What is the official website of Oracle Construction and Engineering ?

The official website of Oracle Construction and Engineering is https://www.oracle.com/industries/construction-engineering/index.html.

What is Oracle Construction and Engineering's cybersecurity risk score?

Oracle Construction and Engineering has an AI-generated cybersecurity risk score of 748 out of 1000, indicating a Moderate security posture according to Rankiteo's assessment.

How many security incidents has Oracle Construction and Engineering experienced?

According to Rankiteo, Oracle Construction and Engineering currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Oracle Construction and Engineering been affected by any supply chain cyber incidents ?

According to Rankiteo, Oracle Construction and Engineering has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: Oracle (Incident ID: ORA1781180663) Oracle (Incident ID: ORAUNI1781123069) Oracle (Incident ID: ORA1780418023) Oracle (Incident ID: TULORA1777415654) Snowflake (Incident ID: JONGENMCDGOL1775507547) Oracle (Incident ID: BROBECTHEORAABB1773750615) Oracle (Incident ID: NO-SHOPRELOB1773534483) Oracle (Incident ID: MSG1772483822) Oracle (Incident ID: MGMCAEORAWYN1771962331) Oracle (Incident ID: HYPORA1773686454) Oracle (Incident ID: CONDAVORASANASA1770645741) Oracle (Incident ID: DARHARPRICOLCLE1767881845) Oracle (Incident ID: MADMICKORORA1773232260) Oracle (Incident ID: ADIHEAHARMARTHEJAG1767017696) Microsoft Security (Incident ID: AMAORAMIC1770695748) Tencent Cloud (Incident ID: CLO1769705152) Oracle (Incident ID: ORAMSG1772238496) Snowflake (Incident ID: MEREQUUNIMAEMGMGOOTOYSNOALLORARIPTIC1775528897) Oracle (Incident ID: PRIORAUNI1766419165) Oracle (Incident ID: ORA1766435444) Oracle (Incident ID: NHS3432334111425) Oracle (Incident ID: BAR1765043770) BleepingComputer (Incident ID: F50032500101925) Oracle (Incident ID: ORAWIT1773930753) Oracle (Incident ID: ORAPAR1766015901) Oracle (Incident ID: TULORA1779078400) Oracle (Incident ID: MARORA1772484170) Oracle (Incident ID: COX53102453112425) Oracle (Incident ID: ORATHE1770237797) Salesloft (Incident ID: SAL0932309111025) Oracle (Incident ID: ANYSOT1770810849) Oracle (Incident ID: ORAHYP1773650183) Salesloft (Incident ID: ORA1692116100725) moveIT Software (Incident ID: ORA4202442101025) Oracle (Incident ID: JAG2592025111525) Oracle (Incident ID: BRO3105131112625) Oracle (Incident ID: ORA5662156100625) Oracle Health (Incident ID: ORA455040125) Oracle Health (Incident ID: ORA526032825) Salesforce (Incident ID: THEINGSALJAGORASYNDAV1769095448)

Does Oracle Construction and Engineering have SOC 2 Type 1 certification ?

According to Rankiteo, Oracle Construction and Engineering is not certified under SOC 2 Type 1.

Does Oracle Construction and Engineering have SOC 2 Type 2 certification ?

According to Rankiteo, Oracle Construction and Engineering does not hold a SOC 2 Type 2 certification.

Does Oracle Construction and Engineering comply with GDPR ?

According to Rankiteo, Oracle Construction and Engineering is not listed as GDPR compliant.

Does Oracle Construction and Engineering have PCI DSS certification ?

According to Rankiteo, Oracle Construction and Engineering does not currently maintain PCI DSS compliance.

Does Oracle Construction and Engineering comply with HIPAA ?

According to Rankiteo, Oracle Construction and Engineering is not compliant with HIPAA regulations.

Does Oracle Construction and Engineering have ISO 27001 certification ?

According to Rankiteo,Oracle Construction and Engineering is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Oracle Construction and Engineering operate in ?

Oracle Construction and Engineering operates primarily in the IT Services and IT Consulting industry.

How many employees does Oracle Construction and Engineering have ?

Oracle Construction and Engineering employs approximately 3 people worldwide.

