What is the official website of AWS Thinkbox ?

The official website of AWS Thinkbox is https://www.awsthinkbox.com.

What is AWS Thinkbox's cybersecurity risk score?

AWS Thinkbox has an AI-generated cybersecurity risk score of 750 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has AWS Thinkbox experienced?

According to Rankiteo, AWS Thinkbox currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has AWS Thinkbox been affected by any supply chain cyber incidents ?

According to Rankiteo, AWS Thinkbox has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: npm, Inc. (Incident ID: ELAGITAMAOPENPM1780050263) Socket (Incident ID: AWSSOC1778833973) Braintrust (Incident ID: AMAUSE1778092688) Amazon Web Services (AWS) (Incident ID: LIMAMA1777312775) Vercel (Incident ID: AMAVERGITSTR1775204764) Amazon Web Services (AWS) (Incident ID: AMASTA1775118743) Aqua Security (Incident ID: AQUUSEAMASALCIS1775046662) Amazon Web Services (AWS) (Incident ID: EUR1774635987) Amazon Web Services (AWS) (Incident ID: SALAMAMICPINRED1774269319) NPM (Incident ID: GOOAMANPMGIT1773319158) Amazon Web Services (AWS) (Incident ID: RELLEX1772562253) Amazon Web Services (AWS) (Incident ID: EUR1774628727) Amazon (Incident ID: AMAAPPMIC1770935300) ConnectWise (Incident ID: SMASIMCONAMADAT1775551328) Cisco (Incident ID: CISSAI1773859283) Amazon (Incident ID: LASAMA1769009064) LinkedIn (Incident ID: LINAWS1766995316) Microsoft Security (Incident ID: AMAORAMIC1770695748) Amazon Web Services (AWS) (Incident ID: AMAAWS1770152164) Cisco (Incident ID: SAL5732257091825) Wiz (Incident ID: AMAWIZ1768515615) NPM (Incident ID: GOONPMORGGOVAPPMETTHEAWSTIKK7-1773672350) Fortinet (Incident ID: FORCISAMAJPM1767748297)

Does AWS Thinkbox have SOC 2 Type 1 certification ?

According to Rankiteo, AWS Thinkbox is not certified under SOC 2 Type 1.

Does AWS Thinkbox have SOC 2 Type 2 certification ?

According to Rankiteo, AWS Thinkbox does not hold a SOC 2 Type 2 certification.

Does AWS Thinkbox comply with GDPR ?

According to Rankiteo, AWS Thinkbox is not listed as GDPR compliant.

Does AWS Thinkbox have PCI DSS certification ?

According to Rankiteo, AWS Thinkbox does not currently maintain PCI DSS compliance.

Does AWS Thinkbox comply with HIPAA ?

According to Rankiteo, AWS Thinkbox is not compliant with HIPAA regulations.

Does AWS Thinkbox have ISO 27001 certification ?

According to Rankiteo,AWS Thinkbox is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does AWS Thinkbox operate in ?

AWS Thinkbox operates primarily in the Software Development industry.

How many employees does AWS Thinkbox have ?

AWS Thinkbox employs approximately 21 people worldwide.

Does AWS Thinkbox own any subsidiaries ?

AWS Thinkbox presently has no subsidiaries across any sectors.

How many LinkedIn followers does AWS Thinkbox have ?

AWS Thinkbox's official LinkedIn profile has approximately 6,568 followers.

What is the NAICS classification code for AWS Thinkbox ?

AWS Thinkbox is classified under the NAICS code 5112, which corresponds to Software Publishers.

Does AWS Thinkbox have a Crunchbase profile ?

No, AWS Thinkbox does not have a profile on Crunchbase.

Does AWS Thinkbox have a LinkedIn profile ?

Yes, AWS Thinkbox maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/thinkbox-software-inc..

How many cybersecurity incidents has AWS Thinkbox experienced ?

As of June 15, 2026, Rankiteo reports that AWS Thinkbox has experienced 61 cybersecurity incidents.

How many peer or competitor companies does AWS Thinkbox have ?

AWS Thinkbox has an estimated 30,073 peer or competitor companies worldwide.

