@blamejs/exceptd-skills 0.13.0 → 0.13.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (40) hide show
  1. package/CHANGELOG.md +67 -0
  2. package/bin/exceptd.js +35 -6
  3. package/data/_indexes/_meta.json +26 -26
  4. package/data/_indexes/activity-feed.json +3 -3
  5. package/data/_indexes/catalog-summaries.json +3 -3
  6. package/data/_indexes/chains.json +2868 -700
  7. package/data/_indexes/frequency.json +8 -0
  8. package/data/_indexes/section-offsets.json +517 -517
  9. package/data/_indexes/token-budget.json +66 -66
  10. package/data/atlas-ttps.json +3 -0
  11. package/data/attack-techniques.json +35 -7
  12. package/data/cve-catalog.json +177 -31
  13. package/data/cwe-catalog.json +26 -6
  14. package/data/framework-control-gaps.json +310 -8
  15. package/data/zeroday-lessons.json +996 -0
  16. package/lib/lint-skills.js +50 -1
  17. package/lib/refresh-external.js +7 -0
  18. package/lib/source-advisories.js +281 -0
  19. package/manifest.json +60 -60
  20. package/orchestrator/index.js +183 -1
  21. package/package.json +1 -1
  22. package/sbom.cdx.json +59 -37
  23. package/scripts/check-test-count.js +146 -0
  24. package/scripts/predeploy.js +16 -0
  25. package/skills/age-gates-child-safety/skill.md +1 -0
  26. package/skills/ai-risk-management/skill.md +1 -0
  27. package/skills/defensive-countermeasure-mapping/skill.md +1 -0
  28. package/skills/email-security-anti-phishing/skill.md +1 -0
  29. package/skills/fuzz-testing-strategy/skill.md +1 -0
  30. package/skills/mlops-security/skill.md +1 -0
  31. package/skills/ot-ics-security/skill.md +1 -0
  32. package/skills/researcher/skill.md +1 -0
  33. package/skills/sector-energy/skill.md +1 -0
  34. package/skills/sector-federal-government/skill.md +1 -0
  35. package/skills/sector-telecom/skill.md +1 -0
  36. package/skills/skill-update-loop/skill.md +1 -0
  37. package/skills/threat-model-currency/skill.md +1 -0
  38. package/skills/threat-modeling-methodology/skill.md +1 -0
  39. package/skills/webapp-security/skill.md +1 -0
  40. package/skills/zeroday-gap-learn/skill.md +1 -0
package/data/_indexes/chains.json CHANGED
@@ -3539,14 +3539,222 @@
3539
3539
  "cvss": 8.1,
3540
3540
  "cisa_kev": false,
3541
3541
  "epss_score": 0.012,
3542
- "referencing_skills": [],
3542
+ "referencing_skills": [
3543
+ "mcp-agent-trust",
3544
+ "cloud-security",
3545
+ "container-runtime-security"
3546
+ ],
3543
3547
  "chain": {
3544
- "cwes": [],
3545
- "atlas": [],
3546
- "d3fend": [],
3547
- "framework_gaps": [],
3548
- "attack_refs": [],
3549
- "rfc_refs": []
3548
+ "cwes": [
3549
+ {
3550
+ "id": "CWE-1188",
3551
+ "name": "Initialization of a Resource with an Insecure Default",
3552
+ "category": "Configuration"
3553
+ },
3554
+ {
3555
+ "id": "CWE-1395",
3556
+ "name": "Dependency on Vulnerable Third-Party Component",
3557
+ "category": "Supply Chain"
3558
+ },
3559
+ {
3560
+ "id": "CWE-200",
3561
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
3562
+ "category": "Information Exposure"
3563
+ },
3564
+ {
3565
+ "id": "CWE-22",
3566
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
3567
+ "category": "Path/Resource"
3568
+ },
3569
+ {
3570
+ "id": "CWE-269",
3571
+ "name": "Improper Privilege Management",
3572
+ "category": "Authorization"
3573
+ },
3574
+ {
3575
+ "id": "CWE-287",
3576
+ "name": "Improper Authentication",
3577
+ "category": "Authentication"
3578
+ },
3579
+ {
3580
+ "id": "CWE-345",
3581
+ "name": "Insufficient Verification of Data Authenticity",
3582
+ "category": "Authenticity / Supply Chain"
3583
+ },
3584
+ {
3585
+ "id": "CWE-352",
3586
+ "name": "Cross-Site Request Forgery (CSRF)",
3587
+ "category": "Session"
3588
+ },
3589
+ {
3590
+ "id": "CWE-434",
3591
+ "name": "Unrestricted Upload of File with Dangerous Type",
3592
+ "category": "File Handling"
3593
+ },
3594
+ {
3595
+ "id": "CWE-494",
3596
+ "name": "Download of Code Without Integrity Check",
3597
+ "category": "Supply Chain"
3598
+ },
3599
+ {
3600
+ "id": "CWE-732",
3601
+ "name": "Incorrect Permission Assignment for Critical Resource",
3602
+ "category": "Authorization"
3603
+ },
3604
+ {
3605
+ "id": "CWE-77",
3606
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
3607
+ "category": "Injection"
3608
+ },
3609
+ {
3610
+ "id": "CWE-787",
3611
+ "name": "Out-of-bounds Write",
3612
+ "category": "Memory Safety"
3613
+ },
3614
+ {
3615
+ "id": "CWE-798",
3616
+ "name": "Use of Hard-coded Credentials",
3617
+ "category": "Credentials"
3618
+ },
3619
+ {
3620
+ "id": "CWE-862",
3621
+ "name": "Missing Authorization",
3622
+ "category": "Authorization"
3623
+ },
3624
+ {
3625
+ "id": "CWE-918",
3626
+ "name": "Server-Side Request Forgery (SSRF)",
3627
+ "category": "Network"
3628
+ },
3629
+ {
3630
+ "id": "CWE-94",
3631
+ "name": "Improper Control of Generation of Code (Code Injection)",
3632
+ "category": "Injection"
3633
+ }
3634
+ ],
3635
+ "atlas": [
3636
+ {
3637
+ "id": "AML.T0010",
3638
+ "name": "ML Supply Chain Compromise",
3639
+ "tactic": "Initial Access"
3640
+ },
3641
+ {
3642
+ "id": "AML.T0016",
3643
+ "name": "Obtain Capabilities: Develop Capabilities",
3644
+ "tactic": "Resource Development"
3645
+ },
3646
+ {
3647
+ "id": "AML.T0017",
3648
+ "name": "Discover ML Model Ontology",
3649
+ "tactic": "Discovery"
3650
+ },
3651
+ {
3652
+ "id": "AML.T0096",
3653
+ "name": "AI API as Covert C2 Channel",
3654
+ "tactic": "Command and Control"
3655
+ }
3656
+ ],
3657
+ "d3fend": [
3658
+ {
3659
+ "id": "D3-CBAN",
3660
+ "name": "Certificate-based Authentication",
3661
+ "tactic": "Harden"
3662
+ },
3663
+ {
3664
+ "id": "D3-CSPP",
3665
+ "name": "Client-server Payload Profiling",
3666
+ "tactic": "Detect"
3667
+ },
3668
+ {
3669
+ "id": "D3-EAL",
3670
+ "name": "Executable Allowlisting",
3671
+ "tactic": "Harden"
3672
+ },
3673
+ {
3674
+ "id": "D3-EHB",
3675
+ "name": "Executable Hashbased Allowlist",
3676
+ "tactic": "Harden"
3677
+ },
3678
+ {
3679
+ "id": "D3-MFA",
3680
+ "name": "Multi-factor Authentication",
3681
+ "tactic": "Harden"
3682
+ }
3683
+ ],
3684
+ "framework_gaps": [
3685
+ {
3686
+ "id": "ALL-MCP-TOOL-TRUST",
3687
+ "framework": "ALL",
3688
+ "control_name": "MCP/Agent Tool Trust Boundaries"
3689
+ },
3690
+ {
3691
+ "id": "FedRAMP-Rev5-Moderate",
3692
+ "framework": "FedRAMP Rev 5 Moderate",
3693
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
3694
+ },
3695
+ {
3696
+ "id": "ISO-27001-2022-A.8.28",
3697
+ "framework": "ISO/IEC 27001:2022",
3698
+ "control_name": "Secure coding"
3699
+ },
3700
+ {
3701
+ "id": "ISO-27001-2022-A.8.30",
3702
+ "framework": "ISO/IEC 27001:2022",
3703
+ "control_name": "Outsourced development"
3704
+ },
3705
+ {
3706
+ "id": "NIST-800-53-CM-7",
3707
+ "framework": "NIST SP 800-53 Rev 5",
3708
+ "control_name": "Least Functionality"
3709
+ },
3710
+ {
3711
+ "id": "NIST-800-53-SA-12",
3712
+ "framework": "NIST SP 800-53 Rev 5",
3713
+ "control_name": "Supply Chain Protection"
3714
+ },
3715
+ {
3716
+ "id": "OWASP-LLM-Top-10-2025-LLM06",
3717
+ "framework": "OWASP Top 10 for LLM Applications 2025",
3718
+ "control_name": "Excessive Agency"
3719
+ },
3720
+ {
3721
+ "id": "SLSA-v1.0-Build-L3",
3722
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
3723
+ "control_name": "Hardened build platform with non-falsifiable provenance"
3724
+ },
3725
+ {
3726
+ "id": "SOC2-CC9-vendor-management",
3727
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
3728
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
3729
+ },
3730
+ {
3731
+ "id": "SWIFT-CSCF-v2026-1.1",
3732
+ "framework": "SWIFT Customer Security Controls Framework v2026",
3733
+ "control_name": "SWIFT Environment Protection"
3734
+ }
3735
+ ],
3736
+ "attack_refs": [
3737
+ "T1059",
3738
+ "T1068",
3739
+ "T1078",
3740
+ "T1190",
3741
+ "T1195.001",
3742
+ "T1530",
3743
+ "T1552",
3744
+ "T1610",
3745
+ "T1611"
3746
+ ],
3747
+ "rfc_refs": [
3748
+ "RFC-6749",
3749
+ "RFC-7519",
3750
+ "RFC-8032",
3751
+ "RFC-8446",
3752
+ "RFC-8725",
3753
+ "RFC-9114",
3754
+ "RFC-9180",
3755
+ "RFC-9421",
3756
+ "RFC-9700"
3757
+ ]
3550
3758
  }
3551
3759
  },
3552
3760
  "CVE-2023-43472": {
@@ -3555,38 +3763,303 @@
3555
3763
  "cvss": 7.5,
3556
3764
  "cisa_kev": false,
3557
3765
  "epss_score": 0.014,
3558
- "referencing_skills": [],
3559
- "chain": {
3560
- "cwes": [],
3561
- "atlas": [],
3562
- "d3fend": [],
3563
- "framework_gaps": [],
3564
- "attack_refs": [],
3565
- "rfc_refs": []
3566
- }
3567
- },
3568
- "CVE-2020-10148": {
3569
- "name": "SolarWinds Orion API authentication bypass (SUNBURST chain)",
3570
- "rwep": 75,
3571
- "cvss": 9.8,
3572
- "cisa_kev": true,
3573
- "epss_score": 0.945,
3574
- "referencing_skills": [],
3766
+ "referencing_skills": [
3767
+ "ai-attack-surface",
3768
+ "rag-pipeline-security",
3769
+ "threat-modeling-methodology",
3770
+ "webapp-security",
3771
+ "api-security",
3772
+ "container-runtime-security"
3773
+ ],
3575
3774
  "chain": {
3576
- "cwes": [],
3577
- "atlas": [],
3578
- "d3fend": [],
3579
- "framework_gaps": [],
3580
- "attack_refs": [],
3581
- "rfc_refs": []
3582
- }
3583
- },
3584
- "CVE-2023-3519": {
3585
- "name": "Citrix NetScaler ADC/Gateway unauth RCE (CitrixBleed precursor)",
3586
- "rwep": 80,
3775
+ "cwes": [
3776
+ {
3777
+ "id": "CWE-1039",
3778
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
3779
+ "category": "AI/ML"
3780
+ },
3781
