What is the official website of Technology Reply ?

The official website of Technology Reply is https://www.reply.com/technology-reply/it/.

What is Technology Reply's cybersecurity risk score?

Technology Reply has an AI-generated cybersecurity risk score of 755 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Technology Reply experienced?

According to Rankiteo, Technology Reply currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Technology Reply been affected by any supply chain cyber incidents ?

According to Rankiteo, Technology Reply has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Technology Reply have SOC 2 Type 1 certification ?

According to Rankiteo, Technology Reply is not certified under SOC 2 Type 1.

Does Technology Reply have SOC 2 Type 2 certification ?

According to Rankiteo, Technology Reply does not hold a SOC 2 Type 2 certification.

Does Technology Reply comply with GDPR ?

According to Rankiteo, Technology Reply is not listed as GDPR compliant.

Does Technology Reply have PCI DSS certification ?

According to Rankiteo, Technology Reply does not currently maintain PCI DSS compliance.

Does Technology Reply comply with HIPAA ?

According to Rankiteo, Technology Reply is not compliant with HIPAA regulations.

Does Technology Reply have ISO 27001 certification ?

According to Rankiteo,Technology Reply is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Technology Reply operate in ?

Technology Reply operates primarily in the Software Development industry.

How many employees does Technology Reply have ?

Technology Reply employs approximately 628 people worldwide.

Does Technology Reply own any subsidiaries ?

Technology Reply presently has no subsidiaries across any sectors.

How many LinkedIn followers does Technology Reply have ?

Technology Reply's official LinkedIn profile has approximately 5,198 followers.

What is the NAICS classification code for Technology Reply ?

Technology Reply is classified under the NAICS code 5112, which corresponds to Software Publishers.

Does Technology Reply have a Crunchbase profile ?

No, Technology Reply does not have a profile on Crunchbase.

Does Technology Reply have a LinkedIn profile ?

Yes, Technology Reply maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/technology-reply-s.r.l..

How many cybersecurity incidents has Technology Reply experienced ?

As of June 16, 2026, Rankiteo reports that Technology Reply has not experienced any cybersecurity incidents.

How many peer or competitor companies does Technology Reply have ?

Technology Reply has an estimated 30,086 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Technology Reply

Boost Score +25 with badge (5 left)

755

/1000

Fair

780

/1000

Fair

Technology Reply Vendor Cyber Rating & Cyber Score

reply.com

Add Your Compliance Badge

Technology Reply è la società del gruppo Reply specializzata nella progettazione e realizzazione di soluzioni innovative basate su tecnologie Oracle. Grazie a un’approfondita competenza e all’esperienza maturate in oltre venti anni di attività, Technology Reply supporta i propri clienti nei loro processi di innovazione e trasformazione digitale, con team di professionisti in grado di intervenire in tutte le fasi del ciclo di vita di progetti complessi: analisi, progettazione, implementazione, roll-out e operatività. Attraverso corsi di specializzazione e partecipazione ai Programmi Beta, Technology Reply – Oracle Platinum e Cloud Select Partner – persegue un processo di costante innovazione tecnologica e metodologica. Le capacità acquisite

Technology Reply A.I CyberSecurity Scoring

Scoring History

Technology Reply

Technology Reply CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

No data available

Loading…

A.I.

Technology Reply Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Technology Reply

Incidents vs Software Development Industry Avg (This Year)

No incidents recorded for Technology Reply in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Technology Reply in 2026.

Incident Types Technology Reply vs Software Development Industry Avg (This Year)

No incidents recorded for Technology Reply in 2026.

