What is the official website of U.S. Embassy Riga ?

The official website of U.S. Embassy Riga is https://lv.usembassy.gov/.

What is U.S. Embassy Riga's cybersecurity risk score?

U.S. Embassy Riga has an AI-generated cybersecurity risk score of 758 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has U.S. Embassy Riga experienced?

According to Rankiteo, U.S. Embassy Riga currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has U.S. Embassy Riga been affected by any supply chain cyber incidents ?

According to Rankiteo, U.S. Embassy Riga has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does U.S. Embassy Riga have SOC 2 Type 1 certification ?

According to Rankiteo, U.S. Embassy Riga is not certified under SOC 2 Type 1.

Does U.S. Embassy Riga have SOC 2 Type 2 certification ?

According to Rankiteo, U.S. Embassy Riga does not hold a SOC 2 Type 2 certification.

Does U.S. Embassy Riga comply with GDPR ?

According to Rankiteo, U.S. Embassy Riga is not listed as GDPR compliant.

Does U.S. Embassy Riga have PCI DSS certification ?

According to Rankiteo, U.S. Embassy Riga does not currently maintain PCI DSS compliance.

Does U.S. Embassy Riga comply with HIPAA ?

According to Rankiteo, U.S. Embassy Riga is not compliant with HIPAA regulations.

Does U.S. Embassy Riga have ISO 27001 certification ?

According to Rankiteo,U.S. Embassy Riga is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does U.S. Embassy Riga operate in ?

U.S. Embassy Riga operates primarily in the Government Administration industry.

How many employees does U.S. Embassy Riga have ?

U.S. Embassy Riga employs approximately 9 people worldwide.

Does U.S. Embassy Riga own any subsidiaries ?

U.S. Embassy Riga presently has no subsidiaries across any sectors.

How many LinkedIn followers does U.S. Embassy Riga have ?

U.S. Embassy Riga's official LinkedIn profile has approximately 584 followers.

What is the NAICS classification code for U.S. Embassy Riga ?

U.S. Embassy Riga is classified under the NAICS code 92, which corresponds to Public Administration.

Does U.S. Embassy Riga have a Crunchbase profile ?

No, U.S. Embassy Riga does not have a profile on Crunchbase.

Does U.S. Embassy Riga have a LinkedIn profile ?

Yes, U.S. Embassy Riga maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/u-s-embassy-riga.

How many cybersecurity incidents has U.S. Embassy Riga experienced ?

As of June 23, 2026, Rankiteo reports that U.S. Embassy Riga has experienced 1 cybersecurity incidents.

How many peer or competitor companies does U.S. Embassy Riga have ?

U.S. Embassy Riga has an estimated 12,923 peer or competitor companies worldwide.

What types of cybersecurity incidents has U.S. Embassy Riga faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

UER

Boost Score +25 with badge (5 left)

758

/1000

Fair

783

/1000

Fair

U.S. Embassy Riga Vendor Cyber Rating & Cyber Score

usembassy.gov

Add Your Compliance Badge

Official LinkedIn page of the the U.S. Embassy in Riga, Latvia. Terms and conditions: state.gov/tou.

UER A.I CyberSecurity Scoring

Scoring History

UER

U.S. Embassy Riga CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

U.S. Embassy Riga

Vulnerability

100

7/2024

DOS704071524

Loading…

A.I.

UER Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for UER

Incidents vs Government Administration Industry Avg (This Year)

No incidents recorded for U.S. Embassy Riga in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for U.S. Embassy Riga in 2026.

Incident Types UER vs Government Administration Industry Avg (This Year)

No incidents recorded for U.S. Embassy Riga in 2026.

