Walgreens
Company Details
Linkedin ID:
walgreens
Website:
Employees number:
92,003
Number of followers:
639,058
NAICS:
44611
Industry Type:
Homepage:
walgreens.com
IP Addresses:
0
Company ID:
WAL_1482058
Scan Status:
In-progress
Walgreens Company CyberSecurity Posture
walgreens.com
Founded in 1901, Walgreens (www.walgreens.com) has a storied heritage of caring for communities for generations and proudly serves nearly 9 million customers and patients each day across its approximately 8,500 stores throughout the U.S. and Puerto Rico, and leading omni-channel platforms. Walgreens has approximately 220,000 team members, including nearly 90,000 healthcare service providers, and is committed to being the first choice for retail pharmacy and health services, building trusted relationships that create healthier futures for customers, patients, team members and communities.
Walgreens A.I CyberSecurity Scoring
Walgreens Risk Score (AI oriented)Between 700 and 749
Walgreens
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Walgreens Global Score (TPRM)XXXX
Walgreens
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Walgreens Company CyberSecurity News & History
Past Incidents
7
Attack Types
2
Boots UK
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The data breach experienced by the payroll company Zellis affected The BBC, Boots, and British Airways. The BBC is collaborating closely with Zellis as they urgently examine the scope of the data breach at their third-party supplier after becoming aware of it. An unauthenticated attacker might take advantage of the SQL injection vulnerability to access the database of MOVEit Transfer without authorization. The cybersecurity problem at Zellis, which included one of their third-party providers called MOVEit, has been reported to British Airways as having affected them.
Boots UK
Data Leak
Rankiteo Explanation
Attack limited on finance or reputation
Description: Boots had suspended payments using loyalty card points after a cyber attack on its customer database. Hackers broke into Advantage Card accounts to steal customers’ reward points to spend on themselves. The issue affected less than 1% of the company’s 14.4 million active loyalty card users – around 150,000 people. No credit card information had been taken.
Walgreens: Judicial Panel Declines Coordination of Salesforce Data Breach Suits But Transfers TransUnion Cases
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: **Walgreens Faces Legal Action Over Credit Card Receipt Data Exposure** A recent lawsuit alleges that Walgreens violated the **Fair and Accurate Credit Transactions Act (FACTA) of 2003** by improperly printing payment card details on a customer’s receipt. The plaintiff claims the drugstore chain failed to comply with the law’s **truncation requirement**, which mandates that receipts display only the last five digits of a card number to protect consumer data. Instead, the receipt in question reportedly included the **first six and last four digits** of the 16-digit card number, potentially exposing sensitive financial information. FACTA was enacted to prevent identity theft by limiting the disclosure of full card numbers on printed receipts. The case highlights ongoing concerns about **retailer compliance with data protection laws**, particularly in point-of-sale systems. If proven, the violation could result in penalties under FACTA, which allows for statutory damages in such cases. The outcome may set a precedent for how businesses handle payment receipts moving forward.
Walgreen Co.
Breach
Rankiteo Explanation
Attack limited on finance or reputation
Description: On June 19, 2018, the California Office of the Attorney General reported a data breach involving Walgreen Co., which was discovered on April 17, 2018. Unauthorized skimming devices were found at two Walgreens-owned Rite Aid locations in Nashville, TN, potentially affecting customer payment card information. The breach may involve customer credit or debit card numbers, associated PINs, and possibly names, although there are no known reports of fraud as a result of this incident.
Walgreen Co.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported that Walgreen Co. experienced a data breach between May 26 and June 5, 2020, involving unauthorized entries into multiple Walgreens stores impacting customer health-related information. Specific details on the number of affected individuals are unknown, but compromised information may include names, addresses, phone numbers, date of birth, medication details, and other health-related data.
Walgreen Co.
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The California Office of the Attorney General reported that Walgreen Co. experienced a data breach on January 15, 2020, which allowed unauthorized viewing of personal messages within the Walgreens mobile app. The breach affected messages containing limited health-related information of customers and involved a potential exposure of customer names, prescription numbers, and addresses. The notification was reported on February 28, 2020.
