What is the official website of Transport Canada - Transports Canada ?

The official website of Transport Canada - Transports Canada is http://www.tc.gc.ca.

What is Transport Canada - Transports Canada's cybersecurity risk score?

Transport Canada - Transports Canada has an AI-generated cybersecurity risk score of 718 out of 1000, indicating a Moderate security posture according to Rankiteo's assessment.

How many security incidents has Transport Canada - Transports Canada experienced?

According to Rankiteo, Transport Canada - Transports Canada currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Transport Canada - Transports Canada been affected by any supply chain cyber incidents ?

According to Rankiteo, Transport Canada - Transports Canada has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does Transport Canada - Transports Canada have SOC 2 Type 1 certification ?

According to Rankiteo, Transport Canada - Transports Canada is not certified under SOC 2 Type 1.

Does Transport Canada - Transports Canada have SOC 2 Type 2 certification ?

According to Rankiteo, Transport Canada - Transports Canada does not hold a SOC 2 Type 2 certification.

Does Transport Canada - Transports Canada comply with GDPR ?

According to Rankiteo, Transport Canada - Transports Canada is not listed as GDPR compliant.

Does Transport Canada - Transports Canada have PCI DSS certification ?

According to Rankiteo, Transport Canada - Transports Canada does not currently maintain PCI DSS compliance.

Does Transport Canada - Transports Canada comply with HIPAA ?

According to Rankiteo, Transport Canada - Transports Canada is not compliant with HIPAA regulations.

Does Transport Canada - Transports Canada have ISO 27001 certification ?

According to Rankiteo,Transport Canada - Transports Canada is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Transport Canada - Transports Canada operate in ?

Transport Canada - Transports Canada operates primarily in the Government Administration industry.

How many employees does Transport Canada - Transports Canada have ?

Transport Canada - Transports Canada employs approximately 5,614 people worldwide.

Does Transport Canada - Transports Canada own any subsidiaries ?

Transport Canada - Transports Canada presently has no subsidiaries across any sectors.

How many LinkedIn followers does Transport Canada - Transports Canada have ?

Transport Canada - Transports Canada's official LinkedIn profile has approximately 205,491 followers.

What is the NAICS classification code for Transport Canada - Transports Canada ?

Transport Canada - Transports Canada is classified under the NAICS code 92, which corresponds to Public Administration.

Does Transport Canada - Transports Canada have a Crunchbase profile ?

No, Transport Canada - Transports Canada does not have a profile on Crunchbase.

Does Transport Canada - Transports Canada have a LinkedIn profile ?

Yes, Transport Canada - Transports Canada maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/transport-canada.

How many cybersecurity incidents has Transport Canada - Transports Canada experienced ?

As of June 14, 2026, Rankiteo reports that Transport Canada - Transports Canada has experienced 1 cybersecurity incidents.

How many peer or competitor companies does Transport Canada - Transports Canada have ?

Transport Canada - Transports Canada has an estimated 12,888 peer or competitor companies worldwide.

What types of cybersecurity incidents has Transport Canada - Transports Canada faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

TCTC

Boost Score +25 with badge (5 left)

718

/1000

Moderate

743

/1000

Moderate

Transport Canada - Transports Canada Vendor Cyber Rating & Cyber Score

gc.ca

Add Your Compliance Badge

Our department has over 5000 full- and part-time employees working in several locations across the country. We are looking for people to help us achieve our goals in many new and exciting initiatives. Our values: professional excellence, teamwork, diversity and mutual respect. Join our team to: • do meaningful work that makes a real difference to Canadians • acquire new skills and knowledge • receive an attractive compensation package: o fair salary o medical, dental and pension benefits o paid vacation and other types of leave • access continuous learning and advancement opportunities: o internal courses o on-the-job training and mentoring o conferences and workshops

TCTC A.I CyberSecurity Scoring

Scoring History

TCTC

Transport Canada - Transports Canada CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

Transport Canada - ...

Breach

10/2025

TRA270222710182...

Loading…

A.I.

TCTC Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for TCTC

Incidents vs Government Administration Industry Avg (This Year)

No incidents recorded for Transport Canada - Transports Canada in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Transport Canada - Transports Canada in 2026.

Incident Types TCTC vs Government Administration Industry Avg (This Year)

No incidents recorded for Transport Canada - Transports Canada in 2026.

Incident History - TCTC (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Transport Canada - Transports Canada Subsidiaries

Parent Company

TCTC

Government Administration

Website: http://www.tc.gc.ca

Company Size: 5,001-10,000 employees

No subsidiary data available for this company.

