Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
vBulletin Solutions, Inc.

vBulletin Solutions, Inc. Vendor Cyber Rating & Cyber Score

vbulletin.com

vBulletin™ is the world leader in forum and community publishing software. Customers have created vibrant communities for over 10 years on vBulletin's stable and mature platform. Developed with security, powerful administration features and speed in mind, it serves over 40,000 online communities. We provide world-renowned technical support, with the average support ticket answered within 3 hours, at any time of the day or night, 7 days a week. To learn more about our products, please visit the features page. Our team is all over the world. Our headquarters are located in Southern California. vBulletin Solutions, Inc is a company registered in California, US and a division of Internet Brands.


VSI A.I CyberSecurity Scoring

VSI
Company Information
Website:http://www.vbulletin.com/
Employees number:8
Number of followers:696
NAICS:513
Industry Type:Technology, Information and Internet
Homepage:vbulletin.com
VSI Risk Score (AI oriented)
Between 700 and 749
logo
VSITechnology, Information and Internet
Updated:
12/03/2026
745/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
VSI Global Score (TPRM)
xxxx
logo
VSITechnology, Information and Internet
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

VSI
VSIModerate
Current Score
745Ba (MODERATE)
01000
3 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
746Before Incident
JUNE 2026
746Before Incident
MAY 2026
746Before Incident
APRIL 2026
746Before Incident
MARCH 2026
746Before Incident
FEBRUARY 2026
745Before Incident
JANUARY 2026
745Before Incident
DECEMBER 2025
745Before Incident
NOVEMBER 2025
744Before Incident
OCTOBER 2025
744Before Incident
SEPTEMBER 2025
744Before Incident
AUGUST 2025
743Before Incident
JUNE 2025
747Before Incident
Vulnerability
02 Jun 2025VSI
vBulletin

vBulletin Remote Code Execution Vulnerability Exploitation

742After Incident
MEDIUM-5
VBU743060225
A critical, unauthenticated remote code execution (RCE) vulnerability in vBulletin forum software is being actively exploited. The vulnerability, assigned CVE-2025-48827 and CVE-2025-48828, affects versions 5.0.0 through 6.0.3. Despite patches being available for over a year, numerous installations remain vulnerable. The flaw allows attackers to execute arbitrary commands on vulnerable servers without authentication. Organizations running unpatched versions face significant risk as the vulnerability affects a broad range of installations.
INCIDENT DETAILS -
TYPE
Remote Code Execution
MOTIVATION
Compromise web forums
IMPACT
Systems Affected: vBulletin installations
MAY 2025
764Before Incident
Vulnerability
26 May 2025VSI
vBulletin

vBulletin Vulnerability Leads to Unauthenticated Remote Code Execution

747After Incident
LOW-17
VBU631052625
A newly discovered vulnerability in vBulletin, a popular forum platform, has exposed thousands of online communities to the risk of unauthenticated remote code execution (RCE). The flaw allows attackers to invoke protected internal methods, enabling full system compromise without authentication. The vulnerability is present in vBulletin versions 5.x and 6.x running on PHP 8.1 or later. The issue arises from vBulletin’s reliance on PHP’s Reflection API for its custom MVC framework and API system, which allows the invocation of protected and private methods without requiring setAccessible(true). This has been confirmed in versions 5.1.0, 5.7.5, 6.0.1, and 6.0.3 running on PHP 8.1+. The vulnerability is believed to be patched in version 6.0.4.
INCIDENT DETAILS -
TYPE
Remote Code Execution (RCE)
IMPACT
vBulletin forums running on PHP 8.1 or later
JUNE 2019
765Before Incident
Vulnerability
16 Jun 2019VSI
vBulletin (by Internet Brands)

Critical vBulletin Flaws (CVE-2025-48827 & CVE-2025-48828) Enable Remote Code Execution

748After Incident
CRITICAL-17
VBU2681826113025
The open-source forum software vBulletin was exposed to two critical vulnerabilities (CVE-2025-48827 and CVE-2025-48828), enabling remote, unauthenticated code execution (RCE) due to improper PHP Reflection API usage. Exploitation attempts were reported on May 26, leveraging an earlier proof-of-concept by researcher Egidio Romano. The flaws affect versions 5.0.0–5.7.5 and 6.0.0–6.0.3 running on PHP 8.1+, risking full system compromise if unpatched. While no confirmed breaches were detailed in the article, the vulnerabilities pose a severe threat to forums using outdated vBulletin installations, potentially allowing attackers to execute arbitrary commands, steal sensitive user data (e.g., credentials, private messages), or deploy malware—including ransomware—across compromised systems. Historical breaches tied to vBulletin flaws (e.g., 2019’s mass exploits) underscore the risk of large-scale data leaks, reputational damage, and operational disruptions for unpatched deployments. Users were urged to apply 2024 patches or upgrade to v6.1.1 to mitigate exposure.
INCIDENT DETAILS -
TYPE
Vulnerability ExploitationRemote Code Execution (RCE)
IMPACT
vBulletin Forums (Versions 5.0.0–5.7.5, 6.0.0–6.0.3 on PHP 8.1+)Potential Unauthorized Code ExecutionRisk of Forum CompromisePotential Reputation Damage Due to Exploitable Flaws

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for VSI ?
?
What was VSI's A.I Rankiteo Cyber Score in June 2026 ?
?
What was VSI's A.I Rankiteo Cyber Score in May 2026 ?
?
What was VSI's A.I Rankiteo Cyber Score in April 2026 ?
?
What was VSI's A.I Rankiteo Cyber Score in March 2026 ?
?
What was VSI's A.I Rankiteo Cyber Score in February 2026 ?
?
What was VSI's A.I Rankiteo Cyber Score in January 2026 ?
?
What was VSI's A.I Rankiteo Cyber Score in December 2025 ?
?
What was VSI's A.I Rankiteo Cyber Score in November 2025 ?
?
What was VSI's A.I Rankiteo Cyber Score in October 2025 ?
?
What was VSI's A.I Rankiteo Cyber Score in September 2025 ?
?
What was VSI's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on VSI's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with VSI ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view VSI's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?