What is the official website of Oracle Cloud ?

The official website of Oracle Cloud is https://www.oracle.com/cloud/.

What is Oracle Cloud's cybersecurity risk score?

Oracle Cloud has an AI-generated cybersecurity risk score of 671 out of 1000, indicating a Weak security posture according to Rankiteo's assessment.

How many security incidents has Oracle Cloud experienced?

According to Rankiteo, Oracle Cloud currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Oracle Cloud been affected by any supply chain cyber incidents ?

According to Rankiteo, Oracle Cloud has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: Oracle (Incident ID: ORA1781526596) Oracle (Incident ID: ORA1781180663) Oracle (Incident ID: ORAUNI1781123069) Oracle (Incident ID: ORA1780418023) Oracle (Incident ID: TULORA1777415654) Snowflake (Incident ID: JONGENMCDGOL1775507547) Oracle (Incident ID: BROBECTHEORAABB1773750615) Oracle (Incident ID: NO-SHOPRELOB1773534483) Oracle (Incident ID: MSG1772483822) Oracle (Incident ID: MGMCAEORAWYN1771962331) Oracle (Incident ID: HYPORA1773686454) Oracle (Incident ID: CONDAVORASANASA1770645741) Oracle (Incident ID: DARHARPRICOLCLE1767881845) Oracle (Incident ID: MADMICKORORA1773232260) Oracle (Incident ID: ADIHEAHARMARTHEJAG1767017696) Microsoft Security (Incident ID: AMAORAMIC1770695748) Tencent Cloud (Incident ID: CLO1769705152) Oracle (Incident ID: ORAMSG1772238496) Snowflake (Incident ID: MEREQUUNIMAEMGMGOOTOYSNOALLORARIPTIC1775528897) Oracle (Incident ID: PRIORAUNI1766419165) Oracle (Incident ID: ORA1766435444) Oracle (Incident ID: NHS3432334111425) Oracle (Incident ID: BAR1765043770) BleepingComputer (Incident ID: F50032500101925) Oracle (Incident ID: ORAWIT1773930753) Oracle (Incident ID: ORAPAR1766015901) Oracle (Incident ID: TULORA1779078400) Oracle (Incident ID: MARORA1772484170) Oracle (Incident ID: COX53102453112425) Oracle (Incident ID: ORATHE1770237797) Salesloft (Incident ID: SAL0932309111025) Oracle (Incident ID: ANYSOT1770810849) Oracle (Incident ID: ORAHYP1773650183) Salesloft (Incident ID: ORA1692116100725) moveIT Software (Incident ID: ORA4202442101025) Oracle (Incident ID: JAG2592025111525) Oracle (Incident ID: BRO3105131112625) Oracle (Incident ID: ORA5662156100625) Oracle Health (Incident ID: ORA455040125) Oracle Health (Incident ID: ORA526032825) Salesforce (Incident ID: THEINGSALJAGORASYNDAV1769095448)

Does Oracle Cloud have SOC 2 Type 1 certification ?

According to Rankiteo, Oracle Cloud is not certified under SOC 2 Type 1.

Does Oracle Cloud have SOC 2 Type 2 certification ?

According to Rankiteo, Oracle Cloud does not hold a SOC 2 Type 2 certification.

Does Oracle Cloud comply with GDPR ?

According to Rankiteo, Oracle Cloud is not listed as GDPR compliant.

Does Oracle Cloud have PCI DSS certification ?

According to Rankiteo, Oracle Cloud does not currently maintain PCI DSS compliance.

Does Oracle Cloud comply with HIPAA ?

According to Rankiteo, Oracle Cloud is not compliant with HIPAA regulations.

Does Oracle Cloud have ISO 27001 certification ?

According to Rankiteo,Oracle Cloud is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Oracle Cloud operate in ?

Oracle Cloud operates primarily in the IT Services and IT Consulting industry.

How many employees does Oracle Cloud have ?

Oracle Cloud employs approximately 2 people worldwide.

Does Oracle Cloud own any subsidiaries ?