Loading…

Transport Canada - Transports Canada Similar Companies

U.S. Census Bureau

census.gov

The Census Bureau serves as the nation’s leading provider of quality data about its people and economy. We have been headquartered in Suitland, Maryland since 1942, and currently employ about 4,285 staff members. We are part of the U.S. Department of Commerce and overseen by the Economics and Statistics Administration (ESA). We honor privacy, protect confidentiality, share our expertise globally, and conduct our work openly. We are guided on this mission by our strong and capable workforce, our readiness to innovate, and our abiding commitment to our customers. View our comment policy: https://www.census.gov/about/contact-us/comment-policy.html View our privacy policy: https://www.census.gov/about/policies/privacy/privacy-policy.html

UK Home Office

www.gov.uk

At the Home Office, we help to ensure that the country is safe and secure. We’ve been looking after UK citizens since 1782. We are responsible for: - working on the problems caused by illegal drug use - shaping the alcohol strategy, policy and licensing conditions - keeping the United Kingdom safe from the threat of terrorism - reducing and preventing crime, and ensuring people feel safe in their homes and communities - securing the UK border and controlling immigration - considering applications to enter and stay in the UK - issuing passports and visas - supporting visible, responsible and accountable policing by empowering the public and freeing up the police to fight crime - fire prevention and rescue These organisations are all part of the Home Office: - Border Force - HM Passport Office (HMPO) - Immigration Enforcement - UK Visas and Immigration (UKVI)

Københavns Kommune

kk.dk

Københavns Kommune er Danmarks største arbejdsplads med ca. 45.000 medarbejdere. Vi udvikler hovedstaden og servicerer over 500.000 københavnere. Vores mål er at fastholde og udvikle København som en af verdens bedste byer at bo i – og skabe øget vækst gennem viden, innovation og beskæftigelse. Find dit næste job her eller på www.kk.dk/job På vores karrieresite www.kk.dk/job kan du bl.a. se alle vores ledige stillinger og tilmelde dig vores jobagent. Her kan du også læse om vores medarbejdergoder.

State of Tennessee

tn.gov

State government is the largest employer in Tennessee, with approximately 43,500 employees in the three branches of government. The State of Tennessee has approximately 1,300 different job classifications in areas such as administrative, health services, historic preservation, legal, agriculture, counseling, and medical. If you are interested in becoming a data scientist, attorney, nurse, wildlife officer, physician, education consultant, trooper, computer programmer or an epidemiologist, explore all of the job opportunities the State of Tennessee has to offer. The State is looking to recruit, retain, and reward a talented workforce through the implementation of a merit-based pay system. Stop back often for news, updates and opportunities -- thanks for visiting!

Belastingdienst

belastingdienst.nl

De organisatie bestaat uit diverse onderdelen, waaronder de Belastingdienst, Douane, Toeslagen, FIOD en enkele facilitaire organisaties. Met ruim 30.000 medewerkers werken we in kantoren die verspreid zijn over het hele land. Gezamenlijk heffen, innen en controleren we belastingen. Daarnaast zorgen we ook voor het uitbetalen van toeslagen. En zijn we verantwoordelijk voor douanetaken en het opsporen van fraude. De Belastingdienst is een organisatie die 24 uur per dag, 7 dagen per week in dienst staat van de samenleving. Waar jaarlijks miljoenen aangiften worden behandeld, en waar voor honderden miljoenen aan toeslagen worden uitbetaald. En waar de Douane dagelijks zorgt voor de vlotte en veilige in- en uitvoer van tonnen goederen. Ondanks deze grote aantallen streven wij waar mogelijk naar individuele en persoonlijke dienstverlening. En in de vorm van bijvoorbeeld convenanten en partnerships werken wij ook zo goed mogelijk samen met het bedrijfsleven en andere ketenpartners. De Belastingdienst: grootschalig, veelzijdig en altijd maatschappelijk relevant.

IBGE

ibge.gov.br

The Brazilian Institute of Geography and Statistics or IBGE (Portuguese: Instituto Brasileiro de Geografia e Estatística), is the agency responsible for statistical, geographic, cartographic, geodetic and environmental information in Brazil. The IBGE performs a national census every ten years, and the questionnaires account for information such as age, household income, literacy, education, occupation and hygiene levels. IBGE is an institution of the Federal Government, constituted a public foundation by Decree Law No. 161 of February 13, 1967, and is bound to the Brazilian Department of Planning, Budget and Management. It has four directors and two other central organs. IBGE has a network of national research and dissemination components, comprising: 27 state units (26 in state capitals and one in the Federal District); 27 centres for documentation and dissemination of information (26 in the capital and one in the Federal District); 581 data collection agencies in major cities. The IBGE also maintains the Roncador Ecological Reserve, situated 35 km south of Brasília.

