What is the official website of KAYAK ?

The official website of KAYAK is http://www.kayak.com.

What is KAYAK's cybersecurity risk score?

KAYAK has an AI-generated cybersecurity risk score of 763 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has KAYAK experienced?

According to Rankiteo, KAYAK currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has KAYAK been affected by any supply chain cyber incidents ?

According to Rankiteo, KAYAK has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: LiteLLM (Incident ID: AGOBOO1776904233) Booking.com (Incident ID: BOO1776206403) Booking.com (Incident ID: BOO1776112063)

Does KAYAK have SOC 2 Type 1 certification ?

According to Rankiteo, KAYAK is not certified under SOC 2 Type 1.

Does KAYAK have SOC 2 Type 2 certification ?

According to Rankiteo, KAYAK does not hold a SOC 2 Type 2 certification.

Does KAYAK comply with GDPR ?

According to Rankiteo, KAYAK is not listed as GDPR compliant.

Does KAYAK have PCI DSS certification ?

According to Rankiteo, KAYAK does not currently maintain PCI DSS compliance.

Does KAYAK comply with HIPAA ?

According to Rankiteo, KAYAK is not compliant with HIPAA regulations.

Does KAYAK have ISO 27001 certification ?

According to Rankiteo,KAYAK is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does KAYAK operate in ?

KAYAK operates primarily in the Technology, Information and Internet industry.

How many employees does KAYAK have ?

KAYAK employs approximately 1,112 people worldwide.

Does KAYAK own any subsidiaries ?

KAYAK presently has no subsidiaries across any sectors.

How many LinkedIn followers does KAYAK have ?

KAYAK's official LinkedIn profile has approximately 89,533 followers.

What is the NAICS classification code for KAYAK ?

KAYAK is classified under the NAICS code 513, which corresponds to Others.

Does KAYAK have a Crunchbase profile ?

Yes, KAYAK has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/kayak.

Does KAYAK have a LinkedIn profile ?

Yes, KAYAK maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/kayak.

How many cybersecurity incidents has KAYAK experienced ?

As of June 22, 2026, Rankiteo reports that KAYAK has experienced 12 cybersecurity incidents.

How many peer or competitor companies does KAYAK have ?

KAYAK has an estimated 14,811 peer or competitor companies worldwide.

What types of cybersecurity incidents has KAYAK faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

KAYAK

Boost Score +25 with badge (5 left)

763

/1000

Fair

788

/1000

Fair

KAYAK Vendor Cyber Rating & Cyber Score

kayak.com

cb in

Add Your Compliance Badge

At KAYAK, we help millions of travelers around the globe make confident travel decisions. As the world’s leading travel search engine, KAYAK searches other sites to show travelers the information they need to find the right flights, hotels, rental cars and vacation packages. And because we aim to help travelers explore the world more confidently, we’re always on the lookout for ways to make travel planning and trip management easier – offering up a variety of tools and features such as KAYAK Trips, Explore, Price Forecast and our constantly evolving app and A.I. innovations. KAYAK is part of a global network that includes our sister brand OpenTable, as well as a portfolio of travel metasearch brands including Swoodoo, checkfelix,

KAYAK A.I CyberSecurity Scoring

Scoring History

KAYAK

KAYAK CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Agoda

Breach

4/2026

LiteLLM

AGOBOO177690423...

Booking Holdings (N...

Breach

4/2026

ADOGOOMICEURBOO...

Booking.com

Cyber Attack

4/2026

Booking.com

BOO1776206403

Booking.com

Breach

4/2026

Booking.com

BOO1776112063

Booking.com

Breach

4/2026

BOO1776263987

Booking.com

Breach

12/2025

BOO1776061928

KAYAK

Cyber Attack

6/2025

BOO948072325

KAYAK

Cyber Attack

4/2025

BOO150201511122...

KAYAK

Cyber Attack

2/2025

BOO276412711172...

Booking.com

Breach

12/2024

BOO1776680735

Booking.com

Breach

1/2024

BOO1776085137

Booking.com

Breach

6/2023

BOO1768736831

Loading…

A.I.

KAYAK Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for KAYAK

Incidents vs Technology, Information and Internet Industry Avg (This Year)

No incidents recorded for KAYAK in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for KAYAK in 2026.

