What is the official website of Cisco ThousandEyes ?

The official website of Cisco ThousandEyes is https://www.thousandeyes.com.

What is Cisco ThousandEyes's cybersecurity risk score?

Cisco ThousandEyes has an AI-generated cybersecurity risk score of 759 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Cisco ThousandEyes experienced?

According to Rankiteo, Cisco ThousandEyes currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Cisco ThousandEyes been affected by any supply chain cyber incidents ?

According to Rankiteo, Cisco ThousandEyes has been affected by multiple supply chain cyber incidents. The affected supply chain sources and their corresponding incident IDs are: Microsoft Security (Incident ID: PUTWEBANYMIC1779215753) GitHub (Incident ID: GIT1779251025) Prime Communications MX (Incident ID: PRICIS1776775110) Aqua Security (Incident ID: AQUUSEAMASALCIS1775046662) Legit Security (Incident ID: AQU1774441468) Tecplix Technologies Private Limited (Incident ID: BAD1772389516) Cisco (Incident ID: CISSAI1773859283) Cisco (Incident ID: CIS1766051696) SmarterTools (Incident ID: SHI1766477260) SolarWinds (Incident ID: SOLSONCIS1776457498) OpenClaw (Incident ID: TP-HIKFOXGOOREVARITHEOPECIS1770645410) Cisco (Incident ID: KET5232452102025) Cisco (Incident ID: CIS5802058092725) Cisco (Incident ID: SAL5732257091825) Cisco (Incident ID: US-1776976007) Fortinet (Incident ID: FORCISAMAJPM1767748297) Veeam Software (Incident ID: SON0492204092925) Veeam Software (Incident ID: VEESONCIS1775140482)

Does Cisco ThousandEyes have SOC 2 Type 1 certification ?

According to Rankiteo, Cisco ThousandEyes is not certified under SOC 2 Type 1.

Does Cisco ThousandEyes have SOC 2 Type 2 certification ?

According to Rankiteo, Cisco ThousandEyes does not hold a SOC 2 Type 2 certification.

Does Cisco ThousandEyes comply with GDPR ?

According to Rankiteo, Cisco ThousandEyes is not listed as GDPR compliant.

Does Cisco ThousandEyes have PCI DSS certification ?

According to Rankiteo, Cisco ThousandEyes does not currently maintain PCI DSS compliance.

Does Cisco ThousandEyes comply with HIPAA ?

According to Rankiteo, Cisco ThousandEyes is not compliant with HIPAA regulations.

Does Cisco ThousandEyes have ISO 27001 certification ?

According to Rankiteo,Cisco ThousandEyes is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Cisco ThousandEyes operate in ?

Cisco ThousandEyes operates primarily in the Software Development industry.

How many employees does Cisco ThousandEyes have ?

Cisco ThousandEyes employs approximately 991 people worldwide.

Does Cisco ThousandEyes own any subsidiaries ?

Cisco ThousandEyes presently has no subsidiaries across any sectors.

How many LinkedIn followers does Cisco ThousandEyes have ?

Cisco ThousandEyes's official LinkedIn profile has approximately 69,525 followers.

What is the NAICS classification code for Cisco ThousandEyes ?

Cisco ThousandEyes is classified under the NAICS code 5112, which corresponds to Software Publishers.

Does Cisco ThousandEyes have a Crunchbase profile ?

Yes, Cisco ThousandEyes has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/thousandeyes.

Does Cisco ThousandEyes have a LinkedIn profile ?

Yes, Cisco ThousandEyes maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/thousandeyes.

How many cybersecurity incidents has Cisco ThousandEyes experienced ?

As of June 6, 2026, Rankiteo reports that Cisco ThousandEyes has experienced 56 cybersecurity incidents.

How many peer or competitor companies does Cisco ThousandEyes have ?

