What is the official website of Salesforce Experience Cloud ?

The official website of Salesforce Experience Cloud is https://www.salesforce.com/products/experience-cloud/overview/.

What is Salesforce Experience Cloud's cybersecurity risk score?

Salesforce Experience Cloud has an AI-generated cybersecurity risk score of 636 out of 1000, indicating a Poor security posture according to Rankiteo's assessment.

How many security incidents has Salesforce Experience Cloud experienced?

According to Rankiteo, Salesforce Experience Cloud currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Salesforce Experience Cloud been affected by any supply chain cyber incidents ?

According to Rankiteo, Salesforce Experience Cloud has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: Salesforce (Incident ID: CARADTSALCUS1778027258) Okta (Incident ID: ADT1777286874) Salesforce (Incident ID: PANADTSAL1777328877) Salesforce (Incident ID: ADT1777062235) Anodot by Glassbox (Incident ID: CARHOLPRI1776630318) Salesforce (Incident ID: KEM1776831908) Salesforce (Incident ID: MCGSAL1776191039) Salesforce (Incident ID: WYN7-E1779114946) Salesforce (Incident ID: WEASAL1778732635) Aqua Security (Incident ID: AQUUSEAMASALCIS1775046662) Mixpanel (Incident ID: ZEN1774628650) Salesforce (Incident ID: INFSAL1774362301) Salesforce (Incident ID: BER1776292480) Amazon Web Services (AWS) (Incident ID: SALAMAMICPINRED1774269319) okta (Incident ID: NOROKTSAL1773854168) Salesforce (Incident ID: SAL1773146972) Salesforce Experience Cloud (Incident ID: SALLASAMDSNOSONOKT1773153462) Salesforce (Incident ID: SALHAL1775967850) Salesforce (Incident ID: TIFLVMCHR1770865579) Salesforce (Incident ID: EURODI1770907059) okta (Incident ID: OKTSALGOO1769222214) Agentforce Marketing (Incident ID: SALFOR1778063116) Salesforce (Incident ID: PLADRA1774449041) Drift, a Salesloft company (Incident ID: SAL4794547112625) Salesforce (Incident ID: SAL5592855100325) Salesforce (Incident ID: SAL2862828092525) Cisco (Incident ID: SAL5732257091825) Salesloft (Incident ID: DRI514090325) Salesforce Experience Cloud (Incident ID: ENTSAL1773088371) Salesforce (Incident ID: DRI635082925) Salesforce (Incident ID: SALFAR1767922939) Salesforce (Incident ID: WOR1768679649) moveIT Software (Incident ID: ORA4202442101025) Salesforce (Incident ID: SAL0562205100825) Salesforce (Incident ID: SALODI1772484824) Salesforce (Incident ID: GRU1768529823) Salesforce (Incident ID: GRU1769118538) Salesforce (Incident ID: LOUPARVOLTIFJAP1770908674) Salesforce (Incident ID: THEINGSALJAGORASYNDAV1769095448) Salesforce (Incident ID: QILCYBSALHALPLA1768955694)

Does Salesforce Experience Cloud have SOC 2 Type 1 certification ?

According to Rankiteo, Salesforce Experience Cloud is not certified under SOC 2 Type 1.

Does Salesforce Experience Cloud have SOC 2 Type 2 certification ?

According to Rankiteo, Salesforce Experience Cloud does not hold a SOC 2 Type 2 certification.

Does Salesforce Experience Cloud comply with GDPR ?

According to Rankiteo, Salesforce Experience Cloud is not listed as GDPR compliant.

Does Salesforce Experience Cloud have PCI DSS certification ?

According to Rankiteo, Salesforce Experience Cloud does not currently maintain PCI DSS compliance.

Does Salesforce Experience Cloud comply with HIPAA ?

According to Rankiteo, Salesforce Experience Cloud is not compliant with HIPAA regulations.

Does Salesforce Experience Cloud have ISO 27001 certification ?

According to Rankiteo,Salesforce Experience Cloud is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Salesforce Experience Cloud operate in ?

Salesforce Experience Cloud operates primarily in the Software Development industry.