+ {
3782
+ "id": "CWE-1188",
3783
+ "name": "Initialization of a Resource with an Insecure Default",
3784
+ "category": "Configuration"
3785
+ },
3786
+ {
3787
+ "id": "CWE-1395",
3788
+ "name": "Dependency on Vulnerable Third-Party Component",
3789
+ "category": "Supply Chain"
3790
+ },
3791
+ {
3792
+ "id": "CWE-1426",
3793
+ "name": "Improper Validation of Generative AI Output",
3794
+ "category": "AI/ML"
3795
+ },
3796
+ {
3797
+ "id": "CWE-200",
3798
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
3799
+ "category": "Information Exposure"
3800
+ },
3801
+ {
3802
+ "id": "CWE-22",
3803
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
3804
+ "category": "Path/Resource"
3805
+ },
3806
+ {
3807
+ "id": "CWE-269",
3808
+ "name": "Improper Privilege Management",
3809
+ "category": "Authorization"
3810
+ },
3811
+ {
3812
+ "id": "CWE-287",
3813
+ "name": "Improper Authentication",
3814
+ "category": "Authentication"
3815
+ },
3816
+ {
3817
+ "id": "CWE-352",
3818
+ "name": "Cross-Site Request Forgery (CSRF)",
3819
+ "category": "Session"
3820
+ },
3821
+ {
3822
+ "id": "CWE-434",
3823
+ "name": "Unrestricted Upload of File with Dangerous Type",
3824
+ "category": "File Handling"
3825
+ },
3826
+ {
3827
+ "id": "CWE-502",
3828
+ "name": "Deserialization of Untrusted Data",
3829
+ "category": "Serialization"
3830
+ },
3831
+ {
3832
+ "id": "CWE-732",
3833
+ "name": "Incorrect Permission Assignment for Critical Resource",
3834
+ "category": "Authorization"
3835
+ },
3836
+ {
3837
+ "id": "CWE-77",
3838
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
3839
+ "category": "Injection"
3840
+ },
3841
+ {
3842
+ "id": "CWE-78",
3843
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
3844
+ "category": "Injection"
3845
+ },
3846
+ {
3847
+ "id": "CWE-787",
3848
+ "name": "Out-of-bounds Write",
3849
+ "category": "Memory Safety"
3850
+ },
3851
+ {
3852
+ "id": "CWE-79",
3853
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
3854
+ "category": "Injection"
3855
+ },
3856
+ {
3857
+ "id": "CWE-862",
3858
+ "name": "Missing Authorization",
3859
+ "category": "Authorization"
3860
+ },
3861
+ {
3862
+ "id": "CWE-863",
3863
+ "name": "Incorrect Authorization",
3864
+ "category": "Authorization"
3865
+ },
3866
+ {
3867
+ "id": "CWE-89",
3868
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
3869
+ "category": "Injection"
3870
+ },
3871
+ {
3872
+ "id": "CWE-918",
3873
+ "name": "Server-Side Request Forgery (SSRF)",
3874
+ "category": "Network"
3875
+ },
3876
+ {
3877
+ "id": "CWE-94",
3878
+ "name": "Improper Control of Generation of Code (Code Injection)",
3879
+ "category": "Injection"
3880
+ }
3881
+ ],
3882
+ "atlas": [
3883
+ {
3884
+ "id": "AML.T0010",
3885
+ "name": "ML Supply Chain Compromise",
3886
+ "tactic": "Initial Access"
3887
+ },
3888
+ {
3889
+ "id": "AML.T0016",
3890
+ "name": "Obtain Capabilities: Develop Capabilities",
3891
+ "tactic": "Resource Development"
3892
+ },
3893
+ {
3894
+ "id": "AML.T0017",
3895
+ "name": "Discover ML Model Ontology",
3896
+ "tactic": "Discovery"
3897
+ },
3898
+ {
3899
+ "id": "AML.T0018",
3900
+ "name": "Backdoor ML Model",
3901
+ "tactic": "Persistence"
3902
+ },
3903
+ {
3904
+ "id": "AML.T0020",
3905
+ "name": "Poison Training Data",
3906
+ "tactic": "ML Attack Staging"
3907
+ },
3908
+ {
3909
+ "id": "AML.T0043",
3910
+ "name": "Craft Adversarial Data",
3911
+ "tactic": "ML Attack Staging"
3912
+ },
3913
+ {
3914
+ "id": "AML.T0051",
3915
+ "name": "LLM Prompt Injection",
3916
+ "tactic": "Execution"
3917
+ },
3918
+ {
3919
+ "id": "AML.T0054",
3920
+ "name": "LLM Jailbreak",
3921
+ "tactic": "Defense Evasion"
3922
+ },
3923
+ {
3924
+ "id": "AML.T0096",
3925
+ "name": "AI API as Covert C2 Channel",
3926
+ "tactic": "Command and Control"
3927
+ }
3928
+ ],
3929
+ "d3fend": [
3930
+ {
3931
+ "id": "D3-CSPP",
3932
+ "name": "Client-server Payload Profiling",
3933
+ "tactic": "Detect"
3934
+ },
3935
+ {
3936
+ "id": "D3-IOPR",
3937
+ "name": "Input/Output Profiling Resource",
3938
+ "tactic": "Detect"
3939
+ },
3940
+ {
3941
+ "id": "D3-NTA",
3942
+ "name": "Network Traffic Analysis",
3943
+ "tactic": "Detect"
3944
+ }
3945
+ ],
3946
+ "framework_gaps": [
3947
+ {
3948
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
3949
+ "framework": "ALL",
3950
+ "control_name": "AI Pipeline Integrity"
3951
+ },
3952
+ {
3953
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
3954
+ "framework": "ALL",
3955
+ "control_name": "Prompt Injection as Access Control Failure"
3956
+ },
3957
+ {
3958
+ "id": "ISO-27001-2022-A.8.28",
3959
+ "framework": "ISO/IEC 27001:2022",
3960
+ "control_name": "Secure coding"
3961
+ },
3962
+ {
3963
+ "id": "ISO-IEC-23894-2023-clause-7",
3964
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
3965
+ "control_name": "AI risk management process"
3966
+ },
3967
+ {
3968
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
3969
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
3970
+ "control_name": "AI risk assessment"
3971
+ },
3972
+ {
3973
+ "id": "NIST-800-218-SSDF",
3974
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
3975
+ "control_name": "Secure Software Development Framework"
3976
+ },
3977
+ {
3978
+ "id": "NIST-800-53-AC-2",
3979
+ "framework": "NIST SP 800-53 Rev 5",
3980
+ "control_name": "Account Management"
3981
+ },
3982
+ {
3983
+ "id": "NIST-800-53-CM-7",
3984
+ "framework": "NIST SP 800-53 Rev 5",
3985
+ "control_name": "Least Functionality"
3986
+ },
3987
+ {
3988
+ "id": "NIST-800-53-SI-12",
3989
+ "framework": "NIST SP 800-53 Rev 5",
3990
+ "control_name": "Information Management and Retention"
3991
+ },
3992
+ {
3993
+ "id": "NIST-800-53-SI-3",
3994
+ "framework": "NIST SP 800-53 Rev 5",
3995
+ "control_name": "Malicious Code Protection"
3996
+ },
3997
+ {
3998
+ "id": "NIST-AI-RMF-MEASURE-2.5",
3999
+ "framework": "NIST AI RMF 1.0",
4000
+ "control_name": "AI system to human interaction evaluation"
4001
+ },
4002
+ {
4003
+ "id": "OWASP-ASVS-v5.0-V14",
4004
+ "framework": "OWASP ASVS v5.0",
4005
+ "control_name": "Configuration verification"
4006
+ },
4007
+ {
4008
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
4009
+ "framework": "OWASP Top 10 for LLM Applications 2025",
4010
+ "control_name": "Prompt Injection"
4011
+ },
4012
+ {
4013
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
4014
+ "framework": "OWASP Top 10 for LLM Applications 2025",
4015
+ "control_name": "Sensitive Information Disclosure"
4016
+ },
4017
+ {
4018
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
4019
+ "framework": "OWASP Top 10 for LLM Applications 2025",
4020
+ "control_name": "Vector and Embedding Weaknesses"
4021
+ },
4022
+ {
4023
+ "id": "SLSA-v1.0-Build-L3",
4024
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
4025
+ "control_name": "Hardened build platform with non-falsifiable provenance"
4026
+ },
4027
+ {
4028
+ "id": "SOC2-CC6-logical-access",
4029
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
4030
+ "control_name": "Logical and Physical Access Controls"
4031
+ }
4032
+ ],
4033
+ "attack_refs": [
4034
+ "T1059",
4035
+ "T1068",
4036
+ "T1078",
4037
+ "T1190",
4038
+ "T1505",
4039
+ "T1565",
4040
+ "T1566",
4041
+ "T1567",
4042
+ "T1610",
4043
+ "T1611"
4044
+ ],
4045
+ "rfc_refs": [
4046
+ "RFC-6749",
4047
+ "RFC-7519",
4048
+ "RFC-8032",
4049
+ "RFC-8446",
4050
+ "RFC-8725",
4051
+ "RFC-9114",
4052
+ "RFC-9421",
4053
+ "RFC-9700"
4054
+ ]
4055
+ }
4056
+ },
4057
+ "CVE-2020-10148": {
4058
+ "name": "SolarWinds Orion API authentication bypass (SUNBURST chain)",
4059
+ "rwep": 75,
3587
4060
  "cvss": 9.8,
3588
4061
  "cisa_kev": true,
3589
- "epss_score": 0.967,
4062
+ "epss_score": 0.945,
3590
4063
  "referencing_skills": [],
3591
4064
  "chain": {
3592
4065
  "cwes": [],
@@ -3597,6 +4070,109 @@
3597
4070
  "rfc_refs": []
3598
4071
  }
3599
4072
  },
4073
+ "CVE-2023-3519": {
4074
+ "name": "Citrix NetScaler ADC/Gateway unauth RCE (CitrixBleed precursor)",
4075
+ "rwep": 80,
4076
+ "cvss": 9.8,
4077
+ "cisa_kev": true,
4078
+ "epss_score": 0.967,
4079
+ "referencing_skills": [
4080
+ "kernel-lpe-triage"
4081
+ ],
4082
+ "chain": {
4083
+ "cwes": [
4084
+ {
4085
+ "id": "CWE-125",
4086
+ "name": "Out-of-bounds Read",
4087
+ "category": "Memory Safety"
4088
+ },
4089
+ {
4090
+ "id": "CWE-362",
4091
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
4092
+ "category": "Concurrency"
4093
+ },
4094
+ {
4095
+ "id": "CWE-416",
4096
+ "name": "Use After Free",
4097
+ "category": "Memory Safety"
4098
+ },
4099
+ {
4100
+ "id": "CWE-672",
4101
+ "name": "Operation on a Resource after Expiration or Release",
4102
+ "category": "Memory Safety"
4103
+ },
4104
+ {
4105
+ "id": "CWE-787",
4106
+ "name": "Out-of-bounds Write",
4107
+ "category": "Memory Safety"
4108
+ }
4109
+ ],
4110
+ "atlas": [],
4111
+ "d3fend": [
4112
+ {
4113
+ "id": "D3-ASLR",
4114
+ "name": "Address Space Layout Randomization",
4115
+ "tactic": "Harden"
4116
+ },
4117
+ {
4118
+ "id": "D3-EAL",
4119
+ "name": "Executable Allowlisting",
4120
+ "tactic": "Harden"
4121
+ },
4122
+ {
4123
+ "id": "D3-PHRA",
4124
+ "name": "Process Hardware Resource Access",
4125
+ "tactic": "Isolate"
4126
+ },
4127
+ {
4128
+ "id": "D3-PSEP",
4129
+ "name": "Process Segment Execution Prevention",
4130
+ "tactic": "Harden"
4131
+ }
4132
+ ],
4133
+ "framework_gaps": [
4134
+ {
4135
