@blamejs/exceptd-skills 0.13.0 → 0.13.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/CHANGELOG.md +33 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +494 -10
  6. package/data/atlas-ttps.json +1 -0
  7. package/data/attack-techniques.json +13 -4
  8. package/data/cve-catalog.json +177 -3
  9. package/data/cwe-catalog.json +7 -3
  10. package/data/framework-control-gaps.json +19 -7
  11. package/data/zeroday-lessons.json +178 -0
  12. package/lib/refresh-external.js +7 -0
  13. package/lib/source-advisories.js +281 -0
  14. package/manifest.json +44 -44
  15. package/orchestrator/index.js +175 -0
  16. package/package.json +1 -1
  17. package/sbom.cdx.json +29 -18
package/data/_indexes/chains.json CHANGED
@@ -5351,6 +5351,460 @@
5351
5351
  ]
5352
5352
  }
5353
5353
  },
5354
+ "CVE-2026-46333": {
5355
+ "name": "ssh-keysign-pwn",
5356
+ "rwep": 30,
5357
+ "cvss": 7,
5358
+ "cisa_kev": false,
5359
+ "referencing_skills": [
5360
+ "kernel-lpe-triage",
5361
+ "attack-surface-pentest",
5362
+ "ot-ics-security",
5363
+ "coordinated-vuln-disclosure",
5364
+ "sector-energy"
5365
+ ],
5366
+ "chain": {
5367
+ "cwes": [
5368
+ {
5369
+ "id": "CWE-1037",
5370
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
5371
+ "category": "Hardware / Side Channel"
5372
+ },
5373
+ {
5374
+ "id": "CWE-125",
5375
+ "name": "Out-of-bounds Read",
5376
+ "category": "Memory Safety"
5377
+ },
5378
+ {
5379
+ "id": "CWE-1357",
5380
+ "name": "Reliance on Insufficiently Trustworthy Component",
5381
+ "category": "Supply Chain"
5382
+ },
5383
+ {
5384
+ "id": "CWE-1395",
5385
+ "name": "Dependency on Vulnerable Third-Party Component",
5386
+ "category": "Supply Chain"
5387
+ },
5388
+ {
5389
+ "id": "CWE-22",
5390
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
5391
+ "category": "Path/Resource"
5392
+ },
5393
+ {
5394
+ "id": "CWE-269",
5395
+ "name": "Improper Privilege Management",
5396
+ "category": "Authorization"
5397
+ },
5398
+ {
5399
+ "id": "CWE-287",
5400
+ "name": "Improper Authentication",
5401
+ "category": "Authentication"
5402
+ },
5403
+ {
5404
+ "id": "CWE-306",
5405
+ "name": "Missing Authentication for Critical Function",
5406
+ "category": "Authentication"
5407
+ },
5408
+ {
5409
+ "id": "CWE-352",
5410
+ "name": "Cross-Site Request Forgery (CSRF)",
5411
+ "category": "Session"
5412
+ },
5413
+ {
5414
+ "id": "CWE-362",
5415
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
5416
+ "category": "Concurrency"
5417
+ },
5418
+ {
5419
+ "id": "CWE-416",
5420
+ "name": "Use After Free",
5421
+ "category": "Memory Safety"
5422
+ },
5423
+ {
5424
+ "id": "CWE-434",
5425
+ "name": "Unrestricted Upload of File with Dangerous Type",
5426
+ "category": "File Handling"
5427
+ },
5428
+ {
5429
+ "id": "CWE-672",
5430
+ "name": "Operation on a Resource after Expiration or Release",
5431
+ "category": "Memory Safety"
