What is the official website of EDP South America ?

The official website of EDP South America is https://edp.com/en/south-america.

What is EDP South America's cybersecurity risk score?

EDP South America has an AI-generated cybersecurity risk score of 757 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has EDP South America experienced?

According to Rankiteo, EDP South America currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has EDP South America been affected by any supply chain cyber incidents ?

According to Rankiteo, EDP South America has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does EDP South America have SOC 2 Type 1 certification ?

According to Rankiteo, EDP South America is not certified under SOC 2 Type 1.

Does EDP South America have SOC 2 Type 2 certification ?

According to Rankiteo, EDP South America does not hold a SOC 2 Type 2 certification.

Does EDP South America comply with GDPR ?

According to Rankiteo, EDP South America is not listed as GDPR compliant.

Does EDP South America have PCI DSS certification ?

According to Rankiteo, EDP South America does not currently maintain PCI DSS compliance.

Does EDP South America comply with HIPAA ?

According to Rankiteo, EDP South America is not compliant with HIPAA regulations.

Does EDP South America have ISO 27001 certification ?

According to Rankiteo,EDP South America is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does EDP South America operate in ?

EDP South America operates primarily in the Electric Power Generation industry.

How many employees does EDP South America have ?

EDP South America employs approximately 392 people worldwide.

Does EDP South America own any subsidiaries ?

EDP South America presently has no subsidiaries across any sectors.

How many LinkedIn followers does EDP South America have ?

EDP South America's official LinkedIn profile has approximately 3,303 followers.

What is the NAICS classification code for EDP South America ?

EDP South America is classified under the NAICS code 22111, which corresponds to Electric Power Generation.

Does EDP South America have a Crunchbase profile ?

No, EDP South America does not have a profile on Crunchbase.

Does EDP South America have a LinkedIn profile ?

Yes, EDP South America maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/edpsouthamerica.

How many cybersecurity incidents has EDP South America experienced ?

As of June 23, 2026, Rankiteo reports that EDP South America has not experienced any cybersecurity incidents.

How many peer or competitor companies does EDP South America have ?

EDP South America has an estimated 184 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

ESA

Boost Score +25 with badge (5 left)

757

/1000

Fair

782

/1000

Fair

EDP South America Vendor Cyber Rating & Cyber Score

edp.com

Add Your Compliance Badge

EDP operates in 30 markets and is present in four regions: North America, Asia-Pacific, Europe and South America. In South America, we operate in the energy generation, transmission, networks and the free markets segments, as well as in the development, construction and maintenance of wind, solar and green hydrogen assets, with assets worth R$41 billion, making it the EDP Group's second largest operation. A benchmark in ESG, we are the most sustainable electricity company in the world according to the Dow Jones index, as well as being part of the Bloomberg Gender Equality Index. In the European and South American markets - Brazil, Chile and Colombia - we won the Top Employer 2024 award. In the Brazilian market, the largest country in

ESA A.I CyberSecurity Scoring

Scoring History

ESA

EDP South America CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

ESA Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for ESA

Incidents vs Electric Power Generation Industry Avg (This Year)

No incidents recorded for EDP South America in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for EDP South America in 2026.

Incident Types ESA vs Electric Power Generation Industry Avg (This Year)

No incidents recorded for EDP South America in 2026.

Incident History - ESA (X = Date, Y = Severity)

Loading…

SUBSIDIARY

EDP South America Subsidiaries

Parent Company

ESA

Electric Power Generation

Website: https://edp.com/en/south-america

Company Size: 5,001-10,000 employees

No subsidiary data available for this company.

Loading…

EDP South America Similar Companies

Iberdrola

iberdrola.com

With more than 180 years of history, Iberdrola is today a global energy leader, the leading wind power producer and one of the largest electricity companies in the world in terms of stock market capitalisation. We have been committed to clean energy for more than 20 years with the objective of exceeding 52,000 MW of renewable capacity by 2025. The group supplies energy to nearly 100 million people in dozens of countries, has more than 600,000 shareholders, a workforce of more than 42,300 employees. We are leading the energy transition to a sustainable model through our investments in renewables, smart grids, large-scale energy storage and digital transformation to deliver the most advanced products and services to our customers. Find out more in 'Life at Iberdrola'