Walgreens
Data Leak
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: Walgreens’ Covid-19 test registration system exposed patient data of millions of people who got Covid-19 tests through Walgreens. The personal data — including your name, date of birth, gender identity, phone number, address, and email — was left on the open web for potentially anyone to see and for the multiple ad trackers on Walgreens’ site to collect. However, Walgreens added an authentication screen to its Covid-19 test confirmation pages and made it mandatory for anyone who wants to access the test confirmation pages to enter the patient’s date of birth first.
Walgreens Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Walgreens
Incidents vs Retail Pharmacies Industry Average (This Year)
Walgreens has 0.0% fewer incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Walgreens has 28.21% more incidents than the average of all companies with at least one recorded incident.
Incident Types Walgreens vs Retail Pharmacies Industry Avg (This Year)
Walgreens reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Incident History — Walgreens (X = Date, Y = Severity)
Walgreens cyber incidents detection timeline including parent company and subsidiaries
Walgreens Company Subsidiaries
Founded in 1901, Walgreens (www.walgreens.com) has a storied heritage of caring for communities for generations and proudly serves nearly 9 million customers and patients each day across its approximately 8,500 stores throughout the U.S. and Puerto Rico, and leading omni-channel platforms. Walgreens has approximately 220,000 team members, including nearly 90,000 healthcare service providers, and is committed to being the first choice for retail pharmacy and health services, building trusted relationships that create healthier futures for customers, patients, team members and communities.
Loading...
Walgreens Similar Companies
Walgreens Boots Alliance
Walgreens Boots Alliance (Nasdaq: WBA) is an integrated healthcare, pharmacy and retail leader serving millions of customers and patients every day, with a 170-year heritage of caring for communities. A trusted, global innovator in retail pharmacy with more than 12,500 locations across the U.S., Eu
.png)
Walgreens CyberSecurity News
August 28, 2025 07:00 AM
Walgreens goes private as Sycamore closes deal, Staples CEO to replace Tim Wentworth
Walgreens Boots Alliance is officially private and will cease to exist as a vertically integrated business on the Nasdaq, as Sycamore...
August 07, 2025 07:00 AM
Walgreens Shuts Down Coral Springs Store as Part of National Cutbacks
A Walgreens store has permanently closed in Coral Springs as part of the chain's nationwide downsizing. Heres what's behind the decision.
July 14, 2025 07:00 AM
Walgreens acquisition by Sycamore wins shareholder agreement
US pharmacy Walgreens Boots Alliance (WBA) shareholders have given approval to the company's acquisition by Sycamore Partners Management...
July 11, 2025 07:00 AM
Walgreens shareholders approve $10 billion private equity buyout
Shareholders of Walgreens Boots Alliance overwhelmingly approved the drugstore chain's $10 billion acquisition by private equity firm...
May 20, 2025 07:00 AM
Another Denver metro Walgreens to close its doors by end of the week
Another Colorado Walgreens location is closing its doors, this time in Lakewood.
April 25, 2025 07:00 AM
Walgreens Encourages Safe Drug Disposal on National Drug Take Back Day Saturday, April 26, 2025
DEERFIELD, Ill., April 25, 2025--Walgreens is calling on the public to help in the fight against prescription drug abuse by participating in...
April 23, 2025 07:00 AM
Walgreens reaches $300m deal over opioid prescriptions claims
The retailer will pay an extra $50m to the US Government if it undergoes a sale, merger, or transfer prior to 2032.
March 17, 2025 07:00 AM
Walgreens Chair Pessina to boost stake after Sycamore seals takeover deal, FT reports
Pessina, Walgreens' top shareholder with a roughly 17% stake in the company he helped forge through the 2014 merger of Walgreens and...
March 12, 2025 07:00 AM
Marquis Who's Who Honors Anthony Francis, CISSP, for Expertise in Cybersecurity and Information Technology
Anthony Francis is a distinguished leader in cybersecurity and a reputable working actor.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Walgreens CyberSecurity History Information
Official Website of Walgreens
The official website of Walgreens is http://www.walgreens.com.
Walgreens’s AI-Generated Cybersecurity Score
According to Rankiteo, Walgreens’s AI-generated cybersecurity score is 711, reflecting their Moderate security posture.
How many security badges does Walgreens’ have ?