5432
+ },
5433
+ {
5434
+ "id": "CWE-732",
5435
+ "name": "Incorrect Permission Assignment for Critical Resource",
5436
+ "category": "Authorization"
5437
+ },
5438
+ {
5439
+ "id": "CWE-78",
5440
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
5441
+ "category": "Injection"
5442
+ },
5443
+ {
5444
+ "id": "CWE-787",
5445
+ "name": "Out-of-bounds Write",
5446
+ "category": "Memory Safety"
5447
+ },
5448
+ {
5449
+ "id": "CWE-79",
5450
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
5451
+ "category": "Injection"
5452
+ },
5453
+ {
5454
+ "id": "CWE-798",
5455
+ "name": "Use of Hard-coded Credentials",
5456
+ "category": "Credentials"
5457
+ },
5458
+ {
5459
+ "id": "CWE-89",
5460
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
5461
+ "category": "Injection"
5462
+ },
5463
+ {
5464
+ "id": "CWE-918",
5465
+ "name": "Server-Side Request Forgery (SSRF)",
5466
+ "category": "Network"
5467
+ }
5468
+ ],
5469
+ "atlas": [
5470
+ {
5471
+ "id": "AML.T0010",
5472
+ "name": "ML Supply Chain Compromise",
5473
+ "tactic": "Initial Access"
5474
+ },
5475
+ {
5476
+ "id": "AML.T0043",
5477
+ "name": "Craft Adversarial Data",
5478
+ "tactic": "ML Attack Staging"
5479
+ },
5480
+ {
5481
+ "id": "AML.T0051",
5482
+ "name": "LLM Prompt Injection",
5483
+ "tactic": "Execution"
5484
+ }
5485
+ ],
5486
+ "d3fend": [
5487
+ {
5488
+ "id": "D3-ASLR",
5489
+ "name": "Address Space Layout Randomization",
5490
+ "tactic": "Harden"
5491
+ },
5492
+ {
5493
+ "id": "D3-CSPP",
5494
+ "name": "Client-server Payload Profiling",
5495
+ "tactic": "Detect"
5496
+ },
5497
+ {
5498
+ "id": "D3-EAL",
5499
+ "name": "Executable Allowlisting",
5500
+ "tactic": "Harden"
5501
+ },
5502
+ {
5503
+ "id": "D3-NTA",
5504
+ "name": "Network Traffic Analysis",
5505
+ "tactic": "Detect"
5506
+ },
5507
+ {
5508
+ "id": "D3-PHRA",
5509
+ "name": "Process Hardware Resource Access",
5510
+ "tactic": "Isolate"
5511
+ },
5512
+ {
5513
+ "id": "D3-PSEP",
5514
+ "name": "Process Segment Execution Prevention",
5515
+ "tactic": "Harden"
5516
+ }
5517
+ ],
5518
+ "framework_gaps": [
5519
+ {
5520
+ "id": "CIS-Controls-v8-Control7",
5521
+ "framework": "CIS Controls v8",
5522
+ "control_name": "Continuous Vulnerability Management"
5523
+ },
5524
+ {
5525
+ "id": "IEC-62443-3-3",
5526
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
5527
+ "control_name": "System security requirements and security levels"
5528
+ },
5529
+ {
5530
+ "id": "ISO-27001-2022-A.8.8",
5531
+ "framework": "ISO/IEC 27001:2022",
5532
+ "control_name": "Management of technical vulnerabilities"
5533
+ },
5534
+ {
5535
+ "id": "NERC-CIP-007-6-R4",
5536
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
5537
+ "control_name": "Security event monitoring"
5538
+ },
5539
+ {
5540
+ "id": "NIS2-Art21-patch-management",
5541
+ "framework": "EU NIS2 Directive",
