Plum AI - www.getplum.ai
Last Update: 2026-04-04
Between 750 and 799
Improving LLM applications
NAICS: 513
NAICS Definition: Others
Employees: 1
Subsidiaries: 0
12-month incidents
0
Known data breaches
0
Attack type number
0
Comparison Overview
Plum AI - www.getplum.ai
VS
Avnet
Avnet
Last Update: 2026-04-03
Between 750 and 799
Avnet is a global electronic components distributor with extensive design, product, marketing and supply chain expertise for customers and suppliers at every stage of the product lifecycle. For the past 100 years, Avnet has helped its customers and suppliers around the world realize the transformative possibilities of technology. Our culture was founded on new ideas and emerging technology. Headquartered in Phoenix, Arizona, Avnet is a leading global technology distributor and solutions provider at the center of the technology value chain. Founded in 1921, we work with suppliers in every major technology segment to serve customers worldwide across a broad range of markets. Whether working on large-scale production or early prototypes, we meet customer needs through individualized, end-to-end service to streamline solutions and improve efficiency for customers worldwide. We serve more than 1 million customers in more than 140 countries and partner with global suppliers from almost every technology segment. Learn more about Avnet at www.avnet.com.
NAICS: 513
NAICS Definition: Others
Employees: 12,246
Subsidiaries: 14
12-month incidents
0
Known data breaches
0
Attack type number
0
Compliance Badges Comparison
Security & Compliance Standards Overview
Plum AI - www.getplum.ai
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Avnet
ISO 27001
Not verified
SOC2 Type 1
Not verified
SOC2 Type 2
Not verified
GDPR
Not verified
PCI DSS
Not verified
HIPAA
Not verified
Compliance Summary
Plum AI - www.getplum.ai
100%
Compliance Rate
0/4 Standards Verified
Avnet
0%
Compliance Rate
0/4 Standards Verified
Benchmark & Cyber Underwriting Signals
Incidents vs Technology, Information and Internet Industry Average (This Year)
No incidents recorded for Plum AI - www.getplum.ai in 2026.
Incidents vs Technology, Information and Internet Industry Average (This Year)
No incidents recorded for Avnet in 2026.
Incident History — Plum AI - www.getplum.ai (X = Date, Y = Severity)
Plum AI - www.getplum.ai cyber incidents detection timeline including parent company and subsidiaries
Incident History — Avnet (X = Date, Y = Severity)
Avnet cyber incidents detection timeline including parent company and subsidiaries
Notable Incidents
Last 3 Security & Risk Events by Company
Plum AI - www.getplum.ai
Incidents
No Incident
Avnet
Incidents
No Incident
FAQ
Avnet company demonstrates a stronger AI Cybersecurity Score compared to Plum AI - www.getplum.ai company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.
Historically, Avnet company has disclosed a higher number of cyber incidents compared to Plum AI - www.getplum.ai company.
In the current year, Avnet company and Plum AI - www.getplum.ai company have not reported any cyber incidents.
Neither Avnet company nor Plum AI - www.getplum.ai company has reported experiencing a ransomware attack publicly.
Neither Avnet company nor Plum AI - www.getplum.ai company has reported experiencing a data breach publicly.
Neither Avnet company nor Plum AI - www.getplum.ai company has reported experiencing targeted cyberattacks publicly.
Neither Plum AI - www.getplum.ai company nor Avnet company has reported experiencing or disclosing vulnerabilities publicly.
Neither Plum AI - www.getplum.ai nor Avnet holds any compliance certifications.
Neither company holds any compliance certifications.
Avnet company has more subsidiaries worldwide compared to Plum AI - www.getplum.ai company.
Avnet company employs more people globally than Plum AI - www.getplum.ai company, reflecting its scale as a Technology, Information and Internet.
Neither Plum AI - www.getplum.ai nor Avnet holds SOC 2 Type 1 certification.
Neither Plum AI - www.getplum.ai nor Avnet holds SOC 2 Type 2 certification.
Neither Plum AI - www.getplum.ai nor Avnet holds ISO 27001 certification.
Neither Plum AI - www.getplum.ai nor Avnet holds PCI DSS certification.
Neither Plum AI - www.getplum.ai nor Avnet holds HIPAA certification.
Neither Plum AI - www.getplum.ai nor Avnet holds GDPR certification.
Latest Global CVEs (Not Company-Specific)
Description
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers assume that the history index is always available and call blockchain.history_store.history_index().unwrap() directly. That assumption is false by construction. HistoryStoreProxy::history_index() explicitly returns None for the valid HistoryStoreProxy::WithoutIndex state. when a full node is syncing or otherwise running without the history index, a remote peer can send RequestTransactionsProof or RequestTransactionReceiptsByAddress and trigger an Option::unwrap() panic on the request path. This issue has been patched in version 1.3.0.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Description
PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95.
Risk Information
cvss3
Base: 8.6
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. This issue has been patched in version 4.5.97.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python thread for hundreds of seconds and causing a complete service outage. This issue has been patched in version 4.5.90.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
