What is Canada Revenue Agency - Agence du revenu du Canada's cybersecurity risk score?

Canada Revenue Agency - Agence du revenu du Canada has an AI-generated cybersecurity risk score of 786 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Canada Revenue Agency - Agence du revenu du Canada experienced?

According to Rankiteo, Canada Revenue Agency - Agence du revenu du Canada currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Canada Revenue Agency - Agence du revenu du Canada been affected by any supply chain cyber incidents ?

According to Rankiteo, Canada Revenue Agency - Agence du revenu du Canada has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Canada Revenue Agency - Agence du revenu du Canada have SOC 2 Type 1 certification ?

According to Rankiteo, Canada Revenue Agency - Agence du revenu du Canada is not certified under SOC 2 Type 1.

Does Canada Revenue Agency - Agence du revenu du Canada have SOC 2 Type 2 certification ?

According to Rankiteo, Canada Revenue Agency - Agence du revenu du Canada does not hold a SOC 2 Type 2 certification.

Does Canada Revenue Agency - Agence du revenu du Canada comply with GDPR ?

According to Rankiteo, Canada Revenue Agency - Agence du revenu du Canada is not listed as GDPR compliant.

Does Canada Revenue Agency - Agence du revenu du Canada have PCI DSS certification ?

According to Rankiteo, Canada Revenue Agency - Agence du revenu du Canada does not currently maintain PCI DSS compliance.

Does Canada Revenue Agency - Agence du revenu du Canada comply with HIPAA ?

According to Rankiteo, Canada Revenue Agency - Agence du revenu du Canada is not compliant with HIPAA regulations.

Does Canada Revenue Agency - Agence du revenu du Canada have ISO 27001 certification ?

According to Rankiteo,Canada Revenue Agency - Agence du revenu du Canada is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Canada Revenue Agency - Agence du revenu du Canada operate in ?

Canada Revenue Agency - Agence du revenu du Canada operates primarily in the Government Administration industry.

How many employees does Canada Revenue Agency - Agence du revenu du Canada have ?

Canada Revenue Agency - Agence du revenu du Canada employs approximately 16,790 people worldwide.

Does Canada Revenue Agency - Agence du revenu du Canada own any subsidiaries ?

Canada Revenue Agency - Agence du revenu du Canada presently has no subsidiaries across any sectors.

How many LinkedIn followers does Canada Revenue Agency - Agence du revenu du Canada have ?

Canada Revenue Agency - Agence du revenu du Canada's official LinkedIn profile has approximately 618,056 followers.

What is the NAICS classification code for Canada Revenue Agency - Agence du revenu du Canada ?

Canada Revenue Agency - Agence du revenu du Canada is classified under the NAICS code 92, which corresponds to Public Administration.

Does Canada Revenue Agency - Agence du revenu du Canada have a Crunchbase profile ?

No, Canada Revenue Agency - Agence du revenu du Canada does not have a profile on Crunchbase.

Does Canada Revenue Agency - Agence du revenu du Canada have a LinkedIn profile ?

Yes, Canada Revenue Agency - Agence du revenu du Canada maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/cra-arc.

How many cybersecurity incidents has Canada Revenue Agency - Agence du revenu du Canada experienced ?

As of June 15, 2026, Rankiteo reports that Canada Revenue Agency - Agence du revenu du Canada has experienced 7 cybersecurity incidents.

How many peer or competitor companies does Canada Revenue Agency - Agence du revenu du Canada have ?

Canada Revenue Agency - Agence du revenu du Canada has an estimated 12,890 peer or competitor companies worldwide.

What types of cybersecurity incidents has Canada Revenue Agency - Agence du revenu du Canada faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach, Data Leak and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

CRAADRDC

Boost Score +25 with badge (5 left)

786

/1000

Fair

811

/1000

Good

Canada Revenue Agency - Agence du revenu du Canada Vendor Cyber Rating & Cyber Score

canada.ca

Add Your Compliance Badge

Welcome to the Canada Revenue Agency’s (CRA) official LinkedIn page! 🇨🇦 We take pride in our diverse workforce, which brings a wide range of skills and perspectives to the Canada Revenue Agency, and remain committed to fostering an inclusive workplace where everyone can thrive. We’re on a mission to better serve Canadians, with the goal to be trusted, fair, and helpful by putting people first. Our dedication has earned us recognition as one of Canada's Top Employers for Young People, Canada’s Best Diversity Employers and National Capital Region’s Top Employer. Follow us for more on job opportunities, important information about benefits, credits, and all things taxes. Terms and Conditions: http://ow.ly/XpI030iPAP9 Bienvenue sur la

CRAADRDC A.I CyberSecurity Scoring

Scoring History

CRAADRDC

Canada Revenue Agency - Agence du revenu du Canada CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Canada Revenue Agen...

