What is the official website of Sapient Public Sector | Now Publicis Sapient ?

The official website of Sapient Public Sector | Now Publicis Sapient is https://www.linkedin.com/company/publicissapient.

What is Sapient Public Sector | Now Publicis Sapient's cybersecurity risk score?

Sapient Public Sector | Now Publicis Sapient has an AI-generated cybersecurity risk score of 751 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Sapient Public Sector | Now Publicis Sapient experienced?

According to Rankiteo, Sapient Public Sector | Now Publicis Sapient currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Sapient Public Sector | Now Publicis Sapient been affected by any supply chain cyber incidents ?

According to Rankiteo, Sapient Public Sector | Now Publicis Sapient has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Sapient Public Sector | Now Publicis Sapient have SOC 2 Type 1 certification ?

According to Rankiteo, Sapient Public Sector | Now Publicis Sapient is not certified under SOC 2 Type 1.

Does Sapient Public Sector | Now Publicis Sapient have SOC 2 Type 2 certification ?

According to Rankiteo, Sapient Public Sector | Now Publicis Sapient does not hold a SOC 2 Type 2 certification.

Does Sapient Public Sector | Now Publicis Sapient comply with GDPR ?

According to Rankiteo, Sapient Public Sector | Now Publicis Sapient is not listed as GDPR compliant.

Does Sapient Public Sector | Now Publicis Sapient have PCI DSS certification ?

According to Rankiteo, Sapient Public Sector | Now Publicis Sapient does not currently maintain PCI DSS compliance.

Does Sapient Public Sector | Now Publicis Sapient comply with HIPAA ?

According to Rankiteo, Sapient Public Sector | Now Publicis Sapient is not compliant with HIPAA regulations.

Does Sapient Public Sector | Now Publicis Sapient have ISO 27001 certification ?

According to Rankiteo,Sapient Public Sector | Now Publicis Sapient is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Sapient Public Sector | Now Publicis Sapient operate in ?

Sapient Public Sector | Now Publicis Sapient operates primarily in the Business Consulting and Services industry.

How many employees does Sapient Public Sector | Now Publicis Sapient have ?

Sapient Public Sector | Now Publicis Sapient employs approximately 129 people worldwide.

Does Sapient Public Sector | Now Publicis Sapient own any subsidiaries ?

Sapient Public Sector | Now Publicis Sapient presently has no subsidiaries across any sectors.

How many LinkedIn followers does Sapient Public Sector | Now Publicis Sapient have ?

Sapient Public Sector | Now Publicis Sapient's official LinkedIn profile has approximately 5,218 followers.

What is the NAICS classification code for Sapient Public Sector | Now Publicis Sapient ?

Sapient Public Sector | Now Publicis Sapient is classified under the NAICS code 5416, which corresponds to Management, Scientific, and Technical Consulting Services.

Does Sapient Public Sector | Now Publicis Sapient have a Crunchbase profile ?

No, Sapient Public Sector | Now Publicis Sapient does not have a profile on Crunchbase.

Does Sapient Public Sector | Now Publicis Sapient have a LinkedIn profile ?

Yes, Sapient Public Sector | Now Publicis Sapient maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/sapientgov.

How many cybersecurity incidents has Sapient Public Sector | Now Publicis Sapient experienced ?

As of June 16, 2026, Rankiteo reports that Sapient Public Sector | Now Publicis Sapient has experienced 2 cybersecurity incidents.

How many peer or competitor companies does Sapient Public Sector | Now Publicis Sapient have ?

Sapient Public Sector | Now Publicis Sapient has an estimated 19,445 peer or competitor companies worldwide.

