Commercial real estate software faces rising cybersecurity threats and outdated risks

Your next property deal could be one cyberattack away from disaster. Why outdated code and lax maintenance are turning real estate software into a hacker's playground.

, and ASMedia

2026 March 10 . 1:08 AM

1 min read

The image shows a map of the United States with logos of various companies, indicating the... — The image shows a map of the United States with logos of various companies, indicating the locations of the software ecosystem. The text on the map provides further details about the companies and their locations.

Commercial real estate software faces rising cybersecurity threats and outdated risks

A new report highlights growing risks in commercial real estate software as vulnerabilities surge and outdated components remain widespread. Nearly all applications now rely on open-source code, yet many organizations struggle with security and compliance challenges. The findings also reveal a sharp rise in supply chain attacks over the past year.

The average number of vulnerabilities per codebase more than doubled in 12 months, jumping from 280 to 581. At the same time, median file counts grew by over a third, with many projects now containing tens of thousands of files. Researchers found that most codebases hold at least one high-risk flaw, while nearly half include critical vulnerabilities.

Open-source components appear in almost every commercial real estate application, yet maintenance often lags. Over 90% of audited codebases contain parts that are years out of date or no longer actively developed. License conflicts also reached record levels, affecting more than two-thirds of the projects reviewed.

Supply chain attacks have become a major threat, with 65% of surveyed organizations reporting at least one incident in the past year. While exact figures for Germany in 2025 remain undocumented, broader cyber threats—such as ransomware—have hit small and medium-sized businesses hardest, particularly in construction, finance, IT, and wholesale sectors.

The EU's Cyber Resilience Act now requires manufacturers to track vulnerabilities throughout a product's lifecycle. Companies must ensure access to updates and maintain proper documentation to comply with the new rules.

The report underscores the scale of security gaps in modern commercial real estate software development. With vulnerabilities rising and outdated components persisting, organizations face higher risks of breaches and compliance failures. The EU's regulations aim to enforce stricter controls, but implementation will require significant changes in how companies manage their codebases.

Latest

The image shows a chart depicting the European plastic market trends in 2017. The chart is...

Your Financial Hub

Aluminum and steel prices surge as geopolitical tensions disrupt global supply chains

From Middle East tensions to India's booming construction sector, volatile metal markets are reshaping industries. Can companies survive the cost surge?

, and ASMedia

2026 March 10

The image shows a black and white drawing of a map of the United States of America with the words...

Local Weather Updates

Altai Territory braces for a sudden late-February thaw after extreme cold

From -40°C to a fleeting thaw—Altai's wild weather whiplash isn't over yet. Residents should brace for more dramatic swings ahead.

, and ASMedia

2026 March 10

The image shows a map of the United States with the statewide precipitation ranks for December...

Local Weather Updates

Easter 2026 Weather Forecast: Three Possible Scenarios for Early Spring Celebrations

Will Easter 2026 bring balmy sunshine or a wintry surprise? Long-range forecasts reveal shifting odds, but one scenario stands out. Here's what to expect.

, and ASMedia

2026 March 10