Cisco ThousandEyes has an estimated 30,005 peer or competitor companies worldwide.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Cisco ThousandEyes

Boost Score +25 with badge (5 left)

759

/1000

Fair

784

/1000

Fair

Cisco ThousandEyes Vendor Cyber Rating & Cyber Score

thousandeyes.com

cb in

Add Your Compliance Badge

Cisco ThousandEyes empowers organizations to assure every digital experience across every network, everywhere, every time. With built-in AI and powerful ecosystem integrations, ThousandEyes enables IT teams to proactively detect, diagnose, and resolve issues before they impact end-user experiences. ThousandEyes is deeply integrated across Cisco's entire technology portfolio and beyond, enabling customers to deploy at scale while delivering assurance across Cisco's industry-leading Networking, Security, Collaboration, and Observability solutions.

Cisco ThousandEyes A.I CyberSecurity Scoring

Scoring History

Cisco ThousandEyes

Cisco ThousandEyes CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Cisco

Breach

6/2026

CISTHE178059144...

Cisco

Vulnerability

100

6/2026

CIS1780568638

Cisco

Vulnerability

100

5/2026

CIS1779359208

Webex

Cyber Attack

5/2026

Microsoft Secur...

PUTWEBANYMIC177...

Cisco

Breach

5/2026

GitHub

GIT1779251025

Cisco Meraki

Vulnerability

4/2026

Prime Communica...

PRICIS177677511...

Cisco

Vulnerability

4/2026

CIS1776327928

Cisco

Vulnerability

100

4/2026

CIS1775493782

Cisco

Vulnerability

100

4/2026

CIS1775111249

Cisco

Vulnerability

100

4/2026

Aqua Security

AQUUSEAMASALCIS...

Cisco Security

Vulnerability

100

3/2026

CIS1774506416

Cisco

Cyber Attack

100

3/2026

Legit Security

AQU1774441468

Cisco

Vulnerability

3/2026

CIS1773304317

Outshift by Cisco

Cyber Attack

3/2026

NYLJPMOUTOUT177...

Cisco

Cyber Attack

100

3/2026

Tecplix Technol...

BAD1772389516

Cisco

Vulnerability

100

3/2026

CIS1772699055

Cisco

Vulnerability

100

2/2026

CIS1772080050

Cisco

Vulnerability

2/2026

CIS1770280632

Cisco

Vulnerability

100

1/2026

Cisco

CISSAI177385928...

Cisco

Vulnerability

1/2026

CISSYN177430507...

Cisco

Vulnerability

100

1/2026

CIS1769059373

Cisco

Vulnerability

1/2026

CIS1767871927

Cisco

Vulnerability

1/2026

CIS1778171136

Cisco

Vulnerability

100

1/2026

CIS1775125662

Cisco

Vulnerability

100

12/2025

Cisco

CIS1766051696

Cisco

Breach

11/2025

SmarterTools

SHI1766477260

Cisco ThousandEyes

Ransomware

100

11/2025

CIS070210711112...

Cisco

Vulnerability

100

11/2025

SolarWinds

SOLSONCIS177645...

Cisco Security

Cyber Attack

11/2025

OpenClaw

TP-HIKFOXGOOREV...

Cisco

Ransomware

100

10/2025

Cisco

KET523245210202...

Cisco

Cyber Attack

100

9/2025

Cisco

CIS580205809272...

Cisco

Cyber Attack

100

9/2025

Cisco

SAL573225709182...

Cisco

Cyber Attack

100

9/2025

Cisco

US-1776976007

Cisco ThousandEyes

Vulnerability

100

8/2025

CIS069210609302...

Cisco ThousandEyes

Vulnerability

100

7/2025

CIS905072925

Cisco ThousandEyes

Cyber Attack

100

6/2025

CIS526205209262...

Cisco ThousandEyes

Vulnerability

100

5/2025

CIS751081525

Cisco

Breach

1/2025

CISVMWJUNCAN177...

Cisco

Vulnerability

100

12/2024

Fortinet

FORCISAMAJPM176...

Cisco ThousandEyes

Cyber Attack

100

6/2024

CIS203202009282...

Cisco

Ransomware

100

6/2024

Veeam Software

SON049220409292...