Incident History - UER (X = Date, Y = Severity)

Loading…

SUBSIDIARY

U.S. Embassy Riga Subsidiaries

UER

Government Administration

Website: https://lv.usembassy.gov/

Company Size: 9

U.S. Department of StateInternational Affairs

U.S. Embassy and Consulates in BrazilGovernment Administration

Diplomatic Security ServiceLaw Enforcement

U.S. Mission to NATOGovernment Administration

U.S. Embassy Islamabad, PakistanExecutive Offices

U.S. Embassy ManaguaGovernment Relations Services

U.S. Embassy in San SalvadorGovernment Administration

U.S. Embassy ZambiaInternational Affairs

U.S. Department of State, Bureau of Overseas Buildings OperationsInternational Affairs

U.S. Embassy Amman, JordanGovernment Relations Services

#ExchangeAlumni - Alumni Affairs - State Dept.International Affairs

Office of the Under Secretary of State for Economic Affairs (E)International Affairs

U.S. Department of State - Bureau of Energy ResourcesGovernment Administration

U.S. Department of State – Bureau of Economic and Business AffairsGovernment Administration

The Office of Commercial and Business AffairsGovernment Administration

U.S. Consulate General BarcelonaGovernment Administration

U.S. Mission to the UAEGovernment Administration

Bureau of Educational and Cultural Affairs (ECA) of the U.S. Department of StateGovernment Administration

U.S. Mission to ASEANGovernment Administration

U.S. Embassy MadridGovernment Administration

U.S. Consulate General Hamilton, BermudaGovernment Administration

U.S. Embassy JakartaGovernment Administration

U.S. Embassy Bogotá, ColombiaGovernment Relations

Embajada de los Estados Unidos en ArgentinaGovernment Relations

Office of the Under Secretary of State for Economic Growth, Energy, and the Environment (E)International Affairs

The Fulbright ProgramInternational Affairs

U.S. Embassy South AfricaGovernment Relations Services

U.S. Embassy PanamaGovernment Administration

U.S. Embassy in AustraliaInternational Affairs

DT - Diplomatic Technology at StateInternational Affairs

U.S. Consulate General MumbaiGovernment Administration

U.S. Embassy in the PhilippinesGovernment Administration

U.S. Embassy Montevideo, UruguayGovernment Administration

Embassy of the United States of America, LondonGovernment Relations

U.S. Embassy TunisGovernment Administration

International Visitor Leadership Program (IVLP)Government Administration

U.S. Embassy Dar es SalaamGovernment Relations Services

US Embassy Bucharest, RomaniaGovernment Administration

Under Secretary for Foreign Assistance, Humanitarian Affairs, and Religious FreedomGovernment Administration

U.S. Embassy to Bosnia and HerzegovinaGovernment Administration

U.S. Embassy Vilnius, LithuaniaGovernment Relations Services

US Embassy ParisGovernment Administration

Bureau of Cyberspace and Digital PolicyInternational Affairs

U.S. Embassy in MexicoGovernment Administration

U.S. Embassy in the Dominican RepublicGovernment Administration

U.S. Department of State - Bureau of Medical ServicesInternational Affairs

US Embassy The HagueGovernment Administration

Virtual Student Federal Service (VSFS)Government Administration

U.S. Embassy Santiago, ChileGovernment Relations Services

U.S. Embassy ViennaInternational Affairs

American-Austrian Entrepreneurship NetworkInternational Affairs

U.S. Mission to the European UnionGovernment Administration

US Embassy LisbonGovernment Relations Services

United States Embassy Ottawa and Consulates in CanadaGovernment Administration

U.S. Consulate General MontréalGovernment Administration

U.S. Embassy OsloGovernment Administration

U.S. Embassy in BelgiumGovernment Administration

US-BotschaftGovernment Administration

U.S. Mission to the UN Agencies for Food and Agriculture in RomeGovernment Administration

Bureau of Oceans and International Environmental and Scientific AffairsGovernment Administration

U.S. Consulate General FrankfurtGovernment Administration

U.S. Embassy SwedenGovernment Relations Services

U.S. Embassy LuxembourgInternational Affairs

U.S. Consulate General MilanGovernment Administration

U.S. Embassy in the Kingdom of DenmarkGovernment Relations Services

U.S. Embassy Belgrade, SerbiaGovernment Relations Services

U.S. Department of State - Bureau of International Security and NonproliferationGovernment Administration

U.S. Mission to International Organizations in ViennaGovernment Administration

U.S. Department of State - Careers for Individuals with DisabilitiesInternational Affairs

