Federal Ministry of the Interior
Last Update: 2025-12-12
Between 800 and 849
Location Berlin
NAICS: 92
NAICS Definition: Public Administration
Employees: 306
Subsidiaries: 0
12-month incidents
1
Known data breaches
0
Attack type number
1
Comparison Overview
Federal Ministry of the Interior
VS
Malmö stad
Malmö stad
Last Update: 2025-12-09
Between 750 and 799
Bli en samhällsbyggare – jobba i Malmö stad! Genom att arbeta i Malmö stad får du möjlighet att arbeta med hållbar samhällsutveckling. Som en samhällsbyggare spelar du en viktig roll i Malmös utveckling och därför ser vi oss som framtidens arbetsplats. Människors lika värde är en förutsättning för demokrati och är också en självklarhet i vår värdegrund. Med 20 000 medarbetare är Malmö stad en av de största arbetsgivarna i Skåne. Vi har över 400 yrkeskategorier representerade inom 22 förvaltningar. Är du intresserad av att jobba hos oss? Se våra lediga tjänster på http://www.malmo.se/jobb
NAICS: 92
NAICS Definition: Public Administration
Employees: 13,521
Subsidiaries: 5
12-month incidents
0
Known data breaches
0
Attack type number
0
Compliance Badges Comparison
Security & Compliance Standards Overview
Federal Ministry of the Interior
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Malmö stad
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Compliance Summary
Federal Ministry of the Interior
100%
Compliance Rate
0/4 Standards Verified
Malmö stad
0%
Compliance Rate
0/4 Standards Verified
Benchmark & Cyber Underwriting Signals
Incidents vs Government Administration Industry Average (This Year)
Federal Ministry of the Interior has 23.46% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs Government Administration Industry Average (This Year)
No incidents recorded for Malmö stad in 2025.
Incident History — Federal Ministry of the Interior (X = Date, Y = Severity)
Federal Ministry of the Interior cyber incidents detection timeline including parent company and subsidiaries
Incident History — Malmö stad (X = Date, Y = Severity)
Malmö stad cyber incidents detection timeline including parent company and subsidiaries
Notable Incidents
Last 3 Security & Risk Events by Company
Federal Ministry of the Interior
Incidents
Malmö stad
Incidents
No Incident
FAQ
Federal Ministry of the Interior company demonstrates a stronger AI Cybersecurity Score compared to Malmö stad company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.
Federal Ministry of the Interior company has historically faced a number of disclosed cyber incidents, whereas Malmö stad company has not reported any.
In the current year, Federal Ministry of the Interior company has reported more cyber incidents than Malmö stad company.
Neither Malmö stad company nor Federal Ministry of the Interior company has reported experiencing a ransomware attack publicly.
Neither Malmö stad company nor Federal Ministry of the Interior company has reported experiencing a data breach publicly.
Federal Ministry of the Interior company has reported targeted cyberattacks, while Malmö stad company has not reported such incidents publicly.
Neither Federal Ministry of the Interior company nor Malmö stad company has reported experiencing or disclosing vulnerabilities publicly.
Neither Federal Ministry of the Interior nor Malmö stad holds any compliance certifications.
Neither company holds any compliance certifications.
Malmö stad company has more subsidiaries worldwide compared to Federal Ministry of the Interior company.
Malmö stad company employs more people globally than Federal Ministry of the Interior company, reflecting its scale as a Government Administration.
Neither Federal Ministry of the Interior nor Malmö stad holds SOC 2 Type 1 certification.
Neither Federal Ministry of the Interior nor Malmö stad holds SOC 2 Type 2 certification.
Neither Federal Ministry of the Interior nor Malmö stad holds ISO 27001 certification.
Neither Federal Ministry of the Interior nor Malmö stad holds PCI DSS certification.
Neither Federal Ministry of the Interior nor Malmö stad holds HIPAA certification.
Neither Federal Ministry of the Interior nor Malmö stad holds GDPR certification.
Latest Global CVEs (Not Company-Specific)
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, there is no handler for JSON parsing errors; SyntaxError from express.json() includes user input in the error message, which gets reflected in responses. User input (including HTML/JavaScript) can be exposed in error responses, creating an XSS risk if Content-Type isn't strictly enforced. This issue does not have a fix at the time of publication.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, when creating prompts, JSON requests are sent to define and modify the prompts via PATCH endpoint for prompt groups (/api/prompts/groups/:groupId). However, the request bodies are not sufficiently validated for proper input, enabling users to modify prompts in a way that was not intended as part of the front end system. The patchPromptGroup function passes req.body directly to updatePromptGroup() without filtering sensitive fields. This issue is fixed in version 0.8.1.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, when a user posts a question, the iconURL parameter of the POST request can be modified by an attacker. The malicious code is then stored in the chat which can then be shared to other users. When sharing chats with a potentially malicious “tracker”, resources loaded can lead to loss of privacy for users who view the chat link that is sent to them. This issue is fixed in version 0.8.1.
Risk Information
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
MaxKB is an open-source AI assistant for enterprise. Versions 2.3.1 and below have improper file permissions which allow attackers to overwrite the built-in dynamic linker and other critical files, potentially resulting in privilege escalation. This issue is fixed in version 2.4.0.
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Description
MaxKB is an open-source AI assistant for enterprise. In versions 2.3.1 and below, the tool module allows an attacker to escape the sandbox environment and escalate privileges under certain concurrent conditions. This issue is fixed in version 2.4.0.
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
