What is the official website of Leonardo ?

The official website of Leonardo is http://www.leonardo.com.

What is Leonardo's cybersecurity risk score?

Leonardo has an AI-generated cybersecurity risk score of 780 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Leonardo experienced?

According to Rankiteo, Leonardo currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Leonardo been affected by any supply chain cyber incidents ?

According to Rankiteo, Leonardo has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Leonardo have SOC 2 Type 1 certification ?

According to Rankiteo, Leonardo is not certified under SOC 2 Type 1.

Does Leonardo have SOC 2 Type 2 certification ?

According to Rankiteo, Leonardo does not hold a SOC 2 Type 2 certification.

Does Leonardo comply with GDPR ?

According to Rankiteo, Leonardo is not listed as GDPR compliant.

Does Leonardo have PCI DSS certification ?

According to Rankiteo, Leonardo does not currently maintain PCI DSS compliance.

Does Leonardo comply with HIPAA ?

According to Rankiteo, Leonardo is not compliant with HIPAA regulations.

Does Leonardo have ISO 27001 certification ?

According to Rankiteo,Leonardo is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Leonardo operate in ?

Leonardo operates primarily in the Defense and Space Manufacturing industry.

How many employees does Leonardo have ?

Leonardo employs approximately 37,206 people worldwide.

Does Leonardo own any subsidiaries ?

Leonardo presently has no subsidiaries across any sectors.

How many LinkedIn followers does Leonardo have ?

Leonardo's official LinkedIn profile has approximately 823,420 followers.

What is the NAICS classification code for Leonardo ?

Leonardo is classified under the NAICS code 336414, which corresponds to Guided Missile and Space Vehicle Manufacturing.

Does Leonardo have a Crunchbase profile ?

Yes, Leonardo has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/leonardo-bc38.

Does Leonardo have a LinkedIn profile ?

Yes, Leonardo maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/leonardo_company.

How many cybersecurity incidents has Leonardo experienced ?

As of June 15, 2026, Rankiteo reports that Leonardo has experienced 1 cybersecurity incidents.

How many peer or competitor companies does Leonardo have ?

Leonardo has an estimated 2,515 peer or competitor companies worldwide.

What types of cybersecurity incidents has Leonardo faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Leonardo

Boost Score +25 with badge (5 left)

780

/1000

Fair

805

/1000

Good

Leonardo Vendor Cyber Rating & Cyber Score

leonardo.com

cb in

Add Your Compliance Badge

Leonardo is a global security company that realises multi-domain technological capabilities in AD&S. With over 60,000 employees worldwide, the company has a significant industrial presence in Italy, the UK, Poland, and the US. It also has a commercial presence in 150 countries through subsidiaries, joint ventures and investments. A key player in major international strategic programmes, it is a technological and industrial partner of governments, defence administrations, institutions and companies. In 2024, Leonardo recorded consolidated revenues of €17.8 bn, new orders for €20.9 bn and invested €2.5 bn in R&D. Innovation, continuous research, digitalisation and sustainability are the pillars of its business worldwide. Stefano

Leonardo A.I CyberSecurity Scoring

Scoring History

Leonardo

Leonardo CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Leonardo

Breach

100

7/2024

LEO000072824

Loading…

A.I.

Leonardo Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Leonardo

Incidents vs Defense and Space Manufacturing Industry Avg (This Year)

No incidents recorded for Leonardo in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Leonardo in 2026.

Incident Types Leonardo vs Defense and Space Manufacturing Industry Avg (This Year)

No incidents recorded for Leonardo in 2026.

Incident History - Leonardo (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Leonardo Subsidiaries

Leonardo

Defense and Space Manufacturing

Website: http://www.leonardo.com

Company Size: 10,001+ employees

Leonardo HelicoptersAviation and Aerospace Component Manufacturing

Indra Air Traffic, Inc.Manufacturing

Leonardo DRSDefense & Space

TelespazioDefense and Space Manufacturing

Telespazio GermanyIT-Dienstleistungen und IT-Beratung

Telespazio BrasilConstrução e montagem de aeronaves para fins militares

Telespazio FranceFabrication de composants pour l’industrie aéronautique et aérospatiale

Telespazio BelgiumAviation & Aerospace

Telespazio UKDefense and Space Manufacturing

Telespazio IbéricaServicios y consultoría de TI

Telespazio LATAMFabricación de productos de defensa y espacio

RartelFabricația de produse pentru apărare și domeniul spațial

Leonardo AircraftAviation & Aerospace

Leonardo ElectronicsDefense and Space Manufacturing

Loading…

Leonardo Similar Companies

V2X Inc

gov2x.com

V2X is a leading provider of critical mission solutions and support to defense clients globally, formed by the 2022 Merger of Vectrus and Vertex to build on more than 120 combined years of successful mission support. We deliver a comprehensive suite of integrated solutions across the operations and logistics, aerospace, training, and technology markets to national security, defense, civilian and international clients. Our global team of approximately 14,000 employees brings innovation to every point in the mission lifecycle, from preparation, to operations, to sustainment, as it tackles the most complex challenges with agility, grit, and dedication.

