What is the official website of NGINX ?

The official website of NGINX is https://www.f5.com.

What is NGINX's cybersecurity risk score?

NGINX has an AI-generated cybersecurity risk score of 720 out of 1000, indicating a Moderate security posture according to Rankiteo's assessment.

How many security incidents has NGINX experienced?

According to Rankiteo, NGINX currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has NGINX been affected by any supply chain cyber incidents ?

According to Rankiteo, NGINX has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: F5 (Incident ID: NGIF51781792829) F5 (Incident ID: F5NGI1779539045) NGINX (Incident ID: BOANGI1770244421)

Does NGINX have SOC 2 Type 1 certification ?

According to Rankiteo, NGINX is not certified under SOC 2 Type 1.

Does NGINX have SOC 2 Type 2 certification ?

According to Rankiteo, NGINX does not hold a SOC 2 Type 2 certification.

Does NGINX comply with GDPR ?

According to Rankiteo, NGINX is not listed as GDPR compliant.

Does NGINX have PCI DSS certification ?

According to Rankiteo, NGINX does not currently maintain PCI DSS compliance.

Does NGINX comply with HIPAA ?

According to Rankiteo, NGINX is not compliant with HIPAA regulations.

Does NGINX have ISO 27001 certification ?

According to Rankiteo,NGINX is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does NGINX operate in ?

NGINX operates primarily in the IT Services and IT Consulting industry.

How many employees does NGINX have ?

NGINX employs approximately 173 people worldwide.

Does NGINX own any subsidiaries ?

NGINX presently has no subsidiaries across any sectors.

How many LinkedIn followers does NGINX have ?

NGINX's official LinkedIn profile has approximately 90,437 followers.

What is the NAICS classification code for NGINX ?

NGINX is classified under the NAICS code 5415, which corresponds to Computer Systems Design and Related Services.

Does NGINX have a Crunchbase profile ?

Yes, NGINX has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/nginx.

Does NGINX have a LinkedIn profile ?

Yes, NGINX maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/nginx.

How many cybersecurity incidents has NGINX experienced ?

As of June 21, 2026, Rankiteo reports that NGINX has experienced 9 cybersecurity incidents.

How many peer or competitor companies does NGINX have ?

NGINX has an estimated 40,757 peer or competitor companies worldwide.

What types of cybersecurity incidents has NGINX faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

NGINX

Boost Score +25 with badge (5 left)

720

/1000

Moderate

745

/1000

Moderate

NGINX Vendor Cyber Rating & Cyber Score

f5.com

cb in

Add Your Compliance Badge

We have moved! Follow us at @F5 for all relevant updates.

NGINX A.I CyberSecurity Scoring

Scoring History

NGINX

NGINX CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

NGINX

Vulnerability

6/2026

NGIF51781792829

NGINX

Vulnerability

100

5/2026

F5NGI1779539045

NGINX

Vulnerability

100

5/2026

NGI1779279820

NGINX

Vulnerability

100

5/2026

NGI1778747274

NGINX

Vulnerability

100

4/2026

NGI1776335195

NGINX

Vulnerability

100

3/2026

NGI1773116620

NGINX

Vulnerability

100

3/2026

NGI1776291864

NGINX

Vulnerability

1/2026

NGINX

BOANGI177024442...

NGINX

Vulnerability

100

1/2020

BROMIC7-ENGICIS...

Loading…

A.I.

NGINX Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for NGINX

Incidents vs IT Services and IT Consulting Industry Avg (This Year)

NGINX has 433.33% more incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs All-Companies Average (This Year)

NGINX has 647.66% more incidents than the average of all companies with at least one recorded incident.

Incident Types NGINX vs IT Services and IT Consulting Industry Avg (This Year)

NGINX reported 8 incidents this year: 0 cyber attacks, 0 ransomware, 8 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.

Incident History - NGINX (X = Date, Y = Severity)

Loading…

SUBSIDIARY

NGINX Subsidiaries

Parent Company

NGINX

IT Services and IT Consulting

Website: https://www.f5.com

Company Size: 201-500 employees

No subsidiary data available for this company.

Loading…

NGINX Similar Companies

Amadeus

amadeus.com

We make the experience of travel better for everyone, everywhere by inspiring innovation, partnerships and responsibility to people, places and planet. Our technology powers the travel and tourism industry. We inspire more connected ways of thinking, centered around the traveler. Our platform connects the travel and hospitality ecosystem. We are making travel a force for social and environmental good. We are passionate about travel. With a unique perspective, at the heart of our industry, we are redesigning the travel of tomorrow.

