Comparison Overview

Q: Between Grupo Éxito company and Raia company, which one has the best AI Cybersecurity Score ?

Grupo Éxito company demonstrates a stronger AI Cybersecurity Score compared to Raia company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Q: Between Grupo Éxito company and Raia company, which one has experienced more cyber incidents in the past ?

Historically, Raia company has disclosed a higher number of cyber incidents compared to Grupo Éxito company.

Q: Between Grupo Éxito company and Raia company, which one has experienced more cyber incidents this year ?

In the current year, Raia company and Grupo Éxito company have not reported any cyber incidents.

Q: Between Grupo Éxito company and Raia company, which one has experienced at least one ransomware attack ?

Neither Raia company nor Grupo Éxito company has reported experiencing a ransomware attack publicly.

Q: Between Grupo Éxito company and Raia company, which one has experienced at least one data breach ?

Neither Raia company nor Grupo Éxito company has reported experiencing a data breach publicly.

Q: Between Grupo Éxito company and Raia company, which one has experienced at least one targeted cyberattack ?

Neither Raia company nor Grupo Éxito company has reported experiencing targeted cyberattacks publicly.

Q: Between Grupo Éxito company and Raia company, which one has experienced at least one vulnerability ?

Neither Grupo Éxito company nor Raia company has reported experiencing or disclosing vulnerabilities publicly.

Q: Between Grupo Éxito company and Raia company, which one holds the most compliance certifications ?

Neither Grupo Éxito nor Raia holds any compliance certifications.

Q: Between Grupo Éxito company and Raia company, which one has the most subsidiaries ?

Grupo Éxito company has more subsidiaries worldwide compared to Raia company.

Grupo Éxito

Carrera 48 #32 B Sur - 139, Envigado, 472, CO

Last Update: 2025-12-03

View Profile

Between 800 and 849

https://www.grupoexito.com.co/es

En Grupo Éxito evolucionamos junto a nuestros clientes, adaptándonos a las nuevas formas de consumo a través de la innovación, la transformación digital, las experiencias y la sostenibilidad. Como parte de la plataforma de retail más grande de Suramérica, estamos presentes en Colombia con las marcas Éxito, Carulla, Super Inter, Surtimax, Surtimayorista y Viva; en Uruguay con Grupo Disco y Grupo Devoto; y en Argentina con Libertad y Paseo. Nos diferenciamos con estrategias que nos permiten responder a un entorno competitivo y generar impacto en las comunidades donde operamos: ✅ Innovación en formatos de valor y nuevas soluciones de pago sin fricciones. ✅ Estrategia omnicliente, para brindar una experiencia fluida en cualquier canal. ✅ Monetización del tráfico, a través de nuestros centros comerciales, programas de fidelidad y negocios complementarios. ✅ Sostenibilidad, porque creemos en un negocio que genera valor compartido para el país y el planeta. Nuestro compromiso es seguir transformándonos para entregar lo mejor a nuestros clientes, colaboradores y aliados. 🚀 #NutrimosdeOportunidadesaColombia

NAICS: 43

NAICS Definition: Retail Trade

Employees: 18,749

Subsidiaries: 4

12-month incidents

0

Known data breaches

0

Attack type number

0

View Profile

Raia

BR

Last Update: 2025-12-01

Between 750 and 799

http://www.drogaraia.com.br

Nossa página oficial no LinkedIn é https://bit.ly/2XT3eZl Fundada em 1905 na cidade de Araraquara, a Raia é uma das bandeiras da RD Saúde (Raia Drogasil S.A.) e possui mais de 1000 farmácias em todo o Brasil. A RD Saúde é um ecossistema de saúde integral, com 3 mil farmácias em todo o Brasil e negócios em saúde que dividem o mesmo propósito: contribuir para uma sociedade mais saudável. Sua jornada começou em novembro de 2011, fruto da união entre Raia e Drogasil, crescendo até se tornar a maior rede de farmácias do Brasil e expandindo para além do varejo farmacêutico, integrando soluções B2B e plataformas digitais.

NAICS: 43

NAICS Definition: Retail Trade

Employees: 10,786

Subsidiaries: 0

12-month incidents

0

Known data breaches

0

Attack type number

0

https://images.rankiteo.com/companyimages/grupoexito.jpeg

Grupo Éxito

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Raia

—

ISO 27001

Not verified

—

SOC2 Type 1

Not verified

—

SOC2 Type 2

Not verified

—

GDPR

Not verified

—

PCI DSS

Not verified

—

HIPAA

Not verified

Incidents vs Retail Industry Average (This Year)

No incidents recorded for Grupo Éxito in 2025.

Incidents vs Retail Industry Average (This Year)

No incidents recorded for Raia in 2025.

Incident History — Grupo Éxito (X = Date, Y = Severity)

Grupo Éxito cyber incidents detection timeline including parent company and subsidiaries

Incident History — Raia (X = Date, Y = Severity)

Raia cyber incidents detection timeline including parent company and subsidiaries

Grupo Éxito

Incidents

No Incident

Raia

Incidents

No Incident

Grupo Éxito company demonstrates a stronger AI Cybersecurity Score compared to Raia company, reflecting its advanced cybersecurity posture governance and monitoring frameworks.

Historically, Raia company has disclosed a higher number of cyber incidents compared to Grupo Éxito company.

