What is the official website of Entrepose Contracting ?

The official website of Entrepose Contracting is http://www.entrepose.com.

What is Entrepose Contracting's cybersecurity risk score?

Entrepose Contracting has an AI-generated cybersecurity risk score of 746 out of 1000, indicating a Moderate security posture according to Rankiteo's assessment.

How many security incidents has Entrepose Contracting experienced?

According to Rankiteo, Entrepose Contracting currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Entrepose Contracting been affected by any supply chain cyber incidents ?

According to Rankiteo, Entrepose Contracting has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Entrepose Contracting have SOC 2 Type 1 certification ?

According to Rankiteo, Entrepose Contracting is not certified under SOC 2 Type 1.

Does Entrepose Contracting have SOC 2 Type 2 certification ?

According to Rankiteo, Entrepose Contracting does not hold a SOC 2 Type 2 certification.

Does Entrepose Contracting comply with GDPR ?

According to Rankiteo, Entrepose Contracting is not listed as GDPR compliant.

Does Entrepose Contracting have PCI DSS certification ?

According to Rankiteo, Entrepose Contracting does not currently maintain PCI DSS compliance.

Does Entrepose Contracting comply with HIPAA ?

According to Rankiteo, Entrepose Contracting is not compliant with HIPAA regulations.

Does Entrepose Contracting have ISO 27001 certification ?

According to Rankiteo,Entrepose Contracting is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Entrepose Contracting operate in ?

Entrepose Contracting operates primarily in the Oil and Gas industry.

How many employees does Entrepose Contracting have ?

Entrepose Contracting employs approximately 265 people worldwide.

Does Entrepose Contracting own any subsidiaries ?

Entrepose Contracting presently has no subsidiaries across any sectors.

How many LinkedIn followers does Entrepose Contracting have ?

Entrepose Contracting's official LinkedIn profile has approximately 9,724 followers.

What is the NAICS classification code for Entrepose Contracting ?

Entrepose Contracting is classified under the NAICS code 211, which corresponds to Oil and Gas Extraction.

Does Entrepose Contracting have a Crunchbase profile ?

No, Entrepose Contracting does not have a profile on Crunchbase.

Does Entrepose Contracting have a LinkedIn profile ?

Yes, Entrepose Contracting maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/entrepose-projets.

How many cybersecurity incidents has Entrepose Contracting experienced ?

As of June 6, 2026, Rankiteo reports that Entrepose Contracting has not experienced any cybersecurity incidents.

How many peer or competitor companies does Entrepose Contracting have ?

Entrepose Contracting has an estimated 10,929 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Entrepose Contracting

Boost Score +25 with badge (5 left)

746

/1000

Moderate

771

/1000

Fair

Entrepose Contracting Vendor Cyber Rating & Cyber Score

entrepose.com

Add Your Compliance Badge

Entrepose Contracting, a subsidiary of VINCI Construction Grands Projets, designs and delivers critical energy infrastructure for the storage, treatment, and transportation of conventional and low-carbon energies. 🔹 Drawing on 60+ years of cryogenic engineering and heavy-duty fabrication 🔹 Full-containment LNG tanks up to 225,000 m³ at –162 °C 🔹 LNG terminals, compression stations 🔹 Low-carbon processing facilities for hydrogen, ammonia, CO₂, LPG 🔹 In-house heavy fabrication via Entrepose Industries (spheres, boilers, tanks) With a global track record (LNG Canada, Isle of Grain, GATE Terminal, Wheatstone), Entrepose Contracting combines operational excellence, rigorous QHSE standards, and turnkey EPC delivery to support your

Entrepose Contracting A.I CyberSecurity Scoring

Scoring History

Entrepose Contracting

Entrepose Contracting CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

Entrepose Contracting Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Entrepose Contracting

Incidents vs Oil and Gas Industry Avg (This Year)

No incidents recorded for Entrepose Contracting in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Entrepose Contracting in 2026.

Incident Types Entrepose Contracting vs Oil and Gas Industry Avg (This Year)

No incidents recorded for Entrepose Contracting in 2026.

