What is Porsche Automotive Investment GmbH, China Branches's cybersecurity risk score?

Porsche Automotive Investment GmbH, China Branches has an AI-generated cybersecurity risk score of 812 out of 1000, indicating a Good security posture according to Rankiteo's assessment.

How many security incidents has Porsche Automotive Investment GmbH, China Branches experienced?

According to Rankiteo, Porsche Automotive Investment GmbH, China Branches currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Porsche Automotive Investment GmbH, China Branches been affected by any supply chain cyber incidents ?

According to Rankiteo, Porsche Automotive Investment GmbH, China Branches has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Porsche Automotive Investment GmbH, China Branches have SOC 2 Type 1 certification ?

According to Rankiteo, Porsche Automotive Investment GmbH, China Branches is not certified under SOC 2 Type 1.

Does Porsche Automotive Investment GmbH, China Branches have SOC 2 Type 2 certification ?

According to Rankiteo, Porsche Automotive Investment GmbH, China Branches does not hold a SOC 2 Type 2 certification.

Does Porsche Automotive Investment GmbH, China Branches have PCI DSS certification ?

According to Rankiteo, Porsche Automotive Investment GmbH, China Branches does not currently maintain PCI DSS compliance.

Does Porsche Automotive Investment GmbH, China Branches comply with HIPAA ?

According to Rankiteo, Porsche Automotive Investment GmbH, China Branches is not compliant with HIPAA regulations.

Does Porsche Automotive Investment GmbH, China Branches have ISO 27001 certification ?

According to Rankiteo,Porsche Automotive Investment GmbH, China Branches is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Porsche Automotive Investment GmbH, China Branches operate in ?

Porsche Automotive Investment GmbH, China Branches operates primarily in the Motor Vehicle Manufacturing industry.

How many employees does Porsche Automotive Investment GmbH, China Branches have ?

Porsche Automotive Investment GmbH, China Branches employs approximately 72 people worldwide.

Does Porsche Automotive Investment GmbH, China Branches own any subsidiaries ?

Porsche Automotive Investment GmbH, China Branches presently has no subsidiaries across any sectors.

How many LinkedIn followers does Porsche Automotive Investment GmbH, China Branches have ?

Porsche Automotive Investment GmbH, China Branches's official LinkedIn profile has approximately followers.

What is the NAICS classification code for Porsche Automotive Investment GmbH, China Branches ?

Porsche Automotive Investment GmbH, China Branches is classified under the NAICS code 3361, which corresponds to Motor Vehicle Manufacturing.

Does Porsche Automotive Investment GmbH, China Branches have a Crunchbase profile ?

No, Porsche Automotive Investment GmbH, China Branches does not have a profile on Crunchbase.

Does Porsche Automotive Investment GmbH, China Branches have a LinkedIn profile ?

Yes, Porsche Automotive Investment GmbH, China Branches maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/paig.

How many cybersecurity incidents has Porsche Automotive Investment GmbH, China Branches experienced ?

As of June 6, 2026, Rankiteo reports that Porsche Automotive Investment GmbH, China Branches has not experienced any cybersecurity incidents.

How many peer or competitor companies does Porsche Automotive Investment GmbH, China Branches have ?

Porsche Automotive Investment GmbH, China Branches has an estimated 12,961 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

PAIGCB

Boost Score +25 with badge (5 left)

812

/1000

Good

837

/1000

Good

Porsche Automotive Investment GmbH, China Branches Vendor Cyber Rating & Cyber Score

paig.com.cn

Add Your Compliance Badge

Porsche Holding Salzburg*, the largest automotive trading company in Europe, entered China market with the first premium brand dealership opening in 2005. With its fast and sustainable development and expansion in China, PAIG(China) Automobile Investment (also known as Porsche Automotive Investment GmbH China Branches, hereinafter referred to as PAIG (China)) was established in 2012, and is fully responsible for the dealer network development and operational business management of Porsche Holding in China market. We have established 34 automotive dealers in China up to date, covering 5 premium brands: VW, Audi, Bentley, Porsche and BMW. As a major premium brand dealer group from Europe, PAIG (China) possesses a profound knowledge and rich

PAIGCB A.I CyberSecurity Scoring

Scoring History

PAIGCB

Porsche Automotive Investment GmbH, China Branches CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

PAIGCB Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for PAIGCB

Incidents vs Motor Vehicle Manufacturing Industry Avg (This Year)

No incidents recorded for Porsche Automotive Investment GmbH, China Branches in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Porsche Automotive Investment GmbH, China Branches in 2026.