5542
+ "control_name": "Vulnerability handling and disclosure"
5543
+ },
5544
+ {
5545
+ "id": "NIST-800-115",
5546
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
5547
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
5548
+ },
5549
+ {
5550
+ "id": "NIST-800-218-SSDF",
5551
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
5552
+ "control_name": "Secure Software Development Framework"
5553
+ },
5554
+ {
5555
+ "id": "NIST-800-53-SC-8",
5556
+ "framework": "NIST SP 800-53 Rev 5",
5557
+ "control_name": "Transmission Confidentiality and Integrity"
5558
+ },
5559
+ {
5560
+ "id": "NIST-800-53-SI-2",
5561
+ "framework": "NIST SP 800-53 Rev 5",
5562
+ "control_name": "Flaw Remediation"
5563
+ },
5564
+ {
5565
+ "id": "NIST-800-82r3",
5566
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
5567
+ "control_name": "Guide to Operational Technology (OT) Security"
5568
+ },
5569
+ {
5570
+ "id": "OWASP-Pen-Testing-Guide-v5",
5571
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
5572
+ "control_name": "Web application penetration testing methodology"
5573
+ },
5574
+ {
5575
+ "id": "PCI-DSS-4.0-6.3.3",
5576
+ "framework": "PCI DSS 4.0",
5577
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
5578
+ },
5579
+ {
5580
+ "id": "PTES-Pre-engagement",
5581
+ "framework": "Penetration Testing Execution Standard (PTES)",
5582
+ "control_name": "Pre-engagement Interactions"
5583
+ },
5584
+ {
5585
+ "id": "SOC2-CC9-vendor-management",
5586
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
5587
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
5588
+ }
5589
+ ],
5590
+ "attack_refs": [
5591
+ "T0855",
5592
+ "T0883",
5593
+ "T1059",
5594
+ "T1068",
5595
+ "T1078",
5596
+ "T1133",
5597
+ "T1190",
5598
+ "T1548.001"
5599
+ ],
5600
+ "rfc_refs": [
5601
+ "RFC-4301",
5602
+ "RFC-4303",
5603
+ "RFC-7296"
5604
+ ]
5605
+ }
5606
+ },
5607
+ "MAL-2026-SHAI-HULUD-OSS": {
5608
+ "name": "Shai-Hulud worm framework (TeamPCP open-source release)",
5609
+ "rwep": 70,
5610
+ "cvss": 9.8,
5611
+ "cisa_kev": false,
5612
+ "referencing_skills": [
5613
+ "supply-chain-integrity",
5614
+ "sector-federal-government",
5615
+ "container-runtime-security",
5616
+ "mlops-security"
5617
+ ],
5618
+ "chain": {
5619
+ "cwes": [
5620
+ {
5621
+ "id": "CWE-1188",
5622
+ "name": "Initialization of a Resource with an Insecure Default",
5623
+ "category": "Configuration"
5624
+ },
5625
+ {
5626
+ "id": "CWE-1357",
5627
+ "name": "Reliance on Insufficiently Trustworthy Component",
5628
+ "category": "Supply Chain"
5629
+ },
5630
+ {
5631
+ "id": "CWE-1395",
5632
+ "name": "Dependency on Vulnerable Third-Party Component",
5633
+ "category": "Supply Chain"
5634
+ },
5635
+ {
5636
+ "id": "CWE-1426",
5637
+ "name": "Improper Validation of Generative AI Output",
5638
+ "category": "AI/ML"
5639
+ },
5640
+ {
5641
+ "id": "CWE-269",