Incident History - Technology Reply (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Technology Reply Subsidiaries

Technology Reply

Software Development

Website: https://www.reply.com/technology-reply/it/

Company Size: 628

119

ReplyIT Services and IT Consulting

Open Reply ITIT Services and IT Consulting

Blue Reply ITIT Services and IT Consulting

Airwalk ReplyIT Services and IT Consulting

Concept Reply GmbHInformation Technology & Services

Spike ReplyIT Services and IT Consulting

Spur ReplyBusiness Consulting and Services

Communication Valley ReplyComputer and Network Security

Machine Learning ReplyIT Services and IT Consulting

Concept Quality ReplyIT Services and IT Consulting

Data Reply UKIT Services and IT Consulting

e*finance consulting ReplyFinancial Services

Like ReplyAdvertising Services

Glue ReplyIT Services and IT Consulting

HERMES REPLYInformation Technology & Services

Wemanity Learning CenterDéveloppement professionnel et coaching

Fincon Reply GmbHInformation Services

AIM ReplyIT Services and IT Consulting

ARLANIS REPLYIT Services and IT Consulting

Sense ReplyIT Services and IT Consulting

Concept Reply USInformation Technology & Services

Business Elements ReplyIT Services and IT Consulting

Sprint Reply ITInformation Technology & Services

Solidsoft ReplyIT Services and IT Consulting

Logistics Reply UKSoftware Development

Roboverse Reply DEIT Services and IT Consulting

Target Reply RomeIT Services and IT Consulting

Liquid ReplyIT Services and IT Consulting

Sprint Reply DEIT Services and IT Consulting

KI ReplyInformation Technology & Services

Sprint Reply BEIT Services and IT Consulting

Starbytes.itInformation Technology & Services

Open Reply UKInformation Technology & Services

Reply ChallengesFornitori di e-learning

BitmamaAdvertising Services

Avantage ReplyFinancial Services

Valorem ReplyIT Services and IT Consulting

Nexi DigitalFinancial Services

Wemanity MarocIT Services and IT Consulting

Lynx RecruitmentStaffing and Recruiting

Machine Learning Reply GmbHIT Services and IT Consulting

Data Reply ITIT Services and IT Consulting

Xister ReplyAdvertising Services

Target ReplyData Infrastructure and Analytics

Syskoplan Reply USIT Services and IT Consulting

Cloud9 ReplyIT Services and IT Consulting

Threepipe ReplyAdvertising Services

Storm ReplyIT Services and IT Consulting

Cluster Reply DEIT Services and IT Consulting

Wemanity NetherlandsProfessional Training and Coaching

ATLAS REPLYIT Services and IT Consulting

Mansion House ConsultingBusiness Consulting and Services

Net ReplyIT Services and IT Consulting

Pay ReplyInformation Technology & Services

TD ReplyBusiness Consulting and Services

Sytel ReplyIT Services and IT Consulting

Data Reply FRInformation Technology & Services

Data Reply DEInformation Technology & Services

Laife ReplyInformation Technology & Services

Comsysto Reply GmbHIT Services and IT Consulting

Blockchain ReplyIT Services and IT Consulting

Whitehall ReplyIT Services and IT Consulting

Syskoplan Reply DACHInformation Technology & Services

Business ReplySoftware Development

ARLANIS REPLY ITIT Services and IT Consulting

Canvas ReplyIT Services and IT Consulting

Spike Reply DEIT Services and IT Consulting

Wakanda Technologies - We bring African IT Power to EuropeIT-Dienstleistungen und IT-Beratung