Does Oracle Construction and Engineering own any subsidiaries ?

Oracle Construction and Engineering presently has no subsidiaries across any sectors.

How many LinkedIn followers does Oracle Construction and Engineering have ?

Oracle Construction and Engineering's official LinkedIn profile has approximately 26,081 followers.

What is the NAICS classification code for Oracle Construction and Engineering ?

Oracle Construction and Engineering is classified under the NAICS code 5415, which corresponds to Computer Systems Design and Related Services.

Does Oracle Construction and Engineering have a Crunchbase profile ?

No, Oracle Construction and Engineering does not have a profile on Crunchbase.

Does Oracle Construction and Engineering have a LinkedIn profile ?

Yes, Oracle Construction and Engineering maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/oracle-construction-and-engineering.

How many cybersecurity incidents has Oracle Construction and Engineering experienced ?

As of June 15, 2026, Rankiteo reports that Oracle Construction and Engineering has experienced 62 cybersecurity incidents.

How many peer or competitor companies does Oracle Construction and Engineering have ?

Oracle Construction and Engineering has an estimated 40,689 peer or competitor companies worldwide.

What types of cybersecurity incidents has Oracle Construction and Engineering faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Ransomware, Breach, Vulnerability and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

OCE

Boost Score +25 with badge (5 left)

748

/1000

Moderate

773

/1000

Fair

Oracle Construction and Engineering Vendor Cyber Rating & Cyber Score

oracle.com

Add Your Compliance Badge

Asset owners and project leaders rely on Oracle Construction and Engineering software for the visibility and control, connected supply chain, and data security needed to drive performance and mitigate risk across their processes, projects, and organization. Feel confident in your digital transformation with modern cloud solutions that grow and scale with you at every step of your journey. Enable efficiency, collaboration, and change control for your teams that plan, build, and operate critical assets.

OCE A.I CyberSecurity Scoring

Scoring History

OCE

Oracle Construction and Engineering CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Oracle

Vulnerability

100

6/2026

ORA1781526596

Oracle

Vulnerability

100

6/2026

Oracle

ORA1781180663

Oracle

Cyber Attack

100

6/2026

Oracle

ORAUNI178112306...

Oracle

Vulnerability

100

6/2026

Oracle

ORA1780418023

Oracle

Breach

5/2026

METORATICBANYAH...

Oracle

Vulnerability

100

4/2026

Oracle

TULORA177741565...

Oracle

Breach

100

4/2026

ORABUS177558268...

Oracle

Breach

4/2026

Snowflake

JONGENMCDGOL177...

Oracle

Vulnerability

3/2026

ORA1774088623

Oracle

Cyber Attack

3/2026

Oracle

BROBECTHEORAABB...

Oracle

Breach

100

3/2026

Oracle

NO-SHOPRELOB177...

Oracle

Breach

3/2026

RAYORAFED177252...

Oracle

Breach

3/2026

Oracle

MSG1772483822

Oracle

Cyber Attack

2/2026

Oracle

MGMCAEORAWYN177...

Oracle

Ransomware

100

2/2026

Oracle

HYPORA177368645...

Oracle

Breach

2/2026

ORA1770195349

Oracle

Vulnerability

100

1/2026

ORA1768994894

Oracle

Ransomware

100

1/2026

Oracle

CONDAVORASANASA...

Oracle

Breach

1/2026

Oracle

DARHARPRICOLCLE...

Oracle

Breach

1/2026

Oracle

MADMICKORORA177...

Oracle

Cyber Attack

12/2025

Oracle

ADIHEAHARMARTHE...

Oracle Cloud

Cyber Attack

100

12/2025

Microsoft Secur...

AMAORAMIC177069...

Oracle Cloud

Cyber Attack

100

12/2025

Tencent Cloud

CLO1769705152

Oracle

Vulnerability

12/2025

Oracle

ORAMSG177223849...

Oracle

Ransomware

100

12/2025

Snowflake

MEREQUUNIMAEMGM...

Oracle

Cyber Attack

11/2025

Oracle

PRIORAUNI176641...

Oracle

Vulnerability

11/2025

Oracle

ORA1766435444

Oracle

Cyber Attack

100

11/2025

Oracle

NHS343233411142...