5642
+ "name": "Improper Privilege Management",
5643
+ "category": "Authorization"
5644
+ },
5645
+ {
5646
+ "id": "CWE-494",
5647
+ "name": "Download of Code Without Integrity Check",
5648
+ "category": "Supply Chain"
5649
+ },
5650
+ {
5651
+ "id": "CWE-502",
5652
+ "name": "Deserialization of Untrusted Data",
5653
+ "category": "Serialization"
5654
+ },
5655
+ {
5656
+ "id": "CWE-732",
5657
+ "name": "Incorrect Permission Assignment for Critical Resource",
5658
+ "category": "Authorization"
5659
+ },
5660
+ {
5661
+ "id": "CWE-787",
5662
+ "name": "Out-of-bounds Write",
5663
+ "category": "Memory Safety"
5664
+ },
5665
+ {
5666
+ "id": "CWE-829",
5667
+ "name": "Inclusion of Functionality from Untrusted Control Sphere",
5668
+ "category": "Supply Chain"
5669
+ }
5670
+ ],
5671
+ "atlas": [
5672
+ {
5673
+ "id": "AML.T0010",
5674
+ "name": "ML Supply Chain Compromise",
5675
+ "tactic": "Initial Access"
5676
+ },
5677
+ {
5678
+ "id": "AML.T0017",
5679
+ "name": "Discover ML Model Ontology",
5680
+ "tactic": "Discovery"
5681
+ },
5682
+ {
5683
+ "id": "AML.T0018",
5684
+ "name": "Backdoor ML Model",
5685
+ "tactic": "Persistence"
5686
+ },
5687
+ {
5688
+ "id": "AML.T0020",
5689
+ "name": "Poison Training Data",
5690
+ "tactic": "ML Attack Staging"
5691
+ },
5692
+ {
5693
+ "id": "AML.T0043",
5694
+ "name": "Craft Adversarial Data",
5695
+ "tactic": "ML Attack Staging"
5696
+ }
5697
+ ],
5698
+ "d3fend": [
5699
+ {
5700
+ "id": "D3-CBAN",
5701
+ "name": "Certificate-based Authentication",
5702
+ "tactic": "Harden"
5703
+ },
5704
+ {
5705
+ "id": "D3-EAL",
5706
+ "name": "Executable Allowlisting",
5707
+ "tactic": "Harden"
5708
+ },
5709
+ {
5710
+ "id": "D3-EHB",
5711
+ "name": "Executable Hashbased Allowlist",
5712
+ "tactic": "Harden"
5713
+ }
5714
+ ],
5715
+ "framework_gaps": [
5716
+ {
5717
+ "id": "CMMC-2.0-Level-2",
5718
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
5719
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
5720
+ },
5721
+ {
5722
+ "id": "CycloneDX-v1.6-SBOM",
5723
+ "framework": "CycloneDX v1.6 (OWASP SBOM standard)",
5724
+ "control_name": "Software Bill of Materials"
5725
+ },
5726
+ {
5727
+ "id": "FedRAMP-Rev5-Moderate",
5728
+ "framework": "FedRAMP Rev 5 Moderate",
5729
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
5730
+ },
5731
+ {
5732
+ "id": "HITRUST-CSF-v11.4-09.l",
5733
+ "framework": "HITRUST CSF v11.4",
5734
+ "control_name": "Outsourced services management"
5735
+ },
5736
+ {
5737
+ "id": "ISO-27001-2022-A.8.28",
5738
+ "framework": "ISO/IEC 27001:2022",
5739
+ "control_name": "Secure coding"
5740
+ },
5741
+ {
5742
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
5743
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
5744
+ "control_name": "AI risk assessment"
5745
+ },
5746
+ {
5747
+ "id": "NIST-800-218-SSDF",
5748