Incident Types PAIGCB vs Motor Vehicle Manufacturing Industry Avg (This Year)

No incidents recorded for Porsche Automotive Investment GmbH, China Branches in 2026.

Incident History - PAIGCB (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Porsche Automotive Investment GmbH, China Branches Subsidiaries

PAIGCB

Motor Vehicle Manufacturing

Website: http://www.paig.com.cn

Company Size: 72

106

Porsche HoldingWholesale

Volkswagen Group Retail SpainMotor Vehicle Manufacturing

Sevilla WagenMotor Vehicle Manufacturing

SIVAWholesale Motor Vehicles and Parts

Volkswagen PortugalMotor Vehicle Manufacturing

Audi PortugalMotor Vehicle Manufacturing

Škoda PortugalMotor Vehicle Manufacturing

Lamborghini LisboaMotor Vehicle Manufacturing

Volkswagen Veículos ComerciaisMotor Vehicle Manufacturing

Bentley LisboaMotor Vehicle Manufacturing

Audi ÖsterreichMotor Vehicle Manufacturing

Porsche HungariaMotor Vehicle Manufacturing

Saottini AutoMotor Vehicle Manufacturing

Porsche ColombiaMotor Vehicle Manufacturing

Audi ColombiaFabricación de vehículos de motor

Amarok ColombiaTruck Transportation

Skoda ColombiaTruck Transportation

VW Transporter ColombiaTruck Transportation

BONALDI MOTORI SPA Concessionaria Auto e Veicoli CommercialiMotor Vehicle Manufacturing

Centro Porsche BergamoMotor Vehicle Manufacturing

Bonaldi BusinessFinancial Services

Porsche Bank GroupFinancial Services

Porsche SlovenijaMotor Vehicle Manufacturing

Porsche Inter Auto - Österreichs größte AutohandelsgruppeMotor Vehicle Manufacturing

