VSI A.I CyberSecurity Scoring
VSI
Company Information
Website:http://www.vbulletin.com/
Employees number:8
Number of followers:696
NAICS:513
Industry Type:Technology, Information and Internet
Homepage:vbulletin.com
VSI Risk Score (AI oriented)
Between 700 and 749
VSITechnology, Information and Internet
Updated:
12/03/2026
12/03/2026
745/1000
Moderate
Ba
VSI Global Score (TPRM)
xxxx
VSITechnology, Information and Internet
Score locked

VSIModerate
Current Score
745Ba (MODERATE)
01000
3 incidents
0 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
746
JUNE 2026
746
MAY 2026
746
APRIL 2026
746
MARCH 2026
746
FEBRUARY 2026
745
JANUARY 2026
745
DECEMBER 2025
745
NOVEMBER 2025
744
OCTOBER 2025
744
SEPTEMBER 2025
744
AUGUST 2025
743
JUNE 2025
747
Vulnerability
02 Jun 2025 • VSI
vBulletin
vBulletin Remote Code Execution Vulnerability Exploitation
742
MEDIUM-5
VBU743060225
A critical, unauthenticated remote code execution (RCE) vulnerability in vBulletin forum software is being actively exploited. The vulnerability, assigned CVE-2025-48827 and CVE-2025-48828, affects versions 5.0.0 through 6.0.3. Despite patches being available for over a year, numerous installations remain vulnerable. The flaw allows attackers to execute arbitrary commands on vulnerable servers without authentication. Organizations running unpatched versions face significant risk as the vulnerability affects a broad range of installations.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
REFERENCES
MAY 2025
764
Vulnerability
26 May 2025 • VSI
vBulletin
vBulletin Vulnerability Leads to Unauthenticated Remote Code Execution
747
LOW-17
VBU631052625
A newly discovered vulnerability in vBulletin, a popular forum platform, has exposed thousands of online communities to the risk of unauthenticated remote code execution (RCE). The flaw allows attackers to invoke protected internal methods, enabling full system compromise without authentication. The vulnerability is present in vBulletin versions 5.x and 6.x running on PHP 8.1 or later. The issue arises from vBulletin’s reliance on PHP’s Reflection API for its custom MVC framework and API system, which allows the invocation of protected and private methods without requiring setAccessible(true). This has been confirmed in versions 5.1.0, 5.7.5, 6.0.1, and 6.0.3 running on PHP 8.1+. The vulnerability is believed to be patched in version 6.0.4.
INCIDENT DETAILS -
TYPE
IMPACT
REFERENCES
JUNE 2019
765
Vulnerability
16 Jun 2019 • VSI
vBulletin (by Internet Brands)
Critical vBulletin Flaws (CVE-2025-48827 & CVE-2025-48828) Enable Remote Code Execution
748
CRITICAL-17
VBU2681826113025
The open-source forum software vBulletin was exposed to two critical vulnerabilities (CVE-2025-48827 and CVE-2025-48828), enabling remote, unauthenticated code execution (RCE) due to improper PHP Reflection API usage. Exploitation attempts were reported on May 26, leveraging an earlier proof-of-concept by researcher Egidio Romano. The flaws affect versions 5.0.0–5.7.5 and 6.0.0–6.0.3 running on PHP 8.1+, risking full system compromise if unpatched. While no confirmed breaches were detailed in the article, the vulnerabilities pose a severe threat to forums using outdated vBulletin installations, potentially allowing attackers to execute arbitrary commands, steal sensitive user data (e.g., credentials, private messages), or deploy malware—including ransomware—across compromised systems. Historical breaches tied to vBulletin flaws (e.g., 2019’s mass exploits) underscore the risk of large-scale data leaks, reputational damage, and operational disruptions for unpatched deployments. Users were urged to apply 2024 patches or upgrade to v6.1.1 to mitigate exposure.
INCIDENT DETAILS -
TYPE
IMPACT
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for VSI ??
What was VSI's A.I Rankiteo Cyber Score in June 2026 ??
What was VSI's A.I Rankiteo Cyber Score in May 2026 ??
What was VSI's A.I Rankiteo Cyber Score in April 2026 ??
What was VSI's A.I Rankiteo Cyber Score in March 2026 ??
What was VSI's A.I Rankiteo Cyber Score in February 2026 ??
What was VSI's A.I Rankiteo Cyber Score in January 2026 ??
What was VSI's A.I Rankiteo Cyber Score in December 2025 ??
What was VSI's A.I Rankiteo Cyber Score in November 2025 ??
What was VSI's A.I Rankiteo Cyber Score in October 2025 ??
What was VSI's A.I Rankiteo Cyber Score in September 2025 ??
What was VSI's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on VSI's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with VSI ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view VSI's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?