Cisco ThousandEyes

Vulnerability

100

4/2024

CIS000082424

Cisco

Ransomware

100

1/2024

CIS1774355311

Cisco ThousandEyes

Data Leak

11/2023

CIS1221121123

Cisco

Ransomware

100

3/2023

Veeam Software

VEESONCIS177514...

Cisco

Vulnerability

100

1/2023

CIS1772072640

Cisco ThousandEyes

Breach

100

9/2022

CIS193291022

Cisco ThousandEyes

Ransomware

08/2022

CIS0217922

Cisco ThousandEyes

Ransomware

100

5/2022

CIS280222811112...

Cisco ThousandEyes

Vulnerability

02/2022

CIS13829322

Cisco

Ransomware

100

7/2021

CIS1774362550

Cisco

Breach

1/2020

TICHARATTPRIMCD...

Cisco

Vulnerability

100

1/2020

BROMIC7-ENGICIS...

Cisco ThousandEyes

Breach

9/2018

CIS205918123

Cisco ThousandEyes

Vulnerability

100

6/2018

CIS929041225

Cisco ThousandEyes

Breach

8/2016

CIS747072825

Loading…

A.I.

Cisco ThousandEyes Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Cisco ThousandEyes

Incidents vs Software Development Industry Avg (This Year)

No incidents recorded for Cisco ThousandEyes in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Cisco ThousandEyes in 2026.

Incident Types Cisco ThousandEyes vs Software Development Industry Avg (This Year)

No incidents recorded for Cisco ThousandEyes in 2026.

Incident History - Cisco ThousandEyes (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Cisco ThousandEyes Subsidiaries

Cisco ThousandEyes

Software Development

Website: https://www.thousandeyes.com

Company Size: 991

CiscoSoftware Development

Cisco CapitalFinancial Services

Cisco Networking AcademyComputer Networking Products

WebexTelecommunications

Cisco MerakiSoftware Development

Duo SecurityComputer and Network Security

TIBCO Data FabricSoftware Development

TIBCO Data VisualizationSoftware Development

Techno Sapien PodcastEducation

JouleXSoftware Development

Ubiquisys - Now Part of CiscoTelecommunications

Banzai CloudSoftware Development

Connected FuturesIT Services and IT Consulting

Cisco for StartupsComputer and Network Security

Cisco Service ProviderIT Services and IT Consulting

Cisco Data Center and CloudIT Services and IT Consulting

Cisco UmbrellaInformation Technology & Services

Learn with CiscoIT Services and IT Consulting

Cisco CloudInformation Technology & Services

Cisco InsiderIT Services and IT Consulting

Cisco Enterprise NetworkingIT Services and IT Consulting

Cisco Small & Medium BusinessComputer Networking Products

Outshift by CiscoComputer Networking Products

Cisco PartnersIT Services and IT Consulting

Cisco CommunityIT Services and IT Consulting

Cisco SecurityIT Services and IT Consulting

Cisco Industrial IoTIT Services and IT Consulting

The Internet ReportTechnology, Information and Internet

Loading…

Cisco ThousandEyes Similar Companies

Rakuten

cb rakuten.com

Rakuten Group, Inc. (TSE: 4755) is a global technology leader in services that empower individuals, communities, businesses and society. Founded in Tokyo in 1997 as an online marketplace, Rakuten has expanded to offer services in e-commerce, fintech, digital content and communications to 2 billion members around the world. The Rakuten Group has more than 30,000 employees, and operations in 30 countries and regions. For more information visit https://global.rakuten.com/corp/.

TOTVS

cb totvs.com

Olá, somos a TOTVS! A maior empresa de tecnologia do Brasil. 🤓 Líder absoluta em sistemas e plataformas para empresas, a TOTVS possui mais de 70 mil clientes. Indo muito além do ERP, oferece tecnologia completa para digitalização dos negócios por meio de 3 unidades de negócio: - Gestão: ERPs, soluções cross e sistemas especializados visando garantir mais produtividade, eficiência e governança para os negócios; 💻 - Techfin: ERP Banking que oferece soluções de crédito B2B e pagamento, integrados a sistemas de gestão; 💸 - RD Station: Ferramentas digitais de marketing, vendas e relacionamento, para empresas de todos os portes e segmentos. 🚀 Nos últimos 5 anos, a companhia investiu R$3 bilhões em pesquisa e desenvolvimento para atender de maneira cada vez mais especializada empresas de 12 segmentos da economia, tornando-se um trusted advisor de seus clientes. A TOTVS é uma potência tecnológica que apoia a evolução de empresas de norte a sul do país. O Brasil, que faz, faz com TOTVS.

