Msdswitzerland vs Merck - Cyber Risk Comparison & Security Rating

Comparison Overview

MSD Switzerland

VS

Merck

MSD Switzerland

Werftestrasse 4, Lucerne, 6005, CH

Last Update: 30/03/2026

View Profile

Between 750 and 799

http://www.msd.ch

756/1000Fair

At MSD Merck Sharp & Dohme we are unified around our purpose: We use the power of leading-edge science to save and improve lives around the world. For more than 130 years, we have brought hope to humanity through the development of important medicines and vaccines. MS...

NAICS:3254

NAICS Definition:Pharmaceutical and Medicine Manufacturing

Employees:563

Subsidiaries:34

12-month incidents

0

Known data breaches

0

Attack type number

0

Merck

126 E Lincoln Ave, P.O. Box 2000, Rahway, New Jersey, US, 07065

Last Update: 20/05/2026

View Profile

Between 750 and 799

http://merck.us/2J2xAUh

798/1000Fair

At Merck, known as MSD outside of the United States and Canada, we are unified around our purpose: We use the power of leading-edge science to save and improve lives around the world. For more than 130 years, we have brought hope to humanity through the development of i...

NAICS:3254

NAICS Definition:Pharmaceutical and Medicine Manufacturing

Employees:44,762

Subsidiaries:2

12-month incidents

0

Known data breaches

1

Attack type number

2

Compliance Ranges Comparison

Based On Specific Ai Models Category

MSD Switzerland

-

ISO 27001Not verified

-

SOC2 Type 1Not verified

-

SOC2 Type 2Not verified

-

GDPRNot verified

-

PCI DSSNot verified

-

HIPAANot verified

Merck

-

ISO 27001Not verified

-

SOC2 Type 1Not verified

-

SOC2 Type 2Not verified

-

GDPRNot verified

-

PCI DSSNot verified

-

HIPAANot verified

Benchmark & Cyber Underwriting Signals

Incidents vs Pharmaceutical Manufacturing Industry Avg (This Year)

No incidents recorded for MSD Switzerland in 2026.

Incidents

Incidents vs Pharmaceutical Manufacturing Industry Avg (This Year)

No incidents recorded for Merck in 2026.

Incidents

Incident History - MSD Switzerland (X = Date, Y = Severity)

MSD Switzerland cyber incidents detection timeline including parent company and subsidiaries.

R - Ransomware

C - Cyber Attack

D - Data Breach

V - Vulnerability

Incident History - Merck (X = Date, Y = Severity)

Merck cyber incidents detection timeline including parent company and subsidiaries.

R - Ransomware

C - Cyber Attack

D - Data Breach

V - Vulnerability

Notable Incidents

Last Cyber / HR Incidents / Global...

MSD Switzerland

Incidents

No explicit notable incidents reported.

Merck

Incidents

🔒 Incident : Breach

MER3502435111825

🔒 Incident : Cyber Attack

MER1775377932

🔒 Incident : Cyber Attack

MER1502422

FAQ

Between MSD Switzerland company and Merck company, which one has the best AI Cybersecurity Score ?

Between MSD Switzerland company and Merck company, which one has experienced more cyber incidents in the past ?

Between MSD Switzerland company and Merck company, which one has experienced more cyber incidents this year ?

Between MSD Switzerland company and Merck company, which one has experienced at least one ransomware attack ?

Between MSD Switzerland company and Merck company, which one has experienced at least one data breach ?

Between MSD Switzerland company and Merck company, which one has experienced at least one targeted cyberattack ?

Between MSD Switzerland company and Merck company, which one has experienced at least one vulnerability ?

Between MSD Switzerland company and Merck company, which one holds the most compliance certifications ?

Between MSD Switzerland company and Merck company, which one holds the fewest compliance certifications ?

Between MSD Switzerland company and Merck company, which one has the most subsidiaries ?

Between MSD Switzerland company and Merck company, which one has the largest number of employees ?

Between MSD Switzerland and Merck, which company holds both SOC 2 Type 1 certifications ?

Between MSD Switzerland and Merck, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified - MSD Switzerland or Merck ?

Which company is PCI DSS compliant - MSD Switzerland or Merck ?

Between MSD Switzerland and Merck, which company complies with HIPAA regulations for healthcare data ?

Between MSD Switzerland and Merck, which company complies with GDPR requirements ?

Latest Global CVEs

CVE-2026-12814

SUMMARY

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=ping_config of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

PUBLISHED

Date2026-06-21

UPDATED

Date2026-06-21

RISK INFORMATION (Score: 6.3)

CVSS2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

Base Score: 6.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CVSS4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

IMPACT SCORE

3.4

EXPLOITABILITY

2.8

REFERENCES

CVE-2026-12813

SUMMARY

A vulnerability was detected in activepieces up to 0.83.0. This vulnerability affects the function handleUrlFile in the library packages/server/engine/src/lib/variables/processors/file.ts of the component File URL Handler. The manipulation results in server-side request forgery. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

PUBLISHED

Date2026-06-21

UPDATED

Date2026-06-21

RISK INFORMATION (Score: 6.3)

CVSS2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

Base Score: 6.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CVSS4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

IMPACT SCORE

3.4

EXPLOITABILITY

2.8

REFERENCES

CVE-2026-12812

SUMMARY

A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This affects an unknown part of the component HTML Report Generation. The manipulation leads to HTML injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

PUBLISHED

Date2026-06-21

UPDATED

Date2026-06-21

RISK INFORMATION (Score: 3.5)

CVSS2

Base Score: 4.0

Complexity: LOW

AV:N/AC:L/Au:S/C:N/I:P/A:N

CVSS3

Base Score: 3.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

CVSS4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

IMPACT SCORE

1.4

EXPLOITABILITY

2.1

REFERENCES

CVE-2026-12811

SUMMARY

A weakness has been identified in kortix-ai suna up to 0.8.38. Affected by this issue is the function router.replace/router.push of the file apps/frontend/src/app/auth/page.tsx of the component Auth Endpoint. Executing a manipulation of the argument returnURL can lead to cross site scripting. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. Upgrading to version 0.8.39 can resolve this issue. This patch is called f5dec7aa0c1b8fa0125938f292c0f2430ca75f6c. It is advisable to upgrade the affected component. The researcher explains: "The issue was fixed in v0.8.39 without notifying the wider user base via a security disclosure."

PUBLISHED

Date2026-06-21

UPDATED

Date2026-06-21

RISK INFORMATION (Score: 4.3)

CVSS2

Base Score: 5.0

Complexity: LOW

AV:N/AC:L/Au:N/C:N/I:P/A:N

CVSS3

Base Score: 4.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CVSS4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

IMPACT SCORE

1.4

EXPLOITABILITY

2.8

REFERENCES

CVE-2026-12810

SUMMARY

A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

PUBLISHED

Date2026-06-21

UPDATED

Date2026-06-21

RISK INFORMATION (Score: 6.3)

CVSS2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS3

Base Score: 6.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CVSS4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

IMPACT SCORE

3.4

EXPLOITABILITY

2.8

REFERENCES