Oracle Cloud presently has no subsidiaries across any sectors.

How many LinkedIn followers does Oracle Cloud have ?

Oracle Cloud's official LinkedIn profile has approximately 180,059 followers.

What is the NAICS classification code for Oracle Cloud ?

Oracle Cloud is classified under the NAICS code 5415, which corresponds to Computer Systems Design and Related Services.

Does Oracle Cloud have a Crunchbase profile ?

No, Oracle Cloud does not have a profile on Crunchbase.

Does Oracle Cloud have a LinkedIn profile ?

Yes, Oracle Cloud maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/oracle-cloud.

How many cybersecurity incidents has Oracle Cloud experienced ?

As of June 16, 2026, Rankiteo reports that Oracle Cloud has experienced 62 cybersecurity incidents.

How many peer or competitor companies does Oracle Cloud have ?

Oracle Cloud has an estimated 40,691 peer or competitor companies worldwide.

What types of cybersecurity incidents has Oracle Cloud faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Ransomware, Breach, Vulnerability and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Oracle Cloud

Boost Score +25 with badge (5 left)

671

/1000

Weak

696

/1000

Weak

Oracle Cloud Vendor Cyber Rating & Cyber Score

oracle.com

Add Your Compliance Badge

Thanks to exceptional people, we lead the market in autonomous, cloud, and applications technologies.

Oracle Cloud A.I CyberSecurity Scoring

Scoring History

Oracle Cloud

Oracle Cloud CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Oracle

Vulnerability

100

6/2026

Oracle

ORA1781526596

Oracle

Vulnerability

100

6/2026

Oracle

ORA1781180663

Oracle

Cyber Attack

100

6/2026

Oracle

ORAUNI178112306...

Oracle

Vulnerability

100

6/2026

Oracle

ORA1780418023

Oracle

Breach

5/2026

METORATICBANYAH...

Oracle

Vulnerability

100

4/2026

Oracle

TULORA177741565...

Oracle

Breach

100

4/2026

ORABUS177558268...

Oracle

Breach

4/2026

Snowflake

JONGENMCDGOL177...

Oracle

Vulnerability

3/2026

ORA1774088623

Oracle

Cyber Attack

3/2026

Oracle

BROBECTHEORAABB...

Oracle

Breach

100

3/2026

Oracle

NO-SHOPRELOB177...

Oracle

Breach

3/2026

RAYORAFED177252...

Oracle

Breach

3/2026

Oracle

MSG1772483822

Oracle

Cyber Attack

2/2026

Oracle

MGMCAEORAWYN177...

Oracle

Ransomware

100

2/2026

Oracle

HYPORA177368645...

Oracle

Breach

2/2026

ORA1770195349

Oracle

Vulnerability

100

1/2026

ORA1768994894

Oracle

Ransomware

100

1/2026

Oracle

CONDAVORASANASA...

Oracle

Breach

1/2026

Oracle

DARHARPRICOLCLE...

Oracle

Breach

1/2026

Oracle

MADMICKORORA177...

Oracle

Cyber Attack

12/2025

Oracle

ADIHEAHARMARTHE...

Oracle Cloud

Cyber Attack

100

12/2025

Microsoft Secur...

AMAORAMIC177069...

Oracle Cloud

Cyber Attack

100

12/2025

Tencent Cloud

CLO1769705152

Oracle

Vulnerability

12/2025

Oracle

ORAMSG177223849...

Oracle

Ransomware

100

12/2025

Snowflake

MEREQUUNIMAEMGM...

Oracle

Cyber Attack

11/2025

Oracle

PRIORAUNI176641...

Oracle

Vulnerability

11/2025

Oracle

ORA1766435444

Oracle

Cyber Attack

100

11/2025

Oracle

NHS343233411142...

Oracle

Ransomware

100

11/2025

Oracle

BAR1765043770

Oracle Security

Breach

100

10/2025

BleepingCompute...

F50032500101925

Oracle

Cyber Attack

10/2025

Oracle

ORAWIT177393075...