+ "id": "CIS-Controls-v8-Control7",
4136
+ "framework": "CIS Controls v8",
4137
+ "control_name": "Continuous Vulnerability Management"
4138
+ },
4139
+ {
4140
+ "id": "ISO-27001-2022-A.8.8",
4141
+ "framework": "ISO/IEC 27001:2022",
4142
+ "control_name": "Management of technical vulnerabilities"
4143
+ },
4144
+ {
4145
+ "id": "NIS2-Art21-patch-management",
4146
+ "framework": "EU NIS2 Directive",
4147
+ "control_name": "Vulnerability handling and disclosure"
4148
+ },
4149
+ {
4150
+ "id": "NIST-800-53-SC-8",
4151
+ "framework": "NIST SP 800-53 Rev 5",
4152
+ "control_name": "Transmission Confidentiality and Integrity"
4153
+ },
4154
+ {
4155
+ "id": "NIST-800-53-SI-2",
4156
+ "framework": "NIST SP 800-53 Rev 5",
4157
+ "control_name": "Flaw Remediation"
4158
+ },
4159
+ {
4160
+ "id": "PCI-DSS-4.0-6.3.3",
4161
+ "framework": "PCI DSS 4.0",
4162
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
4163
+ }
4164
+ ],
4165
+ "attack_refs": [
4166
+ "T1068",
4167
+ "T1548.001"
4168
+ ],
4169
+ "rfc_refs": [
4170
+ "RFC-4301",
4171
+ "RFC-4303",
4172
+ "RFC-7296"
4173
+ ]
4174
+ }
4175
+ },
3600
4176
  "CVE-2024-1709": {
3601
4177
  "name": "ConnectWise ScreenConnect auth-bypass",
3602
4178
  "rwep": 75,
@@ -3635,6 +4211,176 @@
3635
4211
  "cvss": 5.9,
3636
4212
  "cisa_kev": false,
3637
4213
  "epss_score": 0.005,
4214
+ "referencing_skills": [
4215
+ "ai-c2-detection",
4216
+ "dlp-gap-analysis"
4217
+ ],
4218
+ "chain": {
4219
+ "cwes": [
4220
+ {
4221
+ "id": "CWE-1426",
4222
+ "name": "Improper Validation of Generative AI Output",
4223
+ "category": "AI/ML"
4224
+ },
4225
+ {
4226
+ "id": "CWE-200",
4227
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
4228
+ "category": "Information Exposure"
4229
+ }
4230
+ ],
4231
+ "atlas": [
4232
+ {
4233
+ "id": "AML.T0017",
4234
+ "name": "Discover ML Model Ontology",
4235
+ "tactic": "Discovery"
4236
+ },
4237
+ {
4238
+ "id": "AML.T0051",
4239
+ "name": "LLM Prompt Injection",
4240
+ "tactic": "Execution"
4241
+ },
4242
+ {
4243
+ "id": "AML.T0096",
4244
+ "name": "AI API as Covert C2 Channel",
4245
+ "tactic": "Command and Control"
4246
+ }
4247
+ ],
4248
+ "d3fend": [
4249
+ {
4250
+ "id": "D3-CA",
4251
+ "name": "Certificate Analysis",
4252
+ "tactic": "Detect"
4253
+ },
4254
+ {
4255
+ "id": "D3-CSPP",
4256
+ "name": "Client-server Payload Profiling",
4257
+ "tactic": "Detect"
4258
+ },
4259
+ {
4260
+ "id": "D3-DA",
4261
+ "name": "Domain Analysis",
4262
+ "tactic": "Detect"
4263
+ },
4264
+ {
4265
+ "id": "D3-EAL",
4266
+ "name": "Executable Allowlisting",
4267
+ "tactic": "Harden"
4268
+ },
4269
+ {
4270
+ "id": "D3-IOPR",
4271
+ "name": "Input/Output Profiling Resource",
4272
+ "tactic": "Detect"
4273
+ },
4274
+ {
4275
+ "id": "D3-NI",
4276
+ "name": "Network Isolation",
4277
+ "tactic": "Isolate"
4278
+ },
4279
+ {
4280
+ "id": "D3-NTA",
4281
+ "name": "Network Traffic Analysis",
4282
+ "tactic": "Detect"
4283
+ },
4284
+ {
4285
+ "id": "D3-NTPM",
4286
+ "name": "Network Traffic Policy Mapping",
4287
+ "tactic": "Model"
4288
+ }
4289
+ ],
4290
+ "framework_gaps": [
4291
+ {
4292
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
4293
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
4294
+ "control_name": "Access control standard (technical safeguards)"
4295
+ },
4296
+ {
4297
+ "id": "ISO-27001-2022-A.8.16",
4298
+ "framework": "ISO/IEC 27001:2022",
4299
+ "control_name": "Monitoring activities"
4300
+ },
4301
+ {
4302
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
4303
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
4304
+ "control_name": "AI risk assessment"
4305
+ },
4306
+ {
4307
+ "id": "NIST-800-53-SC-28",
4308
+ "framework": "NIST SP 800-53 Rev 5",
4309
+ "control_name": "Protection of Information at Rest"
4310
+ },
4311
+ {
4312
+ "id": "NIST-800-53-SC-7",
4313
+ "framework": "NIST SP 800-53 Rev 5",
4314
+ "control_name": "Boundary Protection"
4315
+ },
4316
+ {
4317
+ "id": "NIST-800-53-SI-3",
4318
+ "framework": "NIST SP 800-53 Rev 5",
4319
+ "control_name": "Malicious Code Protection"
4320
+ },
4321
+ {
4322
+ "id": "SOC2-CC7-anomaly-detection",
4323
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
4324
+ "control_name": "System Operations — Threat and Vulnerability Management"
4325
+ }
4326
+ ],
4327
+ "attack_refs": [
4328
+ "T1041",
4329
+ "T1071",
4330
+ "T1102",
4331
+ "T1213",
4332
+ "T1530",
4333
+ "T1567",
4334
+ "T1568"
4335
+ ],
4336
+ "rfc_refs": [
4337
+ "RFC-8446",
4338
+ "RFC-9000",
4339
+ "RFC-9114",
4340
+ "RFC-9180",
4341
+ "RFC-9421",
4342
+ "RFC-9458"
4343
+ ]
4344
+ }
4345
+ },
4346
+ "MAL-2026-TANSTACK-MINI": {
4347
+ "name": "Mini Shai-Hulud (TanStack worm)",
4348
+ "rwep": 55,
4349
+ "cvss": 9.8,
4350
+ "cisa_kev": false,
4351
+ "epss_score": null,
4352
+ "referencing_skills": [],
4353
+ "chain": {
4354
+ "cwes": [],
4355
+ "atlas": [],
4356
+ "d3fend": [],
4357
+ "framework_gaps": [],
4358
+ "attack_refs": [],
4359
+ "rfc_refs": []
4360
+ }
4361
+ },
4362
+ "MAL-2026-ANTHROPIC-MCP-STDIO": {
4363
+ "name": "Anthropic SDK MCP STDIO command-injection (embargoed)",
4364
+ "rwep": 25,
4365
+ "cvss": 9,
4366
+ "cisa_kev": false,
4367
+ "epss_score": null,
4368
+ "referencing_skills": [],
4369
+ "chain": {
4370
+ "cwes": [],
4371
+ "atlas": [],
4372
+ "d3fend": [],
4373
+ "framework_gaps": [],
4374
+ "attack_refs": [],
4375
+ "rfc_refs": []
4376
+ }
4377
+ },
4378
+ "CVE-2026-GTIG-AI-2FA": {
4379
+ "name": "GTIG-tracked AI-built 2FA-bypass zero-day (placeholder)",
4380
+ "rwep": 55,
4381
+ "cvss": 8.1,
4382
+ "cisa_kev": false,
4383
+ "epss_score": null,
3638
4384
  "referencing_skills": [],
3639
4385
  "chain": {
3640
4386
  "cwes": [],
@@ -3645,171 +4391,1134 @@
3645
4391
  "rfc_refs": []
3646
4392
  }
3647
4393
  },
3648
- "MAL-2026-TANSTACK-MINI": {
3649
- "name": "Mini Shai-Hulud (TanStack worm)",
3650
- "rwep": 55,
4394
+ "CVE-2026-30623": {
4395
+ "name": "Anthropic MCP SDK stdio command-injection",
4396
+ "rwep": 30,
4397
+ "cvss": 8.8,
4398
+ "cisa_kev": false,
4399
+ "epss_score": 0.02,
4400
+ "referencing_skills": [
4401
+ "ai-attack-surface",
4402
+ "rag-pipeline-security",
4403
+ "threat-modeling-methodology",
4404
+ "webapp-security",
4405
+ "api-security",
4406
+ "container-runtime-security"
4407
+ ],
4408
+ "chain": {
4409
+ "cwes": [
4410
+ {
4411
+ "id": "CWE-1039",
4412
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
4413
+ "category": "AI/ML"
4414
+ },
4415
+ {
4416
+ "id": "CWE-1188",
4417
+ "name": "Initialization of a Resource with an Insecure Default",
4418
+ "category": "Configuration"
4419
+ },
4420
+ {
4421
+ "id": "CWE-1395",
4422
+ "name": "Dependency on Vulnerable Third-Party Component",
4423
+ "category": "Supply Chain"
4424
+ },
4425
+ {
4426
+ "id": "CWE-1426",
4427
+ "name": "Improper Validation of Generative AI Output",
4428
+ "category": "AI/ML"
4429
+ },
4430
+ {
4431
+ "id": "CWE-200",
4432
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
4433
+ "category": "Information Exposure"
4434
+ },
4435
+ {
4436
+ "id": "CWE-22",
4437
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
4438
+ "category": "Path/Resource"
4439
+ },
4440
+ {
4441
+ "id": "CWE-269",
4442
+ "name": "Improper Privilege Management",
4443
+ "category": "Authorization"
4444
+ },
4445
+ {
4446
+ "id": "CWE-287",
4447
+ "name": "Improper Authentication",
4448
+ "category": "Authentication"
4449
+ },
4450
+ {
4451
+ "id": "CWE-352",
4452
+ "name": "Cross-Site Request Forgery (CSRF)",
4453
+ "category": "Session"
4454
+ },
4455
+ {
4456
+ "id": "CWE-434",
4457
+ "name": "Unrestricted Upload of File with Dangerous Type",
4458
+ "category": "File Handling"
4459
+ },
4460
+ {
4461
+ "id": "CWE-502",
4462
+ "name": "Deserialization of Untrusted Data",
4463
+ "category": "Serialization"
4464
+ },
4465
+ {
4466
+ "id": "CWE-732",
4467
+ "name": "Incorrect Permission Assignment for Critical Resource",
4468
+ "category": "Authorization"
4469
+ },
4470
+ {
4471
+ "id": "CWE-77",
4472
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
4473
+ "category": "Injection"
4474
+ },
4475
+ {
4476
+ "id": "CWE-78",
4477
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
4478
+ "category": "Injection"
4479
+ },
4480
+ {
4481
+ "id": "CWE-787",
4482
+ "name": "Out-of-bounds Write",
4483
+ "category": "Memory Safety"
4484
+ },
4485
+ {
4486
+ "id": "CWE-79",
4487
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
4488
+ "category": "Injection"
4489
+ },
4490
+ {
4491
+ "id": "CWE-862",
4492
+ "name": "Missing Authorization",
4493
+ "category": "Authorization"
4494
+ },
4495
+ {
4496
+ "id": "CWE-863",
4497
+ "name": "Incorrect Authorization",
4498
+ "category": "Authorization"
4499
+ },
4500
+ {
4501
+ "id": "CWE-89",
4502
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
4503
+ "category": "Injection"
4504
+ },
4505
+ {
4506
+ "id": "CWE-918",
4507
+ "name": "Server-Side Request Forgery (SSRF)",
4508
+ "category": "Network"
4509
+ },
4510
+ {
4511
+ "id": "CWE-94",
4512
+ "name": "Improper Control of Generation of Code (Code Injection)",
4513
+ "category": "Injection"
4514
+ }
4515
+ ],
4516
+ "atlas": [
4517
+ {
4518
+ "id": "AML.T0010",
4519
+ "name": "ML Supply Chain Compromise",
4520
+ "tactic": "Initial Access"
4521
+ },
4522
+ {
4523
+ "id": "AML.T0016",
4524
+ "name": "Obtain Capabilities: Develop Capabilities",
4525
+ "tactic": "Resource Development"
4526
