What is the official website of Salesforce.org ?

The official website of Salesforce.org is http://www.salesforce.org.

What is Salesforce.org's cybersecurity risk score?

Salesforce.org has an AI-generated cybersecurity risk score of 750 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Salesforce.org experienced?

According to Rankiteo, Salesforce.org currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Salesforce.org been affected by any supply chain cyber incidents ?

According to Rankiteo, Salesforce.org has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: Salesforce (Incident ID: CARADTSALCUS1778027258) Okta (Incident ID: ADT1777286874) Salesforce (Incident ID: PANADTSAL1777328877) Salesforce (Incident ID: ADT1777062235) Anodot by Glassbox (Incident ID: CARHOLPRI1776630318) Salesforce (Incident ID: KEM1776831908) Salesforce (Incident ID: MCGSAL1776191039) Salesforce (Incident ID: WYN7-E1779114946) Salesforce (Incident ID: WEASAL1778732635) Aqua Security (Incident ID: AQUUSEAMASALCIS1775046662) Mixpanel (Incident ID: ZEN1774628650) Salesforce (Incident ID: INFSAL1774362301) Amazon Web Services (AWS) (Incident ID: SALAMAMICPINRED1774269319) okta (Incident ID: NOROKTSAL1773854168) Salesforce (Incident ID: SAL1773146972) Salesforce Experience Cloud (Incident ID: SALLASAMDSNOSONOKT1773153462) Salesforce (Incident ID: SALHAL1775967850) Salesforce (Incident ID: TIFLVMCHR1770865579) Salesforce (Incident ID: EURODI1770907059) okta (Incident ID: OKTSALGOO1769222214) Agentforce Marketing (Incident ID: SALFOR1778063116) Salesforce (Incident ID: PLADRA1774449041) Drift, a Salesloft company (Incident ID: SAL4794547112625) Salesforce (Incident ID: SAL5592855100325) Salesforce (Incident ID: SAL2862828092525) Cisco (Incident ID: SAL5732257091825) Salesloft (Incident ID: DRI514090325) Salesforce Experience Cloud (Incident ID: ENTSAL1773088371) Salesforce (Incident ID: DRI635082925) Salesforce (Incident ID: SALFAR1767922939) Salesforce (Incident ID: WOR1768679649) moveIT Software (Incident ID: ORA4202442101025) Salesforce (Incident ID: SAL0562205100825) Salesforce (Incident ID: SALODI1772484824) Salesforce (Incident ID: GRU1768529823) Salesforce (Incident ID: GRU1769118538) Salesforce (Incident ID: LOUPARVOLTIFJAP1770908674) Salesforce (Incident ID: THEINGSALJAGORASYNDAV1769095448) Salesforce (Incident ID: QILCYBSALHALPLA1768955694)

Does Salesforce.org have SOC 2 Type 1 certification ?

According to Rankiteo, Salesforce.org is not certified under SOC 2 Type 1.

Does Salesforce.org have SOC 2 Type 2 certification ?

According to Rankiteo, Salesforce.org does not hold a SOC 2 Type 2 certification.

Does Salesforce.org comply with GDPR ?

According to Rankiteo, Salesforce.org is not listed as GDPR compliant.

Does Salesforce.org have PCI DSS certification ?

According to Rankiteo, Salesforce.org does not currently maintain PCI DSS compliance.

Does Salesforce.org comply with HIPAA ?

According to Rankiteo, Salesforce.org is not compliant with HIPAA regulations.

Does Salesforce.org have ISO 27001 certification ?

According to Rankiteo,Salesforce.org is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Salesforce.org operate in ?

Salesforce.org operates primarily in the Software Development industry.

How many employees does Salesforce.org have ?

Salesforce.org employs approximately 7 people worldwide.

Does Salesforce.org own any subsidiaries ?

Salesforce.org presently has no subsidiaries across any sectors.

How many LinkedIn followers does Salesforce.org have ?

Salesforce.org's official LinkedIn profile has approximately 151,139 followers.

What is the NAICS classification code for Salesforce.org ?

Salesforce.org is classified under the NAICS code 5112, which corresponds to Software Publishers.

Does Salesforce.org have a Crunchbase profile ?

No, Salesforce.org does not have a profile on Crunchbase.

Does Salesforce.org have a LinkedIn profile ?

