npm - @blamejs/exceptd-skills - Versions diffs - 0.12.24 → 0.12.26 - Mend

@blamejs/exceptd-skills 0.12.24 → 0.12.26

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (51) hide show

package/AGENTS.md +12 -4
package/CHANGELOG.md +127 -0
package/data/_indexes/_meta.json +44 -43
package/data/_indexes/activity-feed.json +54 -47
package/data/_indexes/catalog-summaries.json +20 -20
package/data/_indexes/chains.json +561 -6
package/data/_indexes/currency.json +19 -10
package/data/_indexes/frequency.json +207 -55
package/data/_indexes/handoff-dag.json +4 -0
package/data/_indexes/jurisdiction-clocks.json +2 -2
package/data/_indexes/jurisdiction-map.json +25 -12
package/data/_indexes/section-offsets.json +490 -396
package/data/_indexes/stale-content.json +14 -2
package/data/_indexes/summary-cards.json +57 -3
package/data/_indexes/token-budget.json +129 -74
package/data/_indexes/trigger-table.json +66 -0
package/data/_indexes/xref.json +58 -8
package/data/atlas-ttps.json +528 -19
package/data/attack-techniques.json +198 -84
package/data/cve-catalog.json +1309 -9
package/data/exploit-availability.json +300 -10
package/data/framework-control-gaps.json +557 -1
package/data/global-frameworks.json +44 -19
package/data/rfc-references.json +94 -1
package/data/zeroday-lessons.json +475 -13
package/lib/schemas/cve-catalog.schema.json +24 -3
package/manifest-snapshot.json +68 -2
package/manifest-snapshot.sha256 +1 -1
package/manifest.json +145 -59
package/package.json +1 -1
package/sbom.cdx.json +7 -7
package/skills/ai-attack-surface/skill.md +11 -2
package/skills/ai-c2-detection/skill.md +3 -1
package/skills/ai-risk-management/skill.md +3 -1
package/skills/api-security/skill.md +4 -0
package/skills/attack-surface-pentest/skill.md +1 -0
package/skills/container-runtime-security/skill.md +3 -1
package/skills/dlp-gap-analysis/skill.md +1 -1
package/skills/exploit-scoring/skill.md +2 -2
package/skills/incident-response-playbook/skill.md +1 -1
package/skills/kernel-lpe-triage/skill.md +6 -1
package/skills/mcp-agent-trust/skill.md +7 -2
package/skills/mlops-security/skill.md +1 -1
package/skills/rag-pipeline-security/skill.md +4 -2
package/skills/sector-financial/skill.md +1 -1
package/skills/sector-telecom/skill.md +259 -0
package/skills/skill-update-loop/skill.md +1 -1
package/skills/supply-chain-integrity/skill.md +3 -1
package/skills/threat-model-currency/skill.md +1 -1
package/skills/webapp-security/skill.md +2 -0
package/skills/zeroday-gap-learn/skill.md +2 -2

package/data/exploit-availability.json CHANGED Viewed

@@ -1,8 +1,8 @@
 {
   "_meta": {
-    "schema_version": "1.0.0",
-    "last_updated": "2026-05-01",
-    "note": "Tracks PoC availability and weaponization stage per CVE. Update when status changes. last_verified must be within 90 days.",
+    "schema_version": "1.1.0",
+    "last_updated": "2026-05-15",
+    "note": "Tracks PoC availability and weaponization stage per CVE. Update when status changes. last_verified must be within 90 days. v1.1.0 (2026-05-15): added ai_discovery_source enum + ai_assist_factor ladder (low|moderate|high|very_high) per AGENTS.md Hard Rule #7.",
     "tlp": "CLEAR",
     "source_confidence": {
       "scheme": "Admiralty (A-F + 1-6)",
@@ -21,6 +21,9 @@
     "poc_description": "Demonstrated in controlled environment — adversarial instructions in PR description field trigger code execution via GitHub Copilot interaction.",
     "weaponization_stage": "demonstrated",
     "ai_discovery_confirmed": false,
+    "ai_discovery_source": "unknown",
+    "ai_discovery_notes": "ai_discovery_confirmed=false means AI did not discover the bug (or provenance is unknown). ai_tool_enabled=true means the attack surface IS an AI tool (Copilot). These are orthogonal axes; the cve-catalog.json companion entry uses ai_assisted_weaponization=true for the same semantics as ai_tool_enabled here.",
+    "ai_assist_factor": "moderate",
     "ai_tool_enabled": true,
     "exploit_complexity": "low",
     "last_verified": "2026-05-01",
@@ -31,6 +34,8 @@
     "poc_description": "Conceptual exploit demonstrated — malicious MCP server → zero-interaction RCE via AI client vulnerability in Windsurf.",
     "weaponization_stage": "partial",
     "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
     "exploit_complexity": "low_once_mcp_server_installed",
