Excellent
Mylab is the leading expert in healthcare laboratory and diagnostic information systems in the Nordic countries. By implementing better and more reliable technological solutions for healthcare, we support the possibility of a longer, healthier, and higher-quality life.
Strong
_VOIS (Vodafone Intelligent Solutions) is a strategic arm of Vodafone Group Plc, creating value and enhancing quality and efficiency across 28 countries and operating from 8 locations: Albania, Egypt, Hungary, India, Romania, Spain, Turkey, and the UK. Established in 2006, _VOIS has evolved into a global, multi-functional organisation, focused on adding value and delivering business outcomes for Vodafone. Our strategic aim is to be Vodafoneโs partner of choice for talent, technology, and transformation. We are more than 31,700 highly skilled individuals, acting as โthe nervous systemโ of Vodafone: growing capability, skills, and data intelligence year-on-year to accelerate local markets towards a digital future. With our strategy to scale at speed we have data intelligence from across Vodafoneโs global footprint at our fingertips to help us learn, predict, and help navigate the right path. We utilise technology and data to radically simplify our business. In the face of global uncertainty and constant change we are by the side of our partners, helping them develop solutions and systems to better serve their customers, and deliver on Vodafoneโs strategy and purpose.
Security & Compliance Standards Overview
No incidents recorded for Mylab Oy in 2025.
No incidents recorded for _VOIS in 2025.
Mylab Oy cyber incidents detection timeline including parent company and subsidiaries
_VOIS cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
Mastra is a Typescript framework for building AI agents and assistants. Versions 0.13.8 through 0.13.20-alpha.0 are vulnerable to a Directory Traversal attack that results in the disclosure of directory listings. The code contains a security check to prevent path traversal for reading file contents, but this check is effectively bypassed by subsequent logic that attempts to find directory suggestions. An attacker can leverage this flaw to list the contents of arbitrary directories on the user's filesystem, including the user's home directory, exposing sensitive information about the file system's structure. This issue is fixed in version 0.13.20.
KUNO CMS is a fully deployable full-stack blog application. Versions 1.3.13 and below contain validation flaws in its file upload functionality that can be exploited for stored XSS. The upload endpoint only validates file types based on Content-Type headers, lacks file content analysis and extension whitelist restrictions, allowing attackers to upload SVG files containing malicious scripts (disguised as images). When users access the uploaded resource pages, arbitrary JavaScript executes in their browsers. This issue is fixed in version 1.3.14.
Minecraft RCON Terminal is a VS Code extension that streamlines Minecraft server management. Versions 0.1.0 through 2.0.6 stores passwords using VS Code's configuration API which writes to settings.json in plaintext. This issue is fixed in version 2.1.0.
Anyquery is an SQL query engine built on top of SQLite. Versions 0.4.3 and below allow attackers who have already gained access to localhost, even with low privileges, to use the http server through the port unauthenticated, and access private integration data like emails, without any warning of a foreign login from the provider. This issue is fixed in version 0.4.4.
DataChain is a Python-based AI-data warehouse for transforming and analyzing unstructured data. Versions 0.34.1 and below allow for deseriaization of untrusted data because of the way the DataChain library reads serialized objects from environment variables (such as DATACHAIN__METASTORE and DATACHAIN__WAREHOUSE) in the loader.py module. An attacker with the ability to set these environment variables can trigger code execution when the application loads. This issue is fixed in version 0.34.2.
