service levels through enhanced guest experiences before and during cruise vacations. Exciting career opportunities in many departments await your discovery. Whether you are in customer service, food and beverage, or fleet operations (just to name a few), we’re certain you will find a career path at Princess Cruises that will keep you engaged and growing for years to come. Teams on shore support colleagues onboard, as together we create memorable experiences—dining, entertainment, exploration, and celebration—for our guests. Exceptional customer service is the cornerstone of our success thanks to more than 30,000 of the cruise industry’s finest team members on land and at sea. We create a friendly and welcoming environment not only for our onboard guests, but for our seagoing and land-based teams as well. The result is a remarkable number of loyal staff. We respect the seas we sail and destinations we visit. Our ships adhere to international rules regulating operations from fire safety to navigation, maritime security, and environmental stewardship. Onboard medical facilities meet or exceed standards set by the American College of Emergency Physicians. There’s no limit to how far you can go with Princess Cruises!

MSC Cruises

msccruises.com

Headquartered in Geneva, Switzerland, MSC Cruises is the world’s third largest cruise lines and the market leader in Europe, South America, the Middle East and Southern Africa, with a strong and growing presence in North America and the Far East. The MSC Cruises fleet consists of 23 modern ships with four new vessels due to be launched in 2026, 2027, 2029 and 2030. The Company operates in more than 100 countries around the world, offering cruises across five continents, calling at more than 240 destinations and welcoming more than 180 different nationalities on board. MSC Cruises is firmly committed to achieving net zero greenhouse gas emissions for its marine operations by 2050.

Loading…

NEWS

British Pullman, A Belmond Train CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 11, 2026 08:00 AM

What’s Next For Baz Luhrmann? A Cinematic Carriage On A Belmond Train

Renowned filmmaker Baz Luhrmann and award-winning designer Catherine Martin create Celia — a private carriage on Belmond's British Pullman...

Read Article

February 10, 2026 08:00 AM

Inside Baz Luhrmann’s Dazzling New Belmond Train Carriage

The British Pullman debuts a rare 1932 carriage reimagined by the visionary filmmaker, complete with a private cocktail bar and dining for...

Read Article

July 08, 2025 07:00 AM

These Are the 5 Best Luxury Trains in the World for 2025—and No. 1 Is in North America With Mountain Views and Access to Glacial Waters

Readers favored train routes with scenic views in our annual “World's Best Awards” survey for 2025.

Read Article

July 04, 2025 07:00 AM

Belmond’s Newest Luxury Sleeper Train Will Connect London to Wales

If the United Kingdom didn't make it to the top of your summer vacation list, it might be time to reconsider. Belmond has just debuted...

Read Article

July 03, 2025 07:00 AM

The Britannic Explorer Luxury Train Is Set For Its Inaugural Journey In England And Wales

The Britannic Explorer, A Belmond Train, offers luxury rail trips in Wales, Cornwall and the Lake District.

Read Article

March 31, 2024 07:00 AM

Come to the cabaret . . . on an evening train from London (and back)

All aboard the Carriage Club, a 1930s-style show and dinner experience on the Belmond British Pullman, sibling of the Venice...

Read Article

November 27, 2023 08:00 AM

The Eastern & Oriental Express Train Returns To Asia

A legendary Belmond train returns in February with two amazing luxury journeys through Malaysia and Singapore.

Read Article

October 16, 2021 07:00 AM

Belmond Introduces A New Train Carriage Designed By Wes Anderson

Revered American filmmaker, Wes Anderson has swapped cameras for carriages, and in classic Anderson style, he pays homage to the golden era...

Read Article

November 03, 2020 08:00 AM

The world's 'best' luxury train is in the UK — and it sells out a year in advance

The Belmond British Pullman was named the best luxury train journey in the world by Condé Nast Traveler's 2020 Readers Choice Awards.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…