Breach

10/2025

TRA270222710182...

Canada Revenue Agen...

Breach

5/2025

OFF100251009182...

Canada Revenue Agen...

Breach

10/2022

CAN206221122

Government of Canad...

Cyber Attack

3/2020

GOV1766174849

Canada Revenue Agen...

Data Leak

08/2018

GOV12181122

Canada Revenue Agen...

Breach

06/2018

CAN17246822

Canada Revenue Agen...

Cyber Attack

100

06/2015

GOV192330422

Loading…

A.I.

CRAADRDC Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for CRAADRDC

Incidents vs Government Administration Industry Avg (This Year)

No incidents recorded for Canada Revenue Agency - Agence du revenu du Canada in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Canada Revenue Agency - Agence du revenu du Canada in 2026.

Incident Types CRAADRDC vs Government Administration Industry Avg (This Year)

No incidents recorded for Canada Revenue Agency - Agence du revenu du Canada in 2026.

Incident History - CRAADRDC (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Canada Revenue Agency - Agence du revenu du Canada Subsidiaries

CRAADRDC

Government Administration

Website: http://canada.ca/taxes

Company Size: 10,001+ employees

Government of CanadaGovernment Administration

Health Canada | Santé CanadaGovernment Administration

Service CanadaGovernment Administration

Statistics Canada | Statistique CanadaGovernment Administration

Canada Border Services Agency | Agence des services frontaliers du CanadaGovernment Administration

Public Health Agency of Canada | Agence de la santé publique du CanadaGovernment Administration

Public Services and Procurement Canada | Services publics et Approvisionnement CanadaGovernment Administration

PSPC Jobs | Emplois SPACGovernment Administration

Real Property Services / Services immobiliersGovernment Administration

Marine Procurement | Approvisionnement MaritimeShipbuilding

Translation Bureau | Bureau de la traductionGovernment Administration

Environment and Climate Change CanadaGovernment Administration

National Research Council Canada / Conseil national de recherches CanadaResearch Services

Finance Canada / Finances CanadaGovernment Administration

Innovation, Science and Economic Development Canada | Innovation, Sciences et Développement économique CanadaGovernment Administration

Innovative Solutions CanadaGovernment Relations Services

Canada Digital Adoption Program | Programme canadien d'adoption du numériqueGovernment Relations Services

Canadian Armed Forces | Forces armées canadiennesArmed Forces

Transport Canada - Transports CanadaGovernment Administration

Department of Justice Canada | Ministère de la Justice du CanadaGovernment Administration

Canadian Food Inspection AgencyGovernment Administration

Immigration and Refugee Board of Canada | Commission de l'immigration et du statut de réfugiéGovernment Administration

Canada Mortgage and Housing Corporation (CMHC) Société canadienne d'hypothèques et de logement(SCHL)Government Administration

Treasury Board of Canada Secretariat | Secrétariat du Conseil du Trésor du CanadaGovernment Administration

Public Safety Canada | Sécurité publique CanadaPublic Safety

Canadian Institutes of Health Research | Instituts de recherche en santé du CanadaGovernment Administration

Trade Commissioner Service | Service des délégués commerciauxInternational Trade and Development

Emploi et Développement social Canada (EDSC) / Employment and Social Development Canada (ESDC)Government Administration

Labour ProgramGovernment Administration

Programme du travailGovernment Administration

Canada 2030 AgendaGovernment Administration

Programme 2030 CanadaGovernment Administration

Natural Sciences and Engineering Research Council of Canada (NSERC)Government Administration

Federal Economic Development Agency for Southern Ontario | Agence fédérale de ...Government Administration

