Wondershare Recoverit
Company Details
Linkedin ID:
wondershare-recoverit
Employees number:
6
Number of followers:
409
NAICS:
5112
Industry Type:
Homepage:
wondershare.com
IP Addresses:
0
Company ID:
WON_1130143
Scan Status:
In-progress
Wondershare Recoverit Company CyberSecurity Posture
wondershare.com
Recovers deleted or lost photos, videos, documents, email files, etc. Recovers data from hard drive, SD card, external USB drives, etc. Recovers lost data from formatted, RAW, or damaged partitions. Recovers 100 MB of files for free without subscription requirements.
Wondershare Recoverit A.I CyberSecurity Scoring
Wondershare Recoverit Risk Score (AI oriented)Between 700 and 749
Wondershare Recoverit
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Wondershare Recoverit Global Score (TPRM)XXXX
Wondershare Recoverit
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Wondershare Recoverit Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Wondershare
Vulnerability
Rankiteo Explanation
Attack threatening the organization's existence
Description: Cybersecurity researchers from Trend Micro uncovered two critical authentication bypass vulnerabilities (CVE-2025-10643 and CVE-2025-10644, CVSS scores 9.1 and 9.4) in Wondershare RepairIt, an AI-powered data repair tool. The flaws stemmed from overly permissive cloud storage tokens embedded in the application’s code, granting read/write access to sensitive data including user-uploaded images/videos, AI models, software binaries, source code, and container images all stored unencrypted. Exploitation could enable attackers to bypass authentication, tamper with AI models or executables, and launch supply chain attacks via vendor-signed updates or malicious AI model downloads. The exposed data included customer private information, intellectual property (e.g., patents, source code), and proprietary AI models, risking intellectual property theft, regulatory penalties, and severe erosion of consumer trust. Trend Micro’s responsible disclosure via the Zero Day Initiative (ZDI) in April 2025 went unanswered, leaving users vulnerable. The incident highlights critical gaps in DevSecOps practices, where rushed innovation overlooked security implications, enabling potential large-scale abuse of user data and system integrity.
Wondershare Recoverit Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Wondershare Recoverit
Incidents vs Software Development Industry Average (This Year)
No incidents recorded for Wondershare Recoverit in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Wondershare Recoverit in 2026.
Incident Types Wondershare Recoverit vs Software Development Industry Avg (This Year)
No incidents recorded for Wondershare Recoverit in 2026.
Incident History — Wondershare Recoverit (X = Date, Y = Severity)
Wondershare Recoverit cyber incidents detection timeline including parent company and subsidiaries
Wondershare Recoverit Company Subsidiaries
Recovers deleted or lost photos, videos, documents, email files, etc. Recovers data from hard drive, SD card, external USB drives, etc. Recovers lost data from formatted, RAW, or damaged partitions. Recovers 100 MB of files for free without subscription requirements.
Loading...
Wondershare Recoverit Similar Companies
SS&C Technologies
SS&C is a leading global provider of mission-critical, cloud-based software and solutions for the financial and healthcare industries. Named to the Fortune 1000 list as a top U.S. company based on revenue, SS&C (NASDAQ: SSNC) is a trusted provider to more than 22,000 financial services and healthcar
Adobe is the global leader in digital media and digital marketing solutions. Our creative, marketing and document solutions empower everyone – from emerging artists to global brands – to bring digital creations to life and deliver immersive, compelling experiences to the right person at the right mo
More than one billion people around the world use Instagram, and we’re proud to be bringing them closer to the people and things they love. Instagram inspires people to see the world differently, discover new interests, and express themselves. Since launching in 2010, our community has grown at a r
Juniper Networks
Juniper Networks is leading the revolution in networking, making it one of the most exciting technology companies in Silicon Valley today. Since being founded by Pradeep Sindhu, Dennis Ferguson, and Bjorn Liencres nearly 20 years ago, Juniper’s sole mission has been to create innovative products and
Cisco
Cisco is the worldwide technology leader that is revolutionizing the way organizations connect and protect in the AI era. For more than 40 years, Cisco has securely connected the world. With its industry leading AI-powered solutions and services, Cisco enables its customers, partners and communities
Expedia Group
At Expedia Group (NASDAQ: EXPE), we believe travel is a force for good – it opens minds, builds connections, and bridges divides. We create transformative tech that enables unforgettable experiences for all travelers, everywhere. Our trusted family of brands are known and loved by millions, and we p
ByteDance
ByteDance is a global incubator of platforms at the cutting edge of commerce, content, entertainment and enterprise services - over 2.5bn people interact with ByteDance products including TikTok. Creation is the core of ByteDance's purpose. Our products are built to help imaginations thrive. This i
Snowflake
Snowflake delivers the AI Data Cloud — a global network where thousands of organizations mobilize data with near-unlimited scale, concurrency, and performance. Inside the AI Data Cloud, organizations unite their siloed data, easily discover and securely share governed data, and execute diverse analy
Canva
We're a global online visual communications platform on a mission to empower the world to design. Featuring a simple drag-and-drop user interface and a vast range of templates ranging from presentations, documents, websites, social media graphics, posters, apparel to videos, plus a huge library of f
.png)
Wondershare Recoverit CyberSecurity News
April 24, 2025 07:00 AM
How To Recover Deleted Photos on Mac? 5 Easy Solutions!