What types of cybersecurity incidents has AWS Thinkbox faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability, Ransomware, Cyber Attack, Breach and Data Leak.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

AWS Thinkbox

Boost Score +25 with badge (5 left)

750

/1000

Fair

775

/1000

Fair

AWS Thinkbox Vendor Cyber Rating & Cyber Score

awsthinkbox.com

Add Your Compliance Badge

AWS Thinkbox Software is a group of talented developers and creatives focused on designing innovative and unique solutions for artists in the entertainment industry. With decades of feature film experience, award-winning effects and successful commercial products under our belts, we know we're going to create intelligent tools for your desktop, laptop and portable - all designed to unleash your creative potential. What comes next is your imagination.

AWS Thinkbox A.I CyberSecurity Scoring

Scoring History

AWS Thinkbox

AWS Thinkbox CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Amazon Web Services...

Cyber Attack

100

6/2026

GOOAMA178116664...

Amazon Web Services...

Cyber Attack

5/2026

npm, Inc.

ELAGITAMAOPENPM...

Amazon Science

Vulnerability

5/2026

OPEANTAMAXAI177...

AWS for Healthcare ...

Cyber Attack

5/2026

Socket

AWSSOC177883397...

Amazon Science

Breach

5/2026

Braintrust

AMAUSE177809268...

Amazon Web Services...

Cyber Attack

4/2026

Amazon Web Serv...

LIMAMA177731277...

Amazon

Cyber Attack

4/2026

ELFTEMCOUGRUAMA...

Amazon Web Services...

Cyber Attack

4/2026

Vercel

AMAVERGITSTR177...

Amazon Web Services...

Vulnerability

100

4/2026

Amazon Web Serv...

AMASTA177511874...

AWS Partners

Vulnerability

4/2026

AWSGITSTR177516...

Amazon Web Services...

Vulnerability

100

4/2026

Aqua Security

AQUUSEAMASALCIS...

Amazon Web Services...

Cyber Attack

3/2026

Amazon Web Serv...

EUR1774635987

Amazon Web Services...

Vulnerability

100

3/2026

Amazon Web Serv...

SALAMAMICPINRED...

Amazon Web Services...

Vulnerability

3/2026

AMA1773707045

Amazon Web Services...

Cyber Attack

3/2026

NPM

GOOAMANPMGIT177...

Amazon Web Services...

Vulnerability

3/2026

AMA1772792723

Amazon Web Services...

Cyber Attack

100

3/2026

AMA1772678135

Amazon Web Services...

Breach

100

3/2026

Amazon Web Serv...

RELLEX177256225...

Amazon

Cyber Attack

3/2026

AMA1775744757

Amazon Web Services...

Breach

3/2026

Amazon Web Serv...

EUR1774628727

Amazon

Vulnerability

100

2/2026

Amazon

AMAAPPMIC177093...

Amazon

Cyber Attack

2/2026

ConnectWise

SMASIMCONAMADAT...

Amazon

Breach

2/2026

AMA1770339008

Amazon

Cyber Attack

2/2026

AMAINSCOIGOOFLI...

Amazon

Cyber Attack

2/2026

AMA1773987972

AWS Partners

Breach

1/2026

AWSDIGOVH176978...

Amazon

Vulnerability

100

1/2026

Cisco

CISSAI177385928...

Amazon

Cyber Attack

1/2026

Amazon

LASAMA176900906...

AWS Databases & Ana...

Cyber Attack

1/2026

HUNAWS177273537...

Amazon Web Services...

Vulnerability

100

1/2026

GOOAMAOPEANT177...

AWS Partners

Cyber Attack

12/2025

LINAWS176699531...

Amazon Web Services...

Cyber Attack

100

12/2025

Microsoft Secur...

AMAORAMIC177069...

Amazon

Vulnerability

12/2025

AMAUNIGOOWAK176...

Amazon Web Services...

Cyber Attack

100

12/2025

KUBNVITENALIAMA...

Amazon Web Services...

Breach

100

11/2025

Amazon Web Serv...

AMAAWS177015216...

Amazon Web Services...

Cyber Attack

11/2025

AMA1765965358

AWS Thinkbox

Cyber Attack

100

10/2025

AMA023220210212...

AWS Thinkbox

Cyber Attack

9/2025

AMA409264009232...

AWS Partners

Cyber Attack

100

9/2025

Cisco

SAL573225709182...