What types of cybersecurity incidents has Sapient Public Sector | Now Publicis Sapient faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

SPSPS

Boost Score +25 with badge (5 left)

751

/1000

Fair

776

/1000

Fair

Sapient Public Sector | Now Publicis Sapient Vendor Cyber Rating & Cyber Score

linkedin.com

Add Your Compliance Badge

Hello, current, past, and prospective employees and clients! This page is no longer active as we go by a different name now. In case you haven’t heard, we merged our legendary brands into one global organization back in 2019. So without further ado, welcome to Publicis Sapient––a digital business transformation partner of choice. Join our global LinkedIn community by clicking the "learn more" button next to our tagline.

SPSPS A.I CyberSecurity Scoring

Scoring History

SPSPS

Sapient Public Sector | Now Publicis Sapient CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Sapient Public Sect...

Breach

100

6/2011

EPS153827123

Sapient Public Sect...

Breach

4/2011

EPS458072625

Loading…

A.I.

SPSPS Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for SPSPS

Incidents vs Business Consulting and Services Industry Avg (This Year)

No incidents recorded for Sapient Public Sector | Now Publicis Sapient in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Sapient Public Sector | Now Publicis Sapient in 2026.

Incident Types SPSPS vs Business Consulting and Services Industry Avg (This Year)

No incidents recorded for Sapient Public Sector | Now Publicis Sapient in 2026.

Incident History - SPSPS (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Sapient Public Sector | Now Publicis Sapient Subsidiaries

SPSPS

Business Consulting and Services

Website: https://www.linkedin.com/company/publicissapient

Company Size: 129

Publicis GroupeAdvertising Services

Leo BurnettAdvertising Services

Amazon Advertising CommunityAdvertising Services

The Mistaken Identity ProjectAdvertising Services

SapientRazorfish MENA | Now Publicis SapientBusiness Consulting and Services

HollerAdvertising Services

Rewilded RetreatsWellness and Fitness Services

Saatchi & SaatchiAdvertising Services

Saatchi & Saatchi (We Are Saatchi)Advertising Services

Team OneAdvertising Services

Saatchi & Saatchi IndiaAdvertising Services

F/Nazca Saatchi & SaatchiAdvertising Services

Saatchi & Saatchi XAdvertising Services

Saatchi & Saatchi SingaporeAdvertising Services

Saatchi & Saatchi SynergizeAdvertising Services

EpsilonAdvertising Services

Catapult MarketingAdvertising Services

RetargetlyAdvertising Services

Epsilon APACAdvertising Services

Epsilon EMEAAdvertising Services

Epsilon Alumni (Official)Advertising Services

Epsilon LATAMAdvertising Services

StarcomAdvertising Services

Starcom AustraliaAdvertising Services

Digitas North AmericaAdvertising Services

(m)PHASIZEAdvertising Services

Publicis Re:SourcesAdvertising Services

Digitas UKAdvertising Services

Prodigious WorldwideAdvertising Services

Prodigious SoundsAdvertising Services

Publicis Groupe SingaporeAdvertising Services

MSL (Global)Public Relations and Communications Services

MSL IndiaPublic Relations and Communications Services

Women's Forum for the Economy & SocietyInternational Affairs

MSL UKAdvertising Services

MSL UK Employee ExperiencePublic Relations and Communications Services

PublicisLiveEvents Services

Publicis ConsultantsPublic Relations and Communications Services

Espalhe MSLAdvertising Services

JKLPublic Relations and Communications Services

MSL Group CanadaPublic Relations and Communications Services

ECA2 SHOW DESIGN & PRODUCTIONEntertainment Providers

20:20 MSLPublic Relations and Communications Services

MSLGROUP Corporate & Brand Citizenship/PurPlePublic Relations and Communications Services

20:20 MEDIAPublic Relations and Communications Services

Capital MSLPublic Relations and Communications Services

MSLGROUP ChinaPublic Relations and Communications Services

Capital MSL Middle EastPublic Relations and Communications Services

MSL WarsawPublic Relations and Communications Services

MSLGROUP Technology PracticePublic Relations and Communications Services

MSLGROUP Financial Communications PracticePublic Relations and Communications Services

