Umgee-u-s-a- vs Pentland-group - Cyber Risk Comparison & Security Rating

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Comparison Overview

Umgee U.S.A.

Pentland Group Limited

Umgee U.S.A.

500 S. Anderson St, Los Angeles, CA, 90033, US

Last Update: 24/03/2026

View Profile

Between 750 and 799

http://www.umgeeusa.com

762/1000Fair

UMGEE U.S.A. is a fashion-forward women’s apparel wholesaler located in the heart of Downtown, Los Angeles. We serve boho clothing for women found soaking up the sun and dancing in the desert. We offer an eclectic mix of Contemporary and Plus Size clothing for women of ...

NAICS:448

NAICS Definition:N/A

Employees:45

Subsidiaries:0

12-month incidents

Known data breaches

Attack type number

Pentland Group Limited

N/A

Last Update: 27/03/2026

View Profile

Between 800 and 849

https://pentlandgroup.com/

816/1000Good

We are a family business building and delivering positive brands in sports, outdoor and fashion. Our business is changing rapidly, but our people and our values remain at the heart of what we do. www.pentlandgroup.com We own Pentland Brands, the name behind some of...

NAICS:448

NAICS Definition:Clothing and Clothing Accessories Stores

Employees:18

Subsidiaries:0

12-month incidents

Known data breaches

Attack type number

Compliance Ranges Comparison

Based On Specific Ai Models Category

Umgee U.S.A.

ISO 27001Not verified

SOC2 Type 1Not verified

SOC2 Type 2Not verified

GDPRNot verified

PCI DSSNot verified

HIPAANot verified

Pentland Group Limited

ISO 27001Not verified

SOC2 Type 1Not verified

SOC2 Type 2Not verified

GDPRNot verified

PCI DSSNot verified

HIPAANot verified

Benchmark & Cyber Underwriting Signals

Incidents vs Retail Apparel and Fashion Industry Avg (This Year)

No incidents recorded for Umgee U.S.A. in 2026.

Incidents

Incidents vs Retail Apparel and Fashion Industry Avg (This Year)

No incidents recorded for Pentland Group Limited in 2026.

Incidents

Incident History - Umgee U.S.A. (X = Date, Y = Severity)

Umgee U.S.A. cyber incidents detection timeline including parent company and subsidiaries.

No timeline data available

R - Ransomware

C - Cyber Attack

D - Data Breach

V - Vulnerability

Incident History - Pentland Group Limited (X = Date, Y = Severity)

Pentland Group Limited cyber incidents detection timeline including parent company and subsidiaries.

No timeline data available

R - Ransomware

C - Cyber Attack

D - Data Breach

V - Vulnerability

Notable Incidents

Last Cyber / HR Incidents / Global...

Umgee U.S.A.

Incidents

No explicit notable incidents reported.

Pentland Group Limited

Incidents

No explicit notable incidents reported.

FAQ

Between Umgee U.S.A. company and Pentland Group Limited company, which one has the best AI Cybersecurity Score ?

Between Umgee U.S.A. company and Pentland Group Limited company, which one has experienced more cyber incidents in the past ?

Between Umgee U.S.A. company and Pentland Group Limited company, which one has experienced more cyber incidents this year ?

Between Umgee U.S.A. company and Pentland Group Limited company, which one has experienced at least one ransomware attack ?

Between Umgee U.S.A. company and Pentland Group Limited company, which one has experienced at least one data breach ?

Between Umgee U.S.A. company and Pentland Group Limited company, which one has experienced at least one targeted cyberattack ?

Between Umgee U.S.A. company and Pentland Group Limited company, which one has experienced at least one vulnerability ?

Between Umgee U.S.A. company and Pentland Group Limited company, which one holds the most compliance certifications ?

Between Umgee U.S.A. company and Pentland Group Limited company, which one holds the fewest compliance certifications ?

Between Umgee U.S.A. company and Pentland Group Limited company, which one has the most subsidiaries ?

Between Umgee U.S.A. company and Pentland Group Limited company, which one has the largest number of employees ?

Between Umgee U.S.A. and Pentland Group Limited, which company holds both SOC 2 Type 1 certifications ?

Between Umgee U.S.A. and Pentland Group Limited, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified - Umgee U.S.A. or Pentland Group Limited ?

Which company is PCI DSS compliant - Umgee U.S.A. or Pentland Group Limited ?

Between Umgee U.S.A. and Pentland Group Limited, which company complies with HIPAA regulations for healthcare data ?

Between Umgee U.S.A. and Pentland Group Limited, which company complies with GDPR requirements ?

Latest Global CVEs

CVE-2026-44541

SUMMARY

Fides is an open-source privacy engineering platform. From version 2.33.0 to before version 2.84.5, there is a DOM-based XSS vulnerability in fides.js via the fides_description override. This issue has been patched in version 2.84.5.

PUBLISHED

Date2026-06-08

UPDATED

Date2026-06-08

RISK INFORMATION (Score: )

CVSS4

Base Score: 7.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

IMPACT SCORE

EXPLOITABILITY

REFERENCES

CVE-2026-49141

SUMMARY

WACRM prior to commit 73041bf contain an authorization bypass vulnerability in the automation engine that allows authenticated attackers to access and modify contacts belonging to other tenants by supplying an arbitrary caller-controlled contact_id in the POST request body without tenant ownership verification. Attackers can exploit the service-role client that bypasses row-level security to modify victim contact fields including name, email, and company across tenant boundaries using only a known contact UUID.

PUBLISHED

Date2026-06-08

UPDATED

Date2026-06-08

RISK INFORMATION (Score: 7.1)

CVSS3

Base Score: 7.1

Complexity: HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N

CVSS4

Base Score: 5.1

Complexity: HIGH

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

IMPACT SCORE

4.7

EXPLOITABILITY

1.8

REFERENCES

CVE-2026-47345

SUMMARY

Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2.

PUBLISHED

Date2026-06-08

UPDATED

Date2026-06-08

RISK INFORMATION (Score: )

CVSS4

Base Score: 5.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

IMPACT SCORE

EXPLOITABILITY

REFERENCES

CVE-2026-47344

SUMMARY

When ALLOW_INSECURE_RAW_TEXT is enabled, whitespace-variant closing tags (e.g., </style\t>) are not recognized by the sanitizer but accepted by browsers as valid end tags, allowing subsequent content to escape sanitization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2.

PUBLISHED

Date2026-06-08

UPDATED

Date2026-06-08

RISK INFORMATION (Score: )

CVSS4

Base Score: 2.1

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

IMPACT SCORE

EXPLOITABILITY

REFERENCES

CVE-2026-46484

SUMMARY

Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3.

PUBLISHED

Date2026-06-08

UPDATED

Date2026-06-08

RISK INFORMATION (Score: 8.1)

CVSS3

Base Score: 8.1

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

IMPACT SCORE

5.2

EXPLOITABILITY

2.8

REFERENCES