CVE 2026 31431 and commonly referred to as “Copy Fail.”

Trust Center

Start your security review
View & download sensitive information
Ask for information
ControlK

Overview

Welcome to KLDiscovery's Trust Center.

There is no room for missteps when it comes to security.

Given the nature of our business, we are entrusted with large amounts of sensitive and confidential information by our clients and understand that security is increasingly imperative for today’s corporations. We invest significant time and money to protect your most sensitive ESI.

Click icon to view certificate or report

ISO/IEC 27001:2022 Logo
ISO/IEC 27001:2022
SOC 2 Type 2 Logo
SOC 2 Type 2
SOC 2 Logo
SOC 2
TISAX Logo
TISAX
PCI DSS v4.0.0 Logo
PCI DSS v4.0.0
HIPAA Logo
HIPAA
HITECH Logo
HITECH
FISMA Moderate Logo
FISMA Moderate
Cyber Essentials Logo
Cyber Essentials
EU-US DPF Logo
EU-US DPF
ISO/IEC 27001 SoA Logo
ISO/IEC 27001 SoA
FSQS Logo
FSQS
GDPR Logo
GDPR
Swiss-US DPF Logo
Swiss-US DPF
DORA Logo
DORA

Documents for viewing or downloading

Featured Documents

REPORTSSecurity Position Paper
POLICIESInformation Security Policy
POLICIESSecurity Trust Center Overview

Self-Assessments

Policies

Security Grades

Reports

Product Security

Access Control

Infrastructure

Data Security

App Security

Network Security

Endpoint Security

Corporate Security

Continuous Monitoring

ESG

Training

Asset Management

Legal

Data Privacy

Change Management

Physical & Environment

BC/DR

Risk Profile

Trust Center Updates

CVE 2026 31431 and commonly referred to as “Copy Fail.”

Copy link
Vulnerabilities

KLDiscovery is aware of a recently disclosed vulnerability tracked as CVE 2026 31431 and commonly referred to as “Copy Fail". Our company has deployed vendor-recommended mitigation designed to reduce risk without requiring an immediate reboot. Also, KLDiscovery has no indicators of exploitation in our environment. We are continuing enhanced monitoring for indicators of exploitation.

Cisco Catalyst SD-WAN Controller Authentication Bypass CVE-2026-20127 February 2026

Copy link
Vulnerabilities

We do not use Cisco for SD Wan and we do not utilize Cisco hardware, therefore, KLDiscovery is not affected by this vulnerability.

KLDiscovery SOC 2 Type II Report Now Available

Copy link
Compliance

KLDiscovery's annual SOC 2 Type II report for 2024-2025 is now available via KLDiscovery's Trust Center at https://trust.kldiscovery.com/?product=ontrack&itemUid=fa950d02-cbb3-4010-b917-7137a7c2a982&source=click

Please reach out to your primary KLDiscovery contact if you have any questions.

Axios: Compromised NPM package (1.14.1 and 0.30.4)

Copy link
Vulnerabilities

Our organization has completed a review of the recently disclosed vulnerabilities affecting specific versions of the Axios (v1.14.1 and v0.30.4) and plain‑crypto‑js (v4.2.1) npm packages. Based on our investigation, we confirm that none of the vulnerable versions have been downloaded, installed, or used in any development, build, or production environment. Although Axios is utilized within certain internal workflows, it is not present in any affected or vulnerable version, and these systems do not process or store customer data.

Vulnerabilities and Exposures events as CVE-2025-55182

Copy link
Vulnerabilities

KLDiscovery does not use the React Server. Concerning this, KLDiscovery is not affected by this vulnerability.

If you think you may have discovered a vulnerability, please send us a note.
Report issue
Built onSafeBase by Drata Logo