Yes, Salesforce.org maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/salesforce-org.

How many cybersecurity incidents has Salesforce.org experienced ?

As of June 10, 2026, Rankiteo reports that Salesforce.org has experienced 54 cybersecurity incidents.

How many peer or competitor companies does Salesforce.org have ?

Salesforce.org has an estimated 30,045 peer or competitor companies worldwide.

What types of cybersecurity incidents has Salesforce.org faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Ransomware, Breach, Vulnerability and Cyber Attack.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Salesforce.org

Boost Score +25 with badge (5 left)

750

/1000

Fair

775

/1000

Fair

Salesforce.org Vendor Cyber Rating & Cyber Score

salesforce.org

Add Your Compliance Badge

Salesforce.org A.I CyberSecurity Scoring

Scoring History

Salesforce.org

Salesforce.org CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Salesforce

Cyber Attack

5/2026

Salesforce

CARADTSALCUS177...

Salesforce

Cyber Attack

4/2026

GOOSAL177791964...

Salesforce

Cyber Attack

4/2026

SAL1777395283

Salesforce

Cyber Attack

100

4/2026

Okta

ADT1777286874

Salesforce

Breach

4/2026

Salesforce

PANADTSAL177732...

Salesforce

Breach

4/2026

Salesforce

ADT1777062235

Salesforce

Breach

4/2026

Anodot by Glass...

CARHOLPRI177663...

Salesforce

Breach

4/2026

Salesforce

KEM1776831908

Salesforce

Vulnerability

4/2026

SAL1776299258

Salesforce

Breach

4/2026

Salesforce

MCGSAL177619103...

Salesforce

Vulnerability

4/2026

SAL1776084470

Salesforce

Breach

4/2026

Salesforce

WYN7-E177911494...

Salesforce

Vulnerability

4/2026

Salesforce

WEASAL177873263...

Salesforce

Vulnerability

100

4/2026

Aqua Security

AQUUSEAMASALCIS...

Salesforce

Ransomware

100

3/2026

Mixpanel

ZEN1774628650

Salesforce

Breach

3/2026

Salesforce

INFSAL177436230...

Salesforce

Vulnerability

100

3/2026

Amazon Web Serv...

SALAMAMICPINRED...

Salesforce

Breach

100

3/2026

okta

NOROKTSAL177385...

Salesforce

Breach

3/2026

Salesforce

SAL1773146972

Salesforce Experien...

Breach

3/2026

Salesforce Expe...

SALLASAMDSNOSON...

Salesforce

Breach

3/2026

Salesforce

SALHAL177596785...

Salesforce

Breach

2/2026

TOYOPTSAL177195...

Salesforce

Breach

2/2026

Salesforce

TIFLVMCHR177086...

Salesforce

Breach

2/2026

Salesforce

EURODI177090705...

Salesforce

Cyber Attack

1/2026

okta

OKTSALGOO176922...

Agentforce Marketin...

Vulnerability

1/2026

Agentforce Mark...

SALFOR177806311...

Salesforce

Cyber Attack

100

1/2026

SAL1768394538

Salesforce

Ransomware

100

1/2026

Salesforce

PLADRA177444904...

Salesforce

Breach

100

11/2025

Drift, a Salesl...

SAL479454711262...

Salesforce

Ransomware

100

10/2025

Salesforce

SAL559285510032...

Salesforce

Breach

100

9/2025

Salesforce

SAL286282809252...

Salesforce

Cyber Attack

100

9/2025

Cisco

SAL573225709182...

Salesforce

Cyber Attack

100

9/2025

Salesloft

DRI514090325

Salesforce Experien...

Breach

9/2025

Salesforce Expe...

ENTSAL177308837...

Salesforce

Breach

8/2025

Salesforce

DRI635082925

Salesforce

Vulnerability

100

8/2025

Salesforce

SALFAR176792293...

Salesforce

Breach

8/2025

Salesforce

WOR1768679649

Salesforce

Ransomware

100

7/2025

moveIT Software

ORA420244210102...

Salesforce.org

Cyber Attack

100

6/2025

SAL540255411062...

Salesforce

Cyber Attack

100

5/2025

Salesforce

SAL056220510082...

Salesforce

Vulnerability

5/2025

Salesforce

SALODI177248482...

Salesforce.org

Breach

3/2025

SAL313223110082...