Aktive ReplyInformation Technology & Services

Graymatter ReplyAdvertising Services

Graymatter REPLY DigitalAdvertising Services

Light ReplyIT Services and IT Consulting

Technology Reply RomaniaIT Services and IT Consulting

Triplesense ReplyTechnology, Information and Internet

Autonomous Reply FRIT Services and IT Consulting

Accelerator 365 by ReplySoftware Development

Blue Reply DEIT Services and IT Consulting

Leadvise ReplyBusiness Consulting and Services

Digital Transformation der Regulatory AffairsUnternehmensberatung

Everlo Reply GmbHIT Services and IT Consulting

Shield ReplyIT Services and IT Consulting

Life At ReplyIT Services and IT Consulting

WM ReplyIT Services and IT Consulting

Wemanity BelgiumInformation Technology & Services

Go ReplyIT Services and IT Consulting

Concept Engineering ReplyIT Services and IT Consulting

Connect ReplyIT Services and IT Consulting

4brands ReplyInformation Technology & Services

Cortex Reply UKTechnology, Information and Internet

Logistics Reply USSoftware Development

Comwrap Reply DACHTechnology, Information and Internet

Open ReplyInformation Technology & Services

Live Reply DEIT Services and IT Consulting

Infinity Reply ITIT Services and IT Consulting

Up ReplyIT Services and IT Consulting

Brick Reply | IT Solutions and Services for ManufacturingSoftware Development

Storm Reply DEIT Services and IT Consulting

Sytel Reply NorthInformation Technology & Services

Net Reply UKIT Services and IT Consulting

Red Reply DEIT Services and IT Consulting

Neo ReplyIT Services and IT Consulting

Live Reply ItalyIT Services and IT Consulting

Sprint Reply UKIT Services and IT Consulting

Arlanis Reply UKIT Services and IT Consulting

Air ReplyIT Services and IT Consulting

Infinity Reply DEIT Services and IT Consulting

Macros Reply GmbHIT Services and IT Consulting

Spike Reply UKTechnology, Information and Internet

Storm Reply, Inc.Professional Services

Eos ReplyIT Services and IT Consulting

Alpha ReplyIT Services and IT Consulting

Open Reply Benelux - FranceBusiness Consulting and Services

Affinity ReplyIT Services and IT Consulting

Ki Reply UKIT Services and IT Consulting

Zest ReplyIT Services and IT Consulting

Nimbus ReplyIT Services and IT Consulting

Cluster Reply PLIT Services and IT Consulting

Industrie Reply USMotor Vehicle Manufacturing

Atomic ReplyBusiness Consulting and Services

Loading…

Technology Reply Similar Companies

Wolt

wolt.com

Wolt is a Helsinki-based technology company with a mission to bring joy, simplicity and earnings to the neighborhoods of the world. Wolt develops a local commerce platform that connects people looking to order food, groceries, and other goods with people interested in selling and delivering them. Wolt was founded in 2014 and joined forces with DoorDash (NASDAQ: DASH) in 2022. Together, we operate in more than 30 countries today.

Booking.com

booking.com

A career at Booking.com is all about the journey, helping you explore new challenges in a place where you can be your best self. With plenty of exciting twists, turns and opportunities along the way. We’ve always been pioneers, on a mission to shape the future of travel through cutting edge technology, to make it easier for everyone to enjoy amazing experiences wherever they go. Under a desert sky, or in the heart of a bustling city. Discovering the perfect hideaway, or the perfect paella. When you join us, you’ll be part of a community where taking a different path and trying something new is celebrated and supported. And where making a difference counts. We’re determined to make the world of travel more sustainable, more accessible, and more inclusive, to create a positive impact on a global scale. That’s why we’re always looking for people who search for better solutions, the ones eager to stray off the beaten path to find new ways of doing things. Because at Booking.com it’s more than a job, it’s a journey we’re on together.

Bosch

cb bosch.com

The Bosch Group is a leading global supplier of technology and services. It employs roughly 417,900 associates worldwide (as of December 31, 2024). According to preliminary figures, the company generated sales of 90.5 billion euros in 2024. Its operations are divided into four business sectors: Mobility, Industrial Technology, Consumer Goods, and Energy and Building Technology. With its business activities, the company aims to use technology to help shape universal trends such as automation, electrification, digitalization, connectivity, and an orientation to sustainability. In this context, Bosch’s broad diversification across regions and industries strengthens its innovativeness and robustness. Bosch uses its proven expertise in sensor technology, software, and services to offer customers cross-domain solutions from a single source. It also applies its expertise in connectivity and artificial intelligence in order to develop and manufacture user-friendly, sustainable products. With technology that is “Invented for life,” Bosch wants to help improve quality of life and conserve natural resources. The Bosch Group comprises Robert Bosch GmbH and its roughly 470 subsidiary and regional companies in over 60 countries. Including sales and service partners, Bosch’s global manufacturing, engineering, and sales network covers nearly every country in the world. Bosch’s innovative strength is key to the company’s further development. At 136 locations across the globe, Bosch employs some 86,900 associates in research and development, of which nearly 48,000 are software engineers. Instagram: https://www.instagram.com/boschglobal/ Facebook: https://www.facebook.com/BoschGlobal Glassdoor: https://bit.ly/3raTZnH Imprint: www.bosch.com/corporate-information Privacy statement: https://www.bosch.com/data-protection-notice-bosch-linkedin/