Land Niedersachsen

niedersachsen.de

Der Arbeitgeber Niedersachsen vereint über 2000 Dienststellen mit einem gemeinsamen Ziel: Wir gestalten das Leben in Niedersachsen verantwortungsvoll und zukunftsorientiert. Als der größte Arbeitgeber im Land Niedersachsen bieten wir sichere Arbeitsplätze, sinnstiftende Aufgaben und vielfältige Einsatzbereiche - von Verwaltung über Umwelt, Handwerk, Bildung oder IT bis hin zur Polizei. Wir suchen Menschen mit Engagement und dem Wunsch das Land Niedersachsen mitzugestalten. Ob Berufseinstieg, Quereinstieg oder Laufbahnentwicklung - bei uns findest du deine Perspektive. Vielfalt, Vereinbarkeit und Verlässlichkeit stehen bei uns an erster Stelle. Folge uns, um mehr über aktuelle Stellenangebote, Karrierewege und echte Einblicke in den niedersächsischen Landesdienst zu erfahren. Impressum: https://karriere.niedersachsen.de/impressum.html Datenschutz: https://karriere.niedersachsen.de/datenschutz.html

ISSSTE

www.com

INSTITUTO DE SEGURIDAD Y SERVICIOS SOCIALES DE LOS TRABAJADORES DEL ESTADO. ES UN ORGANISMOS PÚBLICO QUE OTORGA SERVICIOS DE SALUD, PENSIONES, VIVIENDA, PRÉSTAMOS, ESTANCIAS INFANTILES, TURISMO, CULTURA, RECREACION, DEPORTE; CUYOS AFILIADOS SON TRABAJADORES DE DEPENDENCIAS GUBERNAMENTALES, CON DERECHO A LA SEGURIDAD SOCIAL. Y CUYOS OBJETIVOS INSTITUCIONALES ADEMÁS DE CONTRIBUIR A LOGRAR LOS OBJETIVOS PROPUESTOS POR EL PLAN NACIONAL DE DESARROLLO 2007 – 2012, COADYUVARÁN A LOGRAR LA VISIÓN DE LA INSTITUCIÓN ESTABLECIDA PARA EL AÑO 2030 Y CONCRETAR LA MISIÓN QUE TIENE ESTABLECIDA. MISIÓN DEL ISSSTE CONTRIBUIR A SATISFACER NIVELES DE BIENESTAR INTEGRAL DE LOS TRABAJADORES AL SERVICIO DEL ESTADO, PENSIONADOS, JUBILADOS Y FAMILIARES DERECHOHABIENTES, CON EL OTORGAMIENTO EFICAZ Y EFICIENTE DE LOS SEGUROS, PRESTACIONES Y SERVICIOS, CON ATENCIÓN ESMERADA, RESPETO, CALIDAD Y CUMPLIENDO SIEMPRE CON LOS VALORES INSTITUCIONALES DE HONESTIDAD, LEGALIDAD Y TRANSPARENCIA. VISIÓN DEL ISSSTE POSICIONAR AL ISSSTE COMO LA INSTITUCIÓN QUE GARANTICE LA PROTECCIÓN INTEGRAL DE LOS TRABAJADORES DE LA ADMINISTRACIÓN PÚBLICA FEDERAL, PENSIONADOS, JUBILADOS Y SUS FAMILIAS DE ACUERDO AL NUEVO PERFIL DEMOGRÁFICO DE LA DERECHOHABIENCIA, CON EL OTORGAMIENTO DE SEGUROS, PRESTACIONES Y SERVICIOS DE CONFORMIDAD CON LA NORMATIVIDAD VIGENTE, BAJO CÓDIGOS NORMADOS DE CALIDAD Y CALIDEZ, CON SOLVENCIA FINANCIERA, QUE PERMITAN GENERAR VALORES Y PRÁCTICAS QUE FOMENTEN LA MEJORA SOSTENIDA DE BIENESTAR, CALIDAD DE VIDA Y EL DESARROLLO DEL CAPITAL HUMANO. PARA CONOCER MAS DE NUESTRO INSTITUTO FAVOR DE CONSULTAR LA PAGINA INSTITUCIONAL WWW2.ISSSTE.GOB.MX EN DONDE SEGURAMENTE ENCONTRARAN MATERIAL DE ORIENTACION AMENO Y EXPLICATIVO ADEMAS DE LA HISTORIA DE INSTITUTO, SUS ALCANCES Y LOGROS ASI COMO LOS PROGRAMAS CON QUE CUENTA ACTUALMENTE EL INSTITUTO.