How many employees does Salesforce Experience Cloud have ?

Salesforce Experience Cloud employs approximately None employees people worldwide.

Does Salesforce Experience Cloud own any subsidiaries ?

Salesforce Experience Cloud presently has no subsidiaries across any sectors.

How many LinkedIn followers does Salesforce Experience Cloud have ?

Salesforce Experience Cloud's official LinkedIn profile has approximately 3,848 followers.

What is the NAICS classification code for Salesforce Experience Cloud ?

Salesforce Experience Cloud is classified under the NAICS code 5112, which corresponds to Software Publishers.

Does Salesforce Experience Cloud have a Crunchbase profile ?

No, Salesforce Experience Cloud does not have a profile on Crunchbase.

Does Salesforce Experience Cloud have a LinkedIn profile ?

Yes, Salesforce Experience Cloud maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/salesforce-experience-cloud.

How many cybersecurity incidents has Salesforce Experience Cloud experienced ?

As of June 15, 2026, Rankiteo reports that Salesforce Experience Cloud has experienced 55 cybersecurity incidents.

How many peer or competitor companies does Salesforce Experience Cloud have ?

Salesforce Experience Cloud has an estimated 30,073 peer or competitor companies worldwide.

What types of cybersecurity incidents has Salesforce Experience Cloud faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Ransomware, Breach, Vulnerability and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

SEC

Boost Score +25 with badge (5 left)

636

/1000

Poor

661

/1000

Weak

Salesforce Experience Cloud Vendor Cyber Rating & Cyber Score

salesforce.com

Add Your Compliance Badge

Interact with your customers across channels with Experience Cloud. Create customer-first digital experiences. Build stronger relationships with a single source of truth. Evolve on a fast, flexible, trusted platform. Maximize your return on experience.

SEC A.I CyberSecurity Scoring

Scoring History

SEC

Salesforce Experience Cloud CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Salesforce

Cyber Attack

5/2026

Salesforce

CARADTSALCUS177...

Salesforce

Cyber Attack

4/2026

GOOSAL177791964...

Salesforce

Cyber Attack

4/2026

SAL1777395283

Salesforce

Cyber Attack

100

4/2026

Okta

ADT1777286874

Salesforce

Breach

4/2026

Salesforce

PANADTSAL177732...

Salesforce

Breach

4/2026

Salesforce

ADT1777062235

Salesforce

Breach

4/2026

Anodot by Glass...

CARHOLPRI177663...

Salesforce

Breach

4/2026

Salesforce

KEM1776831908

Salesforce

Vulnerability

4/2026

SAL1776299258

Salesforce

Breach

4/2026

Salesforce

MCGSAL177619103...

Salesforce

Vulnerability

4/2026

SAL1776084470

Salesforce

Breach

4/2026

Salesforce

WYN7-E177911494...

Salesforce

Vulnerability

4/2026

Salesforce

WEASAL177873263...

Salesforce

Vulnerability

100

4/2026

Aqua Security

AQUUSEAMASALCIS...

Salesforce

Ransomware

100

3/2026

Mixpanel

ZEN1774628650

Salesforce

Breach

3/2026

Salesforce

INFSAL177436230...

Salesforce

Breach

100

3/2026

Salesforce

BER1776292480

Salesforce

Vulnerability

100

3/2026

Amazon Web Serv...

SALAMAMICPINRED...

Salesforce

Breach

100

3/2026

okta

NOROKTSAL177385...

Salesforce

Breach

3/2026

Salesforce

SAL1773146972

Salesforce Experien...

Breach

3/2026

Salesforce Expe...

SALLASAMDSNOSON...

Salesforce

Breach

3/2026

Salesforce

SALHAL177596785...

Salesforce

Breach

2/2026

TOYOPTSAL177195...

Salesforce

Breach

2/2026

Salesforce

TIFLVMCHR177086...

Salesforce

Breach

2/2026

Salesforce

EURODI177090705...

Salesforce

Cyber Attack

1/2026

okta

OKTSALGOO176922...

Agentforce Marketin...

Vulnerability

1/2026

Agentforce Mark...

SALFOR177806311...