+ },
4527
+ {
4528
+ "id": "AML.T0017",
4529
+ "name": "Discover ML Model Ontology",
4530
+ "tactic": "Discovery"
4531
+ },
4532
+ {
4533
+ "id": "AML.T0018",
4534
+ "name": "Backdoor ML Model",
4535
+ "tactic": "Persistence"
4536
+ },
4537
+ {
4538
+ "id": "AML.T0020",
4539
+ "name": "Poison Training Data",
4540
+ "tactic": "ML Attack Staging"
4541
+ },
4542
+ {
4543
+ "id": "AML.T0043",
4544
+ "name": "Craft Adversarial Data",
4545
+ "tactic": "ML Attack Staging"
4546
+ },
4547
+ {
4548
+ "id": "AML.T0051",
4549
+ "name": "LLM Prompt Injection",
4550
+ "tactic": "Execution"
4551
+ },
4552
+ {
4553
+ "id": "AML.T0054",
4554
+ "name": "LLM Jailbreak",
4555
+ "tactic": "Defense Evasion"
4556
+ },
4557
+ {
4558
+ "id": "AML.T0096",
4559
+ "name": "AI API as Covert C2 Channel",
4560
+ "tactic": "Command and Control"
4561
+ }
4562
+ ],
4563
+ "d3fend": [
4564
+ {
4565
+ "id": "D3-CSPP",
4566
+ "name": "Client-server Payload Profiling",
4567
+ "tactic": "Detect"
4568
+ },
4569
+ {
4570
+ "id": "D3-IOPR",
4571
+ "name": "Input/Output Profiling Resource",
4572
+ "tactic": "Detect"
4573
+ },
4574
+ {
4575
+ "id": "D3-NTA",
4576
+ "name": "Network Traffic Analysis",
4577
+ "tactic": "Detect"
4578
+ }
4579
+ ],
4580
+ "framework_gaps": [
4581
+ {
4582
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
4583
+ "framework": "ALL",
4584
+ "control_name": "AI Pipeline Integrity"
4585
+ },
4586
+ {
4587
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
4588
+ "framework": "ALL",
4589
+ "control_name": "Prompt Injection as Access Control Failure"
4590
+ },
4591
+ {
4592
+ "id": "ISO-27001-2022-A.8.28",
4593
+ "framework": "ISO/IEC 27001:2022",
4594
+ "control_name": "Secure coding"
4595
+ },
4596
+ {
4597
+ "id": "ISO-IEC-23894-2023-clause-7",
4598
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
4599
+ "control_name": "AI risk management process"
4600
+ },
4601
+ {
4602
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
4603
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
4604
+ "control_name": "AI risk assessment"
4605
+ },
4606
+ {
4607
+ "id": "NIST-800-218-SSDF",
4608
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
4609
+ "control_name": "Secure Software Development Framework"
4610
+ },
4611
+ {
4612
+ "id": "NIST-800-53-AC-2",
4613
+ "framework": "NIST SP 800-53 Rev 5",
4614
+ "control_name": "Account Management"
4615
+ },
4616
+ {
4617
+ "id": "NIST-800-53-CM-7",
4618
+ "framework": "NIST SP 800-53 Rev 5",
4619
+ "control_name": "Least Functionality"
4620
+ },
4621
+ {
4622
+ "id": "NIST-800-53-SI-12",
4623
+ "framework": "NIST SP 800-53 Rev 5",
4624
+ "control_name": "Information Management and Retention"
4625
+ },
4626
+ {
4627
+ "id": "NIST-800-53-SI-3",
4628
+ "framework": "NIST SP 800-53 Rev 5",
4629
+ "control_name": "Malicious Code Protection"
4630
+ },
4631
+ {
4632
+ "id": "NIST-AI-RMF-MEASURE-2.5",
4633
+ "framework": "NIST AI RMF 1.0",
4634
+ "control_name": "AI system to human interaction evaluation"
4635
+ },
4636
+ {
4637
+ "id": "OWASP-ASVS-v5.0-V14",
4638
+ "framework": "OWASP ASVS v5.0",
4639
+ "control_name": "Configuration verification"
4640
+ },
4641
+ {
4642
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
4643
+ "framework": "OWASP Top 10 for LLM Applications 2025",
4644
+ "control_name": "Prompt Injection"
4645
+ },
4646
+ {
4647
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
4648
+ "framework": "OWASP Top 10 for LLM Applications 2025",
4649
+ "control_name": "Sensitive Information Disclosure"
4650
+ },
4651
+ {
4652
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
4653
+ "framework": "OWASP Top 10 for LLM Applications 2025",
4654
+ "control_name": "Vector and Embedding Weaknesses"
4655
+ },
4656
+ {
4657
+ "id": "SLSA-v1.0-Build-L3",
4658
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
4659
+ "control_name": "Hardened build platform with non-falsifiable provenance"
4660
+ },
4661
+ {
4662
+ "id": "SOC2-CC6-logical-access",
4663
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
4664
+ "control_name": "Logical and Physical Access Controls"
4665
+ }
4666
+ ],
4667
+ "attack_refs": [
4668
+ "T1059",
4669
+ "T1068",
4670
+ "T1078",
4671
+ "T1190",
4672
+ "T1505",
4673
+ "T1565",
4674
+ "T1566",
4675
+ "T1567",
4676
+ "T1610",
4677
+ "T1611"
4678
+ ],
4679
+ "rfc_refs": [
4680
+ "RFC-6749",
4681
+ "RFC-7519",
4682
+ "RFC-8032",
4683
+ "RFC-8446",
4684
+ "RFC-8725",
4685
+ "RFC-9114",
4686
+ "RFC-9421",
4687
+ "RFC-9700"
4688
+ ]
4689
+ }
4690
+ },
4691
+ "CVE-2025-12686": {
4692
+ "name": "Synology BeeStation unauth RCE (Pwn2Own Ireland 2025)",
4693
+ "rwep": 45,
3651
4694
  "cvss": 9.8,
3652
- "cisa_kev": false,
3653
- "epss_score": null,
3654
- "referencing_skills": [],
4695
+ "cisa_kev": false,
4696
+ "epss_score": 0.04,
4697
+ "referencing_skills": [
4698
+ "kernel-lpe-triage"
4699
+ ],
3655
4700
  "chain": {
3656
- "cwes": [],
4701
+ "cwes": [
4702
+ {
4703
+ "id": "CWE-125",
4704
+ "name": "Out-of-bounds Read",
4705
+ "category": "Memory Safety"
4706
+ },
4707
+ {
4708
+ "id": "CWE-362",
4709
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
4710
+ "category": "Concurrency"
4711
+ },
4712
+ {
4713
+ "id": "CWE-416",
4714
+ "name": "Use After Free",
4715
+ "category": "Memory Safety"
4716
+ },
4717
+ {
4718
+ "id": "CWE-672",
4719
+ "name": "Operation on a Resource after Expiration or Release",
4720
+ "category": "Memory Safety"
4721
+ },
4722
+ {
4723
+ "id": "CWE-787",
4724
+ "name": "Out-of-bounds Write",
4725
+ "category": "Memory Safety"
4726
+ }
4727
+ ],
3657
4728
  "atlas": [],
3658
- "d3fend": [],
3659
- "framework_gaps": [],
3660
- "attack_refs": [],
3661
- "rfc_refs": []
4729
+ "d3fend": [
4730
+ {
4731
+ "id": "D3-ASLR",
4732
+ "name": "Address Space Layout Randomization",
4733
+ "tactic": "Harden"
4734
+ },
4735
+ {
4736
+ "id": "D3-EAL",
4737
+ "name": "Executable Allowlisting",
4738
+ "tactic": "Harden"
4739
+ },
4740
+ {
4741
+ "id": "D3-PHRA",
4742
+ "name": "Process Hardware Resource Access",
4743
+ "tactic": "Isolate"
4744
+ },
4745
+ {
4746
+ "id": "D3-PSEP",
4747
+ "name": "Process Segment Execution Prevention",
4748
+ "tactic": "Harden"
4749
+ }
4750
+ ],
4751
+ "framework_gaps": [
4752
+ {
4753
+ "id": "CIS-Controls-v8-Control7",
4754
+ "framework": "CIS Controls v8",
4755
+ "control_name": "Continuous Vulnerability Management"
4756
+ },
4757
+ {
4758
+ "id": "ISO-27001-2022-A.8.8",
4759
+ "framework": "ISO/IEC 27001:2022",
4760
+ "control_name": "Management of technical vulnerabilities"
4761
+ },
4762
+ {
4763
+ "id": "NIS2-Art21-patch-management",
4764
+ "framework": "EU NIS2 Directive",
4765
+ "control_name": "Vulnerability handling and disclosure"
4766
+ },
4767
+ {
4768
+ "id": "NIST-800-53-SC-8",
4769
+ "framework": "NIST SP 800-53 Rev 5",
4770
+ "control_name": "Transmission Confidentiality and Integrity"
4771
+ },
4772
+ {
4773
+ "id": "NIST-800-53-SI-2",
4774
+ "framework": "NIST SP 800-53 Rev 5",
4775
+ "control_name": "Flaw Remediation"
4776
+ },
4777
+ {
4778
+ "id": "PCI-DSS-4.0-6.3.3",
4779
+ "framework": "PCI DSS 4.0",
4780
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
4781
+ }
4782
+ ],
4783
+ "attack_refs": [
4784
+ "T1068",
4785
+ "T1548.001"
4786
+ ],
4787
+ "rfc_refs": [
4788
+ "RFC-4301",
4789
+ "RFC-4303",
4790
+ "RFC-7296"
4791
+ ]
3662
4792
  }
3663
4793
  },
3664
- "MAL-2026-ANTHROPIC-MCP-STDIO": {
3665
- "name": "Anthropic SDK MCP STDIO command-injection (embargoed)",
3666
- "rwep": 25,
3667
- "cvss": 9,
4794
+ "CVE-2025-62847": {
4795
+ "name": "QNAP QTS/QuTS hero RCE (Pwn2Own Ireland 2025, chain 1/3)",
4796
+ "rwep": 40,
4797
+ "cvss": 9.8,
3668
4798
  "cisa_kev": false,
3669
- "epss_score": null,
3670
- "referencing_skills": [],
4799
+ "epss_score": 0.03,
4800
+ "referencing_skills": [
4801
+ "kernel-lpe-triage"
4802
+ ],
3671
4803
  "chain": {
3672
- "cwes": [],
4804
+ "cwes": [
4805
+ {
4806
+ "id": "CWE-125",
4807
+ "name": "Out-of-bounds Read",
4808
+ "category": "Memory Safety"
4809
+ },
4810
+ {
4811
+ "id": "CWE-362",
4812
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
4813
+ "category": "Concurrency"
4814
+ },
4815
+ {
4816
+ "id": "CWE-416",
4817
+ "name": "Use After Free",
4818
+ "category": "Memory Safety"
4819
+ },
4820
+ {
4821
+ "id": "CWE-672",
4822
+ "name": "Operation on a Resource after Expiration or Release",
4823
+ "category": "Memory Safety"
4824
+ },
4825
+ {
4826
+ "id": "CWE-787",
4827
+ "name": "Out-of-bounds Write",
4828
+ "category": "Memory Safety"
4829
+ }
4830
+ ],
3673
4831
  "atlas": [],
3674
- "d3fend": [],
3675
- "framework_gaps": [],
3676
- "attack_refs": [],
3677
- "rfc_refs": []
4832
+ "d3fend": [
4833
+ {
4834
+ "id": "D3-ASLR",
4835
+ "name": "Address Space Layout Randomization",
4836
+ "tactic": "Harden"
4837
+ },
4838
+ {
4839
+ "id": "D3-EAL",
4840
+ "name": "Executable Allowlisting",
4841
+ "tactic": "Harden"
4842
+ },
4843
+ {
4844
+ "id": "D3-PHRA",
4845
+ "name": "Process Hardware Resource Access",
4846
+ "tactic": "Isolate"
4847
+ },
4848
+ {
4849
+ "id": "D3-PSEP",
4850
+ "name": "Process Segment Execution Prevention",
4851
+ "tactic": "Harden"
4852
+ }
4853
+ ],
4854
+ "framework_gaps": [
4855
+ {
4856
+ "id": "CIS-Controls-v8-Control7",
4857
+ "framework": "CIS Controls v8",
4858
+ "control_name": "Continuous Vulnerability Management"
4859
+ },
4860
+ {
4861
+ "id": "ISO-27001-2022-A.8.8",