DoorDash

careersatdoordash.com

At DoorDash, our mission to empower local economies shapes how our team members move quickly and always learn and reiterate to support merchants, Dashers and the communities we serve. We are a technology and logistics company that started with door-to-door delivery, and we are looking for team members who can help us go from a company that is known for delivering food to a company that people turn to for any and all goods. DoorDash is growing rapidly and changing constantly, which gives our team members the opportunity to share their unique perspectives, solve new challenges, and own their careers. Our leaders seek the truth and welcome big, hairy, audacious questions. We are grounded in our company values, and we make intentional decisions that are both logical and display empathy for our range of users—from Dashers to Merchants to Customers.

Cadence

cadence.com

Cadence is a market leader in AI and digital twins, pioneering the application of computational software to accelerate innovation in the engineering design of silicon to systems. Our design solutions, based on Cadence’s Intelligent System Design™ strategy, are essential for the world’s leading semiconductor and systems companies to build their next-generation products from chips to full electromechanical systems that serve a wide range of markets, including hyperscale computing, mobile communications, automotive, aerospace, industrial, life sciences and robotics. In 2024, Cadence was recognized by the Wall Street Journal as one of the world’s top 100 best-managed companies. Cadence solutions offer limitless opportunities—learn more at www.cadence.com.

HubSpot

hubspot.com

HubSpot is a leading CRM platform that provides software and support to help businesses grow better. Our platform includes marketing, sales, service, and website management products that start free and scale to meet our customers’ needs at any stage of growth. Today, thousands of customers around the world use our powerful and easy-to-use tools and integrations to attract, engage, and delight customers. HubSpot's award-winning culture has been recognized by Glassdoor, Great Place to Work, Comparably, Fortune, Entrepreneur, Inc., and more. We build connections, careers, and employee growth by creating a workplace that values flexibility, autonomy, and transparency. You can learn more about our commitment to creating an inclusive and diverse workplace in the HubSpot Culture Code. HubSpot is a hybrid company with employees working fully remotely, from an office, or a mix of the two. We are headquartered in Cambridge, MA with offices in Amsterdam, Berlin, Bogota, Dublin, Ghent, London, Madrid, Paris, San Francisco, Singapore, Sydney, Tokyo and Toronto. To learn more about HubSpot, visit www.hubspot.com and to join our team, visit www.hubspot.com/careers

bigbasket

cb bigbasket.com

Starting our journey in 2011, today, bigbasket - a Tata Enterprise is India’s largest online supermarket with over 13 million customers and a presence in 60+ cities & towns. With our presence spanning the entire spectrum of consumer needs, we operate through a range of business lines - bigbasket, bbnow, bbinstant, bbdaily, fresho, bbmandi, and bbsaathi. We offer convenience by making grocery shopping easy for customers while enhancing their experience. With more than 47,000 employees, we are a proud & growing bigbasket family. With our businesses scaling, we are keen on working with the best talent in the industry. Every bigbasketeer embodies the ‘Spirit of bb’ that defines our work ethos. We believe in nurturing a people-first environment where the health and well-being of our employees are always prioritised. Fostering bigbasket’s value system, we encourage humility, transparency, integrity, and respect amongst each other to create an elevated work culture. At bigbasket, we empower every bigbasketeer with responsibility and ownership in everything they do. Being a customer-centric organisation, we operate with a maniacal focus on customers ensuring we always deliver our best. bigbasket has been proudly certified as a Great Place to Work, and Great Place to Work for Women. Our business model is designed to create opportunities for our country’s gig economy. We have achieved the highest ranking in the Fairwork India Ratings for Gig Workers. Through our DEI initiative – Aarambh, we foster Diversity, Equity, & Inclusion driving a workplace where everybody feels welcomed. Alongside this, we take conscious and proactive measures towards curtailing our impact on the environment. Our electric vehicles delivery fleet and solar panel equipped warehouses help us minimize carbon emissions. By promoting organic farming, we encourage fresh farm produce contributing to good land and soil health. #JoinTheSquad and be a part of our growth story!