Alibaba.com

alibaba.com

The first business of Alibaba Group, Alibaba.com (www.alibaba.com) is the leading platform for global wholesale trade serving millions of buyers and suppliers around the world. Through Alibaba.com, small businesses can sell their products to companies in other countries. Sellers on Alibaba.com are typically manufacturers and distributors based in China and other manufacturing countries such as India, Pakistan, the United States and Thailand. Our Mission As part of the Alibaba Group, our mission is to make it easy to do business anywhere. We do this by giving suppliers the tools necessary to reach a global audience for their products, and by helping buyers find products and suppliers quickly and efficiently. One-Stop Sourcing Alibaba.com brings you hundreds of millions of products in over 40 different major categories, including consumer electronics, machinery and apparel. Buyers for these products are located in 190+ countries and regions, and exchange hundreds of thousands of messages with suppliers on the platform each day. Anytime, Anywhere As a platform, we continue to develop services to help businesses do more and discover new opportunities. Whether it’s sourcing from your mobile phone or contacting suppliers in their local language, turn to Alibaba.com for all your global business needs.

Wolters Kluwer

cb wolterskluwer.com

Wolters Kluwer (EURONEXT: WKL) is a global leader in information, software solutions, and services for professionals in healthcare; tax and accounting; financial and corporate compliance; legal and regulatory; corporate performance and ESG. We help our customers make critical decisions every day by providing expert solutions that combine deep domain knowledge with technology. Wolters Kluwer reported 2024 annual revenues of €5.9 billion. The group serves customers in over 180 countries, maintains operations in over 40 countries, and employs approximately 21,000 people worldwide. The company is headquartered in Alphen aan den Rijn, the Netherlands. Equal Opportunity Employer To ensure we continue to drive innovation that enables us to develop products and services to best serve our customers, we cultivate a workplace culture rooted in mutual respect, bringing forward insights from a wide range of backgrounds, perspectives, and experiences. We are also committed to complying with laws requiring equal opportunity in hiring, promotion, and other employment decisions. All qualified applicants will receive consideration without regard to race, color, religion, sex (including pregnancy, gender identity, transgender status, and sexual orientation), national origin, disability, age, genetic information, veteran status, or any other characteristic protected by applicable law, and we do not tolerate discrimination on any of these bases. Beware of Recruitment Fraud! 🔒 Scammers may pose as Wolters Kluwer, offering fake job opportunities and requesting personal info or payments. Protect yourself: - Apply only via our secure Workday hub on our Careers page. - Our recruiters never ask for banking info or payments. - We don't use public email accounts (e.g., Hotmail, Yahoo, Gmail). Report suspected fraud: [email protected]. If you've made a payment, contact local authorities. Read more here - https://careers.wolterskluwer.com/en/recruitment-fraud-alert

Meituan

meituan.com

Adhering to the ‘Retail + Technology’ strategy, Meituan commits to its mission that 'We help people eat better, live better'. Since its establishment in March 2010, Meituan has advanced the digital upgrading of services and goods retail on both supply and demand sides. Together with our partners we provide quality services for consumers. On 20 September, 2018, Meituan was listed on the Main Board of the Stock Exchange of Hong Kong. Meituan has always put customers first, and continuously increased its R&D investment in new technologies. Meituan will join hands with all partners to fulfill our social responsibility and create more values for the society.