Office of the Special Envoy for Critical and Emerging TechnologyGovernment Administration

U.S. Embassy in FinlandInternational Affairs

U.S. Mission to the OECDGovernment Administration

U.S. Embassy LomeGovernment Administration

U.S. Embassy in BulgariaGovernment Administration

U.S. Consulate General - StrasbourgGovernment Administration

U.S. Consulate General HamburgGovernment Administration

U.S. Mission ThailandGovernment Administration

Department of State - Office of the Science & Technology AdviserGovernment Administration

U.S. Department of State - Under Secretary for Civilian Security, Democracy, and Human RightsGovernment Administration

U.S. Mission, GenevaGovernment Administration

The Secretary's Office of Diversity and InclusionGovernment Administration

U.S. Consulate General DuesseldorfGovernment Administration

U.S. Embassy YerevanGovernment Administration

GCLO Global Employment InitiativeGovernment Administration

U.S. Embassy TegucigalpaGovernment Administration

U.S. Embassy Gaborone, BotswanaGovernment Administration

U.S. Department of State Industry LiaisonGovernment Administration

U.S. Embassy JerusalemGovernment Administration

U.S. Embassy WarsawGovernment Administration

World Expo USA PavilionEvents Services

Loading…

U.S. Embassy Riga Similar Companies

U.S. Census Bureau

census.gov

The Census Bureau serves as the nation’s leading provider of quality data about its people and economy. We have been headquartered in Suitland, Maryland since 1942, and currently employ about 4,285 staff members. We are part of the U.S. Department of Commerce and overseen by the Economics and Statistics Administration (ESA). We honor privacy, protect confidentiality, share our expertise globally, and conduct our work openly. We are guided on this mission by our strong and capable workforce, our readiness to innovate, and our abiding commitment to our customers. View our comment policy: https://www.census.gov/about/contact-us/comment-policy.html View our privacy policy: https://www.census.gov/about/policies/privacy/privacy-policy.html

CONICET

conicet.gov.ar

El Consejo Nacional de Investigaciones Científicas y Técnicas (CONICET) es el principal organismo dedicado a la promoción de la ciencia y la tecnología en la Argentina. Su actividad se desarrolla en cuatro grandes áreas: • Ciencias agrarias, ingeniería y de materiales • Ciencias biológicas y de la salud • Ciencias exactas y naturales • Ciencias sociales y humanidades En el CONICET, además promovemos y gestionamos la transferencia de tecnologías, servicios y capacidades de Investigación y Desarrollo (I+D) que genera su comunidad científica hacia los sectores socioproductivos, Pymes, Gobiernos, organismos públicos y la sociedad civil. En ese sentido: • Conectamos recursos humanos altamente especializados con empresarios/as para generar oportunidades conjuntas. • Impulsamos la participación con cámaras y asociaciones empresarias, parques tecnológicos e industriales, organismos del Estado, ONG, organizaciones civiles, y redes nacionales e internacionales de vinculación tecnológica. • Facilitamos la transferencia al sector productivo mediante procesos de escalado, pruebas de concepto, entre otros. • Promovemos la creación de Empresas de Base Tecnológica. El CONICET es un ente autárquico del Estado Nacional en jurisdicción del Ministerio de Ciencia, Tecnología e Innovación.