Ministère de l'Éducation nationale

gouv.fr

Page officielle du ministère de l'Éducation nationale. Retrouvez toute l'information sur www.education.gouv.fr, twitter.com/education_gouv, facebook.com/education.gouv et dans nos lettres d'informations (bulletin hebdo et lettre education.gouv.fr). ------------------------------------------------------------- Le ministère de l'Éducation nationale est en charge de la préparation et de la mise en œuvre de la politique du Gouvernement concernant la jeunesse, au sein et en dehors du milieu scolaire, et l'accès de chacun aux savoirs et au développement de l'enseignement pré-élémentaire, élémentaire et secondaire. Ses compétences principales s’exercent dans : la définition des voies de formation, la fixation des programmes nationaux, l'organisation et le contenu des enseignements ; la définition et la délivrance des diplômes nationaux et la collation des grades et titres universitaires ; / le recrutement et la gestion des personnels qui dépendent de sa responsabilité ; / la répartition des moyens qu'il consacre à l'éducation, afin d'assurer en particulier l'égalité d'accès au service public ; le contrôle et l'évaluation des politiques éducatives, en vue d'assurer la cohérence d'ensemble du système éducatif. L'administration de l'Éducation nationale est présente dans chaque région et dans chaque département : ce sont les services déconcentrés du ministère de l'Éducation nationale. Son organisation s’articule autour de 17 régions académiques, 30 académies et 97 directions des services départementaux de l'Éducation nationale. Les domaines où s'exercent les métiers dans l'éducation nationale sont multiples : l'enseignement avec plus de 80% des effectifs, l'éducation et l'orientation mais aussi la santé et le social, l'administration, la comptabilité, la gestion et les finances, la technique, les systèmes d’information, la recherche et formation, les bibliothèques, l'encadrement (direction et inspection).

Loading…

NEWS

Transport Canada - Transports Canada CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

November 27, 2025 08:00 AM

CAFCYBERCOM participates in NATO’s Exercise CYBER COALITION 25

The Canadian Armed Forces Cyber Command (CAFCYBERCOM) will participate in the North Atlantic Treaty Organization's (NATO) Exercise CYBER...

Read Article

November 07, 2025 08:00 AM

Here's what each federal department plans to cut under Budget 2025

Tuesday's federal budget offers a glimpse into how dozens of government departments plan to rein in spending following this summer's...

Read Article

May 08, 2025 07:00 AM

Transportation of dangerous goods in Canada

The Transportation of Dangerous Goods (TDG) Program develops safety standards and regulations, provides risk-based oversight and gives expert advice on...

Read Article

November 12, 2024 08:00 AM

Transport Canada Training Guidance

After publishing Part 6 of the TDGR for comment, Transport Canada has taken a step back after major pushback from the industry.

Read Article

July 05, 2024 07:00 AM

Minister of Transport announces the elimination of Marine Atlantic Inc.'s cost-recovery policy

July 5, 2024 Ottawa, Ontario Transport Canada. The communities we're building should be places where Canadians and young families can put down roots and...

Read Article

September 21, 2023 01:27 PM

Cyber Attacks on Canadian Airports Have Disrupted Operations

Cyber attacks on Canadian airports attributed to a distributed denial of service (DDoS) attack, targeted CBSA for border security and immigration...

Read Article

January 24, 2023 08:00 AM

Autonomous vehicle laws in Canada: Provincial & territorial regulatory review

We highlight federal and provincial legislative and regulatory changes and how the increased use of higher levels of AV autonomy may impact...

Read Article

June 15, 2022 07:00 AM

Bill C-26: Introduction of New Mandatory Breach Reporting Requirements in Canada

A new cybersecurity bill that will require operators of critical cyber systems in Canada to establish cyber security programs and mandate the reporting of...

Read Article

April 06, 2022 08:25 PM

Early End-to-End Cybersecurity Testing Urged for Commercial/Business Aircraft

Civil aviation agencies in the U.S. and Europe are working on streamlining cybersecurity regulatory requirements that new aircraft systems must meet.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…