[24]7.ai

cb 247.ai

[24]7.ai™ customer engagement solutions use conversational artificial intelligence to understand customer intent, enabling companies to create personalized, predictive, and effortless customer experiences across all channels; attract and retain customers; boost agent productivity and satisfaction; and drive revenues while lowering costs. The world’s largest and most recognizable brands use [24]7.ai intent-driven technologies to serve several hundred million visitors through billions of conversations annually, most of which are automated. The result is an order of magnitude improvement in digital adoption, customer satisfaction, and revenue growth. For more information, visit: www.247.ai. [24]7.ai is based in Campbell, California. [24]7.ai is a registered trademark of 24/7 Customer, Inc.

HubSpot

hubspot.com

HubSpot is a leading CRM platform that provides software and support to help businesses grow better. Our platform includes marketing, sales, service, and website management products that start free and scale to meet our customers’ needs at any stage of growth. Today, thousands of customers around the world use our powerful and easy-to-use tools and integrations to attract, engage, and delight customers. HubSpot's award-winning culture has been recognized by Glassdoor, Great Place to Work, Comparably, Fortune, Entrepreneur, Inc., and more. We build connections, careers, and employee growth by creating a workplace that values flexibility, autonomy, and transparency. You can learn more about our commitment to creating an inclusive and diverse workplace in the HubSpot Culture Code. HubSpot is a hybrid company with employees working fully remotely, from an office, or a mix of the two. We are headquartered in Cambridge, MA with offices in Amsterdam, Berlin, Bogota, Dublin, Ghent, London, Madrid, Paris, San Francisco, Singapore, Sydney, Tokyo and Toronto. To learn more about HubSpot, visit www.hubspot.com and to join our team, visit www.hubspot.com/careers

IDEMIA

cb idemia.com

IDEMIA Secure Transactions (IST) is a leading provider of payment, connectivity, and cybersecurity solutions, serving billions of people worldwide. With decades of expertise in cryptography and credential issuance, IST is trusted by over 2000 financial institutions, mobile operators, automotive manufacturers, and IoT providers worldwide. IST is a division of IDEMIA Group. IDEMIA Public Security, another division of IDEMIA Group, is the premium provider of convenient and trusted biometric-based solutions, transforming public and private organizations across the globe. Follow them here: https://www.linkedin.com/company/idemia-public-security/

Instagram

instagram.com

More than one billion people around the world use Instagram, and we’re proud to be bringing them closer to the people and things they love. Instagram inspires people to see the world differently, discover new interests, and express themselves. Since launching in 2010, our community has grown at a rapid pace. Our teams are growing fast, too, and we’re looking for talent across engineering, product management, design, research, analytics, technical program management, operations, and more. In addition to our headquarters in Menlo Park, we have thriving offices in New York City and San Francisco where teams are doing impactful work every day.

Loading…

NEWS

Cisco ThousandEyes CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 09, 2026 08:00 AM

Integrating With Cisco XDR at Black Hat Europe

Cisco XDR's open platform powered the Black Hat Europe NOC. Explore our integrations with Corelight, Palo Alto Networks, and Splunk for...

Read Article

February 09, 2026 08:00 AM

Black Hat Europe 2025: A Decade of Cisco Security Cloud Innovation

Cisco marks a decade as the official security cloud provider for Black Hat Europe. See how we integrated XDR, Splunk, and ThousandEyes to...

Read Article

February 04, 2026 08:00 AM

Behind a dazzling Super Bowl fan experience, Cisco innovation

In a Levi's® Stadium walkthrough, Cisco highlights the technology that connects and secures the NFL.

Read Article

December 10, 2025 08:00 AM

Assurance for government digital services on AWS GovCloud with Cisco ThousandEyes for Government

by Jose Alvarez and Jillian Murphy on 10 DEC 2025 in AWS GovCloud (US), AWS Marketplace, Government, Networking & Content Delivery, Partner solutions,...

Read Article

October 20, 2025 07:00 AM

Amazon Web Services outage shows internet users ‘at mercy’ of too few providers, experts say

Crash that hit apps and websites around world demonstrates 'urgent need for diversification in cloud computing'

Read Article

October 09, 2025 07:00 AM

Cyber Leaders Exchange 2025: Cisco ThousandEyes’ Jason Warfield on why continuous monitoring has become nonnegotiable

As cyberattacks ramp up and challenge the continuity of government operations, federal agencies are shifting their cybersecurity strategies...