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
5749
+ "control_name": "Secure Software Development Framework"
5750
+ },
5751
+ {
5752
+ "id": "NIST-800-53-CM-7",
5753
+ "framework": "NIST SP 800-53 Rev 5",
5754
+ "control_name": "Least Functionality"
5755
+ },
5756
+ {
5757
+ "id": "NIST-800-53-SA-12",
5758
+ "framework": "NIST SP 800-53 Rev 5",
5759
+ "control_name": "Supply Chain Protection"
5760
+ },
5761
+ {
5762
+ "id": "NIST-AI-RMF-MEASURE-2.5",
5763
+ "framework": "NIST AI RMF 1.0",
5764
+ "control_name": "AI system to human interaction evaluation"
5765
+ },
5766
+ {
5767
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
5768
+ "framework": "OWASP Top 10 for LLM Applications 2025",
5769
+ "control_name": "Vector and Embedding Weaknesses"
5770
+ },
5771
+ {
5772
+ "id": "SLSA-v1.0-Build-L3",
5773
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
5774
+ "control_name": "Hardened build platform with non-falsifiable provenance"
5775
+ },
5776
+ {
5777
+ "id": "SPDX-v3.0-SBOM",
5778
+ "framework": "SPDX v3.0 (ISO/IEC 5962-aligned SBOM standard)",
5779
+ "control_name": "Software Package Data Exchange — SBOM"
5780
+ },
5781
+ {
5782
+ "id": "SWIFT-CSCF-v2026-1.1",
5783
+ "framework": "SWIFT Customer Security Controls Framework v2026",
5784
+ "control_name": "SWIFT Environment Protection"
5785
+ },
5786
+ {
5787
+ "id": "VEX-CSAF-v2.1",
5788
+ "framework": "VEX via OASIS CSAF 2.1 (Common Security Advisory Framework)",
5789
+ "control_name": "Vulnerability Exploitability eXchange profile"
5790
+ }
5791
+ ],
5792
+ "attack_refs": [
5793
+ "T1068",
5794
+ "T1190",
5795
+ "T1195.001",
5796
+ "T1195.002",
5797
+ "T1554",
5798
+ "T1565",
5799
+ "T1610",
5800
+ "T1611"
5801
+ ],
5802
+ "rfc_refs": [
5803
+ "RFC-8032",
5804
+ "RFC-8446"
5805
+ ]
5806
+ }
5807
+ },
5354
5808
  "CWE-20": {
5355
5809
  "name": "Improper Input Validation",
5356
5810
  "category": "Validation",
@@ -5624,6 +6078,7 @@
5624
6078
  "CVE-2026-42208",
5625
6079
  "CVE-2026-45321",
5626
6080
  "CVE-2026-46300",
6081
+ "CVE-2026-46333",
5627
6082
  "MAL-2026-3083",
5628
6083
  "MAL-2026-NODE-IPC-STEALER"
5629
6084
  ]
@@ -5943,6 +6398,7 @@
5943
6398
  "CVE-2026-42208",
5944
6399
  "CVE-2026-45321",
5945
6400
  "CVE-2026-46300",
6401
+ "CVE-2026-46333",
5946
6402
  "MAL-2026-3083",
5947
6403
  "MAL-2026-NODE-IPC-STEALER"
5948
6404
  ]
@@ -6068,6 +6524,7 @@
6068
6524
  "CVE-2026-42208",
6069
6525
  "CVE-2026-45321",
6070
6526
  "CVE-2026-46300",
6527
+ "CVE-2026-46333",
6071
6528
  "MAL-2026-3083",
6072
6529
  "MAL-2026-NODE-IPC-STEALER"
6073
6530
  ]
@@ -6207,6 +6664,7 @@
6207
6664
  "CVE-2026-42208",
6208
6665
  "CVE-2026-45321",
6209
6666
  "CVE-2026-46300",
6667
+ "CVE-2026-46333",
6210
6668
  "MAL-2026-3083",
6211
6669
  "MAL-2026-NODE-IPC-STEALER"
6212
6670
  ]
@@ -6594,6 +7052,7 @@
6594
7052
  "CVE-2026-43500",
6595
7053
  "CVE-2026-45321",