Oracle

Ransomware

100

11/2025

Oracle

BAR1765043770

Oracle Security

Breach

100

10/2025

BleepingCompute...

F50032500101925

Oracle

Cyber Attack

10/2025

Oracle

ORAWIT177393075...

Oracle

Vulnerability

10/2025

Oracle

ORAPAR176601590...

Oracle Construction...

Cyber Attack

9/2025

ORA805090225

Oracle

Breach

8/2025

Oracle

TULORA177907840...

Oracle

Vulnerability

8/2025

Oracle

MARORA177248417...

Oracle

Breach

100

8/2025

Oracle

COX531024531124...

Oracle

Vulnerability

8/2025

Oracle

ORATHE177023779...

Oracle

Breach

8/2025

Salesloft

SAL093230911102...

Oracle

Ransomware

100

8/2025

Oracle

ANYSOT177081084...

Oracle

Vulnerability

8/2025

Oracle

ORAHYP177365018...

Oracle Communicatio...

Ransomware

100

8/2025

Salesloft

ORA169211610072...

Oracle

Ransomware

100

7/2025

moveIT Software

ORA420244210102...

Oracle

Cyber Attack

100

7/2025

Oracle

JAG259202511152...

Oracle

Ransomware

100

6/2025

Oracle

BRO310513111262...

Oracle Construction...

Vulnerability

6/2025

ORA083260810142...

Oracle

Ransomware

100

5/2025

Oracle

ORA566215610062...

Oracle Construction...

Breach

100

4/2025

ORA656040225

Oracle Health

Breach

4/2025

Oracle Health

ORA455040125

Oracle Construction...

Breach

100

3/2025

ORA344032125

Oracle Health

Breach

1/2025

Oracle Health

ORA526032825

Oracle Cloud SCM

Ransomware

100

1/2025

Salesforce

THEINGSALJAGORA...

Oracle Construction...

Vulnerability

8/2024

ORA499324910062...

Oracle

Vulnerability

7/2024

ORA1780446221

Oracle Construction...

Ransomware

6/2024

ORA406214010022...

Oracle Construction...

Ransomware

100

1/2024

ORA109221010022...

Oracle Construction...

Ransomware

100

6/2023

ORA523325211212...

Oracle

Ransomware

100

1/2023

ORAMIC177555100...

Oracle Construction...

Breach

100

6/2021

ORA615032225

Oracle Construction...

Breach

100

6/2020

ORA956040325

Oracle Construction...

Ransomware

100

6/2019

ORA433274311212...

Oracle Construction...

Breach

100

08/2016

ORA392622

Oracle Construction...

Breach

7/2013

ORA720082025

Loading…

A.I.

OCE Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for OCE

Incidents vs IT Services and IT Consulting Industry Avg (This Year)

No incidents recorded for Oracle Construction and Engineering in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Oracle Construction and Engineering in 2026.

Incident Types OCE vs IT Services and IT Consulting Industry Avg (This Year)

No incidents recorded for Oracle Construction and Engineering in 2026.

Incident History - OCE (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Oracle Construction and Engineering Subsidiaries

OCE

IT Services and IT Consulting

Website: https://www.oracle.com/industries/construction-engineering/index.html

Company Size: 10,001+ employees

OracleIT Services and IT Consulting

Oracle UtilitiesInformation Technology & Services

NetSuiteSoftware Development

Inside the SuiteSoftware Development

NetSuite Planning and BudgetingSoftware Development

NetSuite Partner CommunitySoftware Development

NetSuite Planning and BudgetingSoftware Development

NetSuite Sales Development Representative ProgramSoftware Development

Oracle Life SciencesIT Services and IT Consulting

Oracle DatabaseInformation Technology & Services

Oracle RestaurantsIT Services and IT Consulting

Loading…

Oracle Construction and Engineering Similar Companies

TD SYNNEX North America

tdsynnex.com

We’re TD SYNNEX (NYSE: SNX), a leading distributor and solutions aggregator for the IT ecosystem. We’re 22,000 of the IT industry’s best and brightest, who share an unwavering passion for bringing compelling technology products, services and solutions to the world. We’re an innovative partner that helps our customers maximize the value of IT investments, demonstrate business outcomes and unlock growth opportunities. At our core, we’re a company that cares. We care about our partners, our co-workers, our investors and the world around us. And we’re committed to being a diverse, inclusive employer of choice and a good corporate citizen.