Incident History - Entrepose Contracting (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Entrepose Contracting Subsidiaries

Entrepose Contracting

Oil and Gas

Website: http://www.entrepose.com

Company Size: 201-500 employees

123

Entrepose GroupOil and Gas

VINCI ConstructionConstruction

VINCIConstruction

VINCI EnergiesInformation Technology & Services

EuroviaConstruction

VINCI ImmobilierReal Estate

VINCI ConcessionsTruck Transportation

VINCI AutoroutesTransportation/Trucking/Railroad

Nicholson ConstructionConstruction

LeonardConstruction

VINCI insertion EmploiServices d’aide à l’insertion professionnelle

VINCI Construction FranceConstruction

GTM BATIMENTConstruction

VINCI Construction TerrassementConstruction

CHANTIERS MODERNES CONSTRUCTIONConstruction

BATEGConstruction

Sogea EnvironnementUtilities

DUMEZ - Île-de-FranceConstruction

VINCI Construction Maritime et FluvialConstruction

PETITConstruction

Triverio Construction Civil Engineering

Sogea PicardieConstruction

Sogea CentreConstruction

CBC ServiceConstruction

CITINEA Construction

SOGEA BRETAGNE BTPConstruction

SOGEA ATLANTIQUE BTPConstruction

GTM Sud-Ouest TP GC Civil Engineering

VERDOÏAConstruction

NoveligeConstruction

CBIConstruction

VCS-SAConstruction

Campenon Bernard Dauphiné Savoie Construction

Sogea Caroni - VINCI Construction FranceConstruction

BOURDARIOSConstruction

EXTRACT - VINCI Construction FranceEnvironmental Services

Equo VivoConstruction

TARARE BOIS Construction

Urban DumezConstruction

SETHYCivil Engineering

GTM SudCivil Engineering

BOURGEOIS_PATRIMOINE - VINCI ConstructionConstruction

ArbonisConstruction

ADIM Hauts-de-FranceReal Estate

GTM OUESTConstruction

Sogea Nord-Ouest Construction

DUMEZ AUVERGNE Construction

Construction Menuiserie Aluminium et Agencement - CMAAConstruction

GTM GC Nouvelle-Aquitaine Civil Engineering

MarencoConstruction

ADIM Normandie-CentreReal Estate

GTM Normandie Centre Civil Engineering

PATEU ROBERTConstruction

GTM Bâtiment Aquitaine Construction

ADIM EstReal Estate

SICRA IDF - VINCI Construction FranceConstruction

CBCConstruction

ADIM LyonReal Estate

BOTTE FONDATIONSCivil Engineering

REHALIBConstruction

SIGNATURE OCEAN INDIENConstruction

Urbalia - Biodiversité urbaineEnvironmental Services

COFEX-GTM Travaux Spéciaux Civil Engineering

SOGEA Sud BâtimentConstruction

GTM Travaux Spéciaux Construction

COFEX MéditerranéeCivil Engineering

ADIM Développement ImmobilierReal Estate

ADIM Paris Île-de-FranceReal Estate

SOPRECOConstruction

Primméa by VINCI ConstructionConstruction

VINCI Construction Grands ProjetsConstruction

Sogea-SatomConstruction

Soletanche BachyConstruction

Bachy SoletancheConstruction

Soletanche Bachy PerúConstruction

BESSACConstruction

Roger Bullivant LimitedCivil Engineering

GFWAConstruction

Berminghammer Foundation EquipmentConstruction

Soletanche-Bachy ColombiaCivil Engineering

NUVIAConstruction

NUVIATech InstrumentsIngénierie mécanique ou industrielle

NUVIATech ProtectionConstruction

NUVIATech AutomationIngénierie robotique

www.nuvia.co.uk/careersIndustrial Machinery Manufacturing

VINCI Construction Outre-merConstruction

MenardConstruction

MENARD Middle East & Central AsiaCivil Engineering

MENARD USAConstruction

Menard FranceConstruction

MENARD Canada Inc.Construction

Menard OceaniaCivil Engineering

Menard Polska Sp. z o.o.Construction

Menard Freyssinet Egypt مينار فريسينه مصرCivil Engineering

Menard AsiaCivil Engineering

Menard UKConstruction

Remea FranceEnvironmental Services

Menard LietuvaConstruction

MENARD ESPAÑA, S.AConstruction

Menard IrelandConstruction

Menard zakládání staveb s.r.o.Construction

მენარდ საქართველო - Menard GeorgiaConstruction

VINCI CONSTRUCTION SIIT Services and IT Consulting

VINCI Building UKConstruction

FreyssinetCivil Engineering

Freyssinet AustraliaCivil Engineering

Freyssinet UKCivil Engineering

Freyssinet FranceCivil Engineering

Freyssinet IndiaCivil Engineering

Freyssinet New ZealandCivil Engineering

Freyssinet España S.A.U.Civil Engineering

Freyssinet ArgentinaConstruction

Freyssinet Chile SpACivil Engineering

Freyssinet, Inc. - USAConstruction

Freyssinet Suisse SAConstruction

MTS - DESAMIANTAGE Construction

Freyssinet Azerbaijan LLCCivil Engineering

GEOCEANConstruction

Gulf Industrial Supply FZEOil and Gas

Entrepose IndustriesOil and Gas

GeostockOil and Gas

Entrepose DBNOil and Gas

Entrepose CMPEAOil and Gas

Loading…

Entrepose Contracting Similar Companies

Tenaris

