Lotte Card is a financial service company which provides credit card and lending business in Korea and Vietnam.
Max Group is a $7 billion diversified Indian conglomerate founded by Mr. Analjit Singh with a strong presence across Senior Care, Life Insurance, and Real Estate. Guided by a purpose-driven approach, we aim to create meaningful solutions that improve lives and deliver lasting value. Max India Limited: Redefining Senior Care Max India is dedicated to addressing the evolving needs of India’s ageing population. Through its offerings, Antara Senior Living, Antara Assisted Care Services, and Antara AGEasy, Max India provides progressive, trusted solutions rooted in Sevabhav (service), excellence, and integrity. Max Estates Limited: Spaces That Inspire Max Estates develops sustainable, grade-A developments in Delhi-NCR. that balance thoughtful design, sustainability, and performance. Every project is crafted to enhance productivity, foster collaboration, and elevate lifestyles. Max Financial Services Limited: Securing Future Focused on Life Insurance, MFSL actively manages Axis Max Life Insurance Company Limited, India's largest non-bank, private life insurance company. A Joint Venture between Max Financial Services Limited and Axis Bank Limited, Axis Max Life Insurance offers comprehensive and long-term savings life insurance solutions. Across all its businesses, Max Group is guided by its core values of excellence, credibility, and helpfulness. These principles shape how we operate and engage with our stakeholders, inspiring us to consistently do what’s right while upholding the highest standards of transparency and governance. Mission: To be the most preferred choice in our industries To lead with quality, innovation, and reputation To build enduring relationships based on respect and trust At Max Group, we believe success lies in creating businesses that deliver both economic value and social good. Together, we’re shaping a future where doing good and doing well go hand in hand.
Security & Compliance Standards Overview
No incidents recorded for Lotte Card in 2026.
No incidents recorded for The Max Group in 2026.
Lotte Card cyber incidents detection timeline including parent company and subsidiaries
The Max Group cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers assume that the history index is always available and call blockchain.history_store.history_index().unwrap() directly. That assumption is false by construction. HistoryStoreProxy::history_index() explicitly returns None for the valid HistoryStoreProxy::WithoutIndex state. when a full node is syncing or otherwise running without the history index, a remote peer can send RequestTransactionsProof or RequestTransactionReceiptsByAddress and trigger an Option::unwrap() panic on the request path. This issue has been patched in version 1.3.0.
PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95.
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. This issue has been patched in version 4.5.97.
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97.
PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python thread for hundreds of seconds and causing a complete service outage. This issue has been patched in version 4.5.90.