Office of the Privacy Commissioner of Canada/Commissariat à la protection de la vie privée du CanadaGovernment Administration

Canadian Centre for Occupational Health and SafetyGovernment Administration

Shared Services Canada | Services partagés CanadaGovernment Administration

WAGE / FEGCGovernment Administration

Veterans Affairs Canada / Anciens Combattants CanadaGovernment Administration

Canada School of Public Service | École de la fonction publique du CanadaGovernment Administration

Doing Business with the Government of Canada | Faire affaire avec le gouvernement du CanadaGovernment Administration

Canadian Armed Forces | Forces armées canadiennesArmed Forces

SSHRC-CRSHGovernment Administration

Prairies Economic Development Canada I Développement économique Canada pour les PrairiesGovernment Administration

Communications Security Establishment Canada | Centre de la sécurité des télécommunications CanadaGovernment Administration

ACOA - APECAGovernment Administration

CRTCTelecommunications

Commission de la fonction publique du Canada | Public Service Commission of CanadaGovernment Administration

Canadian Intellectual Property Office / Office de la propriété intellectuelle du CanadaGovernment Administration

Competition Bureau CanadaLaw Enforcement

Public Prosecution Service of Canada | Service des poursuites pénales du CanadaGovernment Administration

Policy Horizons Canada - Horizons de politiques CanadaGovernment Administration

Canada Economic Development for Quebec RegionsGovernment Administration

Get Cyber SafeGovernment Administration

My Source | Ma sourceGovernment Administration

Bureau de la concurrence CanadaLaw Enforcement

Inside ECCC | Ici à ECCCGovernment Administration

Régie de l’énergie du CanadaGovernment Administration

Pensez cybersécuritéGovernment Administration

Centre canadien d'hygiène et de sécurité au travail (CCHST)Government Administration

Loading…

Canada Revenue Agency - Agence du revenu du Canada Similar Companies

Region Stockholm

regionstockholm.se

Är du beredd att tänka nytt och hitta framtidens lösningar? För vårt framtida uppdrag behöver vi medarbetare med hög kompetens, stort engagemang och som strävar efter ständig förbättring. Vid din sida kan du få engagerade kollegor inom hundratals kvalificerade yrken – ekonomer, sjuksköterskor, jurister, radiologer, ingenjörer och kirurger. Stockholms läns landsting är en av landets största arbetsgivare med ett livsviktigt uppdrag. Vi ger två miljoner invånare en effektiv kollektivtrafik och en god hälso- och sjukvård i landets snabbast växande region. Varje dag, dygnet runt.

Comunidad de Madrid

comunidad.madrid

Si necesitas información general y especializada sobre los servicios públicos madrileños puedes llamar al teléfono de Atención al Ciudadano 012. En la Comunidad de Madrid estamos encantados de recibir comentarios y favorecer el diálogo, por eso te proponemos unas normas básicas de participación: - Respeta a los demás usuarios y haz un uso adecuado de la red al publicar un comentario. Se eliminará cualquier mensaje difamatorio, ofensivo, amenazador, grosero o que esté penado por las leyes españolas. - Haz comentarios relacionados con lo publicado, sé lo más breve posible y evita las mayúsculas. Se borrarán aquellos comentarios que se consideren fuera de tema. - No están permitidos los mensajes que contengan spam o publicidad intrusiva. - La Comunidad de Madrid no se hace responsable del contenido de las opiniones que los participantes dejan en los comentarios, ni se identifica con ellas. ¡Esperamos tu participación! Síguenos también en www.twitter.com/ComunidadMadrid y www.facebook.com/ComunidadeMadrid.

Centers for Disease Control and Prevention

cdc.gov

CDC works 24/7 keeping America safe from health, safety and security threats, both foreign and domestic. Whether diseases start at home or abroad, are chronic or acute, curable or preventable, human error or deliberate attack, CDC fights it and supports communities and citizens to prevent it. CDC is the nation’s health protection agency - saving lives, protecting people from health threats, and saving money through prevention. For more information, please go to: http://www.cdc.gov/ Comment Policy: Please visit http://www.cdc.gov/SocialMedia/Tools/CommentPolicy.html to view CDC’s social media comment policy. Privacy Notice Regarding Third Party Websites: Privacy Notice: The Centers for Disease Control and Prevention uses third-party Web sites to share information and to encourage collaboration with the public. Third-party Web sites are not Government-owned or Government-operated. They are controlled and operated by a third party not affiliated with CDC. The CDC Privacy Policy does not apply to third-party Web sites or applications. To learn more about CDC’s privacy practices, please visit our Privacy Policy at https://www.cdc.gov/other/privacy.html.