NTT DATA Business Solutions

nttdata-solutions.com

We understand the business of our clients and know what it takes to transform it into the future. At NTT DATA Business Solutions, we drive innovation – from advisory and implementation to managed services and beyond. With SAP at our core and a powerful ecosystem of partners, we continuously improve solutions and technology to make them work for companies – and for their people. Aiming to transform, grow and become more successful? We provide you with more than in-depth expertise for SAP solutions: As your passionate partner, we connect your business opportunities with the latest technologies – and offer you a unique approach to get the job done as smoothly as possible. Our close ties to our partners give you access to innovative solutions and developments. Being part of the global NTT DATA group enables us to master any scope of project. With operations in more than 30 countries, we have enabled thousands of companies become more efficient and effective during the last three decades. Our more than 16,000 experts around the world will also accompany you on your journey toward a truly intelligent enterprise – wherever you want to start!

Serco

serco.com

We bring together the right people, the right technology and the right partners to create innovative solutions that make positive impact and address some of the most urgent and complex challenges facing the modern world. With a focus on serving governments globally, Serco’s services span justice, migration, defence, space, customer services, health, and transport. Our core capabilities include service design and advisory, resourcing, complex programme management, systems integration, case management, engineering, and asset & facilities management.

CACI International Inc

cb caci.com

At CACI International Inc (NYSE: CACI), our 25,000 talented and dynamic employees are ever vigilant in delivering distinctive expertise and technology to meet our customers’ greatest challenges in national security. We are a company of good character, relentless innovation, and long-standing excellence. Our culture drives our success and earns us recognition as a Fortune World's Most Admired Company. CACI is a member of the Fortune 500™ Largest Companies, the Russell 1000 Index, and the S&P MidCap 400 Index. For more information, visit us at www.caci.com. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities

Inetum

inetum.com

Inetum is a European leader in digital services. Inetum’s team of 27,000 consultants and specialists strive every day to make a digital impact for businesses, public sector entities and society. Inetum’s solutions aim at contributing to its clients’ performance and innovation as well as the common good. Present in 19 countries with a dense network of sites, Inetum partners with major software publishers to meet the challenges of digital transformation with proximity and flexibility. Driven by its ambition for growth and scale, Inetum generated sales of 2.4 billion euros in 2024. 🏅 Top Employer Europe 2025

Tata Elxsi

tataelxsi.com

Tata Elxsi is amongst the world’s leading providers of design and technology services across industries, including Automotive, Media & Entertainment, Communications, and Healthcare. Tata Elxsi is helping customers reimagine their products and services through design thinking and the application of digital technologies such as IoT (Internet of Things), Cloud, Mobility, Virtual Reality, and Artificial Intelligence. Tata Elxsi is truly home to a billion possibilities. We believe in opportunities for everyone - to be bold, and curious and seek to shape the future. Explore what’s possible, discover what you love to do, and find accelerated paths for growth. At Tata Elxsi, you matter.

Allianz Technology

allianz.com

With its headquarters in Munich, Germany, Allianz Technology is Allianz's global IT service provider and delivers IT solutions that drive the group's digitalization. With more than 11,000 employees in more than 20 countries around the world, Allianz Technology is tasked to run, optimize, transform, and innovate the infrastructure, applications, and services together with Allianz companies to co-create the best customer experience. We service the entire spectrum of digitalization - from one of the industry's largest IT infrastructure projects that spans data centres, networks, and security, to application platforms ranging from workplace services to digital interaction. In short: We deliver comprehensive end-to-end IT solutions for Allianz in the digital age. We are the backbone of Allianz.