RINALDI S.P.A.Retail

Volkswagen Group Retail FranceMotor Vehicle Manufacturing

VGRF Business SolutionsRetail Motor Vehicles

Porsche Croatia d.o.o.Motor Vehicle Manufacturing

Porsche AlbaniaAutomotive

Porsche Finance Group RomaniaFinancial Services

Erre Esse S.p.A.Motor Vehicle Manufacturing

Porsche Media & CreativeAdvertising Services

Porsche ChileMotor Vehicle Manufacturing

Autocentro BaistrocchiMotor Vehicle Manufacturing

Eurocar FirenzeRetail

Porsche WienMotor Vehicle Manufacturing

DorigoniMotor Vehicle Manufacturing

Porsche SCG dooWholesale Motor Vehicles and Parts

Audi SrbijaWholesale Motor Vehicles and Parts

Volkswagen SrbijaWholesale Motor Vehicles and Parts

MOON POWER SrbijaElectric Power Transmission, Control, and Distribution

Škoda ÖsterreichMotor Vehicle Manufacturing

Porsche Inter Auto CZMotor Vehicle Manufacturing

Porsche Informatik GmbHIT Services and IT Consulting

Porsche SlovakiaMotor Vehicle Manufacturing

Porsche Zentrum Oberer ZürichseeMotor Vehicle Manufacturing

Porsche Inter Auto RomaniaMotor Vehicle Manufacturing

Porsche Ukraine LLCMotor Vehicle Manufacturing

Porsche Inter Auto SloveniaMotor Vehicle Manufacturing

VGRDMotor Vehicle Manufacturing

Audi Stuttgart GmbHMotor Vehicle Manufacturing

Volkswagen Automobile HamburgAutomotive

Volkswagen Automobile Stuttgart GmbHAutomotive

MAHAG GruppeMotor Vehicle Manufacturing

Volkswagen Automobile Leipzig GmbHMotor Vehicle Manufacturing

Audi Berlin GmbHMotor Vehicle Manufacturing

Schwaba GmbHMotor Vehicle Manufacturing

Audi HamburgMotor Vehicle Manufacturing

Audi Frankfurt GmbHMotor Vehicle Manufacturing

Audi Leipzig GmbHMotor Vehicle Manufacturing

Auto & Service PIA GmbHMotor Vehicle Manufacturing

Volkswagen Automobile Rhein-Neckar GmbHMotor Vehicle Manufacturing

Audi Hannover GmbHMotor Vehicle Manufacturing

Volkswagen Automobile Chemnitz GmbHMotor Vehicle Manufacturing

Volkswagen Automobile Berlin GmbHMotor Vehicle Manufacturing

Volkswagen Automobile Frankfurt GmbHMotor Vehicle Manufacturing

Porsche Finance Group UkraineFinancial Services

Porsche BHWholesale

Porsche Inter Auto BG EOODMotor Vehicle Manufacturing

Din BilMotor Vehicle Manufacturing

Porsche Center StockholmMotor Vehicle Manufacturing

Volkswagen StockholmMotor Vehicle Manufacturing

Porsche Finance Group SloveniaFinancial Services

Porsche BGWholesale

MOON POWER BulgariaUtilities

Porsche Inter Auto PolskaAutomotive

Centrum Flotowe Porsche Inter AutoTransportation, Logistics, Supply Chain and Storage

Porsche Inter Auto Slovakia, spol. s r.o.Motor Vehicle Manufacturing

SEAT Center ArrábidaMotor Vehicle Manufacturing

PAIG Japan Automobile Investment GKRetail Motor Vehicles

Porsche Inter Auto BHMotor Vehicle Manufacturing

Eurocar Friuli Venezia GiuliaAutomotive

DIGILAB ITALIA Srl - Filiale Italiana di PORSCHE INFORMATIK GmbHIT Services and IT Consulting

Porsche Leasing MacedoniaFinancial Services

Vicentini S.p.A. | Gruppo Eurocar ItaliaAutomotive

SEAT Česká republikaVýroba motorových vozidel

Volkswagen Puchong by PHS AutohausRetail Motor Vehicles

Porsche Inter Auto HungariaRetail Motor Vehicles

Porsche Inter Auto UkraineRetail

Porsche MovilidadFinancial Services

Porsche Informatik FranceIT Services and IT Consulting

SOAUTO VGRPMotor Vehicle Manufacturing

USADOS VolkswagenMotor Vehicle Manufacturing

Gruppo Eurocar ItaliaAutomotive

Volkswagen Group SingaporeMotor Vehicle Manufacturing

Porsche Inter Auto d.o.o.Motor Vehicle Manufacturing

Porsche Inter Auto S - SerbiaMotor Vehicle Manufacturing

Porsche Center BelgradeRetail Motor Vehicles

Porsche SeverMotor Vehicle Manufacturing

Porsche AdaMotor Vehicle Manufacturing

Porsche Novi SadMotor Vehicle Manufacturing

Volkswagen Passenger Cars Malaysia (VPCM)Motor Vehicle Manufacturing

Porsche Volkswagen Servicios Financieros Chile SpAFinancial Services

MOON POWERUtilities

Porsche RomaniaAutomotive

Porsche MacedoniaMotor Vehicle Manufacturing

Loading…

Porsche Automotive Investment GmbH, China Branches Similar Companies

International

international.com

We build International trucks and engines and IC Bus® school and commercial buses that are as tough and as smart as the people who drive them. Our solutions deliver greater uptime and productivity to fleets across North America. We also develop Fleetrite® aftermarket parts. In everything we do, our vision is to accelerate the impact of sustainable mobility to create the cleaner, safer world we all deserve. We are part of the TRATON Group, one of the world's leading commercial vehicle manufacturers.

Rivian

cb rivian.com

Doing something different is never easy. It requires courage, optimism and grit. Core to our mission is building a team of adventurous individuals determined to make a positive impact on the world. This means challenging ourselves constantly. Stretching beyond the bounds of conventional thinking. Reframing old problems. Seeking new solutions. And operating comfortably in a space of uncertainty. While our backgrounds are diverse, our team shares a love of the outdoors and a desire to protect it for future generations. Do you like doing the impossible? We’d love to hear from you.

