Federal Ministry of the Interior
Last Update: 2025-12-12
Between 800 and 849
Location Berlin
NAICS: 92
NAICS Definition: Public Administration
Employees: 306
Subsidiaries: 0
12-month incidents
1
Known data breaches
0
Attack type number
1
Comparison Overview
Federal Ministry of the Interior
VS
South African Revenue Service (SARS)
South African Revenue Service (SARS)
Last Update: 2025-12-09
Between 750 and 799
Its main functions are to: collect and administer all national taxes, duties and levies; collect revenue that may be imposed under any other legislation, as agreed on between SARS and an organ of state or institution entitled to the revenue; provide protection against the illegal importation and exportation of goods; facilitate trade; and advise the Minister of Finance on all revenue matters
NAICS: 92
NAICS Definition: Public Administration
Employees: 11,123
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
Compliance Badges Comparison
Security & Compliance Standards Overview
Federal Ministry of the Interior
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
South African Revenue Service (SARS)
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Compliance Summary
Federal Ministry of the Interior
100%
Compliance Rate
0/4 Standards Verified
South African Revenue Service (SARS)
0%
Compliance Rate
0/4 Standards Verified
Benchmark & Cyber Underwriting Signals
Incidents vs Government Administration Industry Average (This Year)
Federal Ministry of the Interior has 23.46% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs Government Administration Industry Average (This Year)
No incidents recorded for South African Revenue Service (SARS) in 2025.
Incident History — Federal Ministry of the Interior (X = Date, Y = Severity)
Federal Ministry of the Interior cyber incidents detection timeline including parent company and subsidiaries
Incident History — South African Revenue Service (SARS) (X = Date, Y = Severity)
South African Revenue Service (SARS) cyber incidents detection timeline including parent company and subsidiaries
Notable Incidents
Last 3 Security & Risk Events by Company
Federal Ministry of the Interior
Incidents
South African Revenue Service (SARS)
Incidents
No Incident
FAQ
Federal Ministry of the Interior company demonstrates a stronger AI Cybersecurity Score compared to South African Revenue Service (SARS) company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.
Federal Ministry of the Interior company has historically faced a number of disclosed cyber incidents, whereas South African Revenue Service (SARS) company has not reported any.
In the current year, Federal Ministry of the Interior company has reported more cyber incidents than South African Revenue Service (SARS) company.
Neither South African Revenue Service (SARS) company nor Federal Ministry of the Interior company has reported experiencing a ransomware attack publicly.
Neither South African Revenue Service (SARS) company nor Federal Ministry of the Interior company has reported experiencing a data breach publicly.
Federal Ministry of the Interior company has reported targeted cyberattacks, while South African Revenue Service (SARS) company has not reported such incidents publicly.
Neither Federal Ministry of the Interior company nor South African Revenue Service (SARS) company has reported experiencing or disclosing vulnerabilities publicly.
Neither Federal Ministry of the Interior nor South African Revenue Service (SARS) holds any compliance certifications.
Neither company holds any compliance certifications.
Neither Federal Ministry of the Interior company nor South African Revenue Service (SARS) company has publicly disclosed detailed information about the number of their subsidiaries.
South African Revenue Service (SARS) company employs more people globally than Federal Ministry of the Interior company, reflecting its scale as a Government Administration.
Neither Federal Ministry of the Interior nor South African Revenue Service (SARS) holds SOC 2 Type 1 certification.
Neither Federal Ministry of the Interior nor South African Revenue Service (SARS) holds SOC 2 Type 2 certification.
Neither Federal Ministry of the Interior nor South African Revenue Service (SARS) holds ISO 27001 certification.
Neither Federal Ministry of the Interior nor South African Revenue Service (SARS) holds PCI DSS certification.
Neither Federal Ministry of the Interior nor South African Revenue Service (SARS) holds HIPAA certification.
Neither Federal Ministry of the Interior nor South African Revenue Service (SARS) holds GDPR certification.
Latest Global CVEs (Not Company-Specific)
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, there is no handler for JSON parsing errors; SyntaxError from express.json() includes user input in the error message, which gets reflected in responses. User input (including HTML/JavaScript) can be exposed in error responses, creating an XSS risk if Content-Type isn't strictly enforced. This issue does not have a fix at the time of publication.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, when creating prompts, JSON requests are sent to define and modify the prompts via PATCH endpoint for prompt groups (/api/prompts/groups/:groupId). However, the request bodies are not sufficiently validated for proper input, enabling users to modify prompts in a way that was not intended as part of the front end system. The patchPromptGroup function passes req.body directly to updatePromptGroup() without filtering sensitive fields. This issue is fixed in version 0.8.1.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, when a user posts a question, the iconURL parameter of the POST request can be modified by an attacker. The malicious code is then stored in the chat which can then be shared to other users. When sharing chats with a potentially malicious “tracker”, resources loaded can lead to loss of privacy for users who view the chat link that is sent to them. This issue is fixed in version 0.8.1.
Risk Information
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
MaxKB is an open-source AI assistant for enterprise. Versions 2.3.1 and below have improper file permissions which allow attackers to overwrite the built-in dynamic linker and other critical files, potentially resulting in privilege escalation. This issue is fixed in version 2.4.0.
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Description
MaxKB is an open-source AI assistant for enterprise. In versions 2.3.1 and below, the tool module allows an attacker to escape the sandbox environment and escalate privileges under certain concurrent conditions. This issue is fixed in version 2.4.0.
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