Amazon Web Services...

Vulnerability

100

9/2025

Wiz

AMAWIZ176851561...

For Industries

Vulnerability

8/2025

NPM

GOONPMORGGOVAPP...

AWS Thinkbox

Cyber Attack

7/2025

RIN709072225

AWS Thinkbox

Vulnerability

6/2025

AMA505082225

AWS Thinkbox

Ransomware

100

5/2025

AMA503215011212...

Amazon Web Services...

Vulnerability

100

12/2024

Fortinet

FORCISAMAJPM176...

AWS Thinkbox

Vulnerability

8/2024

AMA000082124

AWS Thinkbox

Breach

7/2024

AMA000072524

AWS Thinkbox

Cyber Attack

100

6/2024

AMA190211910222...

AWS Thinkbox

Breach

09/2023

WHO04111223

AWS Thinkbox

Vulnerability

6/2023

AMA016210111072...

AWS Thinkbox

Data Leak

10/2021

TWI19174123

Amazon Web Services...

Cyber Attack

100

6/2021

AMA1768595116

AWS Thinkbox

Breach

100

01/2021

RIN01518622

Amazon Web Services...

Cyber Attack

100

6/2020

AMA1780793273

AWS Thinkbox

Data Leak

01/2020

AMA21461222

AWS Thinkbox

Data Leak

01/2020

RIN211261222

AWS Thinkbox

Data Leak

12/2019

RIN2178523

Amazon

Breach

6/2018

TIKAMA176901658...

AWS Thinkbox

Data Leak

02/2018

AMA350181223

AWS Thinkbox

Breach

3/2017

WHO631090125

AWS Thinkbox

Cyber Attack

01/2016

AMA0417522

Loading…

A.I.

AWS Thinkbox Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for AWS Thinkbox

Incidents vs Software Development Industry Avg (This Year)

No incidents recorded for AWS Thinkbox in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for AWS Thinkbox in 2026.

Incident Types AWS Thinkbox vs Software Development Industry Avg (This Year)

No incidents recorded for AWS Thinkbox in 2026.

Incident History - AWS Thinkbox (X = Date, Y = Severity)