Volkswagen do Brasil

vw.com.br

A gente sabe que o nome “Volkswagen” com certeza deve fazer parte da sua história. Porque a gente também sabe que não é à toa que estamos na vida, no coração e na garagem dos brasileiros. O segredo? Construímos os carros mais inovadores, tornamos as tecnologias acessíveis e dizemos sempre que estamos em constante desenvolvimento. Nunca paramos. Nunca nos damos por satisfeitos. Estamos construindo uma Nova Volkswagen, uma nova empresa para um novo mundo. Estamos focados em produtos, soluções de mobilidade e novos negócios que definam tendências, sempre discutindo e liderando o futuro da indústria. A ideia é usar as inovações tecnológicas não só a favor dos negócios, mas também das pessoas. Elas são a nossa inspiração para criarmos os carros mais seguros, modernos e eficientes. Sabemos que ao falar em inovação, as pessoas têm sempre que vir em primeiro lugar. Justamente por isso, fomos a única montadora a receber, em 2019, a certificação Top Employer, o mais importante reconhecimento internacional da excelência de uma empresa na gestão de pessoas, além de também sermos eleitos entre as 10 empresas mais desejadas para se trabalhar na pesquisa Valor Carreira – As Melhores na Gestão de Pessoas. Motivo de orgulho para cada um de nós. Fique de olho nas novidades da Volkswagen do Brasil aqui no LinkedIn e também em nossas outras redes sociais. Vai que você não é a pessoa que estamos procurando para fazer parte deste futuro com a gente? ;) Facebook: facebook.com/volkswagendobrasil Instagram: instagram.com/vwbrasil Twitter: twitter.com/vwbrasil YouTube: youtube.com/volkswagendobrasil

General Motors

gm.com

General Motors’ vision is to create a world with Zero Crashes, Zero Emissions and Zero Congestion, and we have committed ourselves to leading the way toward this future. Today, we are in the midst of a transportation revolution, and we have the ambition, the talent and the technology to realize the safer, better and more sustainable world we want. As an open, inclusive company, we’re also creating an environment where everyone feels welcomed and valued for who they are. One team, where all ideas are considered and heard, where everyone can contribute to their fullest potential, with a culture based in respect, integrity, accountability and equality. Our team brings wide-ranging perspectives and experiences to solving the complex transportation challenges of today and tomorrow. For information on the GM Privacy Statement, please visit http://www.gm.com/privacy-statement.html

Ferrari

cb ferrari.com

Ferrari's story officially began in 1947 when its first road car, the 125 S, emerged from the gate of no. 4 Via Abetone Inferiore in Maranello. The iconic two-seater went on to win the Rome Grand Prix later that year and shortly thereafter was developed into a refined GT roadster. The company has travelled a long way since then, but its mission has remained unaltered: to make unique sports cars that represent the finest in Italian design and craftsmanship, both on the track and on the road. The very definition of excellence and sportiness, Ferrari needs no introduction. Its principal calling card is the numerous Formula One titles it has won: a total of 16 constructors’ championships and 15 drivers’ championships. And of course, there is the impressive lineup of legendary GT models. Cars that are unique for their design, technology and luxurious styling and that represent the best in Italian the world over.

FORVIA

forvia.com

FORVIA comprises the complementary technology and industrial strengths of Faurecia and HELLA. With over 249 industrial sites and 78 R&D centers, 150,000 people, including more than 15,000 engineers across 40+ countries, FORVIA provides a unique and comprehensive approach to the automotive challenges of today and tomorrow. Composed of 6 business groups with 24 product lines, and a strong IP portfolio of over 12,900 patents, FORVIA is focused on becoming the preferred innovation and integration partner for OEMs worldwide. FORVIA aims to be a change maker committed to foreseeing and making the mobility transformation happen.

FORVIA HELLA

hella.com

FORVIA HELLA is a listed international automotive supplier. As a company of the FORVIA Group, FORVIA HELLA stands for high-performance lighting technology and vehicle electronics and, with the Lifecycle Solutions Business Group, also covers a broad service and product portfolio for the spare parts and workshop business as well as for manufacturers of special vehicles. With currently around 35,000 employees at over 125 locations, the Company is active worldwide and generated adjusted sales of €8.1 billion in fiscal year 2024. www.forvia-hella.com Legal notice: https://www.hella.com/legalnotice Data protection notice: https://www.hella.com/hella-com/en/Data-protection-65.html

