The Cannabis Information Sharing & Analysis Center
Be Part of Progress - together we bring greater understanding to the world Springer Nature is one of the leading publishers of research in the world. We publish the largest number of journals and books and are a pioneer in open research. Through our leading brands, trusted for more than 180 years, we provide technology-enabled products, platforms and services that help researchers to uncover new ideas and share their discoveries, health professionals to stay at the forefront of medical science, and educators to advance learning. We are proud to be part of progress, working together with the communities we serve to share knowledge and bring greater understanding to the world. Global key facts: Established for over 180 years Nearly 10,000 colleagues 200 offices in 45 countries on all continents World’s largest academic book publisher Publisher of Nature, the world’s most influential journal First company to publish more than 1 million Open Access articles Key brands and imprints: Springer Nature is home to some of the best-known names in research, health, educational and professional publishing. Every day, around the globe, our brands reach millions of people. Nature Springer BMC Palgrave Macmillan Apress Macmillan Education Scientific American Springer Health+ Springer Medizin Research Square J.B. Metzler BSL Adis
Security & Compliance Standards Overview
No incidents recorded for Cannabis Information Sharing & Analysis Organization (Cannabis ISAO) in 2025.
No incidents recorded for Springer Nature in 2025.
Cannabis Information Sharing & Analysis Organization (Cannabis ISAO) cyber incidents detection timeline including parent company and subsidiaries
Springer Nature cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
NXLog Agent before 6.11 can load a file specified by the OPENSSL_CONF environment variable.
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.
A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."
MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.
A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control plane’s host network (including link-local or loopback services).