In the current year, Raia company and Grupo Éxito company have not reported any cyber incidents.

Neither Raia company nor Grupo Éxito company has reported experiencing a ransomware attack publicly.

Neither Raia company nor Grupo Éxito company has reported experiencing a data breach publicly.

Neither Raia company nor Grupo Éxito company has reported experiencing targeted cyberattacks publicly.

Neither Grupo Éxito company nor Raia company has reported experiencing or disclosing vulnerabilities publicly.

Neither Grupo Éxito nor Raia holds any compliance certifications.

Neither company holds any compliance certifications.

Grupo Éxito company has more subsidiaries worldwide compared to Raia company.

Grupo Éxito company employs more people globally than Raia company, reflecting its scale as a Retail.

Neither Grupo Éxito nor Raia holds SOC 2 Type 1 certification.

Neither Grupo Éxito nor Raia holds SOC 2 Type 2 certification.

Neither Grupo Éxito nor Raia holds ISO 27001 certification.

Neither Grupo Éxito nor Raia holds PCI DSS certification.

Neither Grupo Éxito nor Raia holds HIPAA certification.

Neither Grupo Éxito nor Raia holds GDPR certification.

Description

MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation (sh -c) without input validation, allowing shell metacharacters to be interpreted. This vulnerability can be exploited through direct command injection or indirect prompt injection attacks, where AI agents may execute commands without explicit user intent. This vulnerability is fixed in 2.9.8.

Published

Date

2025-12-03

Updated

Date

2025-12-03

Risk Information

cvss3

Base: 6.4

Severity: HIGH

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

References

Description

XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.

Published

Date

2025-12-03

Updated

Date

2025-12-03

References

https://github.com/weng-xianhu/eyoucms/issues/66

Description

An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.

Published

Date

2025-12-03

Updated

Date

2025-12-03

References

Description

Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in the authentication flow. This vulnerability is fixed in 5.9.8.

Published

Date

2025-12-03

Updated

Date

2025-12-03

Risk Information

cvss4

Base: 9.9

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

https://github.com/calcom/cal.com/security/advisories/GHSA-9r3w-4j8q-pw98

Description

Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed() function, it might lead to high CPU consumption and a potential Denial of Service. Small numbers go through this call stack: NativeNumber.numTo > DToA.JS_dtostr > DToA.JS_dtoa > DToA.pow5mult where pow5mult attempts to raise 5 to a ridiculous power. This vulnerability is fixed in 1.8.1, 1.7.15.1, and 1.7.14.1.

Published

Date

2025-12-03

Updated

Date

2025-12-03

Risk Information

cvss4

Base: 5.5

Severity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

References

https://github.com/mozilla/rhino/security/advisories/GHSA-3w8q-xq97-5j7x

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Grupo Éxito

VS

Raia

Grupo Éxito

Raia

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Retail Industry Average (This Year)

Incidents vs Retail Industry Average (This Year)

Incident History — Grupo Éxito (X = Date, Y = Severity)

Incident History — Raia (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Latest Global CVEs (Not Company-Specific)

CVE-2025-66404

Risk Information

CVE-2025-65868

CVE-2025-64055

CVE-2025-66489

Risk Information

CVE-2025-66453

Risk Information

Badge your company to reduce your risk score and your cyber insurance costs!

Comparison Overview

Grupo Éxito

VS

Raia

Grupo Éxito

Raia

Compliance Badges Comparison

Benchmark & Cyber Underwriting Signals

Incidents vs Retail Industry Average (This Year)

Incidents vs Retail Industry Average (This Year)

Incident History — Grupo Éxito (X = Date, Y = Severity)

Incident History — Raia (X = Date, Y = Severity)

Notable Incidents

No Incident

No Incident

FAQ

Between Grupo Éxito company and Raia company, which one has the best AI Cybersecurity Score ?

Between Grupo Éxito company and Raia company, which one has experienced more cyber incidents in the past ?

Between Grupo Éxito company and Raia company, which one has experienced more cyber incidents this year ?

Between Grupo Éxito company and Raia company, which one has experienced at least one ransomware attack ?

Between Grupo Éxito company and Raia company, which one has experienced at least one data breach ?

Between Grupo Éxito company and Raia company, which one has experienced at least one targeted cyberattack ?

Between Grupo Éxito company and Raia company, which one has experienced at least one vulnerability ?

Between Grupo Éxito company and Raia company, which one holds the most compliance certifications ?

Between Grupo Éxito company and Raia company, which one holds the fewest compliance certifications ?

Between Grupo Éxito company and Raia company, which one has the most subsidiaries ?

Between Grupo Éxito company and Raia company, which one has the largest number of employees ?

Between Grupo Éxito and Raia, which company holds both SOC 2 Type 1 certifications ?

Between Grupo Éxito and Raia, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified — Grupo Éxito or Raia ?

Which company is PCI DSS compliant — Grupo Éxito or Raia ?

Between Grupo Éxito and Raia, which company complies with HIPAA regulations for healthcare data ?

Between Grupo Éxito and Raia, which company complies with GDPR requirements ?

Latest Global CVEs (Not Company-Specific)

CVE-2025-66404

Risk Information

CVE-2025-65868

CVE-2025-64055

CVE-2025-66489

Risk Information

CVE-2025-66453

Risk Information