Incident Types KAYAK vs Technology, Information and Internet Industry Avg (This Year)

No incidents recorded for KAYAK in 2026.

Incident History - KAYAK (X = Date, Y = Severity)

Loading…

SUBSIDIARY

KAYAK Subsidiaries

KAYAK

Technology, Information and Internet

Website: http://www.kayak.com

Company Size: 1,112

Booking Holdings (NASDAQ: BKNG)Technology, Information and Internet

Booking.comSoftware Development

Booking.com for BusinessInternetmedia

AgodaSoftware Development

Agoda Media Solutionsบริการโฆษณา

Agoda for PartnersLeisure, Travel & Tourism

PricelineTechnology, Information and Internet

FareHarborTravel Arrangements

Rocket Travel by AgodaTechnology, Information and Internet

KAYAK Affiliate NetworkTravel Arrangements

KAYAK for BusinessLeisure, Travel & Tourism

Loading…

KAYAK Similar Companies

Peraton

peraton.com

At Peraton, we're at the forefront of delivering the next big thing every day. We're the partner of choice to help solve some of the world's most daunting challenges, delivering bold, new solutions to keep people around the world safer and more secure. How do we do it? By thinking differently. We're not mired in the past. We look at all problems with fresh eyes. We look past the obvious to bring the best talent, tech, and ideas together to completely transform how things get done. So bring your unique ideas, your entrepreneurial spirit, and your drive to succeed and get ready to be part of something bigger. Get ready to do the can't be done. ________ Recruitment fraud is a growing trend where fraudsters have been known to attempt to use our name to trick job seekers with fake employment opportunities. This type of scam is typically carried out through fake job postings, fake websites, or email accounts claiming to be from Peraton. The intent of recruitment fraud is to gain access to your personal information, such as your banking information, credit card number, or social security number. Please be aware that our careers site can be found at careers.peraton.com and our corporate site can be found at peraton.com. To learn more about Recruitment fraud and what to expect and not to expect from a Peraton recruiter, please visit: https://careers.peraton.com/recruitment-fraud/

Jumia Group

cb jumia.com

Jumia (NYSE :JMIA) is a leading e-commerce platform in Africa. It is built around a marketplace, Jumia Logistics, and JumiaPay. The marketplace helps millions of consumers and sellers to connect and transact. Jumia Logistics enables the delivery of millions of packages through our network of local partners. JumiaPay facilitates the payments of online transactions for Jumia's ecosystem. With over 1 billion people and 500 million internet users in Africa, Jumia believes that e-commerce is making people's lives easier by helping them shop and pay for millions of products at the best prices wherever they live. E-commerce is also creating new opportunities for SMEs to grow, and job opportunities for a new generation to thrive. With over 3,000 employees in more than 9 countries in Africa, Jumia is led by top talented leaders offering a great mix of local and international talents and is backed by very high-profile shareholders. Jumia is committed to creating sustainable impact in Africa. Jumia offers unique opportunities in a vibrant and booming environment, creating new jobs, new skills, and empowering a new generation.

Fanatics

fanaticsinc.com

Fanatics is a leading global digital sports platform. We ignite the passions of global sports fans and maximize the presence and reach for our hundreds of sports partners globally by offering products and services across Fanatics Commerce, Fanatics Collectibles, and Fanatics Betting & Gaming, allowing sports fans to Buy, Collect, and Bet. Through the Fanatics platform, sports fans can buy licensed fan gear, jerseys, lifestyle and streetwear products, headwear, and hardgoods; collect physical and digital trading cards, sports memorabilia, and other digital assets; and bet as the company builds its Sportsbook and iGaming platform. Fanatics has an established database of over 100 million global sports fans; a global partner network with approximately 900 sports properties, including major national and international professional sports leagues, players associations, teams, colleges, college conferences and retail partners, 2,500 athletes and celebrities, and 200 exclusive athletes; and over 2,000 retail locations, including its Lids retail stores. Our more than 22,000 employees are committed to relentlessly enhancing the fan experience and delighting sports fans globally.