Porsche AG

porsche.click

“In the beginning I looked around and could not find quite the car I dreamed of. So I decided to build it myself.“ This quote by Ferry Porsche sums up everything that makes Porsche what it is. It has been our guiding star for more than 75 years. Every day, we search for the best solution with commitment, passion and enthusiasm. We courageously tread new and untested paths. Our entrepreneurial pioneering spirit makes unique solutions possible. We love challenges, act quickly and always act respectfully and fairly towards people and the environment. Driven by dreams: At Porsche we believe in the power of dreams. As different as they may be, they have one thing in common: they are what drive us. If you too want to dream and change the world, then you have come to the right place. We invite you to dream with us and together make the world more innovative, more sustainable and more colourful. What could that be like? On our website www.porsche.com/careers you can gain an insight into the Porsche working environment and experience first-hand what makes working at Porsche so fascinating. Make your own dream come true. And the dreams of millions of others. This is where you will find all our job offers based on your preferences. Take your chance and apply online: jobs.porsche.com News, background stories and more about Porsche: www.newsroom.porsche.com Legal notice: http://www.porsche.com/germany/legal-notice/ Social privacy: https://www.porsche.com/germany/social-privacy/

Nissan Motor Corporation

nissan-global.com

Nissan Motor Corporation is a global car manufacturer that sells a full line of vehicles under the Nissan and INFINITI brands. Nissan’s global headquarters in Yokohama, Japan, manages operations in four regions: Japan-ASEAN, China, Americas, and AMIEO (Africa, Middle East, India, Europe & Oceania). For more information about our products, services and commitment to sustainable mobility, visit nissan-global.com. You can also follow us on Facebook, Instagram, Twitter and LinkedIn and see all our latest videos on YouTube.

Loading…

NEWS

Porsche Automotive Investment GmbH, China Branches CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-7654

SUMMARY

The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of `unserialize()` without an `allowed_classes` restriction in the `IdsToCollection::get_ids_from_string()` function, which processes attacker-controlled post meta values without proper validation. This makes it possible for authenticated attackers with Contributor-level access and above to inject a serialized PHP object into a post's custom meta field and trigger arbitrary code execution by exploiting a bundled POP gadget chain, resulting in remote code execution as the web server user.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-7523

SUMMARY

The Alba Board plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.1.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to access arbitrary private alba_card post data, including title, description, assignee, due date, tags, and comments, that is intended to be restricted to Administrators and Editors. The handler is registered via the wp_ajax_nopriv_ hook and its nonce is exposed to all site visitors through wp_localize_script on pages containing the [alba_board] shortcode, making this exploitable by unauthenticated users who can access any such page.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: 4.3)

cvss3

Base Score: 4.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Impact Score

1.4

Exploitability

2.8

REFERENCES

CVE-2026-45409

SUMMARY

Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as `"\u0660" * N` or `"\u30fb" * N + "\u6f22"` utilize the `valid_contexto` function prior to length rejection, and for high values of `N` will take a long time to process. This is the same issue as CVE-2024-3651, however the original remediation in 2024 was not a complete fix. A specially crafted argument to the `idna.encode()` function could consume significant resources. This may lead to a denial-of-service. Starting in version 3.14, the function rejects long inputs as soon as practicable prior to any further processing to minimize resource consumption. In version 3.15, this approach was extended to lesser used alternate functions (i.e. per-label conversions and codec support). A workaround is available. Domain names cannot exceed 253 characters in length. If this length limit is enforced prior to passing the domain to the `idna.encode()` function, it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 6.9

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://github.com/kjd/idna/security/advisories/GHSA-65pc-fj4g-8rjx

CVE-2026-11431

SUMMARY

A path traversal vulnerability exists in the Projects Service download endpoint shared by Altium Enterprise Server and Altium 365. An authenticated user can supply a crafted path parameter that bypasses validation, allowing arbitrary files (including entire directories returned as archives) to be read from the server filesystem. Because the readable files include service configuration and credential material, exploitation can be used to gather information enabling further compromise. The issue can be combined with CVE-2026-11424 to reach the cloud-side endpoint. On multi-tenant Altium 365 deployments, the readable configuration could have exposed credentials shared across services. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 8.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://www.altium.com/platform/security-compliance/security-advisories

CVE-2026-11429

SUMMARY

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to move arbitrary files outside the intended repository area. This file-move primitive can be used to place attacker-controlled script content into directories where it is later executed by the service, resulting in remote code execution under the Git Service account. On multi-tenant Altium 365 deployments, this could have allowed access to data belonging to other tenants on the same infrastructure node. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 9.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://www.altium.com/platform/security-compliance/security-advisories

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…