Winner & AssociatesPublic Relations and Communications Services

Publicis Health MediaAdvertising Services

Saatchi & Saatchi UKAdvertising Services

Arc WorldwideAdvertising Services

Sapient Global MarketsBusiness Consulting and Services

FallonAdvertising Services

BBH GlobalAdvertising Services

BBH LondonAdvertising Services

BBH USAAdvertising Services

North StrategicPublic Relations and Communications Services

VivaKiAdvertising Services

RUNAdvertising Services

Level StudiosAdvertising Services

Leo Burnett AustraliaAdvertising Services

PDI, Inc.Pharmaceutical Manufacturing

Interpace BiosciencesBiotechnology Research

RokkanAdvertising Services

Publicis Groupe UKAdvertising Services

Publicis Groupe ANZAdvertising Services

Herd MSLPublic Relations and Communications Services

MBMAdvertising Services

Third Horizon ConsultingBusiness Consulting and Services

Digitas New ZealandAdvertising Services

Optimedia USAdvertising Services

Saatchi & Saatchi NZAdvertising Services

Publicis ProductionAdvertising Services

Balance InternetTechnology, Information and Internet

Razorfish ANZAdvertising Services

PublicisdrugstoreRetail

Kaplan Thaler ProductionsAdvertising Services

Spark Foundry NZAdvertising Services

PROXIMEDIA FRANCETechnology, Information and Internet

Performics UKAdvertising Services

Team One Exhibits, Inc.Events Services

LeSHOPAdvertising Services

Performics AustraliaAdvertising Services

Breakout Room NZAdvertising Services

Loading…

Sapient Public Sector | Now Publicis Sapient Similar Companies

ELIS

cb elis.com

As the leader in circular services at work, Elis ensures its clients achieve optimal hygiene, well-being and protection – everywhere, every day, in a sustainable way. We employ 54,000 people locally in 30 countries. We work for public and private organizations of all sizes, in all sectors of activity offering solutions for flat linen, workwear, facility, beverage, pest control, mats, wipers, cleanroom and medical waste. Our circular services help clients stay focused on their core business and allow them to reduce their environmental footprint. Our circular services inspire our commitment: they create a bond between us, our clients and our planet and they unite our people around the world. Elis is listed on Euronext Paris. --- Leader des services circulaires au travail, Elis veille à ce que ses clients bénéficient d'une hygiène, d'un bien-être et d'une protection optimale – partout dans le monde, tous les jours et de manière durable. Nous employons localement 54 000 collaborateurs dans 29 pays. Nous travaillons pour des organismes publics et privés de toutes tailles, dans tous les secteurs d’activité en leur offrant des solutions en vêtement de travail, linge plat, sanitaires, boisson, prévention nuisibles, tapis, essuyage industriel, salles propres et DASRI. Nos services circulaires aident nos clients à concentrer leurs efforts sur leur cœur de métier et leur permettent de réduire leur empreinte environnementale. Nos services circulaires inspirent notre engagement : ils créent un lien entre nous, nos clients et notre planète et unissent nos collaborateurs dans le monde entier. Elis est côté sur Euronext Paris et fait partie du SBF 120.

Deloitte

deloitte.com

Deloitte drives progress. Our firms around the world help clients become leaders wherever they choose to compete. Deloitte invests in outstanding people of diverse talents and backgrounds and empowers them to achieve more than they could elsewhere. Our work combines advice with action and integrity. We believe that when our clients and society are stronger, so are we. Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited (“DTTL”), its global network of member firms, and their related entities. DTTL (also referred to as “Deloitte Global”) and each of its member firms are legally separate and independent entities. DTTL does not provide services to clients. Please see www.deloitte.com/about to learn more. The content on this page contains general information only, and none of Deloitte Touche Tohmatsu Limited, its member firms, or their related entities (collectively the “Deloitte Network”) is, by means of this publication, rendering professional advice or services. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser. No entity in the Deloitte Network shall be responsible for any loss whatsoever sustained by any person who relies on content from this page.

