COOEY // HUBcompliance · community · intelligence

FAIL // hall of shame

The security failures of FedRAMP vendors, their competitors, and the hardware they ship — ranked by zero-days, remote code execution, active exploitation, sheer embarrassment, and False-Claims-Act recoveries. A dex.sgc.ai RAG curator writes each event's summary and scores how avoidable the failure was; every name links to its dossier.

725
on the board
1
zero-days
243
RCEs
102
exploited
554
assessed
$82M
FCA recovered
Overview☣ Most embarrassing◐ Most zero-days⚡ Most RCEs⌖ Most exploited⚖ Biggest FCA recoveries
All playersCompaniesVendorsProducts / HW ◧ FedRAMP only

☣ Most embarrassing

Ranked by how avoidable and reputation-shredding their worst failure was — the dex curator's grounded 0–100 verdict.

  1. 241
    openwebui vendor
    shame 25
    25shame
  2. 242
    gnome vendor
    shame 25
    25shame
  3. 243
    kjur vendor
    shame 25
    25shame
  4. 244
    daktronics vendor
    shame 25
    25shame
  5. 245
    foxit vendor
    shame 25
    25shame
  6. 246
    openbsd vendor
    shame 25
    25shame
  7. 247
    open-xchange vendor
    shame 25
    25shame
  8. 248
    dovecot vendor
    shame 25
    25shame
  9. 249
    trailofbits vendor
    shame 25
    25shame
  10. 250
    canonical vendor
    shame 25
    25shame
  11. 251
    kubernetes vendor
    shame 25
    25shame
  12. 252
    digitalbazaar vendor
    shame 25
    25shame
  13. 253
    netty vendor
    shame 25
    25shame
  14. 254
    progress vendor
    shame 20
    20shame
  15. 255
    hcltech vendor
    shame 20
    20shame
◄ prev page 7 / 7 next ► · 255 total