Oracle

Vulnerability

10/2025

Oracle

ORAPAR176601590...

Oracle Cloud

Cyber Attack

9/2025

ORA805090225

Oracle

Breach

8/2025

Oracle

TULORA177907840...

Oracle

Vulnerability

8/2025

Oracle

MARORA177248417...

Oracle

Breach

100

8/2025

Oracle

COX531024531124...

Oracle

Vulnerability

8/2025

Oracle

ORATHE177023779...

Oracle

Breach

8/2025

Salesloft

SAL093230911102...

Oracle

Ransomware

100

8/2025

Oracle

ANYSOT177081084...

Oracle

Vulnerability

8/2025

Oracle

ORAHYP177365018...

Oracle Communicatio...

Ransomware

100

8/2025

Salesloft

ORA169211610072...

Oracle

Ransomware

100

7/2025

moveIT Software

ORA420244210102...

Oracle

Cyber Attack

100

7/2025

Oracle

JAG259202511152...

Oracle

Ransomware

100

6/2025

Oracle

BRO310513111262...

Oracle Cloud

Vulnerability

6/2025

ORA083260810142...

Oracle

Ransomware

100

5/2025

Oracle

ORA566215610062...

Oracle Cloud

Breach

100

4/2025

ORA656040225

Oracle Health

Breach

4/2025

Oracle Health

ORA455040125

Oracle Cloud

Breach

100

3/2025

ORA344032125

Oracle Health

Breach

1/2025

Oracle Health

ORA526032825

Oracle Cloud SCM

Ransomware

100

1/2025

Salesforce

THEINGSALJAGORA...

Oracle Cloud

Vulnerability

8/2024

ORA499324910062...

Oracle

Vulnerability

7/2024

ORA1780446221

Oracle Cloud

Ransomware

6/2024

ORA406214010022...

Oracle Cloud

Ransomware

100

1/2024

ORA109221010022...

Oracle Cloud

Ransomware

100

6/2023

ORA523325211212...

Oracle

Ransomware

100

1/2023

ORAMIC177555100...

Oracle Cloud

Breach

100

6/2021

ORA615032225

Oracle Cloud

Breach

100

6/2020

ORA956040325

Oracle Cloud

Ransomware

100

6/2019

ORA433274311212...

Oracle Cloud

Breach

100

08/2016

ORA392622

Oracle Cloud

Breach

7/2013

ORA720082025

Loading…

A.I.

Oracle Cloud Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Oracle Cloud

Incidents vs IT Services and IT Consulting Industry Avg (This Year)

No incidents recorded for Oracle Cloud in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Oracle Cloud in 2026.

Incident Types Oracle Cloud vs IT Services and IT Consulting Industry Avg (This Year)

No incidents recorded for Oracle Cloud in 2026.

Incident History - Oracle Cloud (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Oracle Cloud Subsidiaries

Oracle Cloud

IT Services and IT Consulting

Website: https://www.oracle.com/cloud/

Company Size: 10,001+ employees

OracleIT Services and IT Consulting

NetSuiteSoftware Development

Inside the SuiteSoftware Development

NetSuite Partner CommunitySoftware Development

NetSuite Sales Development Representative ProgramSoftware Development

Oracle Cloud SCMInformation Technology & Services

Oracle SecurityIT Services and IT Consulting

Oracle RestaurantsIT Services and IT Consulting

Loading…

Oracle Cloud Similar Companies

TD SYNNEX North America

tdsynnex.com

We’re TD SYNNEX (NYSE: SNX), a leading distributor and solutions aggregator for the IT ecosystem. We’re 22,000 of the IT industry’s best and brightest, who share an unwavering passion for bringing compelling technology products, services and solutions to the world. We’re an innovative partner that helps our customers maximize the value of IT investments, demonstrate business outcomes and unlock growth opportunities. At our core, we’re a company that cares. We care about our partners, our co-workers, our investors and the world around us. And we’re committed to being a diverse, inclusive employer of choice and a good corporate citizen.