To avoid losing your memorable photos, you must have a reliable photo recovery tool for Mac.
January 06, 2023 08:00 AM
Wondershare Recoverit 11: Best Data Recovery Tool For Windows 11/10
Wondershare Recoverit is a feature-packed data recovery tool that has the ability to completely recover lost files, videos, and photos from...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Wondershare Recoverit CyberSecurity History Information
Official Website of Wondershare Recoverit
The official website of Wondershare Recoverit is https://recoverit.wondershare.com/data-recovery-services-or-software.html?utm_source=Post&utm_medium=Facebook&utm_campaign=RILF-staywithRecoverit.
Wondershare Recoverit’s AI-Generated Cybersecurity Score
According to Rankiteo, Wondershare Recoverit’s AI-generated cybersecurity score is 749, reflecting their Moderate security posture.
How many security badges does Wondershare Recoverit’ have ?
According to Rankiteo, Wondershare Recoverit currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Wondershare Recoverit been affected by any supply chain cyber incidents ?
According to Rankiteo, Wondershare Recoverit has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Wondershare Recoverit have SOC 2 Type 1 certification ?
According to Rankiteo, Wondershare Recoverit is not certified under SOC 2 Type 1.
Does Wondershare Recoverit have SOC 2 Type 2 certification ?
According to Rankiteo, Wondershare Recoverit does not hold a SOC 2 Type 2 certification.
Does Wondershare Recoverit comply with GDPR ?
According to Rankiteo, Wondershare Recoverit is not listed as GDPR compliant.
Does Wondershare Recoverit have PCI DSS certification ?
According to Rankiteo, Wondershare Recoverit does not currently maintain PCI DSS compliance.
Does Wondershare Recoverit comply with HIPAA ?
According to Rankiteo, Wondershare Recoverit is not compliant with HIPAA regulations.
Does Wondershare Recoverit have ISO 27001 certification ?
According to Rankiteo,Wondershare Recoverit is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Wondershare Recoverit
Wondershare Recoverit operates primarily in the Software Development industry.
Number of Employees at Wondershare Recoverit
Wondershare Recoverit employs approximately 6 people worldwide.
Subsidiaries Owned by Wondershare Recoverit
Wondershare Recoverit presently has no subsidiaries across any sectors.
Wondershare Recoverit’s LinkedIn Followers
Wondershare Recoverit’s official LinkedIn profile has approximately 409 followers.
NAICS Classification of Wondershare Recoverit
Wondershare Recoverit is classified under the NAICS code 5112, which corresponds to Software Publishers.
Wondershare Recoverit’s Presence on Crunchbase
No, Wondershare Recoverit does not have a profile on Crunchbase.
Wondershare Recoverit’s Presence on LinkedIn
Yes, Wondershare Recoverit maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/wondershare-recoverit.
Cybersecurity Incidents Involving Wondershare Recoverit
As of January 24, 2026, Rankiteo reports that Wondershare Recoverit has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Wondershare Recoverit has an estimated 28,180 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Wondershare Recoverit ?
Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability.
How does Wondershare Recoverit detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an incident response plan activated with no (vendor unresponsive), and third party assistance with trend micro (disclosure via zero day initiative), and containment measures with users advised to restrict interaction with wondershare repairit, and communication strategy with public disclosure by trend micro, communication strategy with media coverage..
Incident Details
Can you provide details on each incident ?