According to Rankiteo, Walgreens currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Walgreens have SOC 2 Type 1 certification ?
According to Rankiteo, Walgreens is not certified under SOC 2 Type 1.
Does Walgreens have SOC 2 Type 2 certification ?
According to Rankiteo, Walgreens does not hold a SOC 2 Type 2 certification.
Does Walgreens comply with GDPR ?
According to Rankiteo, Walgreens is not listed as GDPR compliant.
Does Walgreens have PCI DSS certification ?
According to Rankiteo, Walgreens does not currently maintain PCI DSS compliance.
Does Walgreens comply with HIPAA ?
According to Rankiteo, Walgreens is not compliant with HIPAA regulations.
Does Walgreens have ISO 27001 certification ?
According to Rankiteo,Walgreens is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Walgreens
Walgreens operates primarily in the Retail Pharmacies industry.
Number of Employees at Walgreens
Walgreens employs approximately 92,003 people worldwide.
Subsidiaries Owned by Walgreens
Walgreens presently has no subsidiaries across any sectors.
Walgreens’s LinkedIn Followers
Walgreens’s official LinkedIn profile has approximately 639,058 followers.
NAICS Classification of Walgreens
Walgreens is classified under the NAICS code 44611, which corresponds to Pharmacies and Drug Stores.
Walgreens’s Presence on Crunchbase
Yes, Walgreens has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/walgreens.
Walgreens’s Presence on LinkedIn
Yes, Walgreens maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/walgreens.
Cybersecurity Incidents Involving Walgreens
As of December 18, 2025, Rankiteo reports that Walgreens has experienced 7 cybersecurity incidents.
Number of Peer and Competitor Companies
Walgreens has an estimated 76 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Walgreens ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach and Data Leak.
How does Walgreens detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an containment measures with added authentication screen to covid-19 test confirmation pages, and remediation measures with made it mandatory to enter the patient’s date of birth first..
Incident Details
Can you provide details on each incident ?
Title: Boots Loyalty Card Points Theft
Description: Hackers broke into Advantage Card accounts to steal customers’ reward points to spend on themselves.
Type: Data Breach
Attack Vector: Account Compromise
Threat Actor: Unknown Hackers
Motivation: Financial Gain
Title: Walgreens Covid-19 Test Registration System Data Exposure
Description: Walgreens’ Covid-19 test registration system exposed patient data of millions of people who got Covid-19 tests through Walgreens. The personal data — including your name, date of birth, gender identity, phone number, address, and email — was left on the open web for potentially anyone to see and for the multiple ad trackers on Walgreens’ site to collect.
Type: Data Exposure
Attack Vector: Open Web Exposure
Vulnerability Exploited: Lack of Authentication
Title: Data Breach at Zellis Affecting The BBC, Boots, and British Airways
Description: The data breach experienced by the payroll company Zellis affected The BBC, Boots, and British Airways. The BBC is collaborating closely with Zellis as they urgently examine the scope of the data breach at their third-party supplier after becoming aware of it. An unauthenticated attacker might take advantage of the SQL injection vulnerability to access the database of MOVEit Transfer without authorization. The cybersecurity problem at Zellis, which included one of their third-party providers called MOVEit, has been reported to British Airways as having affected them.
Type: Data Breach
Attack Vector: SQL Injection
Vulnerability Exploited: SQL Injection
Title: Walgreen Co. Data Breach
Description: Unauthorized skimming devices were found at two Walgreens-owned Rite Aid locations in Nashville, TN, potentially affecting customer payment card information.
Date Detected: 2018-04-17
Date Publicly Disclosed: 2018-06-19
Type: Data Breach
Attack Vector: Skimming Devices
Vulnerability Exploited: Physical Security
Motivation: Financial Gain
Title: Walgreen Co. Data Breach
Description: Unauthorized viewing of personal messages within the Walgreens mobile app, exposing limited health-related information of customers.
Date Detected: 2020-01-15
Date Publicly Disclosed: 2020-02-28
Type: Data Breach
Attack Vector: Mobile App Vulnerability
Vulnerability Exploited: Unauthorized Access
Title: Walgreen Co. Data Breach
Description: The California Office of the Attorney General reported that Walgreen Co. experienced a data breach between May 26 and June 5, 2020, involving unauthorized entries into multiple Walgreens stores impacting customer health-related information. Specific details on the number of affected individuals are unknown, but compromised information may include names, addresses, phone numbers, date of birth, medication details, and other health-related data.