Sandia National Laboratories

cb sandia.gov

Sandia National Laboratories is the nation’s premier DOE science and engineering lab for national security and technology innovation. Our team of scientists, engineers, researchers, and business specialists apply their knowledge and skill toward delivering cutting-edge technology in an array of areas. Across our main sites in Albuquerque, NM, and Livermore, CA, our research ranges from nuclear defense and homeland and global security to innovative work in biotechnology, environmental preservation, energy, and cyber security. Our teams have shared some of the reasons they enjoy working at Sandia: • Challenging work with amazing impact that contributes to security, peace, and freedom worldwide • Extraordinary co-workers • Access to some of the best tools, equipment, and research facilities in the world (tours.sandia.gov) • Career advancement and enrichment opportunities • Work-life balance with flexible work schedules, competitive benefits, and convenient on-site amenities

Leidos

leidos.com

Leidos is a Fortune 500® innovation company rapidly addressing the world’s most vexing challenges in national security and health. The company's global workforce of 48,000 collaborates to create smarter technology solutions for customers in heavily regulated industries. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $15.4 billion for the fiscal year ended December 29, 2023. Leidos was cited for the meaningful work employees perform that is challenging, impactful, and aligned with our customers’ missions as reasons professionals want to work and stay at our company. Leidos has also been named to lists including Forbes’ Best Employers for Diversity, Forbes’ America’s Best Employers for Women, Military Times Best for Vets Employers, and Ethisphere Institute’s World's Most Ethical Companies®. Employees enjoy career enrichment opportunities available through mobility and development and experience rewarding relationships with supportive supervisors and talented colleagues and customers. Employees appreciate our flexible work environment, allowing for and encouraging a true work-life balance. Our professionals are also excited about our Employee Resource Groups, like the Collaborative Outreach with Remote and Embedded Employees (CORE), which strives to create an environment where every employee, regardless of location, feels fully engaged as a valued employee of Leidos. Your most important work is ahead, visit careers.leidos.com for our latest opportunities.

United States Air Force

airforce.com

The mission of the United States Air Force is to fly, fight and win … in air, space and cyberspace. To achieve that mission, the Air Force has a vision of Global Vigilance, Reach and Power. That vision orbits around three core competencies: developing Airmen, technology to war fighting and integrating operations. These core competencies make our six distinctive capabilities possible. Air and Space Superiority: With it, joint forces can dominate enemy operations in all dimensions: land, sea, air and space. Global Attack: Because of technological advances, the Air Force can attack anywhere, anytime and do so quickly and with greater precision than ever before. Rapid Global Mobility: Being able to respond quickly and decisively anywhere we're needed is key to maintaining rapid global mobility. Precision Engagement: The essence lies in the ability to apply selective force against specific targets because the nature and variety of future contingencies demand both precise and reliable use of military power with minimal risk and collateral damage. Information Superiority: The ability of joint force commanders to keep pace with information and incorporate it into a campaign plan is crucial. Agile Combat Support: Deployment and sustainment are keys to successful operations and cannot be separated. Agile combat support applies to all forces, from those permanently based to contingency buildups to expeditionary

SAIC

cb https://www.saic.com/?utm_source=linkedin&utm_medium=sm&utm_campaign=linkedin&utm_content=link

SAIC® is a premier Fortune 500 mission integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, civilian and intelligence markets includes secure high-end solutions in mission IT, enterprise IT, engineering services and professional services. We integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives. We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.5 billion.