Title: Critical Authentication Bypass Vulnerabilities in Wondershare RepairIt Exposing User Data and AI Model Tampering Risks
Description: Cybersecurity researchers at Trend Micro disclosed two critical-rated authentication bypass vulnerabilities (CVE-2025-10643 and CVE-2025-10644) in Wondershare RepairIt, an AI-powered data repair and photo editing application. The flaws stem from overly permissive cloud access tokens embedded in the application’s code, granting read/write access to sensitive cloud storage without encryption. Successful exploitation could bypass authentication, enable supply chain attacks via tampered AI models or executables, and expose user data (including images, videos, source code, and container images). The vulnerabilities also contradict Wondershare’s privacy policy, as the company was found to collect and leak private user data due to weak DevSecOps practices. Trend Micro responsibly disclosed the issues in April 2025 via its Zero Day Initiative (ZDI), but Wondershare has not responded or issued a fix. Users are advised to restrict interaction with the product until patches are available. The incident highlights broader risks in AI/ML supply chains, including model tampering, intellectual property theft, regulatory penalties, and erosion of consumer trust.
Date Publicly Disclosed: 2025-05
Type: Authentication Bypass
Attack Vector: NetworkMisconfigured Cloud StorageEmbedded Overly Permissive Tokens
Motivation: Data TheftSupply Chain CompromiseAI Model ManipulationIntellectual Property Theft
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Vulnerability.
Impact of the Incidents
What was the impact of each incident ?
Incident : Authentication Bypass WON5303953092525
Data Compromised: User-uploaded images/videos, Ai models, Software binaries, Container images, Scripts, Company source code, Personally identifiable information (pii)
Systems Affected: Wondershare RepairIt applicationCloud storage (Azure/S3-like)AI model repositoriesContainer registries
Operational Impact: Supply chain disruptionLoss of customer trustPotential regulatory penalties
Brand Reputation Impact: High (erosion of consumer trust due to privacy policy violations and data leakage)
Legal Liabilities: Potential GDPR/CCPA violationsRegulatory fines
Identity Theft Risk: High (unencrypted PII exposure)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are User-Generated Content (Images/Videos), Ai Models, Software Binaries, Container Images, Scripts, Source Code, Pii and .
Which entities were affected by each incident ?
Incident : Authentication Bypass WON5303953092525
Entity Name: Wondershare
Entity Type: Software Vendor
Industry: Technology (Multimedia & AI Tools)
Location: Shenzhen, China (HQ)
Customers Affected: Global user base (exact number undisclosed)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Authentication Bypass WON5303953092525
Incident Response Plan Activated: No (vendor unresponsive)
Third Party Assistance: Trend Micro (Disclosure Via Zero Day Initiative).
Containment Measures: Users advised to restrict interaction with Wondershare RepairIt
Communication Strategy: Public disclosure by Trend MicroMedia coverage
What is the company's incident response plan?
Incident Response Plan: The company's incident response plan is described as No (vendor unresponsive).
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Trend Micro (disclosure via Zero Day Initiative), .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Authentication Bypass WON5303953092525
Type of Data Compromised: User-generated content (images/videos), Ai models, Software binaries, Container images, Scripts, Source code, Pii
Sensitivity of Data: High (includes proprietary AI models, source code, and unencrypted PII)
Data Exfiltration: Potential (no confirmed exfiltration reported, but exposure enables abuse)
Data Encryption: None (data stored in plaintext)
File Types Exposed: ImagesVideosExecutablesContainer images (Docker)ScriptsSource code files
Personally Identifiable Information: Yes (user-uploaded content may include PII)
How does the company handle incidents involving personally identifiable information (PII) ?
Handling of PII Incidents: The company handles incidents involving personally identifiable information (PII) through by users advised to restrict interaction with wondershare repairit and .
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Authentication Bypass WON5303953092525
Regulations Violated: Potential GDPR (EU), CCPA (California), Other regional data protection laws,
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : Authentication Bypass WON5303953092525
Lessons Learned: Embedding overly permissive cloud access tokens in application code introduces critical risks., Lack of encryption for sensitive data in cloud storage exacerbates exposure., Weak DevSecOps practices can lead to privacy policy violations and supply chain vulnerabilities., AI/ML supply chains require rigorous security controls to prevent model tampering and downstream attacks., Responsible disclosure does not guarantee vendor responsiveness; users may need to take proactive mitigation steps.
What recommendations were made to prevent future incidents ?