tenaris.com

Tenaris is a leading supplier of tubes and related services for the world’s energy industry and certain other industrial applications. Our mission is to deliver value to our customers through product development, manufacturing excellence, and supply chain management. Tenaris employees around the world are committed to continuous improvement by sharing knowledge across a single global organization. Our customers include most of the world’s leading oil and gas companies as well as engineering companies engaged in constructing oil and gas gathering, transportation and processing facilities. Our principal products include casing, tubing, line pipe, and mechanical and structural pipes. Tenaris employs around 29,000 people from more than 25 countries. From the moment they enter the company, our employees follow a career plan specially designed to meet their professional goals. TenarisUniversity, Tenaris’s corporate university, offers high-quality, job-specific curricula and development plans that help them succeed in the many challenging assignments faced during their careers. Our employees work in a culturally diverse setting that enriches their professional as well as their personal lives. As part of our fundamental corporate values, Tenaris offers our employee an active participation in a long-term, sustainable industrial project. RECRUITMENT FRAUD: We’ve received reports that unauthorized individuals are fraudulently recruiting and extending fake job offers on behalf of Tenaris. We encourage prospective candidates to remain vigilant. Additional information on how to recognize recruitment fraud or scams can be found at: https://www.tenaris.com/en/careers/recruitment-fraud Please remember that Tenaris never asks job applicants to pay a fee as part of the recruitment process.

Bharat Petroleum Corporation Limited

cb bharatpetroleum.in

Fortune Global 500 Company, Bharat Petroleum is the second largest Indian Oil Marketing Company and one of the premier integrated energy companies in India, engaged in refining of crude oil and marketing of petroleum products, with a significant presence in the upstream and downstream sectors of the oil and gas industry. The company attained the coveted Maharatna status, joining the elite club of companies having greater operational & financial autonomy. Bharat Petroleum’s Refineries at Mumbai & Kochi and Bina at Madhya Pradesh have a combined refining capacity of around 35.3 MMTPA. Its marketing infrastructure includes a network of installations, depots, energy stations, aviation service stations and LPG distributors. Its distribution network comprises over 20,000 Energy Stations, over 6,200 LPG distributorships, 733 Lubes distributorships, and 123 POL storage locations, 54 LPG Bottling Plants, 60 Aviation Service Stations, 4 Lube blending plants and 4 cross-country pipelines. Bharat Petroleum is integrating its strategy, investments, environmental and social ambitions to move towards a sustainable planet. The company has chalked out the plan to offer electric vehicle charging stations at around 7000 energy stations over next 5 years. With a focus on sustainable solutions, the company is developing a vibrant ecosystem and a road-map to become a Net Zero Energy Company by 2040, in Scope 1 and Scope 2 emissions. Bharat Petroleum has been partnering communities by supporting innumerable initiatives connected primarily in the areas of education, water conservation, skill development, health, community development, capacity building and employee volunteering. With ‘Energising Lives’ as its core purpose, Bharat Petroleum’s vision is to be the most admired global energy company leveraging talent, innovation & technology.

Koch Engineered Solutions

kochengineeredsolutions.com

Koch Engineered Solutions (KES) provides uniquely engineered solutions in construction; mass and heat transfer; combustion and emissions controls; filtration; separation; materials applications; automation and actuation. KES is located in Wichita, Kansas, and is a subsidiary of Koch Industries, one of the largest private companies in the world. KES delivers superior value in developing, integrating, and applying innovative technical and service solutions for industrial value chains. More information is available at KochEngineeredSolutions.com. Below is a list of our businesses: Koch-Glitsch John Zink Koch Specialty Plant Services Optimized Process Designs, LLC Koch Technology Solutions DEPCOM Power Inc. DarkVision Technologies Inc.