     "last_verified": "2026-05-01",
     "verification_source": "NVD, Windsurf vendor advisory"
@@ -40,6 +45,8 @@
     "poc_description": "Single-stage deterministic root escalation script, reported as 732 bytes. No race condition. Requires unprivileged local code execution.",
     "weaponization_stage": "fully_weaponized",
     "ai_discovery_confirmed": true,
+    "ai_discovery_source": "vendor_research",
+    "ai_assist_factor": "very_high",
     "ai_discovery_notes": "Researcher reports AI system discovery in approximately 1 hour via automated vulnerability analysis",
     "metasploit_module": "unknown",
     "exploit_complexity": "low",
@@ -51,6 +58,8 @@
     "poc_description": "GHSA-4xqg-gf5c-ghwq publishes argv-injection PoC: invoke port_forward MCP tool with resourceName containing space-delimited kubectl flags (--address=0.0.0.0, -n kube-system). Attacker-controllable flags reach kubectl via .split(' ') concatenation.",
     "weaponization_stage": "partially_weaponized",
     "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
     "ai_assisted_weaponization": false,
     "exploit_complexity": "low",
     "complexity_notes": "Requires upstream prompt-injection vector (RAG / PR / issue) to deliver the tainted resourceName to the AI assistant; pure-MCP-server exploitation impractical without an LLM-mediated step.",
@@ -63,6 +72,8 @@
     "poc_description": "GHSA-r75f-5x8p-qvmc documents the SQL injection sink shape — crafted Authorization header reaches the vulnerable query via error-handling paths. CISA KEV listing 2026-05-08 confirms in-wild exploitation.",
     "weaponization_stage": "fully_weaponized",
     "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
     "ai_assisted_weaponization": false,
     "exploit_complexity": "low",
     "complexity_notes": "Curl-able exploit — POST /chat/completions with SQLi payload in Authorization header. No auth required.",
@@ -74,25 +85,33 @@
     "poc_status": "public",
     "poc_description": "Chain component — exploits ESP/IPsec subsystem. Requires combination with CVE-2026-43500 or independent gadget chain.",
     "weaponization_stage": "partially_weaponized",
-    "ai_discovery_confirmed": false,
+    "ai_discovery_confirmed": true,
+    "ai_discovery_source": "vendor_research",
+    "ai_assist_factor": "high",
+    "ai_discovery_notes": "Disclosed by Hyunwoo Kim; AI-assisted discovery assessed as likely by Sysdig + Help Net Security given 9-year exposure gap (ESP path landed Jan 2017) and same primitive class as AI-discovered Copy Fail.",
     "exploit_complexity": "moderate",
-    "last_verified": "2026-05-01",
-    "verification_source": "NVD references, researcher (Hyunwoo Kim) disclosure"
+    "last_verified": "2026-05-15",
+    "verification_source": "NVD references, researcher (Hyunwoo Kim) disclosure, Sysdig analysis, Help Net Security"
   },
   "CVE-2026-43500": {
     "poc_status": "public",
     "poc_description": "Chain component — RxRPC subsystem. Used with CVE-2026-43284.",
     "weaponization_stage": "partially_weaponized",
-    "ai_discovery_confirmed": false,
+    "ai_discovery_confirmed": true,
+    "ai_discovery_source": "vendor_research",
+    "ai_assist_factor": "high",
+    "ai_discovery_notes": "Co-disclosed sibling of CVE-2026-43284; same AI-assisted-discovery assessment applies.",
     "exploit_complexity": "moderate",
-    "last_verified": "2026-05-01",
-    "verification_source": "NVD references, researcher (Hyunwoo Kim) disclosure"
+    "last_verified": "2026-05-15",
+    "verification_source": "NVD references, researcher (Hyunwoo Kim) disclosure, Sysdig analysis"
   },
   "CVE-2026-45321": {
     "poc_status": "public",
     "poc_description": "84 malicious versions published across 42 @tanstack/* packages 2026-05-11 — the worm itself IS the PoC. Payload analysis published by multiple researchers within 20 minutes; SHA-256 anchors and C2 infrastructure documented in cve-catalog.json iocs block.",
     "weaponization_stage": "fully_weaponized",
     "ai_discovery_confirmed": false,
+    "ai_discovery_source": "threat_actor_ai_built",
+    "ai_assist_factor": "low",
     "ai_assisted_weaponization": false,
     "exploit_complexity": "high",
     "complexity_notes": "Chain requires upstream maintainer to have pull_request_target plus cache plus id-token:write — present in TanStack but not universally. Downstream consumers experience the chain as a low-complexity install of a yanked-but-cached version.",