Accenture

cb accenture.com

Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent and innovation-led company serving clients in more than 120 countries. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities. This LinkedIn company page is moderated. When engaging with Accenture, we encourage everyone to: - Use common courtesy and be respectful of others. - Create your own original content and avoid content that you know to be fraudulent. - Never repost someone else's copyrighted work, unless you have permission. - Never post personal, identifying, or confidential information. We reserve the right to delete comments or posts we deem to be: - Profane, obscene, inappropriate, offensive, abusive material. - Spam, repeated comments and commercial messages and personal advertisements. - Discriminatory or that contain hateful speech of any kind regarding age, gender, race, religion, nationality, sexual orientation, gender identity or disability. - Threats; personal attacks; abusive, defamatory, derogatory, or inflammatory language; or stalking or harassment of any individual, entity or organization. - False, inaccurate, libelous, or otherwise misleading in any way.

Korn Ferry

kornferry.com

Korn Ferry is a global consulting firm that powers performance. We unlock the potential in your people and unleash transformation across your business—synchronizing strategy, operations, and talent to accelerate performance, fuel growth, and inspire a legacy of change. That’s why the world’s most forward-thinking companies across every major industry turn to us—for a shared commitment to lasting impact and the bold ambition to Be More Than.

Stantec

cb stantec.com

Stantec empowers clients, people, and communities to rise to the world’s greatest challenges at a time when the world faces more unprecedented concerns than ever before. We are a global leader in sustainable engineering, architecture, and environmental consulting. Our professionals deliver the expertise, technology, and innovation communities need to manage aging infrastructure, demographic and population changes, the energy transition, and more. Today’s communities transcend geographic borders. At Stantec, community means everyone with an interest in the work that we do—from our project teams and industry colleagues to our clients and the people our work impacts. The diverse perspectives of our partners and interested parties drive us to think beyond what’s previously been done on critical issues like climate change, digital transformation, and future-proofing our cities and infrastructure. We are designers, engineers, scientists, project managers, and strategic advisors. We innovate at the intersection of community, creativity, and client relationships to advance communities everywhere, so that together we can redefine what’s possible. Stantec trades on the TSX and the NYSE under the symbol STN.

Straive

straive.com

At Straive, we operationalize Data Analytics and AI for global enterprises, working with several Fortune 500 companies. We don’t just build world-class data analytics and AI solutions—we embed them seamlessly into your core workflows. This drives greater efficiency, enhances user experience, and boosts client revenue, setting you apart from the competition. Straive is a global leader in AI-driven value creation, business transformation, and Global Capability Center (GCC) delivery — empowering private-equity portfolio companies, mid-market firms, and enterprises with scalable, technology-enabled execution. We serve clients across industries, including Banking, Financial and Information Services, Retail, Media and Technology, EdTech, Science and Research, Logistics and Supply Chain, and Pharma & Life Sciences. Our strategically placed team of 18,000 employees operates in nine countries: the Philippines, India, the United States, Nicaragua, Vietnam, the United Kingdom, Singapore, South Africa, and Canada. We have been recognized as a Star Performer in Data & AI Services Specialists – Everest’s North America PEAK Matrix 2025, and as a Leader in AIM’s Pema Quadrant of Agentic AI Service Providers – 2025. In Nov 2023, Straive acquired Gramener, an award-winning, design-led data science company, enhancing our data, analytics, and AI capabilities. In June 2025, we acquired SG Analytics, a leading provider of AI-powered insights and contextual analytics services. Straive is an equal opportunity employer, committed to celebrating diversity, equity, and inclusion. We do not tolerate discrimination or harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic under federal, state, or local laws. Hiring decisions are based solely on qualifications, merit, and business needs at the time.