NEC Corporation

cb nec.com

NEC Corporation has established itself as a leader in the integration of IT and network technologies while promoting the brand statement of “Orchestrating a brighter world.” NEC enables businesses and communities to adapt to rapid changes taking place in both society and the market as it provides for the social values of safety, security, fairness and efficiency to promote a more sustainable world where everyone has the chance to reach their full potential. For more information, visit NEC at http://www.nec.com NEC's Strengths and Competencies ・Named "2017 Global 100 Most Sustainable Corporations in the World" an Index Listing the World’s 100 Most Sustainable Corporations ・Named one of the "World's Top 100 Most Innovative Organizations for 2016" by Thomson Reuters ・Face recognition technology achieved No. 1 in the recent Face in Video Evaluation (FIVE, *1) testing performed by the U.S. National Institute of Standards and Technology (NIST) (*2) (*1) https://www.nist.gov/programs-projects/face-video-evaluation-five (*2) Results shown from the Face In Video Evaluation (FIVE), the Multiple Biometric Grand Challenge (MBGC), the Multiple Biometric Evaluation (MBE) and the Face Recognition Vendor Test (FRVT) do not constitute endorsement of any particular product by the U.S. Government. ** Please note that we reserve the right to delete any comments posted on NEC Corporation’s LinkedIn page that are deemed extremely defamatory or libelous to any company or individual, or that may be offensive to others.

General Dynamics Information Technology

gdit.com

GDIT is a global technology and professional services company that delivers solutions, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50+ countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. GDIT is part of General Dynamics, a global aerospace and defense company. We have shared our clients’ sense of purpose for over half a century and have a unique understanding of their missions, complex environments, and a rapidly changing world. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

CACI International Inc

cb caci.com

At CACI International Inc (NYSE: CACI), our 25,000 talented and dynamic employees are ever vigilant in delivering distinctive expertise and technology to meet our customers’ greatest challenges in national security. We are a company of good character, relentless innovation, and long-standing excellence. Our culture drives our success and earns us recognition as a Fortune World's Most Admired Company. CACI is a member of the Fortune 500™ Largest Companies, the Russell 1000 Index, and the S&P MidCap 400 Index. For more information, visit us at www.caci.com. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities

TEKsystems

teksystems.com

We’re TEKsystems and TEKsystems Global Services. We accelerate business transformation for our customers, so they can capitalize on change and master the momentum of technology. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We’re building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies.

Verizon

verizon.com

We get you. You want more out of a career. A place to share your ideas freely — even if they’re daring or different. Where the true you can learn, grow, and thrive. You’ll find all that here. Because we empower you. We power and empower how people live, work and play by connecting them to what brings them joy. The same is true inside our walls. We do what we love — driving innovation, creativity, and impact in the world. And wherever you go, we got your back. This is a team sport. Our V Team is a community of people who anticipate, lead, and believe that listening is where learning begins. In crisis and in celebration, we come together— lifting our communities and building trust in how we show up, everywhere & always. Want in? Join the V Team Life.

Appen

appen.com

Appen has been a leader in AI training data for over 25 years, providing high-quality, diverse datasets that power the world's leading AI models. Our end-to-end platform, deep expertise, and scalable human-in-the-loop services enable AI innovators to build and optimize cutting-edge models. We specialize in creating bespoke, human-generated data to train, fine-tune, and evaluate AI models across multiple domains, including generative AI, large language models (LLMs), computer vision, speech recognition, and more. Our solutions support critical AI functions such as supervised fine-tuning, reinforcement learning with human feedback (RLHF), model evaluation, and bias mitigation. Our advanced AI-assisted data annotation platform, combined with a global crowd of more than 1M contributors in over 200 countries, ensures the delivery of accurate and diverse datasets. Our commitment to quality, scalability, and ethical AI practices makes Appen a trusted partner for enterprises aiming to develop and deploy effective AI solutions. At Appen, we foster a culture of innovation, collaboration, and excellence. We value curiosity, accountability, and a commitment to delivering the highest-quality AI solutions. We support work-life balance with flexible work arrangements and a dynamic, results-driven environment. Employees have access to competitive pay, comprehensive benefits, and opportunities for continuous learning and career growth. Our team works closely with the world’s top technology companies and enterprises, tackling exciting challenges and shaping the future of artificial intelligence.

Atos

cb atos.net

Atos Group is a global leader in digital transformation with c. 67,000 employees and annual revenue of c. €10 billion, operating in 61 countries under two brands — Atos for services and Eviden for products. European number one in cybersecurity, cloud and high performance computing, Atos Group is committed to a secure and decarbonized future and provides tailored AI-powered, end-to-end solutions for all industries. Atos Group is the brand under which Atos SE (Societas Europaea) operates. Atos SE is listed on Euronext Paris. The purpose of Atos Group is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the Group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.

Sogeti

sogeti.com

Part of the Capgemini Group, Sogeti makes business value through technology for organizations that need to implement innovation at speed and want a local partner with global scale. With a hands-on culture and close proximity to its clients, Sogeti implements solutions that will help organizations work faster, better, and smarter. By combining its agility and speed of implementation through a DevOps approach, Sogeti delivers innovative solutions in quality engineering, cloud and application development, all driven by AI, data and automation. For more information please visit www.sogeti.com.

Loading…

NEWS

NGINX CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 10, 2026 02:24 AM

Patch now! Exploitation of Nginx UI vulnerability “imminent,” warns threat analyst

Hackers are already probing impacted versions of Nginx web server's user interface, hunting for credentials and encryption keys.