Date Detected: 2020-05-26
Type: Data Breach
Attack Vector: Unauthorized Entry
Title: Walgreens Credit Card Receipt Data Exposure
Description: The plaintiff, Marianna Wharry, brought a claim against Walgreens under the Fair and Accurate Credit Transactions Act of 2003, alleging the company violated the law's truncation requirement by including the first six digits and the last four digits of her 16-digit card number on her receipt.
Type: Data Exposure
Vulnerability Exploited: Improper truncation of payment card information on receipts
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through MOVEit Transfer and Skimming Devices.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach BOO2325221222
Data Compromised: Loyalty Points
Systems Affected: Customer Database
Incident : Data Exposure WAL221827123
Data Compromised: Name, Date of birth, Gender identity, Phone number, Address, Email
Systems Affected: Covid-19 Test Registration System
Incident : Data Breach BOO74919923
Systems Affected: MOVEit Transfer
Incident : Data Breach WAL127072425
Data Compromised: Customer credit or debit card numbers, Associated pins, Possibly names
Payment Information Risk: High
Incident : Data Breach WAL748072525
Data Compromised: Customer names, Prescription numbers, Addresses, Limited health-related information
Systems Affected: Walgreens mobile app
Incident : Data Breach WAL920080425
Data Compromised: Names, Addresses, Phone numbers, Date of birth, Medication details, Other health-related data
Incident : Data Exposure WAL1766022901
Data Compromised: Payment card information (first six and last four digits of 16-digit card number)
Systems Affected: Point-of-sale (POS) or receipt generation system
Brand Reputation Impact: Potential reputational damage due to regulatory violation
Legal Liabilities: Lawsuit under the Fair and Accurate Credit Transactions Act of 2003
Identity Theft Risk: Increased risk of identity theft or payment fraud
Payment Information Risk: Exposure of partial payment card details
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Loyalty Points, Personal Data, Customer Credit Or Debit Card Numbers, Associated Pins, Possibly Names, , Customer Names, Prescription Numbers, Addresses, Limited Health-Related Information, , Names, Addresses, Phone Numbers, Date Of Birth, Medication Details, Other Health-Related Data, and Payment card information.
Which entities were affected by each incident ?
Incident : Data Breach BOO2325221222
Entity Name: Boots
Entity Type: Retail
Industry: Pharmacy and Healthcare
Size: Large
Customers Affected: 150,000
Incident : Data Exposure WAL221827123
Entity Name: Walgreens
Entity Type: Pharmacy
Industry: Healthcare
Customers Affected: Millions
Incident : Data Breach BOO74919923
Entity Name: British Airways
Entity Type: Airline
Industry: Aviation
Incident : Data Breach WAL127072425
Entity Name: Walgreen Co.
Entity Type: Retail
Industry: Pharmacy
Location: Nashville, TN
Incident : Data Breach WAL748072525
Entity Name: Walgreen Co.
Entity Type: Company
Industry: Healthcare
Incident : Data Breach WAL920080425
Entity Name: Walgreen Co.
Entity Type: Retail
Industry: Pharmacy
Location: Multiple Walgreens stores
Incident : Data Exposure WAL1766022901
Entity Name: Walgreens
Entity Type: Retail Pharmacy
Industry: Healthcare/Retail
Customers Affected: At least one (Marianna Wharry)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Exposure WAL221827123
Containment Measures: Added authentication screen to Covid-19 test confirmation pages
Remediation Measures: Made it mandatory to enter the patient’s date of birth first
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach BOO2325221222
Type of Data Compromised: Loyalty Points
Number of Records Exposed: 150,000
Sensitivity of Data: Low
Incident : Data Exposure WAL221827123
Type of Data Compromised: Personal Data
Number of Records Exposed: Millions
Sensitivity of Data: High
Incident : Data Breach WAL127072425
Type of Data Compromised: Customer credit or debit card numbers, Associated pins, Possibly names
Sensitivity of Data: High
Personally Identifiable Information: Possibly names
Incident : Data Breach WAL748072525
Type of Data Compromised: Customer names, Prescription numbers, Addresses, Limited health-related information
Sensitivity of Data: Medium
Personally Identifiable Information: Customer namesPrescription numbersAddresses
Incident : Data Breach WAL920080425
Type of Data Compromised: Names, Addresses, Phone numbers, Date of birth, Medication details, Other health-related data
Sensitivity of Data: High
Personally Identifiable Information: namesaddressesphone numbersdate of birth
Incident : Data Exposure WAL1766022901
Type of Data Compromised: Payment card information
Number of Records Exposed: At least one
Sensitivity of Data: High (partial payment card details)
Personally Identifiable Information: Partial payment card number
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Made it mandatory to enter the patient’s date of birth first.