ISSSTE

www.com

INSTITUTO DE SEGURIDAD Y SERVICIOS SOCIALES DE LOS TRABAJADORES DEL ESTADO. ES UN ORGANISMOS PÚBLICO QUE OTORGA SERVICIOS DE SALUD, PENSIONES, VIVIENDA, PRÉSTAMOS, ESTANCIAS INFANTILES, TURISMO, CULTURA, RECREACION, DEPORTE; CUYOS AFILIADOS SON TRABAJADORES DE DEPENDENCIAS GUBERNAMENTALES, CON DERECHO A LA SEGURIDAD SOCIAL. Y CUYOS OBJETIVOS INSTITUCIONALES ADEMÁS DE CONTRIBUIR A LOGRAR LOS OBJETIVOS PROPUESTOS POR EL PLAN NACIONAL DE DESARROLLO 2007 – 2012, COADYUVARÁN A LOGRAR LA VISIÓN DE LA INSTITUCIÓN ESTABLECIDA PARA EL AÑO 2030 Y CONCRETAR LA MISIÓN QUE TIENE ESTABLECIDA. MISIÓN DEL ISSSTE CONTRIBUIR A SATISFACER NIVELES DE BIENESTAR INTEGRAL DE LOS TRABAJADORES AL SERVICIO DEL ESTADO, PENSIONADOS, JUBILADOS Y FAMILIARES DERECHOHABIENTES, CON EL OTORGAMIENTO EFICAZ Y EFICIENTE DE LOS SEGUROS, PRESTACIONES Y SERVICIOS, CON ATENCIÓN ESMERADA, RESPETO, CALIDAD Y CUMPLIENDO SIEMPRE CON LOS VALORES INSTITUCIONALES DE HONESTIDAD, LEGALIDAD Y TRANSPARENCIA. VISIÓN DEL ISSSTE POSICIONAR AL ISSSTE COMO LA INSTITUCIÓN QUE GARANTICE LA PROTECCIÓN INTEGRAL DE LOS TRABAJADORES DE LA ADMINISTRACIÓN PÚBLICA FEDERAL, PENSIONADOS, JUBILADOS Y SUS FAMILIAS DE ACUERDO AL NUEVO PERFIL DEMOGRÁFICO DE LA DERECHOHABIENCIA, CON EL OTORGAMIENTO DE SEGUROS, PRESTACIONES Y SERVICIOS DE CONFORMIDAD CON LA NORMATIVIDAD VIGENTE, BAJO CÓDIGOS NORMADOS DE CALIDAD Y CALIDEZ, CON SOLVENCIA FINANCIERA, QUE PERMITAN GENERAR VALORES Y PRÁCTICAS QUE FOMENTEN LA MEJORA SOSTENIDA DE BIENESTAR, CALIDAD DE VIDA Y EL DESARROLLO DEL CAPITAL HUMANO. PARA CONOCER MAS DE NUESTRO INSTITUTO FAVOR DE CONSULTAR LA PAGINA INSTITUCIONAL WWW2.ISSSTE.GOB.MX EN DONDE SEGURAMENTE ENCONTRARAN MATERIAL DE ORIENTACION AMENO Y EXPLICATIVO ADEMAS DE LA HISTORIA DE INSTITUTO, SUS ALCANCES Y LOGROS ASI COMO LOS PROGRAMAS CON QUE CUENTA ACTUALMENTE EL INSTITUTO.

Etat de Vaud

vd.ch

Le canton de Vaud, c’est plus de 800 000 personnes vivant dans plus de 300 communes ! Rejoindre l’Administration cantonale vaudoise, c’est s’engager aux côtés de près de 40’000 personnes unies dans un même but : servir la population. Pourquoi nous suivre ? Dédiez votre quart d’heure vaudois aux opportunités de carrière et à l’info du canton ! Retrouvez les actualités vaudoises, les décisions du Grand Conseil et du Conseil d’Etat qui orientent les politiques publiques, les infos pratiques et les chiffres clés. Découvrez aussi des portraits des collaboratrices et collaborateurs au cœur de l’action et des offres d’emploi variées. Pourquoi nous rejoindre ? Nous rejoindre, c’est s’engager auprès d’un employeur fiable, éthique, équitable et tourné vers la durabilité. Parce que les envies, les attentes et les besoins évoluent tout au long d’une carrière, nous proposons des formations, des opportunités de développement de carrière ainsi qu’un équilibre entre vie privée et vie professionnelle. Vous aussi contribuez à l’actualité et à l’avenir du canton ! Retrouvez toutes nos offres d’emploi sur www.vd.ch/offres-demploi

INSS

inss.gov.br

O Instituto Nacional do Seguro Social (INSS) é uma autarquia do Governo Federal do Brasil que recebe as contribuições para a manutenção do Regime Geral da Previdência Social, sendo responsável pelo pagamento da aposentadoria, pensão por morte, auxílio-doença, auxílio-acidente, entre outros benefícios previstos em lei. O INSS trabalha junto com a Dataprev, empresa de tecnologia que faz o processamento de todos os dados da Previdência. Está vinculado ao Ministério da Previdência Social.

