What is the official website of Caterpillar Inc. ?

The official website of Caterpillar Inc. is https://www.caterpillar.com.

What is Caterpillar Inc.'s cybersecurity risk score?

Caterpillar Inc. has an AI-generated cybersecurity risk score of 829 out of 1000, indicating a Good security posture according to Rankiteo's assessment.

How many security incidents has Caterpillar Inc. experienced?

According to Rankiteo, Caterpillar Inc. currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Caterpillar Inc. been affected by any supply chain cyber incidents ?

According to Rankiteo, Caterpillar Inc. has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Caterpillar Inc. have SOC 2 Type 1 certification ?

According to Rankiteo, Caterpillar Inc. is not certified under SOC 2 Type 1.

Does Caterpillar Inc. have SOC 2 Type 2 certification ?

According to Rankiteo, Caterpillar Inc. does not hold a SOC 2 Type 2 certification.

Does Caterpillar Inc. comply with GDPR ?

According to Rankiteo, Caterpillar Inc. is not listed as GDPR compliant.

Does Caterpillar Inc. have PCI DSS certification ?

According to Rankiteo, Caterpillar Inc. does not currently maintain PCI DSS compliance.

Does Caterpillar Inc. comply with HIPAA ?

According to Rankiteo, Caterpillar Inc. is not compliant with HIPAA regulations.

Does Caterpillar Inc. have ISO 27001 certification ?

According to Rankiteo,Caterpillar Inc. is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Caterpillar Inc. operate in ?

Caterpillar Inc. operates primarily in the Machinery Manufacturing industry.

How many employees does Caterpillar Inc. have ?

Caterpillar Inc. employs approximately 61,410 people worldwide.

Does Caterpillar Inc. own any subsidiaries ?

Caterpillar Inc. presently has no subsidiaries across any sectors.

How many LinkedIn followers does Caterpillar Inc. have ?

Caterpillar Inc.'s official LinkedIn profile has approximately 2,139,649 followers.

What is the NAICS classification code for Caterpillar Inc. ?

Caterpillar Inc. is classified under the NAICS code 333, which corresponds to Machinery Manufacturing.

Does Caterpillar Inc. have a Crunchbase profile ?

No, Caterpillar Inc. does not have a profile on Crunchbase.

Does Caterpillar Inc. have a LinkedIn profile ?

Yes, Caterpillar Inc. maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/caterpillar-inc.

How many cybersecurity incidents has Caterpillar Inc. experienced ?

As of June 14, 2026, Rankiteo reports that Caterpillar Inc. has not experienced any cybersecurity incidents.

How many peer or competitor companies does Caterpillar Inc. have ?

Caterpillar Inc. has an estimated 8,423 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Caterpillar Inc.

Boost Score +25 with badge (5 left)

829

/1000

Good

854

/1000

Very Good

Caterpillar Inc. Vendor Cyber Rating & Cyber Score

caterpillar.com

Add Your Compliance Badge

For 100 years, we’ve been helping customers build a better, more sustainable world. Our innovative products and services, backed by our global dealer network, provide exceptional value that helps customers succeed. With 2024 sales and revenues of $64.8 billion, Caterpillar Inc. is the world’s leading manufacturer of construction and mining equipment, off-highway diesel and natural gas engines, industrial gas turbines and diesel-electric locomotives. Caterpillar does business on every continent, principally operating through three primary segments – Construction Industries, Resource Industries and Energy & Transportation – and provides financing and related services through our Financial Products segment.

Caterpillar Inc. A.I CyberSecurity Scoring

Scoring History

Caterpillar Inc.

Caterpillar Inc. CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

Caterpillar Inc. Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Caterpillar Inc.

Incidents vs Machinery Manufacturing Industry Avg (This Year)

No incidents recorded for Caterpillar Inc. in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Caterpillar Inc. in 2026.

Incident Types Caterpillar Inc. vs Machinery Manufacturing Industry Avg (This Year)

No incidents recorded for Caterpillar Inc. in 2026.

Incident History - Caterpillar Inc. (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Caterpillar Inc. Subsidiaries

Caterpillar Inc.