Ecopetrol

ecopetrol.com.co

Ecopetrol (NYSE: EC) es la compañía más grande en Colombia y uno de los principales grupos de energía de Latinoamérica. Cuenta con más de 18.000 empleados y es responsable del 60% de la producción de hidrocarburos en Colombia. Es propietaria de las dos refinerías del Colombia y de la gran parte de la infraestructura del segmento de transporte. A su vez, participa en la venta de energía y distribución de gas. En el panorama internacional, el foco estratégico de Ecopetrol se concentra en las cuencas del continente americano. Tiene operación y participa en proyectos de exploración y producción en Estados Unidos (Cuenca Permian y Golfo de México), Brasil y México. Como parte de la estrategia de sosTECnibilidad, la compañía lidera diferentes iniciativas en aspectos claves como descarbonización, energías renovables, gestión del agua, Desarrollo sostenible del territorio y transformación digital. Ecopetrol (NYSE: EC) is the largest company in Colombia and one of the leading integrated energy groups in the American continent, with operations in over eight countries. Its operations span the hydrocarbons value chain (upstream, midstream, downstream), gas distribution, energy transmission, management of real-time systems, road concessions, and telecommunications. As part of its TESG agenda (Technology, Environmental, Social and Governance), the company is leading several initiatives for diversification and decarbonization through, among others, renewables, electrification, natural climate solutions, and hydrogen. All the above, underpinned by innovation and technology as catalyzers of sustainability.

Oil and Natural Gas Corporation Ltd

ongcindia.com

Maharatna ONGC is the largest producer of crude oil and natural gas in India, contributing around 70 per cent of Indian domestic production. The crude oil is the raw material used by downstream companies like IOC, BPCL, HPCL to produce petroleum products like Petrol, Diesel, Kerosene, Naphtha, Cooking Gas-LPG. ONGC is India’s Top Energy Company and ranks 14th among global energy majors (Platts). It is the only Indian company to figure in Fortune’s ‘Most Admired Energy Companies’ list. ONGC ranks 226th overall in Forbes Global 2000. Acclaimed for its Corporate Governance practices, Transparency International has ranked ONGC 26th among the biggest publicly traded global giants. It is most valued public enterprise in India, and one of the highest profit-making and dividend-paying. ONGC has a unique distinction of being a company with in-house service capabilities in all areas of Exploration and Production of oil & gas and related oil-field services. Winner of the Best Employer award, a dedicated team of over 25,000 professionals toil round the clock in challenging locations. ONGC is an integrated energy company with interests in upstream, midstream and downstream sector of the hydrocarbon value chain, renewables, LNG, Power generation, petrochemicals and Value Added Products. ONGC's wholly-owned subsidiary Navratna ONGC Videsh Limited (OVL) is the biggest Indian multinational in the energy space, participating in 32 oil and gas properties in 15 countries. ONGC's subsidiary Mangalore Refinery and Petrochemicals Limited (MRPL) is a Schedule ‘A’ Miniratna, with a single-location refining capacity of 15 million tons per annum. ONGC subsidiary HPCL is a Maharatna CPSE, and has the second largest share of product pipelines in India with a pipeline network of more than 3370 kms for transportation of petroleum products and a vast marketing network consisting of 14 Zonal offices and 133 Regional Offices.

Transocean

cb deepwater.com

Transocean is a leading international provider of offshore contract drilling services for oil and gas wells. The company specializes in technically demanding sectors of the global offshore drilling business, with a particular focus on ultra-deepwater and harsh environment drilling services and operates the highest specification floating offshore drilling fleet in the world. Transocean owns or has partial ownership interests in and operates a fleet of 27 mobile offshore drilling units, consisting of 20 ultra-deepwater floaters and seven harsh environment floaters.