@@ -105,6 +124,8 @@
     "poc_description": "Orphan commit b1e4b1f3aad0d489ab0e9208031c67402bbb8480 still readable on GitHub. The .pth-file install-time payload mechanism is documented; exfiltration domain igotnofriendsonlineorirl-imgonnakmslmao.skyhanni.cloud was live during the 8h exposure window (2026-04-24 22:20Z through 2026-04-25 ~06:30Z).",
     "weaponization_stage": "fully_weaponized",
     "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
     "ai_assisted_weaponization": false,
     "exploit_complexity": "low",
     "complexity_notes": "Primitive is GitHub Actions script injection via ${{ github.event.comment.body }} in a run: step. Anyone with a GitHub account can comment on a public PR.",
@@ -118,7 +139,10 @@
     "weaponization_stage": "demonstrated",
     "exploit_class": "deterministic LPE primitive",
     "maturity_tier": "PoC",
-    "ai_discovery_confirmed": false,
+    "ai_discovery_confirmed": true,
+    "ai_discovery_source": "vendor_research",
+    "ai_assist_factor": "very_high",
+    "ai_discovery_notes": "Discovered by William Bowling (Zellic.io / V12 security team) with assistance from Zellic's AI-agentic code-auditing tool. Anchor case for AI-driven autonomous discovery in 2026; cycle-5 backfill correction to the originally-tagged ai_discovery_confirmed=false.",
     "ai_assisted_weaponization": false,
     "exploit_complexity": "low",
     "complexity_notes": "Single-stage, deterministic. Same primitive class as Dirty Frag (CVE-2026-43284 / CVE-2026-43500) — the bug was introduced by the patch for Dirty Frag, so existing module-unload mitigations for esp4 / esp6 / rxrpc also mitigate Fragnesia.",
@@ -127,5 +151,271 @@
     "poc_observed_at": "2026-05-13",
     "last_verified": "2026-05-14",
     "verification_source": "NVD CVE-2026-46300, V12 security team disclosure, AlmaLinux + CloudLinux advisories, Microsoft Security Blog (Dirty Frag family analysis)"
+  },
+  "CVE-2024-21626": {
+    "poc_status": "public",
+    "poc_description": "Snyk Labs PoC and multiple public exploit scripts; container-escape via leaked /proc/self/fd file descriptor.",
+    "weaponization_stage": "fully_weaponized",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "low",
+    "active_exploitation": "confirmed",
+    "last_verified": "2026-05-15",
+    "verification_source": "NVD, CISA KEV, Snyk Labs Leaky Vessels disclosure"
+  },
+  "CVE-2024-3094": {
+    "poc_status": "public",
+    "poc_description": "Backdoor IS the PoC. Public reverse-engineering writeups by Andres Freund, Akamai, JFrog, Binarly cover the m4 macro chain, IFUNC override, and sshd RSA pubkey trigger.",
+    "weaponization_stage": "fully_weaponized",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "high",
+    "complexity_notes": "Operational exploitation requires the Ed448 signing key embedded in the backdoor; mass scanning yields detection-not-exploitation.",
+    "active_exploitation": "suspected",
+    "last_verified": "2026-05-15",
+    "verification_source": "NVD, CISA, Andres Freund openwall disclosure, Akamai + JFrog + Binarly analyses"
+  },
+  "CVE-2024-3154": {
+    "poc_status": "public",
+    "poc_description": "Public PoC demonstrates kernel-module load via crafted pod spec — attacker controls modprobe argument path.",
+    "weaponization_stage": "demonstrated",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "low",
+    "active_exploitation": "unknown",
+    "last_verified": "2026-05-15",
+    "verification_source": "NVD, CRI-O GHSA"
+  },
+  "CVE-2023-43472": {
+    "poc_status": "public",
+    "poc_description": "Protect AI Huntr submission — single-request path-traversal against the MLflow artifact-fetch endpoint.",
+    "weaponization_stage": "demonstrated",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "bug_bounty_ai_augmented",
+    "ai_assist_factor": "moderate",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "low",
+    "active_exploitation": "unknown",
+    "last_verified": "2026-05-15",
+    "verification_source": "NVD, Protect AI Huntr disclosure"
+  },
+  "CVE-2020-10148": {
+    "poc_status": "public",
+    "poc_description": "CISA AA20-352A and follow-on community writeups document the SkipI18nStrings URI-pattern bypass.",