Salesforce

Breach

2/2025

Salesforce

GRU1768529823

Salesforce

Breach

1/2025

Salesforce

GRU1769118538

Salesforce

Breach

1/2025

Salesforce

LOUPARVOLTIFJAP...

Salesforce

Ransomware

100

1/2025

Salesforce

THEINGSALJAGORA...

Salesforce.org

Cyber Attack

100

8/2024

SAL210212110042...

Salesforce

Cyber Attack

100

8/2024

SALARU177197435...

Salesforce.org

Cyber Attack

100

6/2024

SAL096210910082...

Salesforce

Ransomware

100

6/2024

Salesforce

QILCYBSALHALPLA...

Salesforce.org

Cyber Attack

100

5/2024

SAL500215010092...

Salesforce.org

Ransomware

100

10/2023

SAL560205610112...

Salesforce.org

Ransomware

100

6/2023

SAL423224210102...

Salesforce.org

Cyber Attack

05/2019

SAL215719323

Loading…

A.I.

Salesforce.org Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Salesforce.org

Incidents vs Software Development Industry Avg (This Year)

No incidents recorded for Salesforce.org in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Salesforce.org in 2026.

Incident Types Salesforce.org vs Software Development Industry Avg (This Year)

No incidents recorded for Salesforce.org in 2026.

Incident History - Salesforce.org (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Salesforce.org Subsidiaries

Salesforce.org

Software Development

Website: http://www.salesforce.org

Company Size: 201-500 employees

SalesforceSoftware Development

TrailheadIT Services and IT Consulting

Salesforce AdminsSoftware Development

Agentforce MarketingSoftware Development

Salesforce News & InsightsTechnology, Information and Internet

Loading…

Salesforce.org Similar Companies

ByteDance

bytedance.com

ByteDance is a global incubator of platforms at the cutting edge of commerce, content, entertainment and enterprise services - over 2.5bn people interact with ByteDance products including TikTok. Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This is doubly true of the teams that make our innovations possible. Together, we inspire creativity and enrich life - a mission we aim towards achieving every day. At ByteDance, we create together and grow together. That's how we drive impact - for ourselves, our company, and the users we serve. We are committed to building a safe, healthy and positive online environment for all our users. We have over 110,000 employees based in more than 30 countries globally. Join us.

Infor

infor.com

Infor is a global leader in business cloud software products for companies in industry specific markets. Infor builds complete industry suites in the cloud and efficiently deploys technology that puts the user experience first, leverages data science, and integrates easily into existing systems. Over 60,000 organizations worldwide rely on Infor to help overcome market disruptions and achieve business-wide digital transformation. Here are some key insights: • 60,000+ customers • 100+ offices • 1,700+ support experts • 2,000+ partners • 17,000+ employees • 175+ countries where customers are located • 15,000+ cloud customers • 40+ countries with Infor offices

Daraz

cb daraz.com

Founded in 2015, Daraz is the leading e-commerce platform in South Asia with operations in Pakistan, Bangladesh, Sri Lanka, Nepal, and Myanmar. It provides sellers and consumers with cutting-edge marketplace technology, targeting a rapidly growing region of over 500 million people. By building an integrated infrastructure covering e-commerce, logistics, payment and financial services, the company aims to deliver an immersive, personalized shopping experience and uplift South Asian communities through the power of commerce. Daraz has consistently invested in building an e-commerce ecosystem in South Asia through advancements in technology, logistics and digital payments. As digital penetration and consumer awareness have surged, the region is now ready for a transformative leap. Leveraging new-age advancements such as AI, Daraz is poised to further enhance the platform’s efficiency to enable a seamless experience for its consumers and sellers. Visit https://www.daraz.com/ to learn more.