Virtusa

cb virtusa.com

Virtusa is a global product and platform engineering services company that makes experiences better with technology. We help organizations grow faster, more profitably, and more sustainably by reimagining enterprises through domain-driven solutions. We combine strategy, design, and engineering, backed by unmatched expertise at the intersection of industry, business, and technology to generate real-world business impact for clients. Headquartered in Massachusetts with global delivery centers, Virtusa provides a broad range of services, solutions, and assets, including strategy and design, AI advisory and services, digital engineering, data and analytics, digital assurance, cloud and security, cx transformation and managed services across industries such as financial services, healthcare, communications, media, entertainment, travel, manufacturing, and technology.

inDrive

cb inDrive.com

inDrive is a global mobility and urban services platform. The inDrive app has been downloaded over 400 million times, and has been the second most downloaded mobility app for the third consecutive year. In addition to ride-hailing, inDrive provides an expanding list of urban services, including intercity transportation and delivery. In 2023, inDrive launched New Ventures, a venture and M&A arm. inDrive operates in 1065 cities in 48 countries. Driven by its mission of challenging social injustice, the company is committed to having a positive impact on the lives of one billion people by 2030. It pursues this goal both through its core business, which supports local communities via a fair pricing model; and through the work of inVision, its non-profit arm. inVision’s community empowerment programs help to advance education, sports, arts and sciences, gender equality and other vital initiatives. For more information visit www.inDrive.com

Loading…

NEWS

Oracle Construction and Engineering CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 10, 2026 12:11 PM

Oracle Unveils AI-Driven Safety Solution to Transform Construction Sites

Discover how Oracle's new AI-driven safety solution is set to revolutionize construction sites, enhancing worker safety and efficiency...

Read Article

March 05, 2026 07:25 PM

Internships

Discover your impact with Deloitte's internship opportunities for college students.

Read Article

January 27, 2026 08:00 AM

Dubai re-engineers cybersecurity for AI, smart infrastructure era: Ampcus Cyber

Dubai is rapidly emerging as a global digital and AI hub, moving beyond its traditional image of luxury and modernity.

Read Article

December 03, 2025 08:00 AM

Ransomware Attacks Surge to Second-Highest Level in 2025

Ransomware attacks rise in November 2025, targeting critical sectors and supply chains, highlighting urgent cybersecurity risks worldwide.

Read Article

November 14, 2025 08:00 AM

Logitech Confirms Data Breach; Follows CL0P Victim Claims

Logitech International S.A. has confirmed that it was hit by a data breach, the company said in an SEC filing late last week.

Read Article

November 13, 2025 08:00 AM

Read our guide to utility cybersecurity

Learn about the security challenges that water and power companies face and best practices for protecting their infrastructure against...

Read Article

March 31, 2025 07:00 AM

Hacker linked to Oracle Cloud intrusion threatens to sell stolen data

The threat actor that claimed responsibility for an alleged data breach at Oracle Cloud is threatening to release or sell the data, according to security...

Read Article

November 06, 2024 08:00 AM

Oracle taps Vodafone Business to provide global IoT connectivity

Integrated communications and cloud services provider teams with operator's internet of things division to bring connectivity to enterprise...

Read Article

July 30, 2024 07:00 AM

How — and why — to add cybersecurity provisions to construction contracts

Lawyers talk about the ways that contractors can guard themselves against the legal risks of attacks, and what to do if a breach occurs.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12191

SUMMARY

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdrive/modeld/modeld.py of the component Pickle Module. The manipulation results in deserialization. The attack is only possible with local access. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 7.8)

cvss2

Base Score: 6.8

Complexity: LOW

AV:L/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.1

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-12190

SUMMARY

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 5.3)

cvss2

Base Score: 4.3

Complexity: LOW

AV:L/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 4.8

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.8

REFERENCES

CVE-2026-12189

SUMMARY

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzmate. Executing a manipulation can lead to improper authorization in handler for custom url scheme. The attack can only be executed locally. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 5.3)

cvss2

Base Score: 4.3

Complexity: LOW

AV:L/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 1.9

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.8

REFERENCES

CVE-2026-12188

SUMMARY

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules/core/backend/app/controllers/concerns/grit/core/grit_entity_controller.rb of the component GritEntityController. Performing a manipulation results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 6.3)

cvss2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 6.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

2.8

REFERENCES

CVE-2026-12187

SUMMARY

A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 4.7 addresses this issue. Upgrading the affected component is advised. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…