4862
+ "framework": "ISO/IEC 27001:2022",
4863
+ "control_name": "Management of technical vulnerabilities"
4864
+ },
4865
+ {
4866
+ "id": "NIS2-Art21-patch-management",
4867
+ "framework": "EU NIS2 Directive",
4868
+ "control_name": "Vulnerability handling and disclosure"
4869
+ },
4870
+ {
4871
+ "id": "NIST-800-53-SC-8",
4872
+ "framework": "NIST SP 800-53 Rev 5",
4873
+ "control_name": "Transmission Confidentiality and Integrity"
4874
+ },
4875
+ {
4876
+ "id": "NIST-800-53-SI-2",
4877
+ "framework": "NIST SP 800-53 Rev 5",
4878
+ "control_name": "Flaw Remediation"
4879
+ },
4880
+ {
4881
+ "id": "PCI-DSS-4.0-6.3.3",
4882
+ "framework": "PCI DSS 4.0",
4883
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
4884
+ }
4885
+ ],
4886
+ "attack_refs": [
4887
+ "T1068",
4888
+ "T1548.001"
4889
+ ],
4890
+ "rfc_refs": [
4891
+ "RFC-4301",
4892
+ "RFC-4303",
4893
+ "RFC-7296"
4894
+ ]
3678
4895
  }
3679
4896
  },
3680
- "CVE-2026-GTIG-AI-2FA": {
3681
- "name": "GTIG-tracked AI-built 2FA-bypass zero-day (placeholder)",
3682
- "rwep": 55,
3683
- "cvss": 8.1,
4897
+ "CVE-2025-62848": {
4898
+ "name": "QNAP QTS/QuTS hero RCE (Pwn2Own Ireland 2025, chain 2/3)",
4899
+ "rwep": 40,
4900
+ "cvss": 9.8,
3684
4901
  "cisa_kev": false,
3685
- "epss_score": null,
3686
- "referencing_skills": [],
4902
+ "epss_score": 0.03,
4903
+ "referencing_skills": [
4904
+ "kernel-lpe-triage"
4905
+ ],
3687
4906
  "chain": {
3688
- "cwes": [],
4907
+ "cwes": [
4908
+ {
4909
+ "id": "CWE-125",
4910
+ "name": "Out-of-bounds Read",
4911
+ "category": "Memory Safety"
4912
+ },
4913
+ {
4914
+ "id": "CWE-362",
4915
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
4916
+ "category": "Concurrency"
4917
+ },
4918
+ {
4919
+ "id": "CWE-416",
4920
+ "name": "Use After Free",
4921
+ "category": "Memory Safety"
4922
+ },
4923
+ {
4924
+ "id": "CWE-672",
4925
+ "name": "Operation on a Resource after Expiration or Release",
4926
+ "category": "Memory Safety"
4927
+ },
4928
+ {
4929
+ "id": "CWE-787",
4930
+ "name": "Out-of-bounds Write",
4931
+ "category": "Memory Safety"
4932
+ }
4933
+ ],
3689
4934
  "atlas": [],
3690
- "d3fend": [],
3691
- "framework_gaps": [],
3692
- "attack_refs": [],
3693
- "rfc_refs": []
4935
+ "d3fend": [
4936
+ {
4937
+ "id": "D3-ASLR",
4938
+ "name": "Address Space Layout Randomization",
4939
+ "tactic": "Harden"
4940
+ },
4941
+ {
4942
+ "id": "D3-EAL",
4943
+ "name": "Executable Allowlisting",
4944
+ "tactic": "Harden"
4945
+ },
4946
+ {
4947
+ "id": "D3-PHRA",
4948
+ "name": "Process Hardware Resource Access",
4949
+ "tactic": "Isolate"
4950
+ },
4951
+ {
4952
+ "id": "D3-PSEP",
4953
+ "name": "Process Segment Execution Prevention",
4954
+ "tactic": "Harden"
4955
+ }
4956
+ ],
4957
+ "framework_gaps": [
4958
+ {
4959
+ "id": "CIS-Controls-v8-Control7",
4960
+ "framework": "CIS Controls v8",
4961
+ "control_name": "Continuous Vulnerability Management"
4962
+ },
4963
+ {
4964
+ "id": "ISO-27001-2022-A.8.8",
4965
+ "framework": "ISO/IEC 27001:2022",
4966
+ "control_name": "Management of technical vulnerabilities"
4967
+ },
4968
+ {
4969
+ "id": "NIS2-Art21-patch-management",
4970
+ "framework": "EU NIS2 Directive",
4971
+ "control_name": "Vulnerability handling and disclosure"
4972
+ },
4973
+ {
4974
+ "id": "NIST-800-53-SC-8",
4975
+ "framework": "NIST SP 800-53 Rev 5",
4976
+ "control_name": "Transmission Confidentiality and Integrity"
4977
+ },
4978
+ {
4979
+ "id": "NIST-800-53-SI-2",
4980
+ "framework": "NIST SP 800-53 Rev 5",
4981
+ "control_name": "Flaw Remediation"
4982
+ },
4983
+ {
4984
+ "id": "PCI-DSS-4.0-6.3.3",
4985
+ "framework": "PCI DSS 4.0",
4986
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
4987
+ }
4988
+ ],
4989
+ "attack_refs": [
4990
+ "T1068",
4991
+ "T1548.001"
4992
+ ],
4993
+ "rfc_refs": [
4994
+ "RFC-4301",
4995
+ "RFC-4303",
4996
+ "RFC-7296"
4997
+ ]
3694
4998
  }
3695
4999
  },
3696
- "CVE-2026-30623": {
3697
- "name": "Anthropic MCP SDK stdio command-injection",
3698
- "rwep": 30,
5000
+ "CVE-2025-62849": {
5001
+ "name": "QNAP QTS/QuTS hero RCE (Pwn2Own Ireland 2025, chain 3/3)",
5002
+ "rwep": 35,
3699
5003
  "cvss": 8.8,
3700
5004
  "cisa_kev": false,
3701
5005
  "epss_score": 0.02,
3702
- "referencing_skills": [],
5006
+ "referencing_skills": [
5007
+ "kernel-lpe-triage"
5008
+ ],
3703
5009
  "chain": {
3704
- "cwes": [],
5010
+ "cwes": [
5011
+ {
5012
+ "id": "CWE-125",
5013
+ "name": "Out-of-bounds Read",
5014
+ "category": "Memory Safety"
5015
+ },
5016
+ {
5017
+ "id": "CWE-362",
5018
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
5019
+ "category": "Concurrency"
5020
+ },
5021
+ {
5022
+ "id": "CWE-416",
5023
+ "name": "Use After Free",
5024
+ "category": "Memory Safety"
5025
+ },
5026
+ {
5027
+ "id": "CWE-672",
5028
+ "name": "Operation on a Resource after Expiration or Release",
5029
+ "category": "Memory Safety"
5030
+ },
5031
+ {
5032
+ "id": "CWE-787",
5033
+ "name": "Out-of-bounds Write",
5034
+ "category": "Memory Safety"
5035
+ }
5036
+ ],
3705
5037
  "atlas": [],
3706
- "d3fend": [],
3707
- "framework_gaps": [],
3708
- "attack_refs": [],
3709
- "rfc_refs": []
5038
+ "d3fend": [
5039
+ {
5040
+ "id": "D3-ASLR",
5041
+ "name": "Address Space Layout Randomization",
5042
+ "tactic": "Harden"
5043
+ },
5044
+ {
5045
+ "id": "D3-EAL",
5046
+ "name": "Executable Allowlisting",
5047
+ "tactic": "Harden"
5048
+ },
5049
+ {
5050
+ "id": "D3-PHRA",
5051
+ "name": "Process Hardware Resource Access",
5052
+ "tactic": "Isolate"
5053
+ },
5054
+ {
5055
+ "id": "D3-PSEP",
5056
+ "name": "Process Segment Execution Prevention",
5057
+ "tactic": "Harden"
5058
+ }
5059
+ ],
5060
+ "framework_gaps": [
5061
+ {
5062
+ "id": "CIS-Controls-v8-Control7",
5063
+ "framework": "CIS Controls v8",
5064
+ "control_name": "Continuous Vulnerability Management"
5065
+ },
5066
+ {
5067
+ "id": "ISO-27001-2022-A.8.8",
5068
+ "framework": "ISO/IEC 27001:2022",
5069
+ "control_name": "Management of technical vulnerabilities"
5070
+ },
5071
+ {
5072
+ "id": "NIS2-Art21-patch-management",
5073
+ "framework": "EU NIS2 Directive",
5074
+ "control_name": "Vulnerability handling and disclosure"
5075
+ },
5076
+ {
5077
+ "id": "NIST-800-53-SC-8",
5078
+ "framework": "NIST SP 800-53 Rev 5",
5079
+ "control_name": "Transmission Confidentiality and Integrity"
5080
+ },
5081
+ {
5082
+ "id": "NIST-800-53-SI-2",
5083
+ "framework": "NIST SP 800-53 Rev 5",
5084
+ "control_name": "Flaw Remediation"
5085
+ },
5086
+ {
5087
+ "id": "PCI-DSS-4.0-6.3.3",
5088
+ "framework": "PCI DSS 4.0",
5089
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
5090
+ }
5091
+ ],
5092
+ "attack_refs": [
5093
+ "T1068",
5094
+ "T1548.001"
5095
+ ],
5096
+ "rfc_refs": [
5097
+ "RFC-4301",
5098
+ "RFC-4303",
5099
+ "RFC-7296"
5100
+ ]
3710
5101
  }
3711
5102
  },
3712
- "CVE-2025-12686": {
3713
- "name": "Synology BeeStation unauth RCE (Pwn2Own Ireland 2025)",
5103
+ "CVE-2025-59389": {
5104
+ "name": "QNAP Hyper Data Protector critical RCE (Pwn2Own Ireland 2025)",
3714
5105
  "rwep": 45,
3715
5106
  "cvss": 9.8,
3716
5107
  "cisa_kev": false,
3717
- "epss_score": 0.04,
3718
- "referencing_skills": [],
3719
- "chain": {
3720
- "cwes": [],
3721
- "atlas": [],
3722
- "d3fend": [],
3723
- "framework_gaps": [],
3724
- "attack_refs": [],
3725
- "rfc_refs": []
3726
- }
3727
- },
3728
- "CVE-2025-62847": {
3729
- "name": "QNAP QTS/QuTS hero RCE (Pwn2Own Ireland 2025, chain 1/3)",
3730
- "rwep": 40,
3731
- "cvss": 9.8,
3732
- "cisa_kev": false,
3733
- "epss_score": 0.03,
3734
- "referencing_skills": [],
5108
+ "epss_score": 0.05,
5109
+ "referencing_skills": [
5110
+ "kernel-lpe-triage"
5111
+ ],
3735
5112
  "chain": {
3736
- "cwes": [],
5113
+ "cwes": [
5114
+ {
5115
+ "id": "CWE-125",
5116
+ "name": "Out-of-bounds Read",
5117
+ "category": "Memory Safety"
5118
+ },
5119
+ {
5120
+ "id": "CWE-362",
5121
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
5122
+ "category": "Concurrency"
5123
+ },
5124
+ {
5125
+ "id": "CWE-416",
5126
+ "name": "Use After Free",
5127
+ "category": "Memory Safety"
5128
+ },
5129
+ {
5130
+ "id": "CWE-672",
5131
+ "name": "Operation on a Resource after Expiration or Release",
5132
+ "category": "Memory Safety"
5133
+ },
5134
+ {
5135
+ "id": "CWE-787",
5136
+ "name": "Out-of-bounds Write",
5137
+ "category": "Memory Safety"
5138
+ }
5139
+ ],
3737
5140
  "atlas": [],
3738
- "d3fend": [],
3739
- "framework_gaps": [],
3740
- "attack_refs": [],
3741
- "rfc_refs": []
5141
+ "d3fend": [
5142
+ {
5143
+ "id": "D3-ASLR",
5144
+ "name": "Address Space Layout Randomization",
5145
+ "tactic": "Harden"
5146
+ },
5147
+ {
5148
+ "id": "D3-EAL",
5149
+ "name": "Executable Allowlisting",
5150
+ "tactic": "Harden"
5151
+ },
5152
+ {
5153
+ "id": "D3-PHRA",
5154
+ "name": "Process Hardware Resource Access",
5155
+ "tactic": "Isolate"
5156
+ },
5157
+ {
5158
+ "id": "D3-PSEP",
5159
+ "name": "Process Segment Execution Prevention",
5160
+ "tactic": "Harden"
5161
+ }
5162
+ ],
5163
+ "framework_gaps": [
5164
+ {
5165
+ "id": "CIS-Controls-v8-Control7",
5166
+ "framework": "CIS Controls v8",
5167
+ "control_name": "Continuous Vulnerability Management"
5168
+ },
5169
+ {
5170
+ "id": "ISO-27001-2022-A.8.8",
5171
+ "framework": "ISO/IEC 27001:2022",
5172
+ "control_name": "Management of technical vulnerabilities"
5173
+ },
5174
+ {
5175
+ "id": "NIS2-Art21-patch-management",
5176
