Comparison Overview

Q: Between CNRS company and PPD company, which one has the best AI Cybersecurity Score ?

PPD company demonstrates a stronger AI Cybersecurity Score compared to CNRS company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between CNRS company and PPD company, which one has experienced more cyber incidents in the past ?

PPD company has historically faced a number of disclosed cyber incidents, whereas CNRS company has not reported any.

Q: Between CNRS company and PPD company, which one has experienced more cyber incidents this year ?

In the current year, PPD company and CNRS company have not reported any cyber incidents.

Q: Between CNRS company and PPD company, which one has experienced at least one ransomware attack ?

Neither PPD company nor CNRS company has reported experiencing a ransomware attack publicly.

Q: Between CNRS company and PPD company, which one has experienced at least one data breach ?

PPD company has disclosed at least one data breach, while CNRS company has not reported such incidents publicly.

Q: Between CNRS company and PPD company, which one has experienced at least one targeted cyberattack ?

Neither PPD company nor CNRS company has reported experiencing targeted cyberattacks publicly.

Q: Between CNRS company and PPD company, which one has experienced at least one vulnerability ?

Neither CNRS company nor PPD company has reported experiencing or disclosing vulnerabilities publicly.

Q: Between CNRS company and PPD company, which one holds the most compliance certifications ?

Neither CNRS nor PPD holds any compliance certifications.

Q: Between CNRS company and PPD company, which one has the most subsidiaries ?

PPD company has more subsidiaries worldwide compared to CNRS company.

CNRS

3 rue Michel-Ange, Paris, FR, 75016

Last Update: 2025-12-01

View Profile

Between 750 and 799

https://www.cnrs.fr/

The French National Centre for Scientific Research is among the world's leading research institutions. Its scientists explore the living world, matter, the Universe, and the functioning of human societies in order to meet the major challenges of today and tomorrow. Internationally recognised for the excellence of its scientific research, the CNRS is a reference in the world of research and development, as well as for the general public.

NAICS: 5417

NAICS Definition: Scientific Research and Development Services

Employees: 12,680

Subsidiaries: 1

12-month incidents

0

Known data breaches

0

Attack type number

0

View Profile

PPD

168 3rd Ave, Waltham, 02451, US

Last Update: 2025-12-02

Between 750 and 799

https://www.ppd.com

The PPD™ clinical research business of Thermo Fisher Scientific, the world leader in serving science, enables customers to accelerate innovation and drug development through patient-centered strategies and data analytics. Our services, which span multiple therapeutic areas, include early development, all phases of clinical development, peri- and post-approval, patient recruitment, investigator sites and comprehensive laboratory services. As a global industry leader, we offer custom solutions to pharma, biotech, medical device, and government organizations, leveraging cutting-edge technology and therapeutic expertise to help customers deliver life-changing therapies.

NAICS: 5417

NAICS Definition: Scientific Research and Development Services

Employees: 22,755

Subsidiaries: 18

12-month incidents

0

Known data breaches

1

Attack type number

1

CNRS

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

https://images.rankiteo.com/companyimages/ppd.jpeg

PPD

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Research Services Industry Average (This Year)

No incidents recorded for CNRS in 2025.

Incidents vs Research Services Industry Average (This Year)

No incidents recorded for PPD in 2025.

Incident History — CNRS (X = Date, Y = Severity)

CNRS cyber incidents detection timeline including parent company and subsidiaries

Incident History — PPD (X = Date, Y = Severity)

PPD cyber incidents detection timeline including parent company and subsidiaries

CNRS

Incidents

No Incident

PPD

Incidents

Date Detected: 7/2017

Type:Breach

Attack Vector: Email Compromise

Blog: Blog

PPD company demonstrates a stronger AI Cybersecurity Score compared to CNRS company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

PPD company has historically faced a number of disclosed cyber incidents, whereas CNRS company has not reported any.

In the current year, PPD company and CNRS company have not reported any cyber incidents.

Neither PPD company nor CNRS company has reported experiencing a ransomware attack publicly.

PPD company has disclosed at least one data breach, while CNRS company has not reported such incidents publicly.

Neither PPD company nor CNRS company has reported experiencing targeted cyberattacks publicly.

Neither CNRS company nor PPD company has reported experiencing or disclosing vulnerabilities publicly.