Salesforce

Cyber Attack

100

1/2026

SAL1768394538

Salesforce

Ransomware

100

1/2026

Salesforce

PLADRA177444904...

Salesforce

Breach

100

11/2025

Drift, a Salesl...

SAL479454711262...

Salesforce

Ransomware

100

10/2025

Salesforce

SAL559285510032...

Salesforce

Breach

100

9/2025

Salesforce

SAL286282809252...

Salesforce

Cyber Attack

100

9/2025

Cisco

SAL573225709182...

Salesforce

Cyber Attack

100

9/2025

Salesloft

DRI514090325

Salesforce Experien...

Breach

9/2025

Salesforce Expe...

ENTSAL177308837...

Salesforce

Breach

8/2025

Salesforce

DRI635082925

Salesforce

Vulnerability

100

8/2025

Salesforce

SALFAR176792293...

Salesforce

Breach

8/2025

Salesforce

WOR1768679649

Salesforce

Ransomware

100

7/2025

moveIT Software

ORA420244210102...

Salesforce Experien...

Cyber Attack

100

6/2025

SAL540255411062...

Salesforce

Cyber Attack

100

5/2025

Salesforce

SAL056220510082...

Salesforce

Vulnerability

5/2025

Salesforce

SALODI177248482...

Salesforce Experien...

Breach

3/2025

SAL313223110082...

Salesforce

Breach

2/2025

Salesforce

GRU1768529823

Salesforce

Breach

1/2025

Salesforce

GRU1769118538

Salesforce

Breach

1/2025

Salesforce

LOUPARVOLTIFJAP...

Salesforce

Ransomware

100

1/2025

Salesforce

THEINGSALJAGORA...

Salesforce Experien...

Cyber Attack

100

8/2024

SAL210212110042...

Salesforce

Cyber Attack

100

8/2024

SALARU177197435...

Salesforce Experien...

Cyber Attack

100

6/2024

SAL096210910082...

Salesforce

Ransomware

100

6/2024

Salesforce

QILCYBSALHALPLA...

Salesforce Experien...

Cyber Attack

100

5/2024

SAL500215010092...

Salesforce Experien...

Ransomware

100

10/2023

SAL560205610112...

Salesforce Experien...

Ransomware

100

6/2023

SAL423224210102...

Salesforce Experien...

Cyber Attack

05/2019

SAL215719323

Loading…

A.I.

SEC Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for SEC

Incidents vs Software Development Industry Avg (This Year)

Salesforce Experience Cloud has 5.66% fewer incidents than the average of same-industry companies with at least one recorded incident.

Incidents vs All-Companies Average (This Year)

Salesforce Experience Cloud has 6.54% fewer incidents than the average of all companies with at least one recorded incident.

Incident Types SEC vs Software Development Industry Avg (This Year)

Salesforce Experience Cloud reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.

Incident History - SEC (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Salesforce Experience Cloud Subsidiaries

SEC

Software Development

Website: https://www.salesforce.com/products/experience-cloud/overview/

Company Size: 10,001+ employees

Salesforce AdminsSoftware Development

Agentforce MarketingSoftware Development

TrailheadIT Services and IT Consulting

SalesforceSoftware Development

Salesforce Revenue CloudSoftware Development

Loading…

Salesforce Experience Cloud Similar Companies

Airbnb

airbnb.com

Airbnb was born in 2007 when two hosts welcomed three guests to their San Francisco home, and has since grown to over 5 million hosts who have welcomed over 2 billion guest arrivals in almost every country across the globe. Every day, hosts offer unique stays, experiences and services that make it possible for guests to connect with communities in a more authentic way.

Amdocs

cb amdocs.com

Who are we? Amdocs helps those who build the future to make it amazing. With our market-leading portfolio of software products and services, we unlock our customers’ innovative potential, empowering them to provide next-generation communication and media experiences for both the individual end user and enterprise customers. Our employees around the globe are here to accelerate service providers’ migration to the cloud, enable them to differentiate in the 5G era, and digitalize and automate their operations. Listed on the NASDAQ Global Select Market, Amdocs had revenue of $5.00 billion in fiscal 2024. For more information, visit http://www.amdocs.com/ At Amdocs, our mission is to empower our employees to 'Live Amazing, Do Amazing' every day. We believe in creating a workplace where you not only excel professionally but also thrive personally. Through our culture of making a real impact, fostering growth, embracing flexibility, and building connections, we enable them to live meaningful lives while making a difference in the world.