+ "framework": "EU NIS2 Directive",
5177
+ "control_name": "Vulnerability handling and disclosure"
5178
+ },
5179
+ {
5180
+ "id": "NIST-800-53-SC-8",
5181
+ "framework": "NIST SP 800-53 Rev 5",
5182
+ "control_name": "Transmission Confidentiality and Integrity"
5183
+ },
5184
+ {
5185
+ "id": "NIST-800-53-SI-2",
5186
+ "framework": "NIST SP 800-53 Rev 5",
5187
+ "control_name": "Flaw Remediation"
5188
+ },
5189
+ {
5190
+ "id": "PCI-DSS-4.0-6.3.3",
5191
+ "framework": "PCI DSS 4.0",
5192
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
5193
+ }
5194
+ ],
5195
+ "attack_refs": [
5196
+ "T1068",
5197
+ "T1548.001"
5198
+ ],
5199
+ "rfc_refs": [
5200
+ "RFC-4301",
5201
+ "RFC-4303",
5202
+ "RFC-7296"
5203
+ ]
3742
5204
  }
3743
5205
  },
3744
- "CVE-2025-62848": {
3745
- "name": "QNAP QTS/QuTS hero RCE (Pwn2Own Ireland 2025, chain 2/3)",
5206
+ "CVE-2025-11837": {
5207
+ "name": "QNAP Malware Remover code-injection",
3746
5208
  "rwep": 40,
3747
- "cvss": 9.8,
3748
- "cisa_kev": false,
3749
- "epss_score": 0.03,
3750
- "referencing_skills": [],
3751
- "chain": {
3752
- "cwes": [],
3753
- "atlas": [],
3754
- "d3fend": [],
3755
- "framework_gaps": [],
3756
- "attack_refs": [],
3757
- "rfc_refs": []
3758
- }
3759
- },
3760
- "CVE-2025-62849": {
3761
- "name": "QNAP QTS/QuTS hero RCE (Pwn2Own Ireland 2025, chain 3/3)",
3762
- "rwep": 35,
3763
- "cvss": 8.8,
3764
- "cisa_kev": false,
3765
- "epss_score": 0.02,
3766
- "referencing_skills": [],
3767
- "chain": {
3768
- "cwes": [],
3769
- "atlas": [],
3770
- "d3fend": [],
3771
- "framework_gaps": [],
3772
- "attack_refs": [],
3773
- "rfc_refs": []
3774
- }
3775
- },
3776
- "CVE-2025-59389": {
3777
- "name": "QNAP Hyper Data Protector critical RCE (Pwn2Own Ireland 2025)",
3778
- "rwep": 45,
3779
- "cvss": 9.8,
5209
+ "cvss": 8,
3780
5210
  "cisa_kev": false,
3781
- "epss_score": 0.05,
3782
- "referencing_skills": [],
5211
+ "epss_score": 0.025,
5212
+ "referencing_skills": [
5213
+ "ai-attack-surface",
5214
+ "ai-c2-detection",
5215
+ "email-security-anti-phishing"
5216
+ ],
3783
5217
  "chain": {
3784
- "cwes": [],
3785
- "atlas": [],
3786
- "d3fend": [],
3787
- "framework_gaps": [],
3788
- "attack_refs": [],
3789
- "rfc_refs": []
5218
+ "cwes": [
5219
+ {
5220
+ "id": "CWE-1039",
5221
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
5222
+ "category": "AI/ML"
5223
+ },
5224
+ {
5225
+ "id": "CWE-1426",
5226
+ "name": "Improper Validation of Generative AI Output",
5227
+ "category": "AI/ML"
5228
+ },
5229
+ {
5230
+ "id": "CWE-94",
5231
+ "name": "Improper Control of Generation of Code (Code Injection)",
5232
+ "category": "Injection"
5233
+ }
5234
+ ],
5235
+ "atlas": [
5236
+ {
5237
+ "id": "AML.T0016",
5238
+ "name": "Obtain Capabilities: Develop Capabilities",
5239
+ "tactic": "Resource Development"
5240
+ },
5241
+ {
5242
+ "id": "AML.T0017",
5243
+ "name": "Discover ML Model Ontology",
5244
+ "tactic": "Discovery"
5245
+ },
5246
+ {
5247
+ "id": "AML.T0018",
5248
+ "name": "Backdoor ML Model",
5249
+ "tactic": "Persistence"
5250
+ },
5251
+ {
5252
+ "id": "AML.T0020",
5253
+ "name": "Poison Training Data",
5254
+ "tactic": "ML Attack Staging"
5255
+ },
5256
+ {
5257
+ "id": "AML.T0043",
5258
+ "name": "Craft Adversarial Data",
5259
+ "tactic": "ML Attack Staging"
5260
+ },
5261
+ {
5262
+ "id": "AML.T0051",
5263
+ "name": "LLM Prompt Injection",
5264
+ "tactic": "Execution"
5265
+ },
5266
+ {
5267
+ "id": "AML.T0054",
5268
+ "name": "LLM Jailbreak",
5269
+ "tactic": "Defense Evasion"
5270
+ },
5271
+ {
5272
+ "id": "AML.T0096",
5273
+ "name": "AI API as Covert C2 Channel",
5274
+ "tactic": "Command and Control"
5275
+ }
5276
+ ],
5277
+ "d3fend": [
5278
+ {
5279
+ "id": "D3-CA",
5280
+ "name": "Certificate Analysis",
5281
+ "tactic": "Detect"
5282
+ },
5283
+ {
5284
+ "id": "D3-CSPP",
5285
+ "name": "Client-server Payload Profiling",
5286
+ "tactic": "Detect"
5287
+ },
5288
+ {
5289
+ "id": "D3-DA",
5290
+ "name": "Domain Analysis",
5291
+ "tactic": "Detect"
5292
+ },
5293
+ {
5294
+ "id": "D3-IOPR",
5295
+ "name": "Input/Output Profiling Resource",
5296
+ "tactic": "Detect"
5297
+ },
5298
+ {
5299
+ "id": "D3-NI",
5300
+ "name": "Network Isolation",
5301
+ "tactic": "Isolate"
5302
+ },
5303
+ {
5304
+ "id": "D3-NTA",
5305
+ "name": "Network Traffic Analysis",
5306
+ "tactic": "Detect"
5307
+ },
5308
+ {
5309
+ "id": "D3-NTPM",
5310
+ "name": "Network Traffic Policy Mapping",
5311
+ "tactic": "Model"
5312
+ }
5313
+ ],
5314
+ "framework_gaps": [
5315
+ {
5316
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
5317
+ "framework": "ALL",
5318
+ "control_name": "AI Pipeline Integrity"
5319
+ },
5320
+ {
5321
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
5322
+ "framework": "ALL",
5323
+ "control_name": "Prompt Injection as Access Control Failure"
5324
+ },
5325
+ {
5326
+ "id": "ISO-27001-2022-A.8.16",
5327
+ "framework": "ISO/IEC 27001:2022",
5328
+ "control_name": "Monitoring activities"
5329
+ },
5330
+ {
5331
+ "id": "ISO-27001-2022-A.8.28",
5332
+ "framework": "ISO/IEC 27001:2022",
5333
+ "control_name": "Secure coding"
5334
+ },
5335
+ {
5336
+ "id": "ISO-IEC-23894-2023-clause-7",
5337
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
5338
+ "control_name": "AI risk management process"
5339
+ },
5340
+ {
5341
+ "id": "NIST-800-53-AC-2",
5342
+ "framework": "NIST SP 800-53 Rev 5",
5343
+ "control_name": "Account Management"
5344
+ },
5345
+ {
5346
+ "id": "NIST-800-53-SC-7",
5347
+ "framework": "NIST SP 800-53 Rev 5",
5348
+ "control_name": "Boundary Protection"
5349
+ },
5350
+ {
5351
+ "id": "NIST-800-53-SI-3",
5352
+ "framework": "NIST SP 800-53 Rev 5",
5353
+ "control_name": "Malicious Code Protection"
5354
+ },
5355
+ {
5356
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
5357
+ "framework": "OWASP Top 10 for LLM Applications 2025",
5358
+ "control_name": "Prompt Injection"
5359
+ },
5360
+ {
5361
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
5362
+ "framework": "OWASP Top 10 for LLM Applications 2025",
5363
+ "control_name": "Sensitive Information Disclosure"
5364
+ },
5365
+ {
5366
+ "id": "SOC2-CC6-logical-access",
5367
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
5368
+ "control_name": "Logical and Physical Access Controls"
5369
+ },
5370
+ {
5371
+ "id": "SOC2-CC7-anomaly-detection",
5372
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
5373
+ "control_name": "System Operations — Threat and Vulnerability Management"
5374
+ }
5375
+ ],
5376
+ "attack_refs": [
5377
+ "T1059",
5378
+ "T1071",
5379
+ "T1078",
5380
+ "T1102",
5381
+ "T1190",
5382
+ "T1566",
5383
+ "T1566.001",
5384
+ "T1566.002",
5385
+ "T1566.003",
5386
+ "T1568"
5387
+ ],
5388
+ "rfc_refs": [
5389
+ "RFC-8446",
5390
+ "RFC-9000",
5391
+ "RFC-9114",
5392
+ "RFC-9180",
5393
+ "RFC-9421",
5394
+ "RFC-9458"
5395
+ ]
3790
5396
  }
3791
5397
  },
3792
- "CVE-2025-11837": {
3793
- "name": "QNAP Malware Remover code-injection",
5398
+ "CVE-2026-42945": {
5399
+ "name": "NGINX Rift",
3794
5400
  "rwep": 40,
3795
- "cvss": 8,
5401
+ "cvss": 9.2,
3796
5402
  "cisa_kev": false,
3797
- "epss_score": 0.025,
3798
- "referencing_skills": [],
5403
+ "epss_score": null,
5404
+ "referencing_skills": [
5405
+ "kernel-lpe-triage",
5406
+ "coordinated-vuln-disclosure"
5407
+ ],
3799
5408
  "chain": {
3800
- "cwes": [],
5409
+ "cwes": [
5410
+ {
5411
+ "id": "CWE-125",
5412
+ "name": "Out-of-bounds Read",
5413
+ "category": "Memory Safety"
5414
+ },
5415
+ {
5416
+ "id": "CWE-1357",
5417
+ "name": "Reliance on Insufficiently Trustworthy Component",
5418
+ "category": "Supply Chain"
5419
+ },
5420
+ {
5421
+ "id": "CWE-362",
5422
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
5423
+ "category": "Concurrency"
5424
+ },
5425
+ {
5426
+ "id": "CWE-416",
5427
+ "name": "Use After Free",
5428
+ "category": "Memory Safety"
5429
+ },
5430
+ {
5431
+ "id": "CWE-672",
5432
+ "name": "Operation on a Resource after Expiration or Release",
5433
+ "category": "Memory Safety"
5434
+ },
5435
+ {
5436
+ "id": "CWE-787",
5437
+ "name": "Out-of-bounds Write",
5438
+ "category": "Memory Safety"
5439
+ }
5440
+ ],
3801
5441
  "atlas": [],
3802
- "d3fend": [],
3803
- "framework_gaps": [],
3804
- "attack_refs": [],
3805
- "rfc_refs": []
5442
+ "d3fend": [
5443
+ {
5444
+ "id": "D3-ASLR",
5445
+ "name": "Address Space Layout Randomization",
5446
+ "tactic": "Harden"
5447
+ },
5448
+ {
5449
+ "id": "D3-EAL",
5450
+ "name": "Executable Allowlisting",
5451
+ "tactic": "Harden"
5452
+ },
5453
+ {
5454
+ "id": "D3-PHRA",
5455
+ "name": "Process Hardware Resource Access",
5456
+ "tactic": "Isolate"
5457
+ },
5458
+ {
5459
+ "id": "D3-PSEP",
5460
+ "name": "Process Segment Execution Prevention",
5461
+ "tactic": "Harden"
5462
+ }
5463
+ ],
5464
+ "framework_gaps": [
5465
+ {
5466
+ "id": "CIS-Controls-v8-Control7",
5467
+ "framework": "CIS Controls v8",
5468
+ "control_name": "Continuous Vulnerability Management"
5469
+ },
5470
+ {
5471
+ "id": "ISO-27001-2022-A.8.8",
5472
+ "framework": "ISO/IEC 27001:2022",
5473
+ "control_name": "Management of technical vulnerabilities"
5474
+ },
5475
+ {
5476
+ "id": "NIS2-Art21-patch-management",
5477
+ "framework": "EU NIS2 Directive",
5478
+ "control_name": "Vulnerability handling and disclosure"
5479
+ },
5480
+ {
5481
+ "id": "NIST-800-218-SSDF",
5482
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
