Federal Ministry of the Interior
Last Update: 2025-12-12
Between 800 and 849
Location Berlin
NAICS: 92
NAICS Definition: Public Administration
Employees: 306
Subsidiaries: 0
12-month incidents
1
Known data breaches
0
Attack type number
1
Comparison Overview
Federal Ministry of the Interior
VS
Ville de Montréal
Ville de Montréal
Last Update: 2025-12-09
Between 750 and 799
Montréal est la plus grande ville francophone d’Amérique et elle se distingue par sa vitalité culturelle exceptionnelle et des forces créatrices reconnues mondialement. Elle se développe un peu plus chaque jour en une ville contemporaine, inclusive et dynamique sur les plans économique, culturel et social. Visant à offrir aux Montréalaises et aux Montréalais un lieu de vie agréable et prospère, la Ville de Montréal veut rester à l’écoute des besoins changeants de sa population afin de s’y adapter de façon continue. Pour ce faire, elle mise sur les compétences et l’expertise de ses 28 000 employés au service de 1,8 million de citoyens.
NAICS: 92
NAICS Definition: Public Administration
Employees: 11,464
Subsidiaries: 1
12-month incidents
0
Known data breaches
0
Attack type number
0
Compliance Badges Comparison
Security & Compliance Standards Overview
Federal Ministry of the Interior
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Ville de Montréal
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Compliance Summary
Federal Ministry of the Interior
100%
Compliance Rate
0/4 Standards Verified
Ville de Montréal
0%
Compliance Rate
0/4 Standards Verified
Benchmark & Cyber Underwriting Signals
Incidents vs Government Administration Industry Average (This Year)
Federal Ministry of the Interior has 23.46% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs Government Administration Industry Average (This Year)
No incidents recorded for Ville de Montréal in 2025.
Incident History — Federal Ministry of the Interior (X = Date, Y = Severity)
Federal Ministry of the Interior cyber incidents detection timeline including parent company and subsidiaries
Incident History — Ville de Montréal (X = Date, Y = Severity)
Ville de Montréal cyber incidents detection timeline including parent company and subsidiaries
Notable Incidents
Last 3 Security & Risk Events by Company
Federal Ministry of the Interior
Incidents
Ville de Montréal
Incidents
No Incident
FAQ
Federal Ministry of the Interior company demonstrates a stronger AI Cybersecurity Score compared to Ville de Montréal company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.
Federal Ministry of the Interior company has historically faced a number of disclosed cyber incidents, whereas Ville de Montréal company has not reported any.
In the current year, Federal Ministry of the Interior company has reported more cyber incidents than Ville de Montréal company.
Neither Ville de Montréal company nor Federal Ministry of the Interior company has reported experiencing a ransomware attack publicly.
Neither Ville de Montréal company nor Federal Ministry of the Interior company has reported experiencing a data breach publicly.
Federal Ministry of the Interior company has reported targeted cyberattacks, while Ville de Montréal company has not reported such incidents publicly.
Neither Federal Ministry of the Interior company nor Ville de Montréal company has reported experiencing or disclosing vulnerabilities publicly.
Neither Federal Ministry of the Interior nor Ville de Montréal holds any compliance certifications.
Neither company holds any compliance certifications.
Ville de Montréal company has more subsidiaries worldwide compared to Federal Ministry of the Interior company.
Ville de Montréal company employs more people globally than Federal Ministry of the Interior company, reflecting its scale as a Government Administration.
Neither Federal Ministry of the Interior nor Ville de Montréal holds SOC 2 Type 1 certification.
Neither Federal Ministry of the Interior nor Ville de Montréal holds SOC 2 Type 2 certification.
Neither Federal Ministry of the Interior nor Ville de Montréal holds ISO 27001 certification.
Neither Federal Ministry of the Interior nor Ville de Montréal holds PCI DSS certification.
Neither Federal Ministry of the Interior nor Ville de Montréal holds HIPAA certification.
Neither Federal Ministry of the Interior nor Ville de Montréal holds GDPR certification.
Latest Global CVEs (Not Company-Specific)
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, there is no handler for JSON parsing errors; SyntaxError from express.json() includes user input in the error message, which gets reflected in responses. User input (including HTML/JavaScript) can be exposed in error responses, creating an XSS risk if Content-Type isn't strictly enforced. This issue does not have a fix at the time of publication.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, when creating prompts, JSON requests are sent to define and modify the prompts via PATCH endpoint for prompt groups (/api/prompts/groups/:groupId). However, the request bodies are not sufficiently validated for proper input, enabling users to modify prompts in a way that was not intended as part of the front end system. The patchPromptGroup function passes req.body directly to updatePromptGroup() without filtering sensitive fields. This issue is fixed in version 0.8.1.
Risk Information
cvss4
Base: 5.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
LibreChat is a ChatGPT clone with additional features. In versions 0.8.0 and below, when a user posts a question, the iconURL parameter of the POST request can be modified by an attacker. The malicious code is then stored in the chat which can then be shared to other users. When sharing chats with a potentially malicious “tracker”, resources loaded can lead to loss of privacy for users who view the chat link that is sent to them. This issue is fixed in version 0.8.1.
Risk Information
cvss4
Base: 8.6
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
MaxKB is an open-source AI assistant for enterprise. Versions 2.3.1 and below have improper file permissions which allow attackers to overwrite the built-in dynamic linker and other critical files, potentially resulting in privilege escalation. This issue is fixed in version 2.4.0.
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Description
MaxKB is an open-source AI assistant for enterprise. In versions 2.3.1 and below, the tool module allows an attacker to escape the sandbox environment and escalate privileges under certain concurrent conditions. This issue is fixed in version 2.4.0.
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