6596
7054
  "CVE-2026-46300",
7055
+ "CVE-2026-46333",
6597
7056
  "CVE-2026-6973",
6598
7057
  "MAL-2026-3083",
6599
7058
  "MAL-2026-NODE-IPC-STEALER"
@@ -7159,8 +7618,10 @@
7159
7618
  "CVE-2026-42208",
7160
7619
  "CVE-2026-45321",
7161
7620
  "CVE-2026-46300",
7621
+ "CVE-2026-46333",
7162
7622
  "MAL-2026-3083",
7163
- "MAL-2026-NODE-IPC-STEALER"
7623
+ "MAL-2026-NODE-IPC-STEALER",
7624
+ "MAL-2026-SHAI-HULUD-OSS"
7164
7625
  ]
7165
7626
  },
7166
7627
  "CWE-284": {
@@ -7718,6 +8179,7 @@
7718
8179
  "CVE-2026-42208",
7719
8180
  "CVE-2026-45321",
7720
8181
  "CVE-2026-46300",
8182
+ "CVE-2026-46333",
7721
8183
  "MAL-2026-3083",
7722
8184
  "MAL-2026-NODE-IPC-STEALER"
7723
8185
  ]
@@ -7917,6 +8379,7 @@
7917
8379
  "CVE-2026-39884",
7918
8380
  "CVE-2026-45321",
7919
8381
  "CVE-2026-46300",
8382
+ "CVE-2026-46333",
7920
8383
  "MAL-2026-3083"
7921
8384
  ]
7922
8385
  },
@@ -8540,6 +9003,7 @@
8540
9003
  "CVE-2026-42208",
8541
9004
  "CVE-2026-45321",
8542
9005
  "CVE-2026-46300",
9006
+ "CVE-2026-46333",
8543
9007
  "MAL-2026-3083",
8544
9008
  "MAL-2026-NODE-IPC-STEALER"
8545
9009
  ]
@@ -8683,6 +9147,7 @@
8683
9147
  "CVE-2026-43500",
8684
9148
  "CVE-2026-45321",
8685
9149
  "CVE-2026-46300",
9150
+ "CVE-2026-46333",
8686
9151
  "CVE-2026-6973",
8687
9152
  "MAL-2026-3083",
8688
9153
  "MAL-2026-NODE-IPC-STEALER"
@@ -8813,6 +9278,7 @@
8813
9278
  "CVE-2026-43500",
8814
9279
  "CVE-2026-45321",
8815
9280
  "CVE-2026-46300",
9281
+ "CVE-2026-46333",
8816
9282
  "CVE-2026-6973",
8817
9283
  "MAL-2026-3083",
8818
9284
  "MAL-2026-NODE-IPC-STEALER"
@@ -9033,6 +9499,7 @@
9033
9499
  "CVE-2026-42208",
9034
9500
  "CVE-2026-45321",
9035
9501
  "CVE-2026-46300",
9502
+ "CVE-2026-46333",
9036
9503
  "MAL-2026-3083",
9037
9504
  "MAL-2026-NODE-IPC-STEALER"
9038
9505
  ]
@@ -9228,7 +9695,8 @@
9228
9695
  "CVE-2026-30615",
9229
9696
  "CVE-2026-45321",
9230
9697
  "MAL-2026-3083",
9231
- "MAL-2026-NODE-IPC-STEALER"
9698
+ "MAL-2026-NODE-IPC-STEALER",
9699
+ "MAL-2026-SHAI-HULUD-OSS"
9232
9700
  ]
9233
9701
  },
9234
9702
  "CWE-502": {
@@ -9416,7 +9884,8 @@
9416
9884
  "CVE-2026-42208",
9417
9885
  "CVE-2026-45321",
9418
9886
  "MAL-2026-3083",
9419
- "MAL-2026-NODE-IPC-STEALER"
9887
+ "MAL-2026-NODE-IPC-STEALER",
9888
+ "MAL-2026-SHAI-HULUD-OSS"
9420
9889
  ]
9421
9890
  },
9422
9891
  "CWE-506": {
@@ -9717,6 +10186,7 @@
9717
10186
  "CVE-2026-43500",
9718
10187
  "CVE-2026-45321",
9719
10188
  "CVE-2026-46300",
10189
+ "CVE-2026-46333",
9720
10190
  "CVE-2026-6973",
9721
10191
  "MAL-2026-3083"
9722
10192
  ]
@@ -10001,8 +10471,10 @@
10001
10471
  "CVE-2026-42208",
10002
10472
  "CVE-2026-45321",
10003
10473
  "CVE-2026-46300",
10474
+ "CVE-2026-46333",
10004
10475
  "MAL-2026-3083",
10005
- "MAL-2026-NODE-IPC-STEALER"
10476
+ "MAL-2026-NODE-IPC-STEALER",
10477
+ "MAL-2026-SHAI-HULUD-OSS"
10006
10478
  ]
