We deliver mission-critical insights and tools for impact makers worldwide. Advancing human progress by providing solutions for better outcomes, global outreach, and stakeholder engagement. Let's shape progress together.
Be Part of Progress - together we bring greater understanding to the world Springer Nature is one of the leading publishers of research in the world. We publish the largest number of journals and books and are a pioneer in open research. Through our leading brands, trusted for more than 180 years, we provide technology-enabled products, platforms and services that help researchers to uncover new ideas and share their discoveries, health professionals to stay at the forefront of medical science, and educators to advance learning. We are proud to be part of progress, working together with the communities we serve to share knowledge and bring greater understanding to the world. Global key facts: Established for over 180 years Nearly 10,000 colleagues 200 offices in 45 countries on all continents World’s largest academic book publisher Publisher of Nature, the world’s most influential journal First company to publish more than 1 million Open Access articles Key brands and imprints: Springer Nature is home to some of the best-known names in research, health, educational and professional publishing. Every day, around the globe, our brands reach millions of people. Nature Springer BMC Palgrave Macmillan Apress Macmillan Education Scientific American Springer Health+ Springer Medizin Research Square J.B. Metzler BSL Adis
Security & Compliance Standards Overview
No incidents recorded for Elsevier in 2026.
No incidents recorded for Springer Nature in 2026.
Elsevier cyber incidents detection timeline including parent company and subsidiaries
Springer Nature cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, two peer-facing consensus request handlers assume that the history index is always available and call blockchain.history_store.history_index().unwrap() directly. That assumption is false by construction. HistoryStoreProxy::history_index() explicitly returns None for the valid HistoryStoreProxy::WithoutIndex state. when a full node is syncing or otherwise running without the history index, a remote peer can send RequestTransactionsProof or RequestTransactionReceiptsByAddress and trigger an Option::unwrap() panic on the request path. This issue has been patched in version 1.3.0.
PraisonAI is a multi-agent teams system. Prior to version 1.5.95, FileTools.download_file() in praisonaiagents validates the destination path but performs no validation on the url parameter, passing it directly to httpx.stream() with follow_redirects=True. An attacker who controls the URL can reach any host accessible from the server including cloud metadata services and internal network services. This issue has been patched in version 1.5.95.
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, OAuthManager.validate_token() returns True for any token not found in its internal store, which is empty by default. Any HTTP request to the MCP server with an arbitrary Bearer token is treated as authenticated, granting full access to all registered tools and agent capabilities. This issue has been patched in version 4.5.97.
PraisonAI is a multi-agent teams system. Prior to version 4.5.97, the PraisonAI Gateway server accepts WebSocket connections at /ws and serves agent topology at /info with no authentication. Any network client can connect, enumerate registered agents, and send arbitrary messages to agents and their tool sets. This issue has been patched in version 4.5.97.
PraisonAI is a multi-agent teams system. Prior to version 4.5.90, MCPToolIndex.search_tools() compiles a caller-supplied string directly as a Python regular expression with no validation, sanitization, or timeout. A crafted regex causes catastrophic backtracking in the re engine, blocking the Python thread for hundreds of seconds and causing a complete service outage. This issue has been patched in version 4.5.90.