Insight

insight.com

Insight Enterprises, Inc. is a Fortune 500 solutions integrator helping organizations accelerate their digital journey to modernize their business and maximize the value of technology. Insight’s technical expertise spans cloud and edge-based transformation solutions, with global scale and optimization built on 33+ years of deep partnerships with the world’s leading and emerging technology providers.

CGI

cgi.com

Insights you can act on. Founded in 1976, CGI is among the largest IT and business consulting services firms in the world. We are insights-driven and outcomes-focused to help accelerate returns on your investments. Across hundreds of locations worldwide, we provide comprehensive, scalable and sustainable IT and business consulting services that are informed globally and delivered locally. We value your opinions and welcome your comments and questions on our posts here on LinkedIn. Please keep a polite, professional and constructive tone. We remove comments containing objectionable language and derogatory views. We do not allow content that is unrelated to the subject, and we remove discriminatory and racist comments as well as spam and advertising. Note that content on this page contains general information regarding CGI’s services and initiatives and should not be considered direct business advice. To engage in a discussion with one of our experts, please make a request through https://www.cgi.com/en/contact-us

Nagarro

cb nagarro.com

Nagarro helps future-proof your business through a forward-thinking, fluidic, and CARING mindset. We excel at digital engineering and help our clients become human-centric, digital-first organizations, augmenting their ability to be responsive, efficient, intimate, creative, and sustainable. Today, we are 18,000+ experts across 38 countries, forming a Nation of Nagarrians, ready to help our customers succeed.

inDrive

cb inDrive.com

inDrive is a global mobility and urban services platform. The inDrive app has been downloaded over 400 million times, and has been the second most downloaded mobility app for the third consecutive year. In addition to ride-hailing, inDrive provides an expanding list of urban services, including intercity transportation and delivery. In 2023, inDrive launched New Ventures, a venture and M&A arm. inDrive operates in 1065 cities in 48 countries. Driven by its mission of challenging social injustice, the company is committed to having a positive impact on the lives of one billion people by 2030. It pursues this goal both through its core business, which supports local communities via a fair pricing model; and through the work of inVision, its non-profit arm. inVision’s community empowerment programs help to advance education, sports, arts and sciences, gender equality and other vital initiatives. For more information visit www.inDrive.com

Zensar Technologies

zensar.com

Zensar stands out as a premier technology consulting and services company, embracing an ‘experience-led everything’ philosophy. We are creators, thinkers, and problem solvers passionate about designing digital experiences that are engineered into scale-ready products, services, and solutions to deliver superior engagement to high-growth companies. This full lifecycle capability – from experience to engineering to engagement – is what makes us unique. This integrated approach also means that we harness the power of technology, creativity, and insight to deliver impact — ensuring our work focuses not just on technology but also on the people who use it. Part of the $4.4 billion RPG Group, Zensar is headquartered in Pune, India. Our 10,000+ employees work across 30+ locations worldwide, including Seattle, Princeton, Cape Town, London, Singapore, and Mexico City. As an organization, we are diverse and multi-dimensional and unite across geographies and skill sets to deliver products and services that are value-driven, environmentally conscious, and human-centered. To know more, visit us at www.zensar.com.

Canon EMEA

canon-europe.com

We are Canon Europe. We are the world's best imaging company. This page represents our offices in Europe, the Middle East and Africa. Founded in 1937, the desire to continuously innovate has kept Canon at the forefront of imaging excellence throughout its 85-year history and has commitments to invest in the right areas and capture growth opportunities. From cameras to commercial printers, and business consultancy to healthcare technologies, Canon enriches lives and businesses through imaging innovation. Canon’s corporate philosophy is Kyosei – ‘living and working together for the common good’. In EMEA, Canon Europe pursues sustainable business growth, focusing on reducing its own environmental impact and supporting customers to reduce theirs using Canon’s products, solutions and services. Canon Europe has operations in roughly 120 countries, with approximately 13,500 employees and contributes to around a quarter of Canon’s global revenues annually.