5483
+ "control_name": "Secure Software Development Framework"
5484
+ },
5485
+ {
5486
+ "id": "NIST-800-53-SC-8",
5487
+ "framework": "NIST SP 800-53 Rev 5",
5488
+ "control_name": "Transmission Confidentiality and Integrity"
5489
+ },
5490
+ {
5491
+ "id": "NIST-800-53-SI-2",
5492
+ "framework": "NIST SP 800-53 Rev 5",
5493
+ "control_name": "Flaw Remediation"
5494
+ },
5495
+ {
5496
+ "id": "PCI-DSS-4.0-6.3.3",
5497
+ "framework": "PCI DSS 4.0",
5498
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
5499
+ },
5500
+ {
5501
+ "id": "SOC2-CC9-vendor-management",
5502
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
5503
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
5504
+ }
5505
+ ],
5506
+ "attack_refs": [
5507
+ "T1068",
5508
+ "T1548.001"
5509
+ ],
5510
+ "rfc_refs": [
5511
+ "RFC-4301",
5512
+ "RFC-4303",
5513
+ "RFC-7296"
5514
+ ]
3806
5515
  }
3807
5516
  },
3808
- "CVE-2026-42945": {
3809
- "name": "NGINX Rift",
3810
- "rwep": 40,
3811
- "cvss": 9.2,
3812
- "cisa_kev": false,
5517
+ "CVE-2026-0300": {
5518
+ "name": "PAN-UID — Palo Alto Networks PAN-OS User-ID Authentication Portal RCE",
5519
+ "rwep": 73,
5520
+ "cvss": 9.3,
5521
+ "cisa_kev": true,
3813
5522
  "epss_score": null,
3814
5523
  "referencing_skills": [
3815
5524
  "kernel-lpe-triage",
@@ -3924,15 +5633,135 @@
3924
5633
  ]
3925
5634
  }
3926
5635
  },
3927
- "CVE-2026-0300": {
3928
- "name": "PAN-UID Palo Alto Networks PAN-OS User-ID Authentication Portal RCE",
3929
- "rwep": 73,
3930
- "cvss": 9.3,
5636
+ "CVE-2026-39987": {
5637
+ "name": "Marimo Python Notebook Pre-Auth WebSocket Terminal RCE",
5638
+ "rwep": 62,
5639
+ "cvss": 9.3,
5640
+ "cisa_kev": true,
5641
+ "epss_score": null,
5642
+ "referencing_skills": [],
5643
+ "chain": {
5644
+ "cwes": [],
5645
+ "atlas": [],
5646
+ "d3fend": [],
5647
+ "framework_gaps": [],
5648
+ "attack_refs": [],
5649
+ "rfc_refs": []
5650
+ }
5651
+ },
5652
+ "CVE-2026-6973": {
5653
+ "name": "Ivanti EPMM Authenticated-Admin RCE",
5654
+ "rwep": 62,
5655
+ "cvss": 7.2,
5656
+ "cisa_kev": true,
5657
+ "epss_score": null,
5658
+ "referencing_skills": [
5659
+ "kernel-lpe-triage"
5660
+ ],
5661
+ "chain": {
5662
+ "cwes": [
5663
+ {
5664
+ "id": "CWE-125",
5665
+ "name": "Out-of-bounds Read",
5666
+ "category": "Memory Safety"
5667
+ },
5668
+ {
5669
+ "id": "CWE-362",
5670
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
5671
+ "category": "Concurrency"
5672
+ },
5673
+ {
5674
+ "id": "CWE-416",
5675
+ "name": "Use After Free",
5676
+ "category": "Memory Safety"
5677
+ },
5678
+ {
5679
+ "id": "CWE-672",
5680
+ "name": "Operation on a Resource after Expiration or Release",
5681
+ "category": "Memory Safety"
5682
+ },
5683
+ {
5684
+ "id": "CWE-787",
5685
+ "name": "Out-of-bounds Write",
5686
+ "category": "Memory Safety"
5687
+ }
5688
+ ],
5689
+ "atlas": [],
5690
+ "d3fend": [
5691
+ {
5692
+ "id": "D3-ASLR",
5693
+ "name": "Address Space Layout Randomization",
5694
+ "tactic": "Harden"
5695
+ },
5696
+ {
5697
+ "id": "D3-EAL",
5698
+ "name": "Executable Allowlisting",
5699
+ "tactic": "Harden"
5700
+ },
5701
+ {
5702
+ "id": "D3-PHRA",
5703
+ "name": "Process Hardware Resource Access",
5704
+ "tactic": "Isolate"
5705
+ },
5706
+ {
5707
+ "id": "D3-PSEP",
5708
+ "name": "Process Segment Execution Prevention",
5709
+ "tactic": "Harden"
5710
+ }
5711
+ ],
5712
+ "framework_gaps": [
5713
+ {
5714
+ "id": "CIS-Controls-v8-Control7",
5715
+ "framework": "CIS Controls v8",
5716
+ "control_name": "Continuous Vulnerability Management"
5717
+ },
5718
+ {
5719
+ "id": "ISO-27001-2022-A.8.8",
5720
+ "framework": "ISO/IEC 27001:2022",
5721
+ "control_name": "Management of technical vulnerabilities"
5722
+ },
5723
+ {
5724
+ "id": "NIS2-Art21-patch-management",
5725
+ "framework": "EU NIS2 Directive",
5726
+ "control_name": "Vulnerability handling and disclosure"
5727
+ },
5728
+ {
5729
+ "id": "NIST-800-53-SC-8",
5730
+ "framework": "NIST SP 800-53 Rev 5",
5731
+ "control_name": "Transmission Confidentiality and Integrity"
5732
+ },
5733
+ {
5734
+ "id": "NIST-800-53-SI-2",
5735
+ "framework": "NIST SP 800-53 Rev 5",
5736
+ "control_name": "Flaw Remediation"
5737
+ },
5738
+ {
5739
+ "id": "PCI-DSS-4.0-6.3.3",
5740
+ "framework": "PCI DSS 4.0",
5741
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
5742
+ }
5743
+ ],
5744
+ "attack_refs": [
5745
+ "T1068",
5746
+ "T1548.001"
5747
+ ],
5748
+ "rfc_refs": [
5749
+ "RFC-4301",
5750
+ "RFC-4303",
5751
+ "RFC-7296"
5752
+ ]
5753
+ }
5754
+ },
5755
+ "CVE-2026-42897": {
5756
+ "name": "Microsoft Exchange OWA Stored XSS / Spoofing Zero-Day",
5757
+ "rwep": 93,
5758
+ "cvss": 8.1,
3931
5759
  "cisa_kev": true,
3932
5760
  "epss_score": null,
3933
5761
  "referencing_skills": [
3934
5762
  "kernel-lpe-triage",
3935
- "coordinated-vuln-disclosure"
5763
+ "ai-c2-detection",
5764
+ "dlp-gap-analysis"
3936
5765
  ],
3937
5766
  "chain": {
3938
5767
  "cwes": [
@@ -3942,9 +5771,14 @@
3942
5771
  "category": "Memory Safety"
3943
5772
  },
3944
5773
  {
3945
- "id": "CWE-1357",
3946
- "name": "Reliance on Insufficiently Trustworthy Component",
3947
- "category": "Supply Chain"
5774
+ "id": "CWE-1426",
5775
+ "name": "Improper Validation of Generative AI Output",
5776
+ "category": "AI/ML"
5777
+ },
5778
+ {
5779
+ "id": "CWE-200",
5780
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
5781
+ "category": "Information Exposure"
3948
5782
  },
3949
5783
  {
3950
5784
  "id": "CWE-362",
@@ -3967,18 +5801,69 @@
3967
5801
  "category": "Memory Safety"
3968
5802
  }
3969
5803
  ],
3970
- "atlas": [],
5804
+ "atlas": [
5805
+ {
5806
+ "id": "AML.T0017",
5807
+ "name": "Discover ML Model Ontology",
5808
+ "tactic": "Discovery"
5809
+ },
5810
+ {
5811
+ "id": "AML.T0051",
5812
+ "name": "LLM Prompt Injection",
5813
+ "tactic": "Execution"
5814
+ },
5815
+ {
5816
+ "id": "AML.T0096",
5817
+ "name": "AI API as Covert C2 Channel",
5818
+ "tactic": "Command and Control"
5819
+ }
5820
+ ],
3971
5821
  "d3fend": [
3972
5822
  {
3973
5823
  "id": "D3-ASLR",
3974
5824
  "name": "Address Space Layout Randomization",
3975
5825
  "tactic": "Harden"
3976
5826
  },
5827
+ {
5828
+ "id": "D3-CA",
5829
+ "name": "Certificate Analysis",
5830
+ "tactic": "Detect"
5831
+ },
5832
+ {
5833
+ "id": "D3-CSPP",
5834
+ "name": "Client-server Payload Profiling",
5835
+ "tactic": "Detect"
5836
+ },
5837
+ {
5838
+ "id": "D3-DA",
5839
+ "name": "Domain Analysis",
5840
+ "tactic": "Detect"
5841
+ },
3977
5842
  {
3978
5843
  "id": "D3-EAL",
3979
5844
  "name": "Executable Allowlisting",
3980
5845
  "tactic": "Harden"
3981
5846
  },
5847
+ {
5848
+ "id": "D3-IOPR",
5849
+ "name": "Input/Output Profiling Resource",
5850
+ "tactic": "Detect"
5851
+ },
5852
+ {
5853
+ "id": "D3-NI",
5854
+ "name": "Network Isolation",
5855
+ "tactic": "Isolate"
5856
+ },
5857
+ {
5858
+ "id": "D3-NTA",
5859
+ "name": "Network Traffic Analysis",
5860
+ "tactic": "Detect"
5861
+ },
5862
+ {
5863
+ "id": "D3-NTPM",
5864
+ "name": "Network Traffic Policy Mapping",
5865
+ "tactic": "Model"
5866
+ },
3982
5867
  {
3983
5868
  "id": "D3-PHRA",
3984
5869
  "name": "Process Hardware Resource Access",
@@ -3996,20 +5881,40 @@
3996
5881
  "framework": "CIS Controls v8",
3997
5882
  "control_name": "Continuous Vulnerability Management"
3998
5883
  },
5884
+ {
5885
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
5886
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
5887
+ "control_name": "Access control standard (technical safeguards)"
5888
+ },
5889
+ {
5890
+ "id": "ISO-27001-2022-A.8.16",
5891
+ "framework": "ISO/IEC 27001:2022",
5892
+ "control_name": "Monitoring activities"
5893
+ },
3999
5894
  {
4000
5895
  "id": "ISO-27001-2022-A.8.8",
4001
5896
  "framework": "ISO/IEC 27001:2022",
4002
5897
  "control_name": "Management of technical vulnerabilities"
4003
5898
  },
5899
+ {
5900
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
5901
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
5902
+ "control_name": "AI risk assessment"
5903
+ },
4004
5904
  {
4005
5905
  "id": "NIS2-Art21-patch-management",
4006
5906
  "framework": "EU NIS2 Directive",
4007
5907
  "control_name": "Vulnerability handling and disclosure"
4008
5908
  },
4009
5909
  {
4010
- "id": "NIST-800-218-SSDF",
4011
- "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
4012
- "control_name": "Secure Software Development Framework"
5910
+ "id": "NIST-800-53-SC-28",
5911
+ "framework": "NIST SP 800-53 Rev 5",
5912
+ "control_name": "Protection of Information at Rest"
5913
+ },
5914
+ {
5915
+ "id": "NIST-800-53-SC-7",
5916
+ "framework": "NIST SP 800-53 Rev 5",
5917
+ "control_name": "Boundary Protection"
4013
5918
  },
4014
5919
  {
4015
5920
  "id": "NIST-800-53-SC-8",
@@ -4021,60 +5926,75 @@
4021
5926
  "framework": "NIST SP 800-53 Rev 5",
4022
5927
  "control_name": "Flaw Remediation"
4023
5928
  },
5929
+ {
5930
+ "id": "NIST-800-53-SI-3",
5931
+ "framework": "NIST SP 800-53 Rev 5",
5932
+ "control_name": "Malicious Code Protection"
5933
+ },
4024
5934
  {
4025
5935
  "id": "PCI-DSS-4.0-6.3.3",
4026
5936
  "framework": "PCI DSS 4.0",
4027
5937
  "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
4028
5938
  },
4029
5939
  {
4030
- "id": "SOC2-CC9-vendor-management",
5940
+ "id": "SOC2-CC7-anomaly-detection",
4031
5941
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
4032