Loading…

SUBSIDIARY

AWS Thinkbox Subsidiaries

AWS Thinkbox

Software Development

Website: https://www.awsthinkbox.com

Company Size: 21

AmazonSoftware Development

Amazon PharmacyRetail Pharmacies

Amazon Web Services (AWS)IT Services and IT Consulting

AWS for Retail and Consumer GoodsIT Services and IT Consulting

AWS AIIT Services and IT Consulting

AWS PartnersIT Services and IT Consulting

AWS for TelecomIT Services and IT Consulting

AWS Databases & AnalyticsIT Services and IT Consulting

AWS On AirTechnology, Information and Internet

Artificial Intelligence Machine LearningIT Services and IT Consulting

AWS for M&ESoftware Development

KiroTechnology, Information and Internet

AWS for AutomotiveIT Services and IT Consulting

AWS EventsIT Services and IT Consulting

AWS for Energy & UtilitiesIT Services and IT Consulting

Machine LearningIT Services and IT Consulting

AWS for Healthcare & Life SciencesIT Services and IT Consulting

Machine LearningIT Services and IT Consulting

AWS SupportTechnology, Information and Internet

AWS for Financial ServicesIT Services and IT Consulting

For IndustriesIT Services and IT Consulting

AWS CareersIT Services and IT Consulting

T VIT Services and IT Consulting

AWS ProductsTechnology, Information and Internet

AWS for Aerospace & SatelliteIT Services and IT Consulting

AWS Training & CertificationIT Services and IT Consulting

AWS Executive InsightsInformation Technology & Services

Amazon re:MARSInformation Technology & Services

AWS StartupsIT Services and IT Consulting

For TVIT Services and IT Consulting

AWS DevelopersTechnology, Information and Internet

Whole Foods MarketRetail

TwitchSoftware Development

Twitch AdsInternet Publishing

Souq.comTechnology, Information and Internet

GoodreadsTechnology, Information and Internet

Amazon BusinessRetail

Amazon Lab126Computers and Electronics Manufacturing

Amazon Fulfillment Technologies & RoboticsSoftware Development

RingComputers and Electronics Manufacturing

Amazon KeyTechnology, Information and Internet

IMDb.comEntertainment Providers

Amazon MusicEntertainment Providers

Zappos Family of CompaniesRetail

AudibleSoftware Development

Audible GmbHOnline Audio and Video Media

ShopbopRetail

AbeBooks, an Amazon companyTechnology, Information and Internet

A9.comTechnology, Information and Internet

Amazon Development Center PolandSoftware Development

Alexa.comTechnology, Information and Internet

CurseComputer Games

Woot, Inc.Retail

Quidsi Inc., a subsidiary of AmazonRetail

Wag.comManufacturing

BeautyBar.comRetail

Soap.comRetail

YoYo.comConsumer Goods

Casa.comRetail

Annapurna LabsComputer Networking

CreateSpaceBook and Periodical Publishing

Comixology, an Amazon companyEntertainment

LOVEFiLMEntertainment Providers

Brilliance PublishingBook and Periodical Publishing

Amazon | LiquavistaAppliances, Electrical, and Electronics Manufacturing

Amazon HelpRetail

PerceiveSemiconductors

Amazon KindleRetail

Amazon GamesEntertainment Providers

Amazon TodayTechnology, Information and Internet

Amazon AdsAdvertising Services

Amazon PayTechnology, Information and Internet

Amazon AssociatesTechnology, Information and Internet

Amazon Ads PartnersAdvertising Services

Amazon AutosRetail Motor Vehicles

Amazon DesignInternet Publishing

Amazon CareersSoftware Development

Amazon Alexa DevelopersComputers and Electronics Manufacturing

Sell on AmazonTechnology, Information and Internet

Amazon LaunchpadInternet Publishing

Transportation, Shipping, & Logistics at AmazonTransportation, Logistics, Supply Chain and Storage

Amazon ClinicHospitals and Health Care

Buy with PrimeInternet Publishing

Amazon DeveloperConsumer Electronics

Amazon Fashion & SportsRetail Apparel and Fashion

Just Walk Out technologyRetail

Amazon ScienceResearch Services

Fulfillment by AmazonWarehousing and Storage

Loading…

AWS Thinkbox Similar Companies

Rakuten

cb rakuten.com

Rakuten Group, Inc. (TSE: 4755) is a global technology leader in services that empower individuals, communities, businesses and society. Founded in Tokyo in 1997 as an online marketplace, Rakuten has expanded to offer services in e-commerce, fintech, digital content and communications to 2 billion members around the world. The Rakuten Group has more than 30,000 employees, and operations in 30 countries and regions. For more information visit https://global.rakuten.com/corp/.

NetSuite

netsuite.com

Founded in 1998, Oracle NetSuite is the world’s first cloud company. For more than 25 years, NetSuite has helped businesses gain the insight, control, and agility to build and grow a successful business. First focused on financials and ERP, we now provide an AI-powered unified business system that includes inventory management, HR, professional services automation, and omnichannel commerce, used by more than 43,000 customers in 219 countries and dependent territories.

NiCE

nice.com

NiCE is transforming the world with AI that puts people first. Our purpose-built AI-powered platforms automate engagements into proactive, safe, intelligent actions, empowering individuals and organizations to innovate and act, from interaction to resolution. Trusted by organizations throughout 150+ countries worldwide, NiCE’s platforms are widely adopted across industries connecting people, systems, and workflows to work smarter at scale, elevating performance across the organization, delivering proven measurable outcomes.

Tencent

tencent.com

Tencent is a world-leading internet and technology company that develops innovative products and services to improve the quality of life of people around the world. Founded in 1998 with its headquarters in Shenzhen, China, Tencent's guiding principle is to use technology for good. Our communication and social services connect more than one billion people around the world, helping them to keep in touch with friends and family, access transportation, pay for daily necessities, and even be entertained. Tencent also publishes some of the world's most popular video games and other high-quality digital content, enriching interactive entertainment experiences for people around the globe. Tencent also offers a range of services such as cloud computing, advertising, FinTech, and other enterprise services to support our clients' digital transformation and business growth. Tencent has been listed on the Stock Exchange of Hong Kong since 2004.