10007
10479
  },
10008
10480
  "CWE-759": {
@@ -10223,9 +10695,11 @@
10223
10695
  "CVE-2026-43500",
10224
10696
  "CVE-2026-45321",
10225
10697
  "CVE-2026-46300",
10698
+ "CVE-2026-46333",
10226
10699
  "CVE-2026-6973",
10227
10700
  "MAL-2026-3083",
10228
- "MAL-2026-NODE-IPC-STEALER"
10701
+ "MAL-2026-NODE-IPC-STEALER",
10702
+ "MAL-2026-SHAI-HULUD-OSS"
10229
10703
  ]
10230
10704
  },
10231
10705
  "CWE-798": {
@@ -10518,6 +10992,7 @@
10518
10992
  "CVE-2026-39884",
10519
10993
  "CVE-2026-45321",
10520
10994
  "CVE-2026-46300",
10995
+ "CVE-2026-46333",
10521
10996
  "MAL-2026-3083"
10522
10997
  ]
10523
10998
  },
@@ -10635,7 +11110,8 @@
10635
11110
  "CVE-2026-30615",
10636
11111
  "CVE-2026-45321",
10637
11112
  "MAL-2026-3083",
10638
- "MAL-2026-NODE-IPC-STEALER"
11113
+ "MAL-2026-NODE-IPC-STEALER",
11114
+ "MAL-2026-SHAI-HULUD-OSS"
10639
11115
  ]
10640
11116
  },
10641
11117
  "CWE-862": {
@@ -11401,6 +11877,7 @@
11401
11877
  "CVE-2026-42208",
11402
11878
  "CVE-2026-45321",
11403
11879
  "CVE-2026-46300",
11880
+ "CVE-2026-46333",
11404
11881
  "MAL-2026-3083",
11405
11882
  "MAL-2026-NODE-IPC-STEALER"
11406
11883
  ]
@@ -11458,6 +11935,7 @@
11458
11935
  "CVE-2026-39884",
11459
11936
  "CVE-2026-45321",
11460
11937
  "CVE-2026-46300",
11938
+ "CVE-2026-46333",
11461
11939
  "MAL-2026-3083"
11462
11940
  ]
11463
11941
  },
@@ -11752,7 +12230,8 @@
11752
12230
  "CVE-2026-42208",
11753
12231
  "CVE-2026-45321",
11754
12232
  "MAL-2026-3083",
11755
- "MAL-2026-NODE-IPC-STEALER"
12233
+ "MAL-2026-NODE-IPC-STEALER",
12234
+ "MAL-2026-SHAI-HULUD-OSS"
11756
12235
  ]
11757
12236
  },
11758
12237
  "CWE-1357": {
@@ -11915,8 +12394,10 @@
11915
12394
  "CVE-2026-42945",
11916
12395
  "CVE-2026-45321",
11917
12396
  "CVE-2026-46300",
12397
+ "CVE-2026-46333",
11918
12398
  "MAL-2026-3083",
11919
- "MAL-2026-NODE-IPC-STEALER"
12399
+ "MAL-2026-NODE-IPC-STEALER",
12400
+ "MAL-2026-SHAI-HULUD-OSS"
11920
12401
  ]
11921
12402
  },
11922
12403
  "CWE-1395": {
@@ -12137,8 +12618,10 @@
12137
12618
  "CVE-2026-39884",
12138
12619
  "CVE-2026-45321",
12139
12620
  "CVE-2026-46300",
12621
+ "CVE-2026-46333",
12140
12622
  "MAL-2026-3083",
12141
- "MAL-2026-NODE-IPC-STEALER"
12623
+ "MAL-2026-NODE-IPC-STEALER",
12624
+ "MAL-2026-SHAI-HULUD-OSS"
12142
12625
  ]
12143
12626
  },
12144
12627
  "CWE-1426": {
@@ -12392,7 +12875,8 @@
12392
12875
  "CVE-2026-43284",
12393
12876
  "CVE-2026-45321",
12394
12877
  "MAL-2026-3083",
12395
- "MAL-2026-NODE-IPC-STEALER"
12878
+ "MAL-2026-NODE-IPC-STEALER",
12879
+ "MAL-2026-SHAI-HULUD-OSS"
12396
12880
  ]
12397
12881
  }
12398
12882
  }
package/data/atlas-ttps.json CHANGED
@@ -131,6 +131,7 @@
131
131
  "CVE-2026-45321",
132
132
  "MAL-2026-3083",
133
133
  "MAL-2026-NODE-IPC-STEALER",
134
+ "MAL-2026-SHAI-HULUD-OSS",
134
135
  "MAL-2026-TANSTACK-MINI"
135
136
  ]
136
137
  },