PedidosYa

pedidosya.com

We’re the delivery market leader in Latin America. Our platform connects over 77.000 restaurants, supermarkets, pharmacies and stores with millions of users. Nowadays we operate in more than 500 cities in Latinamerica. And we are now over 3.400 employees. PedidosYa is available for iOS, Android and Windows Phone operating systems and downloads are now over 20 million.

Sage

sage.com

At Sage, we knock down barriers with information, insights, and tools to help your business flow. We provide businesses with software and services that are simple and easy to use, as we work with you to give you that feeling of confidence. Customers trust our Payroll, HR, and Finance software to make business flow with ease. From our local network of experts to our ever-growing partnerships, we are on hand to give you all the insights you need to thrive. 💚

GlobalLogic

globallogic.com

GlobalLogic, a Hitachi Group company, is a trusted partner in design, data, and digital engineering for the world’s largest and most innovative companies. Since our inception in 2000, we have been at the forefront of the digital revolution, helping to create some of the most widely used digital products and experiences. Our purpose is to positively impact society and the planet through cutting-edge technology. Together with our clients, we are engineering impact through intelligent products, platforms, and services that are designed for desirability, engineered for excellence, and curated for intelligence. Our people-first culture fosters shoulder-to-shoulder teamwork, supported by a unique lab model and flexible delivery options, including onshore, nearshore, and offshore solutions. We also prioritize environmental stewardship in our product development and are committed to leveraging the diversity of thoughts as a driver for business innovation, attracting and developing talent, and sustainable growth. We are proud of our global recognitions: Leader in the ISG Provider Lens™ Digital Engineering Services 2024 U.S. report Everest Group's Software Product Engineering Services Peak Matrix 2024 Star Performer in Major Contender in Everest Group’s Trust & Safety Peak Matrix 2024 2024 EcoVadis Silver Sustainability Rating Join us as we continue to shape the future of digital engineering and create lasting impacts for businesses and communities worldwide: globallogic.com

Cox Automotive Inc.

coxautoinc.com

Cox Automotive is the world’s largest automotive services and technology provider. Fueled by the largest breadth of first-party data fed by 2.3 billion online interactions a year, Cox Automotive tailors leading solutions for car shoppers, auto manufacturers, dealers, lenders and fleets. The company has 29,000+ employees on five continents and a portfolio of industry-leading brands that include Autotrader®, Kelley Blue Book®, Manheim®, vAuto®, Dealertrack®, NextGear Capital™, CentralDispatch® and FleetNet America®. Cox Automotive is a subsidiary of Cox Enterprises Inc., a privately-owned, Atlanta-based company with $22 billion in annual revenue.

IGT

IGT.com

IGT is a leading global provider of gaming, digital and financial technology solutions, formed through the combination of International Game Technology PLC’s Gaming & Digital Business and Everi Holdings Inc. IGT’s offering spans gaming machines, game content and systems, iGaming, sports betting, cash access, loyalty and player engagement solutions, enabling it to deliver integrated, customer-centric experiences across land-based and digital environments. Organized into Gaming, Digital and FinTech business units, IGT drives innovation, efficiency and value for casino, digital and hospitality operators worldwide. The company is headquartered in Las Vegas.

Workday

workday.com

Workday is a leading provider of enterprise cloud applications for finance and human resources, helping customers adapt and thrive in a changing world. Workday applications for financial management, human resources, planning, spend management, and analytics are built with artificial intelligence and machine learning at the core to help organizations around the world embrace the future of work. Workday is used by more than 10,000 organizations around the world and across industries – from medium-sized businesses to more than 50% of the Fortune 500.