Atlassian

atlassian.com

Atlassian powers the collaboration that helps teams accomplish what would otherwise be impossible alone. From space missions and motor racing to bugs in code and IT requests, no task is too large or too small with the right team, the right tools, and the right practices. Over 300,000 global companies and 80% of the Fortune 500 rely on Atlassian’s software, like Jira, Confluence, Loom, and Trello, to help their teams work better together and deliver quality results on time. With our 300,000+ customers and team of 10,000+ Atlassians, we are building the next generation of team collaboration and productivity software. We believe the power of teams has the potential to change the world — one that is more open, authentic, and inclusive.

Red Hat

redhat.com

Red Hat is the world’s leading provider of enterprise open source solutions, using a community-powered approach to deliver high-performing Linux, hybrid cloud, edge, and Kubernetes technologies. We hire creative, passionate people who are ready to contribute their ideas, help solve complex problems, and make an impact. Opportunities are open. Join us.

Grab

grab.careers

Grab is Southeast Asia’s leading superapp, offering a suite of services consisting of deliveries, mobility, financial services, enterprise and others. Grabbers come from all over the world, and we are united by a common mission: to drive Southeast Asia forward by creating economic empowerment for everyone. At Grab, every Grabber is guided by The Grab Way, which explains our mission and the operating principles on how we can achieve it together. We call these principles the 4Hs: Heart We work together as OneGrab to serve communities in Southeast Asia Hunger We work to understand ground truths and drive improvements, big and small Honour We keep our word and steward our resources wisely to build and sustain trust Humility We are a constant work-in-progress, and we never stop learning to get better

Instagram

instagram.com

More than one billion people around the world use Instagram, and we’re proud to be bringing them closer to the people and things they love. Instagram inspires people to see the world differently, discover new interests, and express themselves. Since launching in 2010, our community has grown at a rapid pace. Our teams are growing fast, too, and we’re looking for talent across engineering, product management, design, research, analytics, technical program management, operations, and more. In addition to our headquarters in Menlo Park, we have thriving offices in New York City and San Francisco where teams are doing impactful work every day.

IDEMIA

cb idemia.com

IDEMIA Secure Transactions (IST) is a leading provider of payment, connectivity, and cybersecurity solutions, serving billions of people worldwide. With decades of expertise in cryptography and credential issuance, IST is trusted by over 2000 financial institutions, mobile operators, automotive manufacturers, and IoT providers worldwide. IST is a division of IDEMIA Group. IDEMIA Public Security, another division of IDEMIA Group, is the premium provider of convenient and trusted biometric-based solutions, transforming public and private organizations across the globe. Follow them here: https://www.linkedin.com/company/idemia-public-security/

Loading…

NEWS

AWS Thinkbox CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 06, 2017 08:00 AM

Amazon Web Services makes another deal, acquiring Thinkbox media rendering tech company

Amazon Web Services has acquired Thinkbox Software, which makes technology used by media and entertainment architects and engineers to manage render farms.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12191

SUMMARY

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdrive/modeld/modeld.py of the component Pickle Module. The manipulation results in deserialization. The attack is only possible with local access. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 7.8)

cvss2

Base Score: 6.8

Complexity: LOW

AV:L/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.1

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

1.8

REFERENCES

CVE-2026-12190

SUMMARY

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 5.3)

cvss2

Base Score: 4.3

Complexity: LOW

AV:L/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 4.8

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.8

REFERENCES

CVE-2026-12189

SUMMARY

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzmate. Executing a manipulation can lead to improper authorization in handler for custom url scheme. The attack can only be executed locally. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 5.3)

cvss2

Base Score: 4.3

Complexity: LOW

AV:L/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 1.9

Complexity: LOW

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.8

REFERENCES

CVE-2026-12188

SUMMARY

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules/core/backend/app/controllers/concerns/grit/core/grit_entity_controller.rb of the component GritEntityController. Performing a manipulation results in sql injection. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 6.3)

cvss2

Base Score: 6.5

Complexity: LOW

AV:N/AC:L/Au:S/C:P/I:P/A:P

cvss3

Base Score: 6.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

2.8

REFERENCES

CVE-2026-12187

SUMMARY

A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 4.7 addresses this issue. Upgrading the affected component is advised. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Published

Date2026-06-14

Updated

Date2026-06-14

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…