Read Article

October 06, 2025 07:00 AM

Racing Against Threats: How Cisco Security Powers McLaren’s F1 Prowess

Discover how Cisco helps McLaren protect data and stay fast with world-class cybersecurity across every track and continent.

Read Article

September 18, 2025 07:00 AM

Unleashing the Power of AI: A Transformational Opportunity for SMBs with Cisco

Discover how AI transformation for SMBs with Cisco can automate tasks and enhance decision-making for your business.

Read Article

September 03, 2025 07:00 AM

Splunk Innovation at Black Hat USA

To make our threat hunters' lives richer with more context from ours and our partners' tools, we brought in Splunk Enterprise Security Cloud...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-7654

SUMMARY

The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of `unserialize()` without an `allowed_classes` restriction in the `IdsToCollection::get_ids_from_string()` function, which processes attacker-controlled post meta values without proper validation. This makes it possible for authenticated attackers with Contributor-level access and above to inject a serialized PHP object into a post's custom meta field and trigger arbitrary code execution by exploiting a bundled POP gadget chain, resulting in remote code execution as the web server user.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-7523

SUMMARY

The Alba Board plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.1.3. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to access arbitrary private alba_card post data, including title, description, assignee, due date, tags, and comments, that is intended to be restricted to Administrators and Editors. The handler is registered via the wp_ajax_nopriv_ hook and its nonce is exposed to all site visitors through wp_localize_script on pages containing the [alba_board] shortcode, making this exploitable by unauthenticated users who can access any such page.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: 4.3)

cvss3

Base Score: 4.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Impact Score

1.4

Exploitability

2.8

REFERENCES

CVE-2026-45409

SUMMARY

Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility Processing. In versions prior to 3.15, payloads such as `"\u0660" * N` or `"\u30fb" * N + "\u6f22"` utilize the `valid_contexto` function prior to length rejection, and for high values of `N` will take a long time to process. This is the same issue as CVE-2024-3651, however the original remediation in 2024 was not a complete fix. A specially crafted argument to the `idna.encode()` function could consume significant resources. This may lead to a denial-of-service. Starting in version 3.14, the function rejects long inputs as soon as practicable prior to any further processing to minimize resource consumption. In version 3.15, this approach was extended to lesser used alternate functions (i.e. per-label conversions and codec support). A workaround is available. Domain names cannot exceed 253 characters in length. If this length limit is enforced prior to passing the domain to the `idna.encode()` function, it should no longer consume significant resources. This is triggered by arbitrarily large inputs that would not occur in normal usage, but may be passed to the library assuming there is no preliminary input validation by the higher-level application.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 6.9

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://github.com/kjd/idna/security/advisories/GHSA-65pc-fj4g-8rjx

CVE-2026-11431

SUMMARY

A path traversal vulnerability exists in the Projects Service download endpoint shared by Altium Enterprise Server and Altium 365. An authenticated user can supply a crafted path parameter that bypasses validation, allowing arbitrary files (including entire directories returned as archives) to be read from the server filesystem. Because the readable files include service configuration and credential material, exploitation can be used to gather information enabling further compromise. The issue can be combined with CVE-2026-11424 to reach the cloud-side endpoint. On multi-tenant Altium 365 deployments, the readable configuration could have exposed credentials shared across services. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 8.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://www.altium.com/platform/security-compliance/security-advisories

CVE-2026-11429

SUMMARY

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to move arbitrary files outside the intended repository area. This file-move primitive can be used to place attacker-controlled script content into directories where it is later executed by the service, resulting in remote code execution under the Git Service account. On multi-tenant Altium 365 deployments, this could have allowed access to data belonging to other tenants on the same infrastructure node. Altium Enterprise Server is fixed in 8.1.1; the issue has been remediated in Altium 365 at the service level.

Published

Date2026-06-05

Updated

Date2026-06-05

RISK INFORMATION (Score: )

cvss4

Base Score: 9.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

https://www.altium.com/platform/security-compliance/security-advisories

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…