+    "weaponization_stage": "fully_weaponized",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "low",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "Used at scale during SUNBURST campaign against US federal and Fortune 500 networks.",
+    "last_verified": "2026-05-15",
+    "verification_source": "NVD, CISA AA20-352A, SolarWinds advisory"
+  },
+  "CVE-2023-3519": {
+    "poc_status": "public",
+    "poc_description": "Multiple public PoCs (Mandiant, AssetNote) cover the pre-auth SAML stack-overflow chain.",
+    "weaponization_stage": "fully_weaponized",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "low",
+    "active_exploitation": "confirmed",
+    "last_verified": "2026-05-15",
+    "verification_source": "NVD, CISA KEV, Citrix advisory CTX561482, Mandiant + AssetNote"
+  },
+  "CVE-2024-1709": {
+    "poc_status": "public",
+    "poc_description": "/SetupWizard.aspx/anything one-liner auth bypass; public PoC and Metasploit module within 48 hours of disclosure.",
+    "weaponization_stage": "fully_weaponized",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "metasploit_module": "exploit/multi/http/connectwise_screenconnect_auth_bypass",
+    "exploit_complexity": "low",
+    "active_exploitation": "confirmed",
+    "last_verified": "2026-05-15",
+    "verification_source": "NVD, CISA KEV, ConnectWise advisory, Rapid7 + Huntress"
+  },
+  "CVE-2026-20182": {
+    "poc_status": "private",
+    "poc_description": "No public PoC at KEV-listing 2026-05-14. Cisco vendor advisory references observed exploitation by named threat group.",
+    "weaponization_stage": "fully_weaponized",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "unknown",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "low",
+    "active_exploitation": "confirmed",
+    "last_verified": "2026-05-15",
+    "verification_source": "CISA KEV 2026-05-14, Cisco PSIRT advisory"
+  },
+  "CVE-2024-40635": {
+    "poc_status": "demonstrated",
+    "poc_description": "Snyk Labs disclosure includes CIDR overflow PoC; cross-namespace IP allocation aliasing demonstrated in lab.",
+    "weaponization_stage": "demonstrated",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "moderate",
+    "active_exploitation": "unknown",
+    "last_verified": "2026-05-15",
+    "verification_source": "NVD, Snyk Labs disclosure, containerd GHSA"
+  },
+  "MAL-2026-TANSTACK-MINI": {
+    "poc_status": "public",
+    "poc_description": "84 malicious versions across 42 @tanstack/* packages 2026-05-11; payload self-propagates by republishing to any package the host has npm-publish rights on.",
+    "weaponization_stage": "fully_weaponized",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "low",
+    "complexity_notes": "Self-propagating supply-chain worm; consumer-side exploitation is install-time before any review.",
+    "active_exploitation": "confirmed",
+    "last_verified": "2026-05-15",
+    "verification_source": "TanStack security advisory 2026-05-11, npm advisories"
+  },
+  "MAL-2026-ANTHROPIC-MCP-STDIO": {
+    "poc_status": "private",
+    "poc_description": "Embargoed reproduction in vendor channel; operator-side mitigations published while CVE assignment is pending.",
+    "weaponization_stage": "partially_weaponized",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "vendor_research",
+    "ai_assist_factor": "moderate",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "low",
+    "active_exploitation": "unknown",
+    "last_verified": "2026-05-15",
+    "verification_source": "Anthropic security channel, MCP project advisory"
+  },
+  "CVE-2026-GTIG-AI-2FA": {
+    "poc_status": "private",
+    "poc_description": "Embargoed per GTIG. AI-built exploit code observed in-the-wild against an unnamed enterprise 2FA service.",
+    "weaponization_stage": "fully_weaponized",
+    "ai_discovery_confirmed": true,
+    "ai_discovery_source": "threat_actor_ai_built",
+    "ai_assist_factor": "very_high",
+    "ai_discovery_notes": "First documented case of a fully AI-BUILT zero-day exploit observed in-the-wild — threat actor used a frontier LLM to construct the auth-state-confusion payload.",
+    "ai_assisted_weaponization": true,
+    "exploit_complexity": "moderate",
+    "active_exploitation": "confirmed",
+    "last_verified": "2026-05-15",