Prosus

prosus.com

Prosus is the power behind the world’s leading lifestyle e-commerce brands. Bringing together bold ideas and the power of AI, Prosus builds technology ecosystems where lifestyle ecommerce brands can become global success stories. These ecosystems span three core geographies – Europe, Latin America and India. In these geographies, Prosus simplifies the often-fragmented experience for consumer buyers and sellers, providing an integrated and frictionless approach that helps billions of consumers to buy, sell and transact through food, Fintech, experiences and commerce platforms

Lenskart.com

lenskart.com

At Lenskart, we believe that clear vision is fundamental to the personal development and well-being of an individual, and our aim is to build tech-enabled solutions that improve access to affordable and quality ‘Eyewear for All’. We commenced our operations in India as an online business in 2010 and opened our first retail store in New Delhi in 2013. Since then, we have scaled through both the online and offline channels and have established a presence through our retail stores, websites, mobile applications, and other channels.

Everforth

everforth.com

Everforth, Inc. (NYSE: EFOR) is a leading technology and digital engineering company that helps organizations adapt, innovate, and thrive in a world of constant change. Our six solution areas — AI and data, cloud and infrastructure, application and digital engineering, experience, cybersecurity, and enterprise platforms — accelerate time to value for our commercial and federal clients. Powered by proprietary assets, accelerators, and proven expertise, Everforth turns complexity into progress and delivers measurable outcomes. Everforth: Adapt and Thrive™.

IndiaMART InterMESH Limited

cb indiamart.com

IndiaMART is India's largest online B2B marketplace, connecting buyers with suppliers across a wide array of industries. IndiaMART provides a platform for Small & Medium Enterprises (SMEs), large enterprises, and individual buyers, helping them access diverse portfolios of quality products. Since 1999, IndiaMART’s mission has been to make doing business easy. Today, over 21.9 Crore buyers can explore and choose from 12.4 Crore products, sourced from 86 Lakh suppliers, creating a one-stop platform for all business needs. IndiaMART offers enhanced business visibility and credibility for suppliers, with tools designed to support business growth and operational efficiency. With a dedicated workforce of over 5000 employees across India, IndiaMART continues to facilitate seamless connections and provide a trusted marketplace for businesses to thrive.

Independiente / Freelance

wikipedia.org

La etimología de la palabra deriva del término medieval inglés usado para un mercenario (free-independiente o lance-lanza), es decir, un caballero que no servía a ningún señor en concreto y cuyos servicios podían ser alquilados por cualquiera. El término fue acuñado inicialmente por Sir Walter Scott (1771-1832) en su reconocido romance histórico Ivanhoe para describir a un "guerrero medieval mercenario". La frase en inglés luego hizo la transición a un sustantivo figurativo alrededor de 1860 y fue luego reconocido como un verbo oficialmente en 1903 por varias autoridades en lingüística tales como el Diccionario Oxford de Inglés. Solamente en tiempos modernos ha mutado el término de un sustantivo (un freelance o un freelancer) y un adverbio (un periodista que trabaja freelance). Esta palabra es empleada como anglicismo en castellano como dos palabras separadas "free lance" (del inglés) o autónomo pero no tiene aplicación como verbo. Fuente: Wikipedia. https://es.wikipedia.org/wiki/Freelance Acerca de Independiente / Freelance Somos una de las comunidades de habla hispana más grandes en LinkedIn para profesionales que eligen trabajar de forma independiente. Un espacio para conectar, compartir recursos y encontrar oportunidades. Publicaciones para Empresas y Reclutadores. Para publicar una búsqueda de talento, por favor envíe los detalles de la oferta a: [email protected] El proceso es simple y asincrónico.

Avnet

avnet.com

Avnet is a global electronic components distributor with extensive design, product, marketing and supply chain expertise for customers and suppliers at every stage of the product lifecycle. For the past 100 years, Avnet has helped its customers and suppliers around the world realize the transformative possibilities of technology. Our culture was founded on new ideas and emerging technology. Headquartered in Phoenix, Arizona, Avnet is a leading global technology distributor and solutions provider at the center of the technology value chain. Founded in 1921, we work with suppliers in every major technology segment to serve customers worldwide across a broad range of markets. Whether working on large-scale production or early prototypes, we meet customer needs through individualized, end-to-end service to streamline solutions and improve efficiency for customers worldwide. We serve more than 1 million customers in more than 140 countries and partner with global suppliers from almost every technology segment. Learn more about Avnet at www.avnet.com.