Expedia Group

expediagroup.com

At Expedia Group (NASDAQ: EXPE), we believe travel is a force for good – it opens minds, builds connections, and bridges divides. We create transformative tech that enables unforgettable experiences for all travelers, everywhere. Our trusted family of brands are known and loved by millions, and we power more trips than anyone else. To learn more about our vision of a more open world through travel, visit www.expediagroup.com. We’re committed to providing an inclusive and accessible recruiting experience for candidates with disabilities, or other physical or mental health conditions. If you require an accommodation or adjustment for any part of the application or recruitment process, please let us know by completing our Accommodation Request Form or contacting your recruiter. Employment opportunities and job offers at Expedia Group will always come from Expedia Group’s Talent Acquisition and hiring teams. Never provide sensitive, personal information to someone unless you’re confident about who they are. We do not send job offers via email, or any other messaging tools, to individuals we have not had prior contact with. Our email domain is @expediagroup.com. Our official careers website, where you can to find and apply for job openings, is careers.expediagroup.com/jobs. If you require customer service support to cancel, change or ask about a refund for your trip, you can connect with our 24/7 Virtual Agent through the following links: Expedia: https://www.expedia.com/helpcenter Hotels.com: https://service.hotels.com/en-us/ Vrbo: https://help.vrbo.com/ For additional assistance, direct message us on Twitter @ExpediaHelp with your itinerary number and email address: https://twitter.com/ExpediaHelp

Baidu, Inc.

cb baidu.com

Baidu is a leading AI company with strong Internet foundation, driven by our mission to “make the complicated world simpler through technology”. Founded in 2000 as a search engine platform, we were an early adopter of artificial intelligence in 2010. Since then, we have established a full AI stack, from deep learning frameworks to models and applications, with industry-leading self-developed technology at every level. Over the past two decades, we have built a diversified portfolio of products and services, spanning an ecosystem of hundreds of millions of users, millions of developers, and hundreds of thousands of enterprises. We have now integrated our leading AI capabilities into our offerings, driving innovative use cases. Join us to shape the future of AI and technology. For media inquiries, contact us at [email protected]. For career opportunities, visit https://talent.baidu.com/static/index.html

Cox Automotive Inc.

coxautoinc.com

Cox Automotive is the world’s largest automotive services and technology provider. Fueled by the largest breadth of first-party data fed by 2.3 billion online interactions a year, Cox Automotive tailors leading solutions for car shoppers, auto manufacturers, dealers, lenders and fleets. The company has 29,000+ employees on five continents and a portfolio of industry-leading brands that include Autotrader®, Kelley Blue Book®, Manheim®, vAuto®, Dealertrack®, NextGear Capital™, CentralDispatch® and FleetNet America®. Cox Automotive is a subsidiary of Cox Enterprises Inc., a privately-owned, Atlanta-based company with $22 billion in annual revenue.

KPIT

kpit.com

About KPIT KPIT is reimagining the future of mobility, forging ahead with group companies and partners to shape a world that is cleaner, smarter, and safer. With over 25 years of specialized expertise in Mobility, KPIT is accelerating the transformation towards Software and AI-Defined Vehicles through its advanced solutions, platforms, and products—propelled by mobility-infused AI frameworks, software craftsmanship, and systems integration mastery. Vision in Motion Fueled by 2000+ vehicle production programs and powering 20+ million vehicles on the road with KPIT software, our experience in unmatched. At the same time, we push boundaries, developing solutions that enable Mobility OEMs to innovate at speed and scale. For more details, visit www.kpit.com

Cisco

cisco.com

Cisco is the worldwide technology leader that is revolutionizing the way organizations connect and protect in the AI era. For more than 40 years, Cisco has securely connected the world. With its industry leading AI-powered solutions and services, Cisco enables its customers, partners and communities to unlock innovation, enhance productivity and strengthen digital resilience. With purpose at its core, Cisco remains committed to creating a more connected and inclusive future for all.

Synopsys Inc

cb synopsys.com

Synopsys is the leader in engineering solutions from silicon to systems, enabling customers to rapidly innovate AI-powered products. We deliver industry-leading silicon design, IP, simulation and analysis solutions, and design services. We partner closely with our customers across a wide range of industries to maximize their R&D capability and productivity, powering innovation today that ignites the ingenuity of tomorrow.

Loading…

NEWS

Salesforce.org CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 10, 2026 10:15 PM

Cybercriminals Exploit Guest Access Flaws in Salesforce, ShinyHunters Claim Responsibility

A fresh cybersecurity threat has arrived involving Salesforce. The hacker group ShinyHunters has claimed to have run a campaign targeting...

Read Article

March 10, 2026 02:08 PM

Salesforce Experience Cloud misconfigurations exploited by ShinyHunters

Salesforce is alerting customers to a security issue affecting misconfigured Experience Cloud platforms, where hackers are exploiting guest...