NetSuite

netsuite.com

Founded in 1998, Oracle NetSuite is the world’s first cloud company. For more than 25 years, NetSuite has helped businesses gain the insight, control, and agility to build and grow a successful business. First focused on financials and ERP, we now provide an AI-powered unified business system that includes inventory management, HR, professional services automation, and omnichannel commerce, used by more than 43,000 customers in 219 countries and dependent territories.

Shopee

shopee.com

Shopee is the leading e-commerce platform in Southeast Asia and Taiwan. It is a platform tailored for the region, providing customers with an easy, secure and fast online shopping experience through strong payment and logistical support. Shopee aims to continually enhance its platform and become the region’s e-commerce destination of choice via ongoing product optimisation and localised user-centered strategies. Shopee, a Sea company, was first launched in Singapore in 2015, and has since expanded its reach to Malaysia, Thailand, Taiwan, Indonesia, Vietnam and the Philippines. Sea is a leader in digital entertainment, e-commerce and digital financial services across Greater Southeast Asia. Sea's mission is to better the lives of consumers and small businesses with technology, and is listed on the NYSE under the symbol SE. The Shopee team is rapidly expanding across the region and we are constantly on the lookout for talents who have the passion and drive to become part of a fast-moving and dynamic team. Do check out our career website http://careers.shopee.com for our available positions!

Loading…

NEWS

Technology Reply CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

December 19, 2025 07:53 PM

Storm Reply and Autonomous Reply at CES 2026: drone-based inventory automation with DJI and NVIDIA on AWS

January 6, 2026. LAS VEGAS. Storm Reply and Autonomous Reply will take part in CES 2026 (Consumer Electronics Show), the annual technology event in Las...

Read Article

December 10, 2025 07:40 AM

KESUMA Targets 55,000 Youths For New Technology Skills Training Next Year

KESUMA, technology, JTM, levy, HRD Corp, upskilling, training.

Read Article

December 02, 2025 08:00 AM

Announcing the Regional 2025 AWS Partners of the Year for Europe, Middle East, and Africa

by AWS Editorial Team on 02 DEC 2025 in Announcements, AWS Partner Network, AWS re:Invent, Customer Solutions, Foundational (100) Permalink Comments Share.

Read Article

November 06, 2025 08:00 AM

DLA Piper European Technology Summit 2025

November 6, 2025. Amsterdam. We're excited to announce that Reply will be taking part in this year's premier technology-event hosted by DLA Piper, DLA Piper...

Read Article

November 02, 2025 07:00 AM

Sam Altman sends email to Tesla asking for refund, gets reply saying ...

Tech News News: OpenAI CEO Sam Altman has publicly shared his frustration over a $45000 Tesla reservation made in July 2018, which remains...

Read Article

October 28, 2025 07:00 AM

China revises Cybersecurity Law to bolster AI development

The Standing Committee of China's top legislature on Tuesday passed revisions to the Cybersecurity Law that emphasize national support for...

Read Article

October 22, 2025 07:00 AM

Cybersecurity awareness quiz: Questions and answers

Take this security awareness training quiz to test your knowledge of common cybersecurity threats and best practices, from secure file...

Read Article

October 19, 2025 07:00 AM

AI and cyber-security already taught in schools, says government

TDT | Manama Email: [email protected] The government has backed MPs' call to add...