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by added authentication screen to covid-19 test confirmation pages.
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Data Exposure WAL1766022901
Regulations Violated: Fair and Accurate Credit Transactions Act of 2003 (FACTA),
Legal Actions: Lawsuit filed by plaintiff
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Lawsuit filed by plaintiff.
References
Where can I find more information about each incident ?
Incident : Data Breach WAL127072425
Source: California Office of the Attorney General
Date Accessed: 2018-06-19
Incident : Data Breach WAL748072525
Source: California Office of the Attorney General
Date Accessed: 2020-02-28
Incident : Data Breach WAL920080425
Source: California Office of the Attorney General
Incident : Data Exposure WAL1766022901
Source: Legal case filing
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: California Office of the Attorney GeneralDate Accessed: 2018-06-19, and Source: California Office of the Attorney GeneralDate Accessed: 2020-02-28, and Source: California Office of the Attorney General, and Source: Legal case filing.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach BOO74919923
Entry Point: MOVEit Transfer
Incident : Data Breach WAL127072425
Entry Point: Skimming Devices
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Exposure WAL1766022901
Root Causes: Failure to properly truncate payment card information on receipts as required by FACTA
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Unknown Hackers.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2018-04-17.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2020-02-28.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Loyalty Points, Name, Date of Birth, Gender Identity, Phone Number, Address, Email, , Customer credit or debit card numbers, Associated PINs, Possibly names, , Customer names, Prescription numbers, Addresses, Limited health-related information, , names, addresses, phone numbers, date of birth, medication details, other health-related data, and Payment card information (first six and last four digits of 16-digit card number).
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was MOVEit Transfer and Walgreens mobile app and .
Response to the Incidents
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Added authentication screen to Covid-19 test confirmation pages.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Loyalty Points, Name, addresses, Customer names, Address, date of birth, Prescription numbers, Date of Birth, Email, Gender Identity, Customer credit or debit card numbers, phone numbers, Payment card information (first six and last four digits of 16-digit card number), Addresses, Limited health-related information, other health-related data, Phone Number, Associated PINs, Possibly names, names and medication details.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 150.0B.
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Lawsuit filed by plaintiff.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are California Office of the Attorney General and Legal case filing.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an MOVEit Transfer and Skimming Devices.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Zerobyte is a backup automation tool Zerobyte versions prior to 0.18.5 and 0.19.0 contain an authentication bypass vulnerability where authentication middleware is not properly applied to API endpoints. This results in certain API endpoints being accessible without valid session credentials. This is dangerous for those who have exposed Zerobyte to be used outside of their internal network. A fix has been applied in both version 0.19.0 and 0.18.5. If immediate upgrade is not possible, restrict network access to the Zerobyte instance to trusted networks only using firewall rules or network segmentation. This is only a temporary mitigation; upgrading is strongly recommended.