+    "verification_source": "GTIG 2026-05-11 report, Google Cloud Threat Intelligence"
+  },
+  "CVE-2026-30623": {
+    "poc_status": "public",
+    "poc_description": "Public advisory documents the argv-string concatenation in MCP-client stdio transport; researcher-published PoC chains operator-config to shell-meta injection.",
+    "weaponization_stage": "demonstrated",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "unknown",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "low",
+    "active_exploitation": "suspected",
+    "last_verified": "2026-05-15",
+    "verification_source": "NVD CVE-2026-30623, Anthropic GHSA"
+  },
+  "CVE-2025-12686": {
+    "poc_status": "public",
+    "poc_description": "Pwn2Own Ireland 2025 full-chain demonstration on Synology BeeStation; researcher writeup published post-disclosure.",
+    "weaponization_stage": "demonstrated",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "low",
+    "active_exploitation": "unknown",
+    "last_verified": "2026-05-15",
+    "verification_source": "ZDI Pwn2Own Ireland 2025, NVD"
+  },
+  "CVE-2025-62847": {
+    "poc_status": "demonstrated",
+    "poc_description": "Pwn2Own Ireland 2025 chain component 1/3 against QNAP QTS/QuTS hero; combined with CVE-2025-62848 and CVE-2025-62849 for full unauth RCE.",
+    "weaponization_stage": "demonstrated",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "moderate",
+    "active_exploitation": "unknown",
+    "last_verified": "2026-05-15",
+    "verification_source": "ZDI Pwn2Own Ireland 2025, QNAP PSIRT"
+  },
+  "CVE-2025-62848": {
+    "poc_status": "demonstrated",
+    "poc_description": "Pwn2Own Ireland 2025 chain component 2/3; chained with CVE-2025-62847 and CVE-2025-62849.",
+    "weaponization_stage": "demonstrated",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "moderate",
+    "active_exploitation": "unknown",
+    "last_verified": "2026-05-15",
+    "verification_source": "ZDI Pwn2Own Ireland 2025, QNAP PSIRT"
+  },
+  "CVE-2025-62849": {
+    "poc_status": "demonstrated",
+    "poc_description": "Pwn2Own Ireland 2025 chain component 3/3 — post-auth privilege escalation.",
+    "weaponization_stage": "demonstrated",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "moderate",
+    "active_exploitation": "unknown",
+    "last_verified": "2026-05-15",
+    "verification_source": "ZDI Pwn2Own Ireland 2025, QNAP PSIRT"
+  },
+  "CVE-2025-59389": {
+    "poc_status": "demonstrated",
+    "poc_description": "Summoning Team / Sina Kheirkhah Pwn2Own Ireland 2025 demonstration on QNAP Hyper Data Protector — critical unauth RCE on backup-orchestration appliance.",
+    "weaponization_stage": "demonstrated",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "low",
+    "active_exploitation": "unknown",
+    "last_verified": "2026-05-15",
+    "verification_source": "ZDI Pwn2Own Ireland 2025, QNAP PSIRT"
+  },
+  "CVE-2025-11837": {
+    "poc_status": "demonstrated",
+    "poc_description": "Code-injection in QNAP Malware Remover. The affected software is itself a security tool — high theater-detection signal per AGENTS.md Hard Rule #6.",
+    "weaponization_stage": "demonstrated",
+    "ai_discovery_confirmed": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_assist_factor": "low",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "low",
+    "active_exploitation": "unknown",
+    "last_verified": "2026-05-15",
+    "verification_source": "QNAP PSIRT advisory"
+  },
+  "CVE-2026-42945": {
+    "poc_status": "public",
+    "poc_description": "depthfirst-disclosure published PoC at https://github.com/depthfirstdisclosures/nginx-rift — heap buffer overflow in rewrite-directive PCRE unnamed-capture handling. Single HTTP request, no auth.",
+    "weaponization_stage": "fully_weaponized",
+    "ai_discovery_confirmed": true,
+    "ai_discovery_source": "academic_ai_fuzzing",
+    "ai_assist_factor": "very_high",
+    "ai_discovery_notes": "First publicly-attributed AI-discovered nginx CVE. Discovery by depthfirst autonomous-analysis platform on a code path present in every nginx release for 18 years.",
+    "ai_assisted_weaponization": false,
+    "exploit_complexity": "low",
+    "active_exploitation": "none",
+    "last_verified": "2026-05-15",
+    "verification_source": "depthfirst-disclosure GitHub, F5 K000150420, nginx security advisories"
   }
 }