Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Campus France

Campus France Vendor Cyber Rating & Cyber Score

campusfrance.org

The new French agency aims at promoting higher education, welcoming students and professionals and promoting international mobility. Campus France Agency was created by law on the July 27th, 2010. It is a public institution (EPIC) in charge of promoting higher education and managing the reception and international mobility of students, researchers, experts and guests. A decree from December 30th, 2011 indicates the agency’s terms of action.


Campus France A.I CyberSecurity Scoring

Campus France
Company Information
Website:http://www.campusfrance.org
Employees number:595
Number of followers:2,000
NAICS:6113
Industry Type:Higher Education
Homepage:campusfrance.org
Campus France Risk Score (AI oriented)
Between 750 and 799
logo
Campus FranceHigher Education
Updated:
10/03/2026
758/1000
Fair
Baa
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Campus France Global Score (TPRM)
xxxx
logo
Campus FranceHigher Education
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Campus France
Campus FranceFair
Current Score
758Baa (FAIR)
01000
1 incidents
-20 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
755Before Incident
JUNE 2026
754Before Incident
MAY 2026
754Before Incident
APRIL 2026
754Before Incident
MARCH 2026
758Before Incident
FEBRUARY 2026
757Before Incident
JANUARY 2026
777Before Incident
Vulnerability
20 Jan 2026Campus France
Grist-Core and France’s public sector educational institutions: Grist-Core Vulnerability Enables Malicious Remote Code Execution via Crafted Spreadsheet Formulas

Critical Sandbox Escape Flaw in Grist-Core Patched After Disclosure by Cyera Research Labs

757After Incident
CRITICAL-20
GRICAM1769683332
Critical Sandbox Escape Flaw in Grist-Core Patched After Disclosure by Cyera Research Labs A high-severity sandbox escape vulnerability in Grist-Core, tracked as GHSA-7xvx-8pf2-pv5g (CVSS 9.1), has been patched following responsible disclosure by Cyera Research Labs. The flaw allowed attackers to achieve remote code execution (RCE) by exploiting malicious spreadsheet formulas that bypassed the platform’s Pyodide WebAssembly sandbox, exposing sensitive data and downstream systems. ### Vulnerability Details & Impact Grist-Core, a relational spreadsheet platform, is used by over 1,000 organizations, including France’s public sector educational institutions, to model business data, automate workflows, and integrate Python-based formulas. The platform operates in SaaS and self-hosted configurations, making it a critical data hub with access to customer records, operational metrics, and integration credentials. In SaaS deployments, a successful exploit could lead to RCE within the vendor’s control plane, potentially compromising multi-tenant workflows, credentials, and connected systems. ### Exploit Vectors & Patch Cyera Research Labs identified three distinct sandbox escape methods: 1. Python Class Hierarchy Traversal – Exploited `warnings.catch_warnings` to access full built-ins, enabling direct imports of the `os` module and command execution via `os.system()`. 2. Direct C Library Access – Leveraged `ctypes` to call `ctypes.CDLL(None).system()`, loading the `system()` function from libc via the Emscripten runtime. 3. Emscripten Runtime Manipulation – Used `emscripten_run_script_string()` to execute JavaScript in the host runtime, gaining access to `require('child_process')` and `process.env` for full host compromise. Grist released version 1.7.9 on January 20, 2026, addressing the issue by migrating Pyodide formula execution under Deno by default. This introduces a permission-based mediation layer, blocking sensitive operations unless explicitly granted. Organizations must ensure the `GRIST_PYODIDE_SKIP_DENO` flag is disabled, as enabling it reintroduces the vulnerability. The patch shifts Grist’s security model from a blocklist-based sandbox to a capability-based approach, significantly reducing the risk of formula-based exploitation.
INCIDENT DETAILS -
TYPE
Sandbox Escape Vulnerability
IMPACT
Data Compromised: Sensitive data, customer records, operational metrics, integration credentialsSystems Affected: Grist-Core SaaS and self-hosted deploymentsOperational Impact: Remote code execution (RCE) within vendor’s control plane, potential compromise of multi-tenant workflows and connected systems
DATA BREACH
Type Of Data Compromised: Customer records, operational metrics, integration credentialsSensitivity Of Data: High
DECEMBER 2025
777Before Incident
NOVEMBER 2025
777Before Incident
OCTOBER 2025
777Before Incident
SEPTEMBER 2025
777Before Incident
AUGUST 2025
777Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Campus France ?
?
What was Campus France's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Campus France's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Campus France's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Campus France's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Campus France's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Campus France's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Campus France's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Campus France's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Campus France's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Campus France's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Campus France's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Campus France's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Campus France ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Campus France's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?