Read Article

March 10, 2026 07:17 AM

Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool

Salesforce has warned of an increase in threat actor activity that's aimed at exploiting misconfigurations in publicly accessible Experience...

Read Article

March 10, 2026 04:13 AM

ShinyHunters Claims Ongoing Salesforce Aura Data Theft Attacks

ShinyHunters claims 300-400 companies hit in ongoing Salesforce Aura data theft via guest user flaws. Salesforce security fixes and attack details revealed.

Read Article

March 09, 2026 06:30 PM

ShinyHunters claims more high-profile victims in latest Salesforce customers data heist

ShinyHunters told The Register that it has stolen data from about 100 high-profile companies in its latest Salesforce customer data heist,...

Read Article

March 09, 2026 05:12 PM

ShinyHunters claims ongoing Salesforce Aura data theft attacks

Salesforce is warning customers that hackers are targeting websites with misconfigured Experience Cloud platforms that give guest users...

Read Article

January 13, 2026 08:00 AM

AuraInspector: Open-source tool to audit Salesforce Aura access control misconfigurations

Google and Mandiant introduce AuraInspector, an open source tool for auditing Salesforce Aura endpoints and identifying data exposure risks.

Read Article

December 01, 2025 08:00 AM

Third-Party Breach Hits Salesforce via Gainsight App Integrations, Impacting Over 200 Organizations

Salesforce has confirmed another third-party breach affecting Gainsight applications integrated with customer instances, enabling attackers...

Read Article

November 30, 2025 08:00 AM

Week in review: Fake “Windows Update” fuels malware, Salesforce details Gainsight breach

Here's an overview of some of last week's most interesting news, articles, interviews and videos: Quantum encryption is pushing satellite...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-9754

SUMMARY

An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command

Published

Date2026-06-09

Updated

Date2026-06-09

RISK INFORMATION (Score: 6.5)

cvss3

Base Score: 6.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

cvss4

Base Score: 7.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.6

Exploitability

2.8

REFERENCES

https://jira.mongodb.org/browse/SERVER-122207

CVE-2026-9753

SUMMARY

The $_internalApplyOplogUpdate aggregation pipeline stage can be used to execute a document diff containing a malformed binary diff to return memory out-of-bounds or crash the server. $_internalApplyOplogUpdate can be executed by any authenticated user with access to the aggregate command.

Published

Date2026-06-09

Updated

Date2026-06-09

RISK INFORMATION (Score: 8.1)

cvss3

Base Score: 8.1

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

cvss4

Base Score: 7.2

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.2

Exploitability

2.8

REFERENCES

https://jira.mongodb.org/browse/SERVER-124959

CVE-2026-9752

SUMMARY

An authorized user could trigger a server crash by running a query with a 2dsphere index on a field that stores a GeoJSON GeometryCollection containing a Polygon with a strict-winding CRS. Strict-winding polygons are intentionally unsupported for indexing, but the guard that rejects them does not inspect members of a GeometryCollection, allowing the unsafe path to be reached which ends with an ensuing null-pointer dereference.

Published

Date2026-06-09

Updated

Date2026-06-09

RISK INFORMATION (Score: 6.5)

cvss3

Base Score: 6.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

cvss4

Base Score: 7.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.6

Exploitability

2.8

REFERENCES

https://jira.mongodb.org/browse/SERVER-123440

CVE-2026-9751

SUMMARY

The ldapQueryPassword parameter, when set through the runtime setParameter command, will log the new password to the mongod.log file in plain text.

Published

Date2026-06-09

Updated

Date2026-06-09

RISK INFORMATION (Score: 5.5)

cvss3

Base Score: 5.5

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

cvss4

Base Score: 6.8

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.6

Exploitability

1.8

REFERENCES

https://jira.mongodb.org/browse/SERVER-123370

CVE-2026-9750

SUMMARY

An authenticated user can cause a MongoDB server to crash or return incorrect results by creating documents that interfere with internal metadata processing during query execution. This stems from insufficient separation between user-controlled document fields and internal metadata in certain execution paths.

Published

Date2026-06-09

Updated

Date2026-06-09

RISK INFORMATION (Score: 6.5)

cvss3

Base Score: 6.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

cvss4

Base Score: 7.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.6

Exploitability

2.8

REFERENCES

https://jira.mongodb.org/browse/SERVER-123633

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…