ERM

erm.com

Sustainability is our business.  As the world’s largest specialist sustainability consultancy, ERM partners with clients to operationalize sustainability at pace and scale, deploying a unique combination of strategic transformation and technical delivery capabilities. This approach helps clients to accelerate the integration of sustainability at every level of their business.  With more than 50 years of experience, ERM’s diverse team of 8000+ experts in 40 countries and territories helps clients create innovative solutions to their sustainability challenges, unlocking commercial opportunities that meet the needs of today while preserving opportunity for future generations.  

Publicis Sapient

publicissapient.com

Publicis Sapient is a technology company that provides enterprise AI platforms and services. With over 30 years of digital business transformation experience, we enable enterprise clients to transform how they operate and serve their customers, unlocking new value and enabling them to thrive in an AI-driven world. Our platforms use AI  built off this deep enterprise context to help them modernize, build agentic solutions, and sustain their competitive advantage. The combination of our AI platforms and the expertise of our people enables us to deliver faster and more effective outcomes through solutions that are specific to the unique needs of our clients’ businesses, their industries and their customers.   Publicis Sapient is the technology hub of Publicis Groupe, uniting 20,000 people worldwide across 28 countries. For more information, visit publicissapient.com.

BearingPoint

bearingpoint.com

BearingPoint is an independent management and technology consultancy. Our roots are European, but our footprint is truly global. Transformation is our core service. We deliver value to enterprises, government organizations and NGOs. In a rapidly changing world, BearingPoint provides solutions to tomorrow’s challenges as well as today’s. As for our scale? In 2024 we delivered 2065 projects in 31 countries. We operate in three business units: Consulting, Products, and Capital. This gives us the holistic expertise our clients need to help them achieve greater success. Everything we deliver is measurable and sustainable. We accomplish this through our approach: • We are independent advisors • We listen, understand and adapt • We combine strategy with operational focus • We blend management and technology for maximum potential • We help our clients embrace change Our culture is defined by our purpose – ‘together, we are more than business’ – combined with three values that bring it to life: • We are easy to work with • We empower people to succeed • We create lasting outcomes Every day we’re working to deliver more for people, more innovation, and more for our planet. From AI to automation, strategy to sustainability, BearingPoint is helping our clients and their people to forge brighter futures.

Loading…

NEWS

Sapient Public Sector | Now Publicis Sapient CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

December 05, 2025 04:41 AM

Publicis Sapient obtains agentic specialisation as AWS partner

Publicis Sapient has achieved the Amazon Web Services (AWS) Agentic AI Specialisation, a new category launched within the AWS AI Competency.

Read Article

December 02, 2025 04:16 PM

Publicis Sapient Achieves the AWS Agentic AI Specialisation

Publicis Sapient, a technology company that provides AI enterprise solutions and services, announced it has achieved the Amazon Web Services...

Read Article

October 29, 2025 07:00 AM

Publicis Sapient launches AI-powered retail network in Australia

Publicis Sapient has launched its AI-powered Agentic Retail Network in Australia to help retailers integrate and optimise AI across their...

Read Article

October 07, 2025 07:00 AM

Australians turn to AI & peers as trust in digital services lags

A new report from Publicis Sapient indicates that Australians, despite widespread digital connectivity, lack engagement with online...

Read Article

July 04, 2025 07:00 AM

Digital Technology Leaders Awards 2025 - Who made it big on the night?

Standouts of the UK tech industry came together to celebrate success last night. Here's the list of deserving winners.

Read Article

June 13, 2025 07:00 AM

From catch up to leadership: Resetting Australia’s tech agenda

Despite growing momentum across the private sector, technology policy took a back seat in the lead-up to the recent Federal election,...

Read Article

May 15, 2025 07:00 AM

National Technology Awards 2025 winners revealed

Octopus Energy, HCLSoftware, and EY were among the winners to take home trophies at The National Technology Awards on Wednesday 14 May.

