Comparison Overview
npm, Inc.
npm, Inc.
1999 Harrison St, Oakland, 94612, US
Last Update: 24/06/2026
Over 10 million software developers worldwide use npm, Inc.’s open source software and web registry to discover, share, and reuse packages of code. Our users download over 800,000 packages more than 7 billion times per week, and registry downloads have grown by more tha...
GlobalLogic
2535 Augustine Drive, 5th Floor, Santa Clara, CA, US, 95054
Last Update: 03/04/2026
GlobalLogic, a Hitachi Group company, is a trusted partner in design, data, and digital engineering for the world’s largest and most innovative companies. Since our inception in 2000, we have been at the forefront of the digital revolution, helping to create some of the...
Compliance Ranges Comparison
npm, Inc.
GlobalLogic
Benchmark & Cyber Underwriting Signals
Incidents vs Software Development Industry Avg (This Year)
npm, Inc. has 2164.15% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs Software Development Industry Avg (This Year)
No incidents recorded for GlobalLogic in 2026.
Incident History - npm, Inc. (X = Date, Y = Severity)
npm, Inc. cyber incidents detection timeline including parent company and subsidiaries.
Incident History - GlobalLogic (X = Date, Y = Severity)
GlobalLogic cyber incidents detection timeline including parent company and subsidiaries.
Notable Incidents
npm, Inc.
GlobalLogic
FAQ
Latest Global CVEs
A vulnerability was identified in Databend up to 1.2.881 on HTTP. This affects the function ClientSessionManager::state_key of the file src/query/service/src/servers/http/v1/session/client_session_manager.rs of the component Tenant Handler. The manipulation leads to authorization bypass. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The pull request to fix this issue awaits acceptance.
A vulnerability was determined in VoltAgent up to 2.1.17. Affected by this issue is the function handleGetMemoryConversation of the file packages/server-core/src/handlers/memory.handlers.ts of the component Memory REST API. Executing a manipulation of the argument conversationId can lead to improper authorization. The attack may be performed from remote. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been publicly disclosed and may be utilized. The pull request to fix this issue awaits acceptance.
A vulnerability was found in SimStudioAI sim up to 0.6.92. Affected by this vulnerability is an unknown functionality in the library apps/sim/lib/core/security/deployment.ts of the component Password Protection Handler. Performing a manipulation results in use of weak hash. The attack is possible to be carried out remotely. The attack's complexity is rated as high. The exploitation appears to be difficult. The exploit has been made public and could be used. The pull request to fix this issue awaits acceptance.
A vulnerability has been found in RAGapp up to 0.1.5. Affected is the function FileHandler.upload_file/FileHandler.remove_file of the file src/ragapp/backend/controllers/files.py of the component Knowledge File Handler. Such manipulation leads to path traversal. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The pull request to fix this issue awaits acceptance.
A flaw has been found in khoj-ai khoj up to 2.0.0-beta.28. This impacts an unknown function of the file src/khoj/routers/api_chat.py of the component Conversation Sharing Handler. This manipulation of the argument conversation.agent causes incorrect authorization. Remote exploitation of the attack is possible. The exploit has been published and may be used. The pull request to fix this issue awaits acceptance.