Reliance Industries Limited

ril.com

Our motto “Growth is Life” aptly captures the ever-evolving spirit of Reliance. Our activities span hydrocarbon exploration and production, petroleum refining and marketing, petrochemicals, retail, and telecommunications. In each of these areas, we are committed to innovation-led, exponential growth. Our vision has pushed us to achieve global leadership in many of our businesses – including our position as the largest polyester yarn and fiber producer in the world. Reliance Industries Limited is a Fortune 500 company and the largest private sector corporation in India. As Reliance sets sights on even more ambitious goals, we remain inspired and guided by the story and philosophy of our founder chairman Dhirubhai Ambani. Hailing from modest means, he followed his dream to create India's largest company. Reliance as an organization has adopted this ethos of converting adversity into opportunity and making the impossible possible by challenging conventional wisdom. Our ultimate aim has always been – and will always be – to touch the lives of people in a positive way

CB&I

cb cbi.com

CB&I is the world’s leading designer and builder of storage facilities, tanks, and terminals. With more than 60,000 structures completed throughout its 135+ year history, CB&I has the global expertise and strategically located operations to provide its customers world-class storage solutions for even the most complex energy infrastructure projects. CB&I is owned by a consortium of financial investors led by Mason Capital Management LLC. To learn more, visit www.cbi.com.

repsol

repsol.com

What do you do with the energy that drives you every day? We strive to turn it into something useful for you—your decisions and your next steps. We are a company that explores multi-energy solutions through innovation, technology, and the curiosity of our team. With over 25,000 colleagues and presence in 27 countries, we deliver real solutions to the challenges of mobility, home, and industry. And we do it the way we know best: #AllOurEnergy.

Loading…

NEWS

Entrepose Contracting CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-7654

SUMMARY

The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of `unserialize()` without an `allowed_classes` restriction in the `IdsToCollection::get_ids_from_string()` function, which processes attacker-controlled post meta values without proper validation. This makes it possible for authenticated attackers with Contributor-level access and above to inject a serialized PHP object into a post's custom meta field and trigger arbitrary code execution by exploiting a bundled POP gadget chain, resulting in remote code execution as the web server user.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-7523

SUMMARY

The Alba Board plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.1.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to access arbitrary private alba_card post data, including title, description, assignee, due date, tags, and comments, that is intended to be restricted to Administrators and Editors. The handler is registered via the wp_ajax_nopriv_ hook and its nonce is exposed to all site visitors through wp_localize_script on pages containing the [alba_board] shortcode, making this exploitable by unauthenticated users who can access any such page.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: 4.3)

cvss3

Base Score: 4.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Impact Score

1.4

Exploitability

2.8

REFERENCES

CVE-2026-45409

SUMMARY

Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as `"\u0660" * N` or `"\u30fb" * N + "\u6f22"` utilize the `valid_contexto` function prior to length rejection, and for high values of `N` will take a long time to process. This is the same issue as CVE-2024-3651, however the original remediation in 2024 was not a complete fix. A specially crafted argument to the `idna.encode()` function could consume significant resources. This may lead to a denial-of-service. Starting in version 3.14, the function rejects long inputs as soon as practicable prior to any further processing to minimize resource consumption. In version 3.15, this approach was extended to lesser used alternate functions (i.e. per-label conversions and codec support). A workaround is available. Domain names cannot exceed 253 characters in length. If this length limit is enforced prior to passing the domain to the `idna.encode()` function, it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 6.9

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://github.com/kjd/idna/security/advisories/GHSA-65pc-fj4g-8rjx

CVE-2026-11431

SUMMARY

A path traversal vulnerability exists in the Projects Service download endpoint shared by Altium Enterprise Server and Altium 365. An authenticated user can supply a crafted path parameter that bypasses validation, allowing arbitrary files (including entire directories returned as archives) to be read from the server filesystem. Because the readable files include service configuration and credential material, exploitation can be used to gather information enabling further compromise. The issue can be combined with CVE-2026-11424 to reach the cloud-side endpoint. On multi-tenant Altium 365 deployments, the readable configuration could have exposed credentials shared across services. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 8.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://www.altium.com/platform/security-compliance/security-advisories

CVE-2026-11429

SUMMARY

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to move arbitrary files outside the intended repository area. This file-move primitive can be used to place attacker-controlled script content into directories where it is later executed by the service, resulting in remote code execution under the Git Service account. On multi-tenant Altium 365 deployments, this could have allowed access to data belonging to other tenants on the same infrastructure node. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 9.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://www.altium.com/platform/security-compliance/security-advisories

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…