U.S. Department of Education

ed.gov

Our mission is to promote student achievement and preparation for global competitiveness by fostering educational excellence and ensuring equal access. ED is dedicated to: • Establishing policies on federal financial aid for education, and distributing as well as monitoring those funds. • Collecting data on America's schools and disseminating research. • Focusing national attention on key educational issues. • Prohibiting discrimination and ensuring equal access to education.

State of Florida

myflorida.com

Join Florida’s talented workforce to fulfill your professional goals and achieve a meaningful career. Our talented public servants work hard to serve more than 19 million residents across Florida, and you, too, can realize success in the Sunshine State. Working in Florida’s state government means being responsive to the issues impacting the taxpayers of our state. Florida’s state government boasts both fast-paced work environments in which critical thinking and creative problem-solving are a must as well as steady employment opportunities that prize consistent service to our state’s residents. In some positions, state employment means being able to influence policy decisions and help implement change. In others, state employment means being the reliable resource that our taxpayers have come to expect from Florida’s public servants. All positions offer the ability to gain valuable experience quickly, improving your overall skillset. The State of Florida is seeking individuals with leadership skills, creativity and dedication to their fellow Floridians and individuals who recognize the professional development opportunities and achievements possible through state service. Florida boasts the third largest population in the country and is richly diverse in both population and landscape. With an award-winning park system, warm weather and beautiful bodies of water, Florida is the perfect environment for recreational activities and outdoor enthusiasts. Our favorable tax climate means your income goes further and our business-friendly policies foster private sector growth. Joining Florida’s talented, diverse workforce provides the opportunity to achieve your professional goals while living in a state that values quality of life, culture and recreation. For employment opportunities with the State of Florida, visit https://jobs.myflorida.com.

The Singapore Public Service

careers.gov.sg

The Singapore Public Service works with the elected Government and Singaporeans to forge a common vision of Singapore’s future and bring it into reality. We take pride in living out our values of integrity, service and excellence. Follow us for stories on how our public officers are contributing to Public Sector Transformation by: · Innovating to deliver even better policies and services for Singaporeans and Singapore · Planning ahead for future challenges · Building a flourishing public service workforce and resilient, future-ready organisations. Gain insights on how our officers are: · Making an impact and realising their aspirations through access to a diverse range of exciting roles · Growing and learning in their jobs every day through the purposeful work they do and the diverse development opportunities across the public service · Balancing their work-life priorities through flexible work arrangements and employee wellness programmes. Shape Singapore’s future and yours with us. Join us to make a difference today for tomorrow.

Queensland Government

qld.gov.au

ABOUT US We are the largest and most diverse organisation in our state. We have more than 90 government departments and organisations delivering for Queensland across 4000+ locations, from the Torres Strait to the Gold Coast; Mount Isa to Brisbane. This page is monitored by Queensland Government employees from 8am to 5pm, Monday to Friday. HOUSE RULES — all users must comply with LinkedIn policies and terms of use — please do not post content or comments that could be considered • abusive or obscene, name calling, harassment or personal attacks • defamatory towards a person or people • prejudicial, inflammatory or offensive • deceptive, misleading or false information about an individual, organisation, government or entity • personal or sensitive information about yourself or others • in violation of any intellectual property rights, or any other law or regulation • promotion of a product, business, company or organisation • off-topic or spam, including the same comment posted repeatedly. Any content or comments deemed to fit under these definitions will be deleted. Users found to repeatedly post these types of comments will be banned from this page. You should report any offensive material presented on LinkedIn. Complaints about defamatory digital matter or anything you consider to be offensive should be made to the attention of the Public Sector Commission via our website www.psc.qld.gov.au/contact/customer-compliments-and-complaints. A complaint about defamatory digital matter should contain your name, the matter and where it is located, and that you consider the matter to be defamatory. CURRENT CONDITIONS © The State of Queensland (Public Sector Commission) 2026 Subject to LinkedIn’s Statement of Rights and Responsibilities, all content released on this page is licensed under a Creative Commons Attribution (BY) 2.5 Australia Licence. Permissions may be available beyond the scope of this licence.