UK Ministry of Defence

www.gov.uk

We protect the security, independence and interests of the United Kingdom at home and abroad. We work with our allies and partners whenever possible. Our aim is to ensure that the UK’s Armed Forces have the training, equipment and support necessary for their work, and that we keep within budget. Our priorities 2015 to 2020 are to: · protect our people · project our global influence · promote our prosperity · maintain a strategic base and integrated global support network, and manage the Department of State

NAVAL GROUP

naval-group.com

As an international naval defence player, Naval Group is a partner for countries seeking to maintain control of their maritime sovereignty. Naval Group develops innovative solutions to meet its customers’ requirements. The group is present throughout the entire life cycle of vessels. It designs, produces, equips, integrates, supports and upgrades submarines and surface ships, as well as their systems and equipment, right up to the final phases of deconstruction and dismantling. Naval Group’s unique know-how in autonomous systems, underwater weapons and drones place it in pole position to become European leader in the sector. As a high-tech company, it draws on its outstanding expertise, unique design and production resources and ability to establish strategic partnerships, in particular within the framework of transfers of technology. It also provides shipyard and naval base services. Ever mindful of the issues concerning corporate social responsibility (CSR), Naval Group is a signatory to the United Nations Global Compact. Located on five continents, the group generates revenue of 4.355 billion euros and has 16,722 employees (Full-Time Equivalent average annual workforce - figures as on 31 December 2024).

Rheinmetall

rheinmetall.com

As an integrated technology group, the listed company Rheinmetall AG, headquartered in Düsseldorf, stands for a company that is as strong in substance as it is successful internationally, and that is active in various markets with an innovative range of products and services. Rheinmetall is a leading international systems supplier in the defence industry and at the same time a driver of forward-looking technological and industrial innovations in the civilian markets. The focus on sustainability is an integral part of Rheinmetall's strategy. The company aims to achieve CO2 neutrality by 2035. Through our work in various fields, we at Rheinmetall take on responsibility in a dramatically changing world. With our technologies, products and systems, we create the indispensable basis for peace, freedom and sustainable development: security. Find more Information about your career opportunities here: https://www.rheinmetall.com/en/career/career-overview IMPRINT AND DATA PROTECTION https://www.rheinmetall.com/en/meta/navigations/footer/imprint

Amentum

amentum.com

Amentum is a global leader in advanced engineering and innovative technology solutions, trusted by the United States and its allies to address their most significant and complex challenges in science, security and sustainability. Our people apply undaunted curiosity, relentless ambition and boundless imagination to challenge convention and drive progress. Our commitments are underpinned by the belief that safety, collaboration and well-being are integral to success. Headquartered in Chantilly, Virginia, we have approximately 50,000 employees in more than 70 countries across all 7 continents.

Loading…

NEWS

Leonardo CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 24, 2026 08:00 AM

Leonardo Apprentices Complete First International Exercise at UK-Led Defence Cyber Marvel

Leonardo has completed its first international deployment at the Defence Cyber Marvel, a multinational digital security exercise led by the...

Read Article

February 19, 2026 08:00 AM

Indra, Leonardo Target International Growth With Cyber Defense Partnership

Indra Group and Leonardo have signed a memorandum of understanding to advance cooperation in cyber defense and expand reach in Europe, NATO,...

Read Article

December 08, 2025 08:00 AM

Italian defence, aerospace company, Leonardo opens regional cyber center in Malaysia

Leonardo officially opened its new Regional Cyber Center in Shah Alam on Dec 3 with its senior leadership touting the centre as proof of...

Read Article

December 07, 2025 08:00 AM

Leonardo opens new cyber centre in Malaysia

Leonardo has opened a new Regional Cyber Centre in Malaysia that strengthens Leonardo's technologies for global security.

Read Article

December 05, 2025 08:00 AM

Leonardo opens cyber center in Kuala Lumpur to support regional security

The new center is part of a wider plan to expand Leonardo's presence in Malaysia and across the region.

Read Article

December 04, 2025 08:00 AM

Leonardo Opens Regional Cyber Center in Malaysia

Italian defense and aerospace firm Leonardo has expanded its Global CyberSec Center (GCC) network through the inauguration of a regional...

Read Article

December 04, 2025 08:00 AM

Malaysia chosen as Leonardo’s strategic regional hub

Italian aerospace, defence and security group Leonardo has opened a new Regional Cyber Centre in Shah Alam as part of its push to expand its...

Read Article

December 03, 2025 08:00 AM

Leonardo Inaugurates the Regional Cyber Center in Malaysia,

The opening of the Regional Cyber Center not only strengthens Leonardo's positioning as a leader in global security, but also consolidates...

Read Article

December 03, 2025 08:00 AM

Leonardo's new Regional Cyber Center inaugurated in Malaysia

The opening of the new Regional Cyber Center in Kuala Lumpur (Malaysia) strengthens Leonardo's position as a technological leader in global...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…