Incident : Authentication Bypass WON5303953092525
Recommendations: Immediately revoke and rotate all embedded cloud access tokens in Wondershare RepairIt., Implement least-privilege access controls for cloud storage and enforce encryption for data at rest., Conduct a thorough security audit of DevSecOps pipelines to identify and remediate similar vulnerabilities., Monitor cloud storage and container registries for unauthorized access or tampering., Users should avoid using Wondershare RepairIt until patches are released and verified., Organizations should assess third-party AI/ML tools for supply chain risks before deployment., Adopt security best practices for MCP servers, including authentication and credential protection.Immediately revoke and rotate all embedded cloud access tokens in Wondershare RepairIt., Implement least-privilege access controls for cloud storage and enforce encryption for data at rest., Conduct a thorough security audit of DevSecOps pipelines to identify and remediate similar vulnerabilities., Monitor cloud storage and container registries for unauthorized access or tampering., Users should avoid using Wondershare RepairIt until patches are released and verified., Organizations should assess third-party AI/ML tools for supply chain risks before deployment., Adopt security best practices for MCP servers, including authentication and credential protection.Immediately revoke and rotate all embedded cloud access tokens in Wondershare RepairIt., Implement least-privilege access controls for cloud storage and enforce encryption for data at rest., Conduct a thorough security audit of DevSecOps pipelines to identify and remediate similar vulnerabilities., Monitor cloud storage and container registries for unauthorized access or tampering., Users should avoid using Wondershare RepairIt until patches are released and verified., Organizations should assess third-party AI/ML tools for supply chain risks before deployment., Adopt security best practices for MCP servers, including authentication and credential protection.Immediately revoke and rotate all embedded cloud access tokens in Wondershare RepairIt., Implement least-privilege access controls for cloud storage and enforce encryption for data at rest., Conduct a thorough security audit of DevSecOps pipelines to identify and remediate similar vulnerabilities., Monitor cloud storage and container registries for unauthorized access or tampering., Users should avoid using Wondershare RepairIt until patches are released and verified., Organizations should assess third-party AI/ML tools for supply chain risks before deployment., Adopt security best practices for MCP servers, including authentication and credential protection.Immediately revoke and rotate all embedded cloud access tokens in Wondershare RepairIt., Implement least-privilege access controls for cloud storage and enforce encryption for data at rest., Conduct a thorough security audit of DevSecOps pipelines to identify and remediate similar vulnerabilities., Monitor cloud storage and container registries for unauthorized access or tampering., Users should avoid using Wondershare RepairIt until patches are released and verified., Organizations should assess third-party AI/ML tools for supply chain risks before deployment., Adopt security best practices for MCP servers, including authentication and credential protection.Immediately revoke and rotate all embedded cloud access tokens in Wondershare RepairIt., Implement least-privilege access controls for cloud storage and enforce encryption for data at rest., Conduct a thorough security audit of DevSecOps pipelines to identify and remediate similar vulnerabilities., Monitor cloud storage and container registries for unauthorized access or tampering., Users should avoid using Wondershare RepairIt until patches are released and verified., Organizations should assess third-party AI/ML tools for supply chain risks before deployment., Adopt security best practices for MCP servers, including authentication and credential protection.Immediately revoke and rotate all embedded cloud access tokens in Wondershare RepairIt., Implement least-privilege access controls for cloud storage and enforce encryption for data at rest., Conduct a thorough security audit of DevSecOps pipelines to identify and remediate similar vulnerabilities., Monitor cloud storage and container registries for unauthorized access or tampering., Users should avoid using Wondershare RepairIt until patches are released and verified., Organizations should assess third-party AI/ML tools for supply chain risks before deployment., Adopt security best practices for MCP servers, including authentication and credential protection.
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Embedding overly permissive cloud access tokens in application code introduces critical risks.,Lack of encryption for sensitive data in cloud storage exacerbates exposure.,Weak DevSecOps practices can lead to privacy policy violations and supply chain vulnerabilities.,AI/ML supply chains require rigorous security controls to prevent model tampering and downstream attacks.,Responsible disclosure does not guarantee vendor responsiveness; users may need to take proactive mitigation steps.
References
Where can I find more information about each incident ?