Machinery Manufacturing

Website: https://www.caterpillar.com

Company Size: 10,000+ employees

Cat Electric PowerAppliances, Electrical, and Electronics Manufacturing

Cat FinancialFinancial Services

Cat ConstructionMachinery Manufacturing

Caterpillar MaKMaritime Transportation

Cat MiningMining

Loading…

Caterpillar Inc. Similar Companies

Voith Group

voith.com

The Voith Group is a global technology company. With its broad portfolio of systems, products, services and digital applications, Voith sets standards in the markets of energy, paper, raw materials and transport. Founded in 1867, Voith today has around 22,000 employees, sales of € 5.2 billion and locations in over 60 countries worldwide and thus is one of the larger family-owned companies in Europe. Voith's DNA is “Sustainable technologies for future generations”. With its innovative developments, Voith is driving the decarbonization of industry and acting as a game changer and co-creator. In doing so, Voith has a broad portfolio of sustainable technology solutions and services that make it possible to reduce emissions in the customers' value chains, improve ecological performance, increase efficiency and thus reduce CO2 emissions. Did you know that one quarter of the energy produced worldwide is generated from hydropower with technologies and services from Voith? But hydropower is just one of the exciting business divisions of Voith: a large proportion of the worldwide paper production is manufactured on Voith paper machines. And drive systems from Voith move both industrial plants and vehicles on rail, road and water all over the globe. Career: https://voith.com/corp-en/careers.html#209066 Imprint: https://voith.com/corp-en/footer/imprint.html Privacy Policy: https://voith.com/corp-en/footer/privacy-policy.html

Valmet

valmet.com

Valmet is a global technology leader serving process industries. We work together with our customers throughout the entire lifecycle, delivering cutting-edge technologies and services as well as mission-critical automation and flow control solutions. Backed by more than 225 years of industrial experience and a global team of over 19,000 professionals close to customers, we are uniquely positioned to transform industries toward a regenerative tomorrow. In 2024, Valmet’s net sales totaled approximately EUR 5.4 billion. Our head office is in Espoo, Finland, and we have experts in approximately 40 countries around the world. Valmet’s shares are listed on Nasdaq Helsinki. Valmet has two focused segments: Biomaterial Solutions and Services and Process Performance Solutions. Valmet’s operating model consists of five business areas: Automation Solutions; Flow Control; Pulp, Energy and Circularity; Packaging and Paper; and Tissue. The business areas are supported by a separate Latin America unit and a China Chair. The Global Supply unit supports cost-competitiveness by optimizing and leveraging Valmet’s global scale in procurement and production.

Atlas Copco

atlascopco.com

Atlas Copco delivers innovative products and solutions that help businesses grow and drive progress. Our portfolio spans compressed air and gas systems and treatment, vacuum solutions, industrial power tools, assembly systems, and power and flow solutions. We bring a commitment to long-term success built on expertise, reliable service, and uptime. When you level to the Atlas Copco experience you enter a partnership based on quality, sustainability, and ease of collaboration. The technology we bring, and the decades of experience support the future-proofing of your business.

Nippon Steel Corporation

nipponsteel.com

＜Nippon Steel Corporation does not recognize this account as OFFICIAL, but it is open for LinkedIn subscribers.＞ On April 1, 2019, we renamed ourselves as “Nippon Steel Corporation” (from Nippon Steel and Sumitomo Metal Corporation), to keep in pace with our advance as a growing global steelmaker with origins in Japan.