Bosch USA

bosch.us

The Bosch Group’s strategic objective is to create solutions for a connected life. Bosch improves quality of life worldwide with innovative products and services that are "Invented for life" and spark enthusiasm. Podcast: http://bit.ly/beyondbosch Imprint: https://www.bosch.us/corporate-information/ Privacy statement: https://bit.ly/binaprv Terms of use: We strive to provide a friendly space for all social media users. Please note that comments on the BoschUSA page are not necessarily representative of the opinions of BoschUSA, nor do we confirm their accuracy. Therefore, at its discretion, BoschUSA reserves the right to remove any comment that is: - Indecent, obscene, pornographic, threatening, violent, discriminatory, political, religious, racist, abusive, derogatory, misleading, off-topic - Violating the rights of others (especially personal, copyright and performance protection rights) - Any contribution in the form of links, text and/or images that are advertisements of third parties - Actions that adversely affect the proper functioning of BoschUSA channels, as well as documents that contain harmful viruses or Like invites.

Loading…

NEWS

Salesforce Experience Cloud CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 09, 2026 06:30 PM

ShinyHunters claims yet another Salesforce customers breach

ShinyHunters told The Register that it has stolen data from about 100 high-profile companies in its latest Salesforce customer data heist,...

Read Article

February 14, 2026 08:00 AM

Top 20 Highest Paying IT Certification Programs in 2025

Are you looking for the best IT Certifications out there? Check out our list of top IT Certifications courses and programs to expand your...

Read Article

January 29, 2026 08:00 AM

Hottest cybersecurity open-source tools of the month: January 2026

This article features open-source cybersecurity tools that are gaining attention for strengthening security across various environments.

Read Article

January 15, 2026 08:00 AM

ThreatsDay Bulletin: AI Voice Cloning Exploit, Wi-Fi Kill Switch, PLC Vulns, and 14 More Stories

Weekly recap: AI voice cloning, $26M crypto hack, PLC and Wi-Fi flaws, RMM phishing, and ransomware trends.

Read Article

January 14, 2026 09:43 AM

AuraInspector: Open-Source Misconfiguration Detection for Salesforce Aura

Mandiant has released AuraInspector, an open-source command-line tool designed to help security teams identify and audit access control...

Read Article

January 14, 2026 08:00 AM

AuraAudit - Open-Source Tool for Salesforce Aura Framework Misconfiguration Analysis

Mandiant released AuraInspector, an open-source command-line tool that helps teams find and audit access control issues in Salesforce Aura.

Read Article

January 14, 2026 08:00 AM

AuraInspector: An Open-Source Tool for Auditing Salesforce Aura Misconfigurations

Mandiant has released AuraInspector, a new open-source command-line tool that helps security teams and administrators identify access...

Read Article

January 13, 2026 08:00 AM

AuraInspector: Open-source tool to audit Salesforce Aura access control misconfigurations

Google and Mandiant introduce AuraInspector, an open source tool for auditing Salesforce Aura endpoints and identifying data exposure risks.

Read Article

January 13, 2026 08:00 AM

Mandiant plugs Salesforce leaks with open source tool

Mandiant has released an open source tool to help Salesforce admins detect misconfigurations that could expose sensitive data.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12191

SUMMARY

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdrive/modeld/modeld.py of the component Pickle Module. The manipulation results in deserialization. The attack is only possible with local access. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 7.8)

cvss2

Base Score: 6.8

Complexity: LOW

AV:L/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.1

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-12190

SUMMARY

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 5.3)

cvss2

Base Score: 4.3

Complexity: LOW

AV:L/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 4.8

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.8

REFERENCES

CVE-2026-12189

SUMMARY

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzmate. Executing a manipulation can lead to improper authorization in handler for custom url scheme. The attack can only be executed locally. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 5.3)

cvss2

Base Score: 4.3

Complexity: LOW

AV:L/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 1.9

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.8

REFERENCES

CVE-2026-12188

SUMMARY

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules/core/backend/app/controllers/concerns/grit/core/grit_entity_controller.rb of the component GritEntityController. Performing a manipulation results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 6.3)

cvss2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 6.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

2.8

REFERENCES

CVE-2026-12187

SUMMARY

A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 4.7 addresses this issue. Upgrading the affected component is advised. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…