Council Careers Victoria

asn.au

Victorian local government jobs offer opportunities for people with diverse skills. The sector delivers more than 100 services and employs staff in the areas of health and community care, corporate and business support, engineering, planning and community development, and environment and emergency management. Local government offers you the opportunity to: • work directly with the community • work in any location across the state • be involved in on-going learning and development • negotiate flexible working arrangements • take part in employee health and recreation programs • undertake further study.

Secretaría de Educación Pública

onlinecareer360.com

MISIÓN/PROPÓSITO: La SEP tiene como propósito esencial crear condiciones que permitan asegurar el acceso de todas las mexicanas y mexicanos a una educación de calidad, en el nivel y modalidad que la requieran y en el lugar donde la demanden. VISIÓN: En el año 2025, México cuenta con un sistema educativo amplio, articulado y diversificado, que ofrece educación para el desarrollo humano integral de su población. El sistema es reconocido nacional e internacionalmente por su calidad y constituye el eje básico del desarrollo cultural, científico, tecnológico, económico y social de la Nación.

Workingfor.be

workingfor.be

Workingfor.be is the job platform of the federal administration. Here, you will find a wide variety of jobs in different fields of profession. Every day thousands of our employees help build tomorrow's society. When you choose the federal administration, you choose an employer who embraces your talent and individuality and gives you the opportunity to develop yourself and your skills further every single day. Moreover, we offer you a job where you can easily find the balance between your professional and personal life. Do you want to contribute to the Belgium of tomorrow? Feel like making a difference and developing your talents? Discover our wide range of vacancies at www.workingfor.be

CONICET

conicet.gov.ar

El Consejo Nacional de Investigaciones Científicas y Técnicas (CONICET) es el principal organismo dedicado a la promoción de la ciencia y la tecnología en la Argentina. Su actividad se desarrolla en cuatro grandes áreas: • Ciencias agrarias, ingeniería y de materiales • Ciencias biológicas y de la salud • Ciencias exactas y naturales • Ciencias sociales y humanidades En el CONICET, además promovemos y gestionamos la transferencia de tecnologías, servicios y capacidades de Investigación y Desarrollo (I+D) que genera su comunidad científica hacia los sectores socioproductivos, Pymes, Gobiernos, organismos públicos y la sociedad civil. En ese sentido: • Conectamos recursos humanos altamente especializados con empresarios/as para generar oportunidades conjuntas. • Impulsamos la participación con cámaras y asociaciones empresarias, parques tecnológicos e industriales, organismos del Estado, ONG, organizaciones civiles, y redes nacionales e internacionales de vinculación tecnológica. • Facilitamos la transferencia al sector productivo mediante procesos de escalado, pruebas de concepto, entre otros. • Promovemos la creación de Empresas de Base Tecnológica. El CONICET es un ente autárquico del Estado Nacional en jurisdicción del Ministerio de Ciencia, Tecnología e Innovación.

Assurance Maladie

ameli.fr

Travailler à l’Assurance Maladie, c’est donner une nouvelle dimension à votre métier et agir au quotidien pour la protection de notre système de santé. Participez à une grande diversité de projets dans un cadre bienveillant et soyez fier de contribuer à une mission essentielle : agir ensemble, protéger chacun. Depuis près de 80 ans, l'Assurance Maladie joue un rôle majeur au service de la solidarité nationale. Nous sommes convaincus que la clé de la pérennité du système de santé relève d'une responsabilité collective et réside dans l'implication forte de chacun de ses acteurs. Au sein de ce système, l'Assurance Maladie assume une triple mission : ⏺️ garantir un accès universel aux droits et permettre l'accès aux soins ⏺️ accompagner chacun dans la préservation de sa santé ⏺️ améliorer l'efficacité du système Toutes ses missions, l’Assurance Maladie les mène avec le souci d’assurer la meilleure qualité de service. Elle s’appuie pour cela sur un réseau de proximité qui couvre l’ensemble du territoire et l’engagement de plus de 80 000 collaborateurs qui agissent jour après jour à l’échelle départementale, régionale et nationale. Ensemble, au quotidien, ils font vivre ses valeurs d’universalité, de solidarité, de responsabilité et d’innovation.