Incident : Authentication Bypass WON5303953092525
Source: Trend Micro Research Blog
URL: https://www.trendmicro.com/en_us/what-is/zero-day-initiative.html
Date Accessed: 2025-05
Incident : Authentication Bypass WON5303953092525
Source: Kaspersky PoC on MCP Server Risks
Incident : Authentication Bypass WON5303953092525
Source: Palo Alto Networks Unit 42 Report on AI Code Assistant Vulnerabilities
Date Accessed: 2025-05
Incident : Authentication Bypass WON5303953092525
Source: Checkmarx Research on 'Lies-in-the-Loop' (LitL) Attacks
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Trend Micro Research BlogUrl: https://www.trendmicro.com/en_us/what-is/zero-day-initiative.htmlDate Accessed: 2025-05, and Source: Kaspersky PoC on MCP Server Risks, and Source: Palo Alto Networks Unit 42 Report on AI Code Assistant VulnerabilitiesDate Accessed: 2025-05, and Source: Checkmarx Research on 'Lies-in-the-Loop' (LitL) Attacks.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Authentication Bypass WON5303953092525
Investigation Status: Ongoing (vendor unresponsive; third-party research disclosed)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Public Disclosure By Trend Micro and Media Coverage.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : Authentication Bypass WON5303953092525
Stakeholder Advisories: Trend Micro Advisory To Restrict Use Of Wondershare Repairit.
Customer Advisories: Public warning issued via media and security blogs
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: were Trend Micro Advisory To Restrict Use Of Wondershare Repairit, Public Warning Issued Via Media And Security Blogs and .
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Authentication Bypass WON5303953092525
Root Causes: Overly Permissive Cloud Access Tokens Embedded In Application Code., Lack Of Encryption For Sensitive Data In Cloud Storage., Weak Devsecops Practices (E.G., Hardcoded Credentials, Insufficient Access Controls)., Inadequate Vendor Response To Responsible Disclosure.,
Corrective Actions: Token Rotation And Least-Privilege Access Enforcement (Pending Vendor Action)., Data Encryption Implementation For Cloud Storage., Security Audit Of Ci/Cd Pipelines And Third-Party Dependencies., User Awareness Campaigns On Supply Chain Risks In Ai/Ml Tools.,
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Trend Micro (Disclosure Via Zero Day Initiative), .
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Token Rotation And Least-Privilege Access Enforcement (Pending Vendor Action)., Data Encryption Implementation For Cloud Storage., Security Audit Of Ci/Cd Pipelines And Third-Party Dependencies., User Awareness Campaigns On Supply Chain Risks In Ai/Ml Tools., .
Additional Questions
Incident Details
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2025-05.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were User-uploaded images/videos, AI models, Software binaries, Container images, Scripts, Company source code, Personally Identifiable Information (PII) and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Wondershare RepairIt applicationCloud storage (Azure/S3-like)AI model repositoriesContainer registries.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was trend micro (disclosure via zero day initiative), .
What containment measures were taken in the most recent incident ?
Containment Measures in Most Recent Incident: The containment measures taken in the most recent incident was Users advised to restrict interaction with Wondershare RepairIt.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were User-uploaded images/videos, Company source code, AI models, Personally Identifiable Information (PII), Container images, Software binaries and Scripts.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Responsible disclosure does not guarantee vendor responsiveness; users may need to take proactive mitigation steps.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Users should avoid using Wondershare RepairIt until patches are released and verified., Adopt security best practices for MCP servers, including authentication and credential protection., Organizations should assess third-party AI/ML tools for supply chain risks before deployment., Monitor cloud storage and container registries for unauthorized access or tampering., Immediately revoke and rotate all embedded cloud access tokens in Wondershare RepairIt., Implement least-privilege access controls for cloud storage and enforce encryption for data at rest. and Conduct a thorough security audit of DevSecOps pipelines to identify and remediate similar vulnerabilities..
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are Checkmarx Research on 'Lies-in-the-Loop' (LitL) Attacks, Palo Alto Networks Unit 42 Report on AI Code Assistant Vulnerabilities, Trend Micro Research Blog and Kaspersky PoC on MCP Server Risks.
What is the most recent URL for additional resources on cybersecurity best practices ?
Most Recent URL for Additional Resources: The most recent URL for additional resources on cybersecurity best practices is https://www.trendmicro.com/en_us/what-is/zero-day-initiative.html .
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (vendor unresponsive; third-party research disclosed).
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Trend Micro advisory to restrict use of Wondershare RepairIt, .
What was the most recent customer advisory issued ?
Most Recent Customer Advisory: The most recent customer advisory issued was an Public warning issued via media and security blogs.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.
Risk Information
cvss3
Base: 5.4
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Description
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.
Description
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.
Description
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
Risk Information
cvss3
Base: 6.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
cvss4
Base: 6.0
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
Description
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=wondershare-recoverit' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