ZEISS Group

zeiss.com

ZEISS is an internationally leading technology enterprise operating in the fields of optics and optoelectronics. In the previous fiscal year, the ZEISS Group generated annual revenue totaling almost 12 billion euros in its four segments Semiconductor Manufacturing Technology, Industrial Quality & Research, Medical Technology, and Consumer Markets (September 30, 2025). For its customers, ZEISS develops, produces, and distributes highly innovative solutions for industrial metrology and quality assurance, microscopy solutions for the life sciences and materials research, and medical technology solutions for diagnostics and treatment in ophthalmology and microsurgery. The name ZEISS is also synonymous with the world's leading lithography optics, which are used by the chip industry to manufacture semiconductor components. There is global demand for trendsetting ZEISS brand products such as eyeglass lenses, camera lenses, and binoculars. With a portfolio aligned with future growth areas like digitalization, healthcare, and Smart Production and a strong brand, ZEISS is shaping the future of technology and constantly advancing the world of optics and related fields with its solutions. The company's significant, sustainable investments in research and development lay the foundation for the success and continued expansion of ZEISS' technology and market leadership. ZEISS invests 15 percent of its revenue in research and development – this high level of expenditure has a long tradition at ZEISS and is also an investment in the future. With over 46,600 employees, ZEISS is active globally in around 50 countries with more than 60 sales and service locations, around 40 research and development facilities, and 30 production facilities worldwide. Learn more about ZEISS: www.zeiss.com/about Data privacy: www.zeiss.com/data-protection Imprint: www.zeiss.com/publisher This is ZEISS's official LinkedIn account. It follows the ZEISS Netiquette: www.zeiss.com/netiquette

Murugappa Group

murugappa.com

About Murugappa Group A 125-year-old conglomerate with presence across India and the world, the INR 902 billion (90,178 crore) Murugappa Group has diverse businesses in agriculture, engineering, financial services and more. The Group has 10 listed companies: Carborundum Universal Limited, CG Power & Industrial Solutions Limited, Cholamandalam Financial Holdings Limited, Cholamandalam Investment & Finance Company Limited, Coromandel International Limited, E.I.D.-Parry (India) Limited, NACL Industries Limited, Shanthi Gears Limited, Tube Investments of India Limited, and Wendt (India) Limited. Other major companies include Cholamandalam MS General Insurance Company Limited and Parry Agro Industries Limited. Brands such as Ajax, Hercules, BSA, Montra, Montra Electric, Mach City, Chola, Chola MS, CG Power, Shanthi Gears, CUMI, Gromor, Paramfos, Parry’s are part of the Group’s illustrious stable. Abrasives, technical ceramics, electrominerals, electric vehicles, auto components, fans, transformers, signalling equipment for railways, bicycles, fertilisers, sugar, tea and several other products make up the Group’s business interests. Guided by the Five lights — integrity, passion, quality, respect and responsibility — and a culture of professionalism, the Group has a workforce of 94,041employees.

Sulzer

sulzer.com

Sulzer is a global leader in critical applications for core infrastructure and processes for large essential industries around the world. We ensure the security, quality and durability of critical goods and services by supporting energy security, natural resource management and efficiencies in process industries. This in turn supports the transition to a circular economy. Our integrated solutions add significant value by enabling energy efficiency, carbon emissions and pollution reduction, and process efficiency improvements. Customers benefit from our commitment to innovation, performance and quality through our responsive network of 160 world-class manufacturing facilities and service centers across the globe. Sulzer has been headquartered in Winterthur, Switzerland, since 1834. In 2023, our 13’130 employees delivered revenues of CHF 3.3 billion. Our shares are traded on the SIX Swiss Exchange (SIX: SUN). www.sulzer.com

AGCO Corporation

AGCOcorp.com

AGCO (NYSE: AGCO) is a global leader in the design, manufacture and distribution of agricultural machinery and precision ag technology. AGCO delivers value to farmers and OEM customers through its differentiated brand portfolio including leading brands Fendt®, Massey Ferguson®, PTx and Valtra®. AGCO's full line of equipment, smart farming solutions and services helps farmers sustainably feed our world. Founded in 1990 and headquartered in Duluth, Georgia, USA, AGCO had net sales of approximately $11.7 billion in 2024. Our global team of more than 23,000 employees is passionate about serving the world's farmers and helping them sustainably feed the world’s growing population. Join us in putting farmers first and delivering high-impact solutions! https://www.facebook.com/AGCOcorp/ https://www.instagram.com/agcocorp http://www.twitter.com/AGCOcorp http://www.youtube.com/AGCOcorp