Read Article

October 17, 2025 07:00 AM

'Fax virus' panicked a manager and sparked job-killing Reply-All incident

On Call By Friday it's only natural to look back upon the working week with a certain nostalgia, an emotion The Register celebrates each...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-53430

SUMMARY

Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in elixir-grpc grpc (GRPC.Compressor.Gzip, GRPC.Message modules) allows a denial of service via a gzip decompression bomb. This vulnerability is associated with program files lib/grpc/compressor/gzip.ex, lib/grpc/message.ex and program routines 'Elixir.GRPC.Compressor.Gzip':decompress/1, 'Elixir.GRPC.Message':from_data/2. 'Elixir.GRPC.Compressor.Gzip':decompress/1 calls :zlib.gunzip/1 directly on attacker-controlled bytes with no decompressed-size limit, ratio check, or incremental decoding. Because this module is the registered gzip GRPC.Compressor implementation, it is invoked automatically whenever an incoming gRPC frame carries the grpc-encoding: gzip header. :zlib.gunzip/1 allocates the entire decompressed result as a single binary, so a small highly compressible payload (for example a few kilobytes of zeros, which gzip compresses at roughly 1000:1) expands to multiple gigabytes inside a single call. The max_receive_message_length limit is enforced only against the already-decompressed message, so it provides no protection. An unauthenticated remote peer can send a single crafted frame to exhaust the BEAM node's heap and trigger an out-of-memory kill. This issue affects grpc: from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48854

SUMMARY

Allocation of Resources Without Limits or Throttling vulnerability in elixir-grpc grpc allows unauthenticated attackers to exhaust the BEAM's memory and crash the server by streaming a large or slow-trickle unary request body. 'Elixir.GRPC.Server.Adapters.Cowboy.Handler':read_full_body/3 (lib/grpc/server/adapters/cowboy/handler.ex) accumulates every received chunk into a single growing binary with no size cap. Additionally, when the client omits the grpc-timeout header, the per-chunk read timeout resolves to :infinity, allowing a slow-trickle client to keep the connection alive indefinitely while memory grows. A single connection is sufficient to exhaust server memory and crash the node. This issue affects grpc from 0.3.1 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 8.7

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48853

SUMMARY

Deserialization of Untrusted Data and Allocation of Resources Without Limits or Throttling vulnerabilities in elixir-grpc grpc allow unauthenticated attackers to crash the BEAM node via atom table exhaustion and, when a decoded term flows into a call site that invokes it, achieve remote code execution on the server. 'Elixir.GRPC.Codec.Erlpack':decode/2 (lib/grpc/codec/erlpack.ex) calls :erlang.binary_to_term/1 on the raw gRPC message body without the :safe option, no size bound, and no type guard. Any unauthenticated peer that sends a request with Content-Type: application/grpc+erlpack can send a crafted payload that mints arbitrary new atoms (which are never garbage-collected, exhausting the bounded atom table and crashing the VM) or that encodes a fun term which, if applied anywhere downstream, executes attacker-controlled code inside the server process. This issue affects grpc from 0.4.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 9.2

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-48723

SUMMARY

The browserstack-cypress-cli is BrowserStack's CLI which allows users to run Cypress tests on BrowserStack. Versions prior to 1.36.4 are vulnerable to OS command injection via the cypress_config_file configuration parameter. In readCypressConfigUtil.js, the loadJsFile() function constructs a shell command by interpolating the user-controlled cypress_config_filepath value into a template literal, then executes it via child_process.execSync(). Shell metacharacters in the config path (specifically " and ;) allow breaking out of the quoted argument and injecting arbitrary commands. This issue has been fixed in version 1.36.6.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: 7.8)

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-48599

SUMMARY

Authorization Bypass Through User-Controlled Key vulnerability in elixir-grpc grpc allows authenticated attackers to access or modify resources belonging to other users by smuggling a conflicting value for any path-bound field via the query string or request body. In 'Elixir.GRPC.Server.Transcode':map_request/5 (lib/grpc/server/transcode.ex), all three clauses use Map.merge/2 with path bindings as the first argument, giving them the lowest merge precedence. A request such as GET /users/me/profile?user_id=victim (or a POST with {"user_id": "victim"} when body: "*") yields a decoded protobuf struct where the path-bound field carries the attacker-supplied value rather than the router-extracted value. Any handler that uses the path-bound field for authorization, multi-tenancy scoping, or ownership checks is silently bypassed. This issue affects grpc from 0.8.0 before 1.0.0.

Published

Date2026-06-15

Updated

Date2026-06-15

RISK INFORMATION (Score: )

cvss4

Base Score: 7.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…