Comparison Overview
Shared Services Canada | Services partagés Canada

Shared Services Canada | Services partagés Canada
99 Metcalfe Street, Ottawa, Ontario, K1G 4A8, CA
Last Update: 20/01/2026
Shared Services Canada is modernizing how the Government of Canada manages its information technology (IT) infrastructure. The Department is mandated to deliver email, data centre and telecommunication services, including videoconferencing and Wi-Fi, to customers. Ter...

Helsingin kaupunki – Helsingfors stad – City of Helsinki
Pohjoisesplanadi 11-13, Helsinki, 00170, FI
Last Update: 03/04/2026
#MeTeemmeHelsingin Helsingin kaupunki on Suomen suurin työnantaja, jonka palveluksessa on lähes 39 000 ammattilaista ja asiantuntijaa. Helsingin kaupunki tarjoaa henkilöstölle monipuolisia, mielenkiintoisia ja yhteiskunnallisesti merkittäviä työtehtäviä, hyvät mahdoll...
Compliance Ranges Comparison

Shared Services Canada | Services partagés Canada







Helsingin kaupunki – Helsingfors stad – City of Helsinki






Benchmark & Cyber Underwriting Signals
Incidents vs Government Administration Industry Avg (This Year)
No incidents recorded for Shared Services Canada | Services partagés Canada in 2026.
Incidents vs Government Administration Industry Avg (This Year)
No incidents recorded for Helsingin kaupunki – Helsingfors stad – City of Helsinki in 2026.
Incident History - Shared Services Canada | Services partagés Canada (X = Date, Y = Severity)
Shared Services Canada | Services partagés Canada cyber incidents detection timeline including parent company and subsidiaries.
Incident History - Helsingin kaupunki – Helsingfors stad – City of Helsinki (X = Date, Y = Severity)
Helsingin kaupunki – Helsingfors stad – City of Helsinki cyber incidents detection timeline including parent company and subsidiaries.
Notable Incidents

Shared Services Canada | Services partagés Canada

Helsingin kaupunki – Helsingfors stad – City of Helsinki
FAQ
Latest Global CVEs
A security vulnerability has been detected in Sipeed PicoClaw up to 0.2.9. The affected element is the function handleMessageReceive of the file pkg/channels/feishu/feishu_64.go of the component Group Message Handler. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The reported GitHub issue was closed automatically due to inactivity.
A weakness has been identified in Sipeed PicoClaw up to 0.2.9. Impacted is the function isPrivateOrRestrictedIP of the file pkg/tools/integration/web.go of the component web_fetch. This manipulation causes server-side request forgery. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. Patch name: 2efbe5d560e7ed9bc5209c203dc4aa6ecdbc7405. To fix this issue, it is recommended to deploy a patch.
- https://github.com/sipeed/picoclaw/
- https://github.com/sipeed/picoclaw/commit/2efbe5d560e7ed9bc5209c203dc4aa6ecdbc7405
- https://github.com/sipeed/picoclaw/issues/3077
- https://github.com/sipeed/picoclaw/pull/3085
- https://vuldb.com/cve/CVE-2026-16196
- https://vuldb.com/submit/852963
- https://vuldb.com/vuln/380012
- https://vuldb.com/vuln/380012/cti
A security flaw has been discovered in Sipeed PicoClaw up to 0.2.9. This issue affects the function dispatchIncoming of the file pkg/channels/wecom/wecom.go of the component Group Message Handler. The manipulation results in incorrect authorization. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The reported GitHub issue was closed automatically due to inactivity.
QueryWeaver contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain valid session tokens for existing accounts by submitting a signup request with a known victim email address. The signup route unconditionally creates and links a new token to the matching Identity via a Cypher MERGE operation before checking whether the email belongs to an existing account, causing the server to return a valid authenticated session token for the victim's identity without requiring any prior credentials or user interaction.
A vulnerability was determined in zhayujie CowAgent up to 2.1.1. This affects the function WebFetch.execute of the file agent/tools/web_fetch/web_fetch.py. Executing a manipulation of the argument url can lead to server-side request forgery. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.1.2 is able to mitigate this issue. This patch is called ea47f3097eed4f8295c4cb3d76ecb97e0f43d632. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
- https://github.com/zhayujie/CowAgent/
- https://github.com/zhayujie/CowAgent/commit/ea47f3097eed4f8295c4cb3d76ecb97e0f43d632
- https://github.com/zhayujie/CowAgent/issues/2889
- https://github.com/zhayujie/CowAgent/pull/2900
- https://github.com/zhayujie/CowAgent/releases/tag/2.1.2
- https://vuldb.com/cve/CVE-2026-16194
- https://vuldb.com/submit/857620
- https://vuldb.com/vuln/380009
- https://vuldb.com/vuln/380009/cti