Finning

finning.com

Finning is the world's largest Caterpillar dealer delivering unrivalled service for over 90 years. We sell, rent and provide parts and service for equipment and engines to customers in various industries, including mining, construction, petroleum, forestry and a wide range of power systems applications. Since 1933, when Finning was first established in Canada by Earl B. Finning, our name has conveyed integrity, reliability and resourcefulness. Over the years, the company has grown as a result of a genuine commitment to earning customer loyalty. With our broad product support infrastructure and unmatched service capabilities, we deliver solutions that enable customers to achieve the lowest equipment owning and operating costs while maximizing uptime. Finning employs over 13,000 people world-wide and operates in three geographies, with the head office in Vancouver, Canada. Finning est le plus grand concessionnaire Caterpillar au monde offrant un service inégalé depuis plus de 85 ans. Nous vendons, louons et fournissons des pièces et des services pour l’équipement et les moteurs à des clients dans diverses industries, y compris l’exploitation minière, la construction, le pétrole, la foresterie et un large éventail d’applications de systèmes d’alimentation. Depuis 1933, année où Finning a été établi au Canada par Earl B. Finning, notre nom a transmis intégrité, fiabilité et débrouillardise. Au fil des ans, l’entreprise a pris de l’expansion grâce à un véritable engagement à fidéliser sa clientèle. Grâce à notre vaste infrastructure de support produit et à nos capacités de service inégalées, nous fournissons des solutions qui permettent aux clients d’atteindre les coûts de possession et d’exploitation d’équipement les plus bas tout en maximisant la disponibilité. Finning emploie plus de 13 000 personnes dans le monde et exerce ses activités dans trois régions géographiques, dont le siège social est situé à Vancouver, au Canada.

Loading…

NEWS

Caterpillar Inc. CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 25, 2026 08:45 AM

Companies’ Big Use of ‘Tax Havens’ to Be Hit With New Obstacles

As new details emerge of how major US companies like Merck & Co., AbbVie Inc., and Caterpillar Inc. book profits in offshore “tax havens” to...

Read Article

March 16, 2026 07:00 AM

Ausdal Financial Partners Inc. Acquires 15,225 Shares of Amplify Cybersecurity ETF $HACK

Ausdal Financial Partners Inc. lifted its holdings in shares of Amplify Cybersecurity ETF (NYSEARCA:HACK – Free Report) by 195.5% during the...

Read Article

March 10, 2026 07:00 AM

Oppenheimer Raises PT on Caterpillar Inc. (CAT) to $817 From $729 – Here’s Why

Caterpillar Inc. (NYSE:CAT) is one of the top stocks that will make you rich in 10 years. Oppenheimer lifted the price target on Caterpillar...

Read Article

February 28, 2026 08:00 AM

Caterpillar Inc. (CAT) Strengthens Data Mining Technology Portfolio After Record Sales

Caterpillar Inc. (NYSE:CAT) is one of the best manufacturing stocks to invest in now. On February 17, Caterpillar Inc. (NYSE:CAT) confirmed...

Read Article

February 04, 2026 08:00 AM

Is Trending Stock Caterpillar Inc. (CAT) a Buy Now?

Caterpillar (CAT) has received quite a bit of attention from Zacks.com users lately. Therefore, it is wise to be aware of the facts that can...

Read Article

February 02, 2026 08:00 AM

Caterpillar Inc. (CAT) Earnings Beat Backed Up by Data Center Power Demand

Caterpillar Inc. (NYSE:CAT) is among the Ken Fisher Stock Portfolio: 12 Best Stocks to Buy. On January 29, 2026, Bloomberg reported that...

Read Article

January 14, 2026 08:00 AM

Caterpillar Inc. (CAT): A Bull Case Theory

We came across a bullish thesis on Caterpillar Inc. on Chip Stock Investor's YouTube channel. In this article, we will summarize the bulls'...

Read Article

December 22, 2025 08:00 AM

Wall Street Firms Bullish on Caterpillar Inc. (CAT) on Industry Outlook amid Dividend Offering

Caterpillar Inc. (NYSE:CAT) is one of the best forever stocks to buy according to hedge funds. On December 11, analysts at Citi raised...

Read Article

December 15, 2025 08:00 AM

Ameren (NYSE: AEE) elects Caterpillar CIO Jamie Engstrom to its board from Jan. 1

Ameren names Jamie L. Engstrom to its board, effective Jan. 1, 2026. The Caterpillar SVP and global CIO has held leadership roles there...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…