GE Vernova

linktree.com

GE Vernova is a purpose-built energy technology company on a mission to electrify to thrive and decarbonize the world. It is made up of three businesses -- Power, Wind, and Electrification -- with focus on accelerating the path to more reliable, affordable, and sustainable energy, while helping our customers power economies and deliver the electricity that is vital to health, safety, security, and improved quality of life. The world needs more energy, smarter energy. With energy demand expected to grow by more than 50% in the next 20 years, we are continuously innovating to meet the moment…like we have for the past 130 years. The Energy of Change and relentless optimism are what drive us – it’s about never giving up and seeing what’s possible so that we deliver the energy technologies the world needs right now and for generations to come. GE Vernova’s attitude and edge is embedded in its name. We retain our treasured legacy, “GE,” as an enduring and hard-earned badge of quality and ingenuity. “Ver” / “verde” signal Earth’s verdant and lush ecosystems. “Nova,” from the Latin “novus,” nods to a new, innovative era of lower carbon energy that GE Vernova will help deliver. Together, we have the energy to change the world.

Loading…

NEWS

EDP South America CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-54236

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, the fix for CVE-2026-22778, which introduced a sanitize_message helper that strips object-repr memory addresses from error messages before they reach the client, is incomplete: several response paths echo str(exc) directly to clients without calling sanitize_message. The unsanitized sites include the Anthropic API router in vllm/entrypoints/anthropic/api_router.py (the POST /v1/messages and POST /v1/messages/count_tokens handlers), the Server-Sent Events streaming converter in vllm/entrypoints/anthropic/serving.py, and the realtime speech-to-text WebSocket in vllm/entrypoints/speech_to_text/realtime/connection.py. These paths catch the exception inside the route coroutine and construct the JSONResponse themselves, bypassing the sanitizing global FastAPI exception handler, and WebSocket frames do not traverse that handler chain at all. Using the same primitive as the parent issue, an unauthenticated attacker can send malformed image bytes through the Anthropic Messages API image content parts so that PIL.Image.open raises an UnidentifiedImageError whose message contains the BytesIO object repr, leaking the heap memory address verbatim in the error.message field of the response body. This vulnerability is fixed in 0.23.1rc0.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: 5.3)

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Impact Score

1.4

Exploitability

3.9

REFERENCES

CVE-2026-54235

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation gates use comparison operators (<, >), which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagate to GPU sampling kernels, where they produce undefined behavior or CUDA errors that can crash the inference worker. This vulnerability is fixed in 0.23.1rc0.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: )

cvss4

Base Score: 6.9

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-54233

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, vLLM's /v1/audio/transcriptions endpoint limits compressed upload size but not decoded PCM output. A 25MB OPUS file expands to ~14.9GB of float32 PCM at decode time. This vulnerability is fixed in 0.23.1rc0.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: 6.5)

cvss3

Base Score: 6.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score

3.6

Exploitability

2.8

REFERENCES

CVE-2026-54232

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.1, the vLLM Dockerfile is vulnerable to a dependency confusion attack through the flashinfer-jit-cache package. The package is installed from a custom index (flashinfer.ai/whl/) using --extra-index-url, but the package name was not registered on PyPI, and UV_INDEX_STRATEGY="unsafe-best-match" is set globally. An attacker who registers flashinfer-jit-cache on PyPI with version 0.6.11.post2 can execute arbitrary code as root during the Docker build and backdoor every resulting container image, enabling exfiltration of all user prompts, API credentials, and model data from production vLLM deployments This vulnerability is fixed in 0.22.1.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

2.8

REFERENCES

https://github.com/vllm-project/vllm/security/advisories/GHSA-jrf6-vqxq-pjv2

CVE-2026-53923

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels (csrc/quantization/gguf/gguf_kernel.cu) causes partial tensor processing. The output tensor is allocated at full size via torch::empty (uninitialized memory), but the dequantize CUDA kernel processes only a truncated number of elements. The unfilled portion of the output tensor retains whatever was previously in GPU memory. In multi-tenant inference deployments, this residual GPU memory may contain tensor data from other users' inference requests, constituting information disclosure. This vulnerability is fixed in 0.23.1rc0.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: )

cvss4

Base Score: 5.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…