Neither CNRS nor PPD holds any compliance certifications.

Neither company holds any compliance certifications.

PPD company has more subsidiaries worldwide compared to CNRS company.

PPD company employs more people globally than CNRS company, reflecting its scale as a Research Services.

Neither CNRS nor PPD holds SOC 2 Type 1 certification.

Neither CNRS nor PPD holds SOC 2 Type 2 certification.

Neither CNRS nor PPD holds ISO 27001 certification.

Neither CNRS nor PPD holds PCI DSS certification.

Neither CNRS nor PPD holds HIPAA certification.

Neither CNRS nor PPD holds GDPR certification.

Description

MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation (sh -c) without input validation, allowing shell metacharacters to be interpreted. This vulnerability can be exploited through direct command injection or indirect prompt injection attacks, where AI agents may execute commands without explicit user intent. This vulnerability is fixed in 2.9.8.

Published

Date

2025-12-03

Updated

Date

2025-12-03

Risk Information

cvss3

Base: 6.4

Severity: HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

References

Description

XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.

Published

Date

2025-12-03

Updated

Date

2025-12-03

References

https://github.com/weng-xianhu/eyoucms/issues/66

Description

An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.

Published

Date

2025-12-03

Updated

Date

2025-12-03

References

Description

Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in the authentication flow. This vulnerability is fixed in 5.9.8.

Published

Date

2025-12-03

Updated

Date

2025-12-03

Risk Information

cvss4

Base: 9.9

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

https://github.com/calcom/cal.com/security/advisories/GHSA-9r3w-4j8q-pw98

Description

Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed() function, it might lead to high CPU consumption and a potential Denial of Service. Small numbers go through this call stack: NativeNumber.numTo > DToA.JS_dtostr > DToA.JS_dtoa > DToA.pow5mult where pow5mult attempts to raise 5 to a ridiculous power. This vulnerability is fixed in 1.8.1, 1.7.15.1, and 1.7.14.1.

Published

Date

2025-12-03

Updated

Date

2025-12-03

Risk Information

cvss4

Base: 5.5

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

https://github.com/mozilla/rhino/security/advisories/GHSA-3w8q-xq97-5j7x

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

CNRS

VS

PPD

CNRS

PPD

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Research Services Industry Average (This Year)

Incidents vs Research Services Industry Average (This Year)

Incident History — CNRS (X = Date, Y = Severity)

Incident History — PPD (X = Date, Y = Severity)

Notable Incidents

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-66404

Risk Information

CVE-2025-65868

CVE-2025-64055

CVE-2025-66489

Risk Information

CVE-2025-66453

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

CNRS

VS

PPD

CNRS

PPD

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Research Services Industry Average (This Year)

Incidents vs Research Services Industry Average (This Year)

Incident History — CNRS (X = Date, Y = Severity)

Incident History — PPD (X = Date, Y = Severity)

Notable Incidents

No Incident

🔒 Incident : Breach THE206072925

FAQ

Between CNRS company and PPD company, which one has the best AI Cybersecurity Score ?

Between CNRS company and PPD company, which one has experienced more cyber incidents in the past ?

Between CNRS company and PPD company, which one has experienced more cyber incidents this year ?

Between CNRS company and PPD company, which one has experienced at least one ransomware attack ?

Between CNRS company and PPD company, which one has experienced at least one data breach ?

Between CNRS company and PPD company, which one has experienced at least one targeted cyberattack ?

Between CNRS company and PPD company, which one has experienced at least one vulnerability ?

Between CNRS company and PPD company, which one holds the most compliance certifications ?

Between CNRS company and PPD company, which one holds the fewest compliance certifications ?

Between CNRS company and PPD company, which one has the most subsidiaries ?

Between CNRS company and PPD company, which one has the largest number of employees ?

Between CNRS and PPD, which company holds both SOC 2 Type 1 certifications ?

Between CNRS and PPD, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — CNRS or PPD ?

Which company is PCI DSS compliant — CNRS or PPD ?

Between CNRS and PPD, which company complies with HIPAA regulations for healthcare data ?

Between CNRS and PPD, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-66404

Risk Information

CVE-2025-65868

CVE-2025-64055

CVE-2025-66489

Risk Information

CVE-2025-66453

Risk Information