Loading…

NEWS

KAYAK CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

December 08, 2025 08:00 AM

TripAdvisor & Kayak Data Dive Reveals World’s Top Christmas Destinations

The numbers are in: based on data from TripAdvisor and Kayak, these are the world's best Christmas destinations if you like great tours.

Read Article

February 20, 2025 08:00 AM

Booking Holdings Inc. SEC 10-K Report

Booking Holdings Inc., a global leader in online travel and related services, has released its 2024 Form 10-K report, showcasing robust financial performance.

Read Article

January 18, 2025 08:00 AM

Travel Warning: Cybersecurity Emerges As A Top Security Threat In 2025

There are a range of cyber threats facing travelers, from phishing scams designed to steal personal information to fake travel websites and rental listings.

Read Article

August 29, 2024 07:00 AM

Top Travel Sites Have Some First-Class Security Issues to Clean Up

The top 10 travel and hospitality companies have public-facing security and other cloud infrastructure vulnerabilities that expose customers to potential...

Read Article

March 05, 2024 08:00 AM

Lessons from Axonius — $100 million ARR and beyond

For years, we've been exploring the evolving state of cybersecurity and CISOs' growing demand to find comprehensive security platforms as...

Read Article

February 01, 2024 08:00 AM

How to Use "GPT Mentions" to Call Out Custom GPTs in Any ChatGPT Conversation

OpenAI's premium version of ChatGPT, known as ChatGPT Plus, offers users a range of extra features in exchange for the monthly subscription...

Read Article

May 18, 2023 07:00 AM

Will Passwords Become a Thing of the Past?

It seems passwordless authentication will be headed to your devices as an option very soon, if it isn't there already.

Read Article

May 08, 2020 04:30 PM

Mystery of Missing Dutch Cybersecurity Expert in Norway Is Still Unresolved

Two days ago a man was found drowned in Bodø. It has reopened the unresolved mystery of famous Dutch cybersecurity expert who has got lost in Norway in...

Read Article

August 23, 2019 07:00 AM

Wikileaks hacking expert died in 'kayaking accident'

Arjen Kamphuis disappeared in mysterious circumstances in the Norwegian Fjords and his body has never been found.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12814

SUMMARY

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=ping_config of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-21

Updated

Date2026-06-21

RISK INFORMATION (Score: 6.3)

cvss2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 6.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

2.8

REFERENCES

CVE-2026-12813

SUMMARY

A vulnerability was detected in activepieces up to 0.83.0. This vulnerability affects the function handleUrlFile in the library packages/server/engine/src/lib/variables/processors/file.ts of the component File URL Handler. The manipulation results in server-side request forgery. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-21

Updated

Date2026-06-21

RISK INFORMATION (Score: 6.3)

cvss2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 6.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

2.8

REFERENCES

CVE-2026-12812

SUMMARY

A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This affects an unknown part of the component HTML Report Generation. The manipulation leads to HTML injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-21

Updated

Date2026-06-21

RISK INFORMATION (Score: 3.5)

cvss2

Base Score: 4.0

Complexity: LOW

AV:N/AC:L/Au:S/C:N/I:P/A:N

cvss3

Base Score: 3.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

1.4

Exploitability

2.1

REFERENCES

CVE-2026-12811

SUMMARY

A weakness has been identified in kortix-ai suna up to 0.8.38. Affected by this issue is the function router.replace/router.push of the file apps/frontend/src/app/auth/page.tsx of the component Auth Endpoint. Executing a manipulation of the argument returnURL can lead to cross site scripting. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 0.8.39 can resolve this issue. This patch is called f5dec7aa0c1b8fa0125938f292c0f2430ca75f6c. It is advisable to upgrade the affected component. The researcher explains: "The issue was fixed in v0.8.39 without notifying the wider user base via a security disclosure."

Published

Date2026-06-21

Updated

Date2026-06-21

RISK INFORMATION (Score: 4.3)

cvss2

Base Score: 5.0

Complexity: LOW

AV:N/AC:L/Au:N/C:N/I:P/A:N

cvss3

Base Score: 4.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

cvss4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

1.4

Exploitability

2.8

REFERENCES

CVE-2026-12810

SUMMARY

A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-21

Updated

Date2026-06-21

RISK INFORMATION (Score: 6.3)

cvss2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 6.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

2.8

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…