Comparison Overview
Legend by Xplor

Legend by Xplor
undefined, Newcastle upon Tyne, undefined, undefined, GB
Last Update: 01/04/2026
Trusted by leading leisure operators for almost 20 years, Legend offers a complete end-to-end leisure management solution. Delivering software, membership payments and value-added services – all powered by one platform – at Legend we are focused on helping you run yo...

PedidosYa
La Cumparsita 1475, 11200 Montevideo, Departamento de Montevideo, Montevideo, Montevideo, UY, 11200
Last Update: 02/04/2026
We’re the delivery market leader in Latin America. Our platform connects over 77.000 restaurants, supermarkets, pharmacies and stores with millions of users. Nowadays we operate in more than 500 cities in Latinamerica. And we are now over 3.400 employees. PedidosYa is ...
Compliance Ranges Comparison

Legend by Xplor







PedidosYa






Benchmark & Cyber Underwriting Signals
Incidents vs Software Development Industry Avg (This Year)
No incidents recorded for Legend by Xplor in 2026.
Incidents vs Software Development Industry Avg (This Year)
No incidents recorded for PedidosYa in 2026.
Incident History - Legend by Xplor (X = Date, Y = Severity)
Legend by Xplor cyber incidents detection timeline including parent company and subsidiaries.
Incident History - PedidosYa (X = Date, Y = Severity)
PedidosYa cyber incidents detection timeline including parent company and subsidiaries.
Notable Incidents

Legend by Xplor

PedidosYa
FAQ
Latest Global CVEs
Spinnaker is an open source, multi-cloud continuous delivery platform. Prior to versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4 on their respective release lines, Kustomize bake operations allow unsafe YAML tag processing in rosco manifests. This can lead to remote code execution on rosco pods when performing Kustomize bakes. This issue is fixed in versions 2026.1.1, 2026.0.3, 2025.4.4, and 2025.3.4.
- https://github.com/spinnaker/spinnaker/commit/2d75818b85cc4c35144d5e5ed45e7340fcab5dfe
- https://github.com/spinnaker/spinnaker/commit/bbc30c9b9034a056e95f012fa1b34e9fd703cae7
- https://github.com/spinnaker/spinnaker/commit/de5a7a05af35aee19eb71d289cd0b77f67509009
- https://github.com/spinnaker/spinnaker/commit/df32d568e82519d9f3896fc9007baba0077c87fd
- https://github.com/spinnaker/spinnaker/commit/f5cec213f8cf207843ed5a6929395960a1ca094f
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2025.3.4
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2025.4.4
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2026.0.3
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2026.1.1
- https://github.com/spinnaker/spinnaker/releases/tag/rosco-2026.2.0
- https://github.com/spinnaker/spinnaker/security/advisories/GHSA-p68j-q7hf-3qcp
Multiple connections to the backend using the same charging station ID are allowed, which could allow an attacker to deploy multiple instances of malicious OCPP clients to overwhelm the backend.
Previously, there was no throttling on repeated authentication attempts to the charging station backend, which could allow an attacker to execute a denial-of-service attack.
The charging station websocket endpoint accepts connections without proper authentication, which could lead to privilege escalation.
vulnerability in Drupal Commerce guest registration allows . This issue affects Commerce guest registration versions: *.*.