Risk Information
cvss3
Base: 9.1
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Description
Open Source Point of Sale (opensourcepos) is a web based point of sale application written in PHP using CodeIgniter framework. Starting in version 3.4.0 and prior to version 3.4.2, a Cross-Site Request Forgery (CSRF) vulnerability exists in the application's filter configuration. The CSRF protection mechanism was **explicitly disabled**, allowing the application to process state-changing requests (POST) without verifying a valid CSRF token. An unauthenticated remote attacker can exploit this by hosting a malicious web page. If a logged-in administrator visits this page, their browser is forced to send unauthorized requests to the application. A successful exploit allows the attacker to silently create a new Administrator account with full privileges, leading to a complete takeover of the system and loss of confidentiality, integrity, and availability. The vulnerability has been patched in version 3.4.2. The fix re-enables the CSRF filter in `app/Config/Filters.php` and resolves associated AJAX race conditions by adjusting token regeneration settings. As a workaround, administrators can manually re-enable the CSRF filter in `app/Config/Filters.php` by uncommenting the protection line. However, this is not recommended without applying the full patch, as it may cause functionality breakage in the Sales module due to token synchronization issues.
Risk Information
cvss3
Base: 8.8
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References
- https://github.com/Nixon-H/CVE-2025-68434-OSPOS-CSRF-Unauthorized-Administrator-Creation
- https://github.com/opensourcepos/opensourcepos/commit/d575c8da9a1d7af8313a1e758e000e243f5614ef
- https://github.com/opensourcepos/opensourcepos/pull/4349
- https://github.com/opensourcepos/opensourcepos/security/advisories/GHSA-wjm4-hfwg-5w5r
Description
Zed, a code editor, has an aribtrary code execution vulnerability in versions prior to 0.218.2-pre. The Zed IDE loads Model Context Protocol (MCP) configurations from the `settings.json` file located within a project’s `.zed` subdirectory. A malicious MCP configuration can contain arbitrary shell commands that run on the host system with the privileges of the user running the IDE. This can be triggered automatically without any user interaction besides opening the project in the IDE. Version 0.218.2-pre fixes the issue by implementing worktree trust mechanism. As a workaround, users should carefully review the contents of project settings files (`./zed/settings.json`) before opening new projects in Zed.
Risk Information
cvss3
Base: 7.7
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Description
Zed, a code editor, has an aribtrary code execution vulnerability in versions prior to 0.218.2-pre. The Zed IDE loads Language Server Protocol (LSP) configurations from the `settings.json` file located within a project’s `.zed` subdirectory. A malicious LSP configuration can contain arbitrary shell commands that run on the host system with the privileges of the user running the IDE. This can be triggered when a user opens project file for which there is an LSP entry. A concerted effort by an attacker to seed a project settings file (`./zed/settings.json`) with malicious language server configurations could result in arbitrary code execution with the user's privileges if the user opens the project in Zed without reviewing the contents. Version 0.218.2-pre fixes the issue by implementing worktree trust mechanism. As a workaround, users should carefully review the contents of project settings files (`./zed/settings.json`) before opening new projects in Zed.
Risk Information
cvss3
Base: 7.7
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Description
Storybook is a frontend workshop for building user interface components and pages in isolation. A vulnerability present starting in versions 7.0.0 and prior to versions 7.6.21, 8.6.15, 9.1.17, and 10.1.10 relates to Storybook’s handling of environment variables defined in a `.env` file, which could, in specific circumstances, lead to those variables being unexpectedly bundled into the artifacts created by the `storybook build` command. When a built Storybook is published to the web, the bundle’s source is viewable, thus potentially exposing those variables to anyone with access. For a project to potentially be vulnerable to this issue, it must build the Storybook (i.e. run `storybook build` directly or indirectly) in a directory that contains a `.env` file (including variants like `.env.local`) and publish the built Storybook to the web. Storybooks built without a `.env` file at build time are not affected, including common CI-based builds where secrets are provided via platform environment variables rather than `.env` files. Storybook runtime environments (i.e. `storybook dev`) are not affected. Deployed applications that share a repo with your Storybook are not affected. Users should upgrade their Storybook—on both their local machines and CI environment—to version .6.21, 8.6.15, 9.1.17, or 10.1.10 as soon as possible. Maintainers additionally recommend that users audit for any sensitive secrets provided via `.env` files and rotate those keys. Some projects may have been relying on the undocumented behavior at the heart of this issue and will need to change how they reference environment variables after this update. If a project can no longer read necessary environmental variable values, either prefix the variables with `STORYBOOK_` or use the `env` property in Storybook’s configuration to manually specify values. In either case, do not include sensitive secrets as they will be included in the built bundle.
Risk Information
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=walgreens' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