Read Article

January 30, 2025 08:00 AM

Rajeev Singh named transport and mobility lead at Publicis Sapient EMEA

Digital business transformation firm Publicis Sapient has appointed Rajeev Singh as its EMEA and APAC industry leader for transportation and mobility.

Read Article

January 28, 2025 08:00 AM

Data Privacy Day: How GCCs and Indian IT are Leading the Charge | AIM

While two-thirds of companies recognise that AI will significantly impact cybersecurity this year, only 37% have the tools to assess and...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-53430

SUMMARY

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Message modules) allows a denial of service via a gzip decompression bomb. This vulnerability is associated with program files lib/grpc/compressor/gzip.ex, lib/grpc/message.ex and program routines 'Elixir.GRPC.Compressor.Gzip':decompress/1, 'Elixir.GRPC.Message':from_data/2. 'Elixir.GRPC.Compressor.Gzip':decompress/1 calls :zlib.gunzip/1 directly on attacker-controlled bytes with no decompressed-size limit, ratio check, or incremental decoding. Because this module is the registered gzip GRPC.Compressor implementation, it is invoked automatically whenever an incoming gRPC frame carries the grpc-encoding: gzip header. :zlib.gunzip/1 allocates the entire decompressed result as a single binary, so a small highly compressible payload (for example a few kilobytes of zeros, which gzip compresses at roughly 1000:1) expands to multiple gigabytes inside a single call. The max_receive_message_length limit is enforced only against the already-decompressed message, so it provides no protection. An unauthenticated remote peer can send a single crafted frame to exhaust the BEAM node's heap and trigger an out-of-memory kill. This issue affects grpc: from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48854

SUMMARY

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BEAM's memory and crash the server by streaming a large or slow-trickle unary request body. 'Elixir.GRPC.Server.Adapters.Cowboy.Handler':read_full_body/3 (lib/grpc/server/adapters/cowboy/handler.ex) accumulates every received chunk into a single growing binary with no size cap. Additionally, when the client omits the grpc-timeout header, the per-chunk read timeout resolves to :infinity, allowing a slow-trickle client to keep the connection alive indefinitely while memory grows. A single connection is sufficient to exhaust server memory and crash the node. This issue affects grpc from 0.3.1 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48853

SUMMARY

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unauthenticated attackers to crash the BEAM node via atom table exhaustion and, when a decoded term flows into a call site that invokes it, achieve remote code execution on the server. 'Elixir.GRPC.Codec.Erlpack':decode/2 (lib/grpc/codec/erlpack.ex) calls :erlang.binary_to_term/1 on the raw gRPC message body without the :safe option, no size bound, and no type guard. Any unauthenticated peer that sends a request with Content-Type: application/grpc+erlpack can send a crafted payload that mints arbitrary new atoms (which are never garbage-collected, exhausting the bounded atom table and crashing the VM) or that encodes a fun term which, if applied anywhere downstream, executes attacker-controlled code inside the server process. This issue affects grpc from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 9.2

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48723

SUMMARY

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable to OS command injection via the cypress_config_file configuration parameter. In readCypressConfigUtil.js, the loadJsFile() function constructs a shell command by interpolating the user-controlled cypress_config_filepath value into a template literal, then executes it via child_process.execSync(). Shell metacharacters in the config path (specifically " and ;) allow breaking out of the quoted argument and injecting arbitrary commands. This issue has been fixed in version 1.36.6.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: 7.8)

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-48599

SUMMARY

Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. In 'Elixir.GRPC.Server.Transcode':map_request/5 (lib/grpc/server/transcode.ex), all three clauses use Map.merge/2 with path bindings as the first argument, giving them the lowest merge precedence. A request such as GET /users/me/profile?user_id=victim (or a POST with {"user_id": "victim"} when body: "*") yields a decoded protobuf struct where the path-bound field carries the attacker-supplied value rather than the router-extracted value. Any handler that uses the path-bound field for authorization, multi-tenancy scoping, or ownership checks is silently bypassed. This issue affects grpc from 0.8.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 7.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…