Loading…

NEWS

U.S. Embassy Riga CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

March 08, 2026 08:00 AM

Oslo US Embassy blast prompts police probe and heightened security

A blast near the US Embassy in Oslo caused minor damage with no injuries, as authorities investigate potential perpetrators and increase...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-54236

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, the fix for CVE-2026-22778, which introduced a sanitize_message helper that strips object-repr memory addresses from error messages before they reach the client, is incomplete: several response paths echo str(exc) directly to clients without calling sanitize_message. The unsanitized sites include the Anthropic API router in vllm/entrypoints/anthropic/api_router.py (the POST /v1/messages and POST /v1/messages/count_tokens handlers), the Server-Sent Events streaming converter in vllm/entrypoints/anthropic/serving.py, and the realtime speech-to-text WebSocket in vllm/entrypoints/speech_to_text/realtime/connection.py. These paths catch the exception inside the route coroutine and construct the JSONResponse themselves, bypassing the sanitizing global FastAPI exception handler, and WebSocket frames do not traverse that handler chain at all. Using the same primitive as the parent issue, an unauthenticated attacker can send malformed image bytes through the Anthropic Messages API image content parts so that PIL.Image.open raises an UnidentifiedImageError whose message contains the BytesIO object repr, leaking the heap memory address verbatim in the error.message field of the response body. This vulnerability is fixed in 0.23.1rc0.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: 5.3)

cvss3

Base Score: 5.3

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Impact Score

1.4

Exploitability

3.9

REFERENCES

CVE-2026-54235

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, ll temperature validation gates use comparison operators (<, >), which silently evaluate to False for NaN and for positive Infinity in Python's IEEE 754 float semantics. Both values pass every guard and propagate to GPU sampling kernels, where they produce undefined behavior or CUDA errors that can crash the inference worker. This vulnerability is fixed in 0.23.1rc0.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: )

cvss4

Base Score: 6.9

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

CVE-2026-54233

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.23.1rc0, vLLM's /v1/audio/transcriptions endpoint limits compressed upload size but not decoded PCM output. A 25MB OPUS file expands to ~14.9GB of float32 PCM at decode time. This vulnerability is fixed in 0.23.1rc0.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: 6.5)

cvss3

Base Score: 6.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score

3.6

Exploitability

2.8

REFERENCES

CVE-2026-54232

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.22.1, the vLLM Dockerfile is vulnerable to a dependency confusion attack through the flashinfer-jit-cache package. The package is installed from a custom index (flashinfer.ai/whl/) using --extra-index-url, but the package name was not registered on PyPI, and UV_INDEX_STRATEGY="unsafe-best-match" is set globally. An attacker who registers flashinfer-jit-cache on PyPI with version 0.6.11.post2 can execute arbitrary code as root during the Docker build and backdoor every resulting container image, enabling exfiltration of all user prompts, API credentials, and model data from production vLLM deployments This vulnerability is fixed in 0.22.1.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: 8.8)

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Impact Score

5.9

Exploitability

2.8

REFERENCES

https://github.com/vllm-project/vllm/security/advisories/GHSA-jrf6-vqxq-pjv2

CVE-2026-53923

SUMMARY

vLLM is an inference and serving engine for large language models (LLMs). From 0.5.5 until 0.23.1rc0, integer truncation of tensor dimensions in vLLM's GGUF dequantize kernels (csrc/quantization/gguf/gguf_kernel.cu) causes partial tensor processing. The output tensor is allocated at full size via torch::empty (uninitialized memory), but the dequantize CUDA kernel processes only a truncated number of elements. The unfilled portion of the output tensor retains whatever was previously in GPU memory. In multi-tenant inference deployments, this residual GPU memory may contain tensor data from other users' inference requests, constituting information disclosure. This vulnerability is fixed in 0.23.1rc0.

Published

Date2026-06-22

Updated

Date2026-06-22

RISK INFORMATION (Score: )

cvss4

Base Score: 5.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

Exploitability

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…