Sutherland

sutherlandglobal.com

Artificial Intelligence. Automation. Cloud Engineering. Advanced Analytics. For Enterprises, these are key factors of success. For us, they’re our core expertise. We work with global iconic brands. We bring them a unique value proposition through market-leading technologies and business process excellence. At the heart of it all is Digital Engineering services – the foundation that powers rapid innovation and scalable business transformation. We’ve created 363 unique and independent inventions, 250 of which are AI-based and rolled up under several patent grants in critical technologies. Leveraging our advanced products and platforms, we drive digital transformation at scale, optimize critical business operations, reinvent experiences, and pioneer new solutions, all provided through a seamless “as-a-service” model. For each company, we provide new keys for their businesses, the people they work with, and the customers they serve. With proven strategies and agile execution, we don’t just enable change — we engineer digital outcomes.

TEKsystems

teksystems.com

We’re TEKsystems and TEKsystems Global Services. We accelerate business transformation for our customers, so they can capitalize on change and master the momentum of technology. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We’re building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies.

Loading…

NEWS

Oracle Cloud CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 05, 2026 08:00 AM

Oracle, WEBEL Launch AI and Cybersecurity Training Program

As we advance our agenda to provide employment, increase research and development, manufacturing and consulting services,...

Read Article

December 30, 2025 08:00 AM

80 Hospitals May Have Been Affected by the Oracle Health Data Breach

The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a security alert about the recently confirmed Oracle data breach.

Read Article

November 13, 2025 08:00 AM

Read our guide to utility cybersecurity

Learn about the security challenges that water and power companies face and best practices for protecting their infrastructure against...

Read Article

October 14, 2025 07:00 AM

Oracle's New Defense Ecosystem Members Includes Quantum Cybersecurity Startup American Binary

American Binary has joined the second cohort of the Oracle Defense Ecosystem, a global initiative to accelerate AI, cyber, and cloud.

Read Article

July 01, 2025 07:02 AM

AIS and Oracle launch local cloud to support AI in Thailand

Share this story: Tags: AI · cloud · cybersecurity · data · Digital Transformation · oracle · Security. Categories:: AI & Cloud

Read Article

June 28, 2025 07:00 AM

Responding to the EU Digital Operational Resilience Act (DORA) with Oracle Zero Data Loss Autonomous Recovery Service (ZRCV)

Read Article

June 19, 2025 07:00 AM

Oracle launches air-gapped cloud for security & sovereignty

Oracle launches Compute Cloud@Customer Isolated, an air-gapped cloud service boosting security and data sovereignty for governments and...

Read Article

June 05, 2025 07:00 AM

Rubrik expands cloud databases and Oracle Cloud protection

Oracle Cloud and cloud database offerings from AWS and Microsoft Azure are the latest workloads protected by the Rubrik platform.

Read Article

June 05, 2025 07:00 AM

Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI

A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity Services Engine (ISE)

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12191

SUMMARY

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdrive/modeld/modeld.py of the component Pickle Module. The manipulation results in deserialization. The attack is only possible with local access. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 7.8)

cvss2

Base Score: 6.8

Complexity: LOW

AV:L/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.1

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-12190

SUMMARY

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 5.3)

cvss2

Base Score: 4.3

Complexity: LOW

AV:L/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 4.8

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.8

REFERENCES

CVE-2026-12189

SUMMARY

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzmate. Executing a manipulation can lead to improper authorization in handler for custom url scheme. The attack can only be executed locally. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 5.3)

cvss2

Base Score: 4.3

Complexity: LOW

AV:L/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 1.9

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.8

REFERENCES

CVE-2026-12188

SUMMARY

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules/core/backend/app/controllers/concerns/grit/core/grit_entity_controller.rb of the component GritEntityController. Performing a manipulation results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 6.3)

cvss2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 6.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

2.8

REFERENCES

CVE-2026-12187

SUMMARY

A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 4.7 addresses this issue. Upgrading the affected component is advised. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…