U.S. Census Bureau

census.gov

The Census Bureau serves as the nation’s leading provider of quality data about its people and economy. We have been headquartered in Suitland, Maryland since 1942, and currently employ about 4,285 staff members. We are part of the U.S. Department of Commerce and overseen by the Economics and Statistics Administration (ESA). We honor privacy, protect confidentiality, share our expertise globally, and conduct our work openly. We are guided on this mission by our strong and capable workforce, our readiness to innovate, and our abiding commitment to our customers. View our comment policy: https://www.census.gov/about/contact-us/comment-policy.html View our privacy policy: https://www.census.gov/about/policies/privacy/privacy-policy.html

Loading…

NEWS

Canada Revenue Agency - Agence du revenu du Canada CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

July 03, 2025 07:00 AM

T5018 slip – Statement of contract payments

A T5018 slip identifies the total contract payments made to a recipient by a contractor in a calendar year or fiscal period.

Read Article

June 05, 2025 07:00 AM

Prioritizing privacy in a data-driven world

2024-2025 Annual Report to Parliament on the Privacy Act and the Personal Information Protection and Electronic Documents Act...

Read Article

May 23, 2025 07:00 AM

Canada Revenue Agency cutting up to 280 jobs, mainly in national capital region

The Canada Revenue Agency (CRA) is cutting up to 280 more employees this spring, the latest announcement of job cuts at the federal department over the past...

Read Article

October 28, 2024 07:00 AM

Tens of thousands of taxpayer accounts hacked as CRA repeatedly paid out millions in bogus refunds

At the height of this year's tax season, the Canada Revenue Agency discovered that hackers had obtained confidential data used by one of the...

Read Article

February 27, 2024 08:00 AM

Canada says cannabis wholesalers must garnish payments over unpaid taxes

Canada's tax collection agency is garnishing cash from licensed cannabis producers that are delinquent on their excise duty payments.

Read Article

March 01, 2023 08:00 AM

CRA Scams Looking More and More Like The Real Thing: Expert

Cybersecurity experts are warning the public about the latest iteration of Canada Revenue Agency-style scams w...

Read Article

February 16, 2023 08:00 AM

Sweet v Canada: Federal Court Of Canada certified privacy breach class action against CRA

In Sweet v Canada, the Federal Court of Canada certified a class action lawsuit over a CRA personal and financial data breach at the Canada...

Read Article

September 16, 2022 07:00 AM

The making of music: is a master recording tangible or intangible property?

This article is part one of a four-part series that explores the Unidisc decisions and goes into detail on the issues of music masters,...

Read Article

February 17, 2021 08:00 AM

CRA locks online accounts amid investigation, leaving users worried

The Canada Revenue Agency has locked more than 100000 taxpayers out of its online platform, telling users their email addresses have been...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12191

SUMMARY

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdrive/modeld/modeld.py of the component Pickle Module. The manipulation results in deserialization. The attack is only possible with local access. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 7.8)

cvss2

Base Score: 6.8

Complexity: LOW

AV:L/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.1

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-12190

SUMMARY

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 5.3)

cvss2

Base Score: 4.3

Complexity: LOW

AV:L/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 4.8

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.8

REFERENCES

CVE-2026-12189

SUMMARY

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzmate. Executing a manipulation can lead to improper authorization in handler for custom url scheme. The attack can only be executed locally. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 5.3)

cvss2

Base Score: 4.3

Complexity: LOW

AV:L/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 1.9

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.8

REFERENCES

CVE-2026-12188

SUMMARY

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules/core/backend/app/controllers/concerns/grit/core/grit_entity_controller.rb of the component GritEntityController. Performing a manipulation results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 6.3)

cvss2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 6.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

2.8

REFERENCES

CVE-2026-12187

SUMMARY

A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 4.7 addresses this issue. Upgrading the affected component is advised. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…