Read Article

March 10, 2026 12:04 AM

Critical Nginx UI flaw allows unauthenticated backup downloads and decryption

A critical vulnerability in Nginx UI, identified as CVE-2026-27944, allows attackers to download and decrypt full server backups without any...

Read Article

March 09, 2026 05:04 PM

Vietnam-Based Cybercrime Network Enables Fraudulent Account Signups at Scale

Vietnam-linked O-UNC-036 runs bots and disposable emails to mass-create fake accounts used in phishing, spam, and large-scale scams.

Read Article

March 09, 2026 03:59 PM

Security Risk Advisors Releases “The Purple Perspective 2026” Report

Security Risk Advisors releases the Purple Perspective 2026 report highlighting key cybersecurity detection insights.

Read Article

March 09, 2026 02:20 PM

Microsoft Launches Copilot Cowork, a New AI Feature in Microsoft 365 to Automate Tasks

Microsoft has introduced Copilot Cowork, a new AI-powered feature embedded within Microsoft 365 that moves beyond conversational assistance...

Read Article

March 09, 2026 01:06 PM

ClipXDaemon Emerges as C2-Less Linux Clipboard Hijacker, Targeting Crypto Wallets in X11 Sessions

ClipXDaemon Linux malware hijacks crypto transfers by replacing wallet addresses in the clipboard every 200ms, operating fully offline.

Read Article

March 09, 2026 11:24 AM

Critical Nginx UI Vulnerabilities Allow Attacker to Download a Full System Backup

A critical flaw in Nginx UI allows unauthenticated attackers to download and decrypt full system backups.

Read Article

March 09, 2026 09:53 AM

Critical Nginx UI Vulnerabilities Allow Attackers to Download Full System Backups

The issue, tracked as CVE-2026-27944, has been rated 9.8 (Critical) on the CVSS scale, highlighting its severity and potential impact on production systems...

Read Article

March 09, 2026 07:17 AM

Nginx UI Vulnerabilities Let Attackers Download Full System Backups

A critical security flaw has been discovered in Nginx UI that allows unauthenticated threat actors to download and decrypt complete system...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-56355

SUMMARY

GNU Savannah Administration Savane through 3.17 uses untrusted data as part of authorization.

Published

Date2026-06-20

Updated

Date2026-06-20

RISK INFORMATION (Score: 3.7)

cvss3

Base Score: 3.7

Complexity: HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Impact Score

1.4

Exploitability

2.2

REFERENCES

CVE-2026-56347

SUMMARY

AVideo TopMenu plugin through version 26.0 contains a stored cross-site scripting vulnerability in menu item rendering due to missing output encoding of icon classes, URLs, and text labels. Attackers can inject malicious JavaScript through unescaped menu item fields that execute for all site visitors, potentially stealing session cookies or performing unauthorized actions.

Published

Date2026-06-20

Updated

Date2026-06-20

RISK INFORMATION (Score: 6.1)

cvss3

Base Score: 6.1

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

cvss4

Base Score: 5.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

2.7

Exploitability

2.8

REFERENCES

CVE-2026-56346

SUMMARY

AVideo through version 25.0 contains an authentication bypass vulnerability in the decryptMessage.json.php endpoint that allows unauthenticated users to decrypt PGP messages. Remote attackers can submit private keys, ciphertext, and passphrases to perform server-side decryption without credentials, exposing key material to logs and enabling resource exhaustion attacks.

Published

Date2026-06-20

Updated

Date2026-06-20

RISK INFORMATION (Score: 6.5)

cvss3

Base Score: 6.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

cvss4

Base Score: 6.9

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

2.5

Exploitability

3.9

REFERENCES

CVE-2026-56345

SUMMARY

AVideo through 29.0 contains an authorization bypass vulnerability in the Meet plugin's uploadRecordedVideo.json.php endpoint that derives the target users_id from the uploaded filename without verification. An attacker with knowledge of the Meet shared secret can craft a malicious file upload with a filename containing an arbitrary users_id to invoke passwordless User->login() and establish an authenticated session as any user including admin. Attackers can obtain the Meet shared secret through path-traversal vulnerabilities or timing attacks against checkToken.json.php, then POST a crafted file to uploadRecordedVideo.json.php with a filename like '1-anything.mp4' to hijack admin sessions and gain full account takeover.

Published

Date2026-06-20

Updated

Date2026-06-20

RISK INFORMATION (Score: 8.1)

cvss3

Base Score: 8.1

Complexity: HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.2

Complexity: HIGH

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.2

REFERENCES

CVE-2026-56342

SUMMARY

AVideo through version 27.0 contains a server-side request forgery vulnerability in plugin/Live/test.php that allows authenticated administrators to read arbitrary URLs via the statsURL parameter, which lacks isSSRFSafeURL() validation and accepts requests to private IP ranges and cloud metadata endpoints. Attackers can exploit this by crafting requests to internal services, cloud metadata endpoints like 169.254.169.254, and localhost to retrieve sensitive information including IAM credentials, internal service responses, and network configuration details.

Published

Date2026-06-20

Updated

Date2026-06-20

RISK INFORMATION (Score: 6.8)

cvss3

Base Score: 6.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

cvss4

Base Score: 6.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

2.3

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…