- "control_name": "Risk MitigationVendor and Business Partner Risk"
5942
+ "control_name": "System OperationsThreat and Vulnerability Management"
4033
5943
  }
4034
5944
  ],
4035
5945
  "attack_refs": [
5946
+ "T1041",
4036
5947
  "T1068",
4037
- "T1548.001"
5948
+ "T1071",
5949
+ "T1102",
5950
+ "T1213",
5951
+ "T1530",
5952
+ "T1548.001",
5953
+ "T1567",
5954
+ "T1568"
4038
5955
  ],
4039
5956
  "rfc_refs": [
4040
5957
  "RFC-4301",
4041
5958
  "RFC-4303",
4042
- "RFC-7296"
5959
+ "RFC-7296",
5960
+ "RFC-8446",
5961
+ "RFC-9000",
5962
+ "RFC-9114",
5963
+ "RFC-9180",
5964
+ "RFC-9421",
5965
+ "RFC-9458"
4043
5966
  ]
4044
5967
  }
4045
5968
  },
4046
- "CVE-2026-39987": {
4047
- "name": "Marimo Python Notebook Pre-Auth WebSocket Terminal RCE",
4048
- "rwep": 62,
4049
- "cvss": 9.3,
4050
- "cisa_kev": true,
4051
- "epss_score": null,
4052
- "referencing_skills": [],
4053
- "chain": {
4054
- "cwes": [],
4055
- "atlas": [],
4056
- "d3fend": [],
4057
- "framework_gaps": [],
4058
- "attack_refs": [],
4059
- "rfc_refs": []
4060
- }
4061
- },
4062
- "CVE-2026-6973": {
4063
- "name": "Ivanti EPMM Authenticated-Admin RCE",
4064
- "rwep": 62,
4065
- "cvss": 7.2,
5969
+ "CVE-2026-32202": {
5970
+ "name": "Microsoft Windows Shell LNK Mark-of-the-Web Bypass (APT28)",
5971
+ "rwep": 85,
5972
+ "cvss": 7.5,
4066
5973
  "cisa_kev": true,
4067
5974
  "epss_score": null,
4068
5975
  "referencing_skills": [
4069
- "kernel-lpe-triage"
5976
+ "kernel-lpe-triage",
5977
+ "ai-attack-surface",
5978
+ "ai-c2-detection",
5979
+ "email-security-anti-phishing"
4070
5980
  ],
4071
5981
  "chain": {
4072
5982
  "cwes": [
5983
+ {
5984
+ "id": "CWE-1039",
5985
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
5986
+ "category": "AI/ML"
5987
+ },
4073
5988
  {
4074
5989
  "id": "CWE-125",
4075
5990
  "name": "Out-of-bounds Read",
4076
5991
  "category": "Memory Safety"
4077
5992
  },
5993
+ {
5994
+ "id": "CWE-1426",
5995
+ "name": "Improper Validation of Generative AI Output",
5996
+ "category": "AI/ML"
5997
+ },
4078
5998
  {
4079
5999
  "id": "CWE-362",
4080
6000
  "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
@@ -4094,20 +6014,101 @@
4094
6014
  "id": "CWE-787",
4095
6015
  "name": "Out-of-bounds Write",
4096
6016
  "category": "Memory Safety"
6017
+ },
6018
+ {
6019
+ "id": "CWE-94",
6020
+ "name": "Improper Control of Generation of Code (Code Injection)",
6021
+ "category": "Injection"
6022
+ }
6023
+ ],
6024
+ "atlas": [
6025
+ {
6026
+ "id": "AML.T0016",
6027
+ "name": "Obtain Capabilities: Develop Capabilities",
6028
+ "tactic": "Resource Development"
6029
+ },
6030
+ {
6031
+ "id": "AML.T0017",
6032
+ "name": "Discover ML Model Ontology",
6033
+ "tactic": "Discovery"
6034
+ },
6035
+ {
6036
+ "id": "AML.T0018",
6037
+ "name": "Backdoor ML Model",
6038
+ "tactic": "Persistence"
6039
+ },
6040
+ {
6041
+ "id": "AML.T0020",
6042
+ "name": "Poison Training Data",
6043
+ "tactic": "ML Attack Staging"
6044
+ },
6045
+ {
6046
+ "id": "AML.T0043",
6047
+ "name": "Craft Adversarial Data",
6048
+ "tactic": "ML Attack Staging"
6049
+ },
6050
+ {
6051
+ "id": "AML.T0051",
6052
+ "name": "LLM Prompt Injection",
6053
+ "tactic": "Execution"
6054
+ },
6055
+ {
6056
+ "id": "AML.T0054",
6057
+ "name": "LLM Jailbreak",
6058
+ "tactic": "Defense Evasion"
6059
+ },
6060
+ {
6061
+ "id": "AML.T0096",
6062
+ "name": "AI API as Covert C2 Channel",
6063
+ "tactic": "Command and Control"
4097
6064
  }
4098
6065
  ],
4099
- "atlas": [],
4100
6066
  "d3fend": [
4101
6067
  {
4102
6068
  "id": "D3-ASLR",
4103
6069
  "name": "Address Space Layout Randomization",
4104
6070
  "tactic": "Harden"
4105
6071
  },
6072
+ {
6073
+ "id": "D3-CA",
6074
+ "name": "Certificate Analysis",
6075
+ "tactic": "Detect"
6076
+ },
6077
+ {
6078
+ "id": "D3-CSPP",
6079
+ "name": "Client-server Payload Profiling",
6080
+ "tactic": "Detect"
6081
+ },
6082
+ {
6083
+ "id": "D3-DA",
6084
+ "name": "Domain Analysis",
6085
+ "tactic": "Detect"
6086
+ },
4106
6087
  {
4107
6088
  "id": "D3-EAL",
4108
6089
  "name": "Executable Allowlisting",
4109
6090
  "tactic": "Harden"
4110
6091
  },
6092
+ {
6093
+ "id": "D3-IOPR",
6094
+ "name": "Input/Output Profiling Resource",
6095
+ "tactic": "Detect"
6096
+ },
6097
+ {
6098
+ "id": "D3-NI",
6099
+ "name": "Network Isolation",
6100
+ "tactic": "Isolate"
6101
+ },
6102
+ {
6103
+ "id": "D3-NTA",
6104
+ "name": "Network Traffic Analysis",
6105
+ "tactic": "Detect"
6106
+ },
6107
+ {
6108
+ "id": "D3-NTPM",
6109
+ "name": "Network Traffic Policy Mapping",
6110
+ "tactic": "Model"
6111
+ },
4111
6112
  {
4112
6113
  "id": "D3-PHRA",
4113
6114
  "name": "Process Hardware Resource Access",
@@ -4120,21 +6121,56 @@
4120
6121
  }
4121
6122
  ],
4122
6123
  "framework_gaps": [
6124
+ {
6125
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
6126
+ "framework": "ALL",
6127
+ "control_name": "AI Pipeline Integrity"
6128
+ },
6129
+ {
6130
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
6131
+ "framework": "ALL",
6132
+ "control_name": "Prompt Injection as Access Control Failure"
6133
+ },
4123
6134
  {
4124
6135
  "id": "CIS-Controls-v8-Control7",
4125
6136
  "framework": "CIS Controls v8",
4126
6137
  "control_name": "Continuous Vulnerability Management"
4127
6138
  },
6139
+ {
6140
+ "id": "ISO-27001-2022-A.8.16",
6141
+ "framework": "ISO/IEC 27001:2022",
6142
+ "control_name": "Monitoring activities"
6143
+ },
6144
+ {
6145
+ "id": "ISO-27001-2022-A.8.28",
6146
+ "framework": "ISO/IEC 27001:2022",
6147
+ "control_name": "Secure coding"
6148
+ },
4128
6149
  {
4129
6150
  "id": "ISO-27001-2022-A.8.8",
4130
6151
  "framework": "ISO/IEC 27001:2022",
4131
6152
  "control_name": "Management of technical vulnerabilities"
4132
6153
  },
6154
+ {
6155
+ "id": "ISO-IEC-23894-2023-clause-7",
6156
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
6157
+ "control_name": "AI risk management process"
6158
+ },
4133
6159
  {
4134
6160
  "id": "NIS2-Art21-patch-management",
4135
6161
  "framework": "EU NIS2 Directive",
4136
6162
  "control_name": "Vulnerability handling and disclosure"
4137
6163
  },
6164
+ {
6165
+ "id": "NIST-800-53-AC-2",
6166
+ "framework": "NIST SP 800-53 Rev 5",
6167
+ "control_name": "Account Management"
6168
+ },
6169
+ {
6170
+ "id": "NIST-800-53-SC-7",
6171
+ "framework": "NIST SP 800-53 Rev 5",
6172
+ "control_name": "Boundary Protection"
6173
+ },
4138
6174
  {
4139
6175
  "id": "NIST-800-53-SC-8",
4140
6176
  "framework": "NIST SP 800-53 Rev 5",
@@ -4145,36 +6181,83 @@
4145
6181
  "framework": "NIST SP 800-53 Rev 5",
4146
6182
  "control_name": "Flaw Remediation"
4147
6183
  },
6184
+ {
6185
+ "id": "NIST-800-53-SI-3",
6186
+ "framework": "NIST SP 800-53 Rev 5",
6187
+ "control_name": "Malicious Code Protection"
6188
+ },
6189
+ {
6190
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
6191
+ "framework": "OWASP Top 10 for LLM Applications 2025",
6192
+ "control_name": "Prompt Injection"
6193
+ },
6194
+ {
6195
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
6196
+ "framework": "OWASP Top 10 for LLM Applications 2025",
6197
+ "control_name": "Sensitive Information Disclosure"
6198
+ },
4148
6199
  {
4149
6200
  "id": "PCI-DSS-4.0-6.3.3",
4150
6201
  "framework": "PCI DSS 4.0",
4151
6202
  "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
6203
+ },
6204
+ {
6205
+ "id": "SOC2-CC6-logical-access",
6206
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
6207
+ "control_name": "Logical and Physical Access Controls"
6208
+ },
6209
+ {
6210
+ "id": "SOC2-CC7-anomaly-detection",
6211
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
6212
+ "control_name": "System Operations — Threat and Vulnerability Management"
4152
6213
  }
4153
6214
  ],
4154
6215
  "attack_refs": [
6216
+ "T1059",
4155
6217
  "T1068",
4156
- "T1548.001"
6218
+ "T1071",
6219
+ "T1078",
6220
+ "T1102",
6221
+ "T1190",
6222
+ "T1548.001",
6223
+ "T1566",
6224
+ "T1566.001",
6225
+ "T1566.002",
6226
+ "T1566.003",
6227
+ "T1568"
4157
6228
  ],
4158
6229
  "rfc_refs": [
4159
6230
  "RFC-4301",
4160
6231
  "RFC-4303",
4161
- "RFC-7296"
6232
+ "RFC-7296",
6233
+ "RFC-8446",
6234
+ "RFC-9000",
6235
+ "RFC-9114",
6236
+ "RFC-9180",
6237
+ "RFC-9421",
6238
+ "RFC-9458"
4162
6239
  ]
4163
6240
  }
4164
6241
  },
4165
- "CVE-2026-42897": {
4166
- "name": "Microsoft Exchange OWA Stored XSS / Spoofing Zero-Day",
4167
- "rwep": 93,
4168
- "cvss": 8.1,
6242
+ "CVE-2026-33825": {
6243
+ "name": "BlueHammer Microsoft Defender File-Remediation TOCTOU LPE",
6244
+ "rwep": 68,
6245
+ "cvss": 7.8,
4169
6246
  "cisa_kev": true,
4170
6247
  "epss_score": null,
4171
6248
  "referencing_skills": [
4172
6249
  "kernel-lpe-triage",
6250
+ "ai-attack-surface",
4173
6251
  "ai-c2-detection",
4174
- "dlp-gap-analysis"
6252
+ "email-security-anti-phishing"
4175
6253
  ],
4176
6254
  "chain": {
4177
6255
  "cwes": [
6256
+ {
6257
+ "id": "CWE-1039",
6258
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
6259
+ "category": "AI/ML"
6260
+ },
4178
6261
  {
4179
6262
  "id": "CWE-125",
4180
6263
  "name": "Out-of-bounds Read",
@@ -4185,11 +6268,6 @@
4185
6268
  "name": "Improper Validation of Generative AI Output",
4186
6269
  "category": "AI/ML"
4187
6270
  },
4188
- {
4189
- "id": "CWE-200",
4190
- "name": "Exposure of Sensitive Information to an Unauthorized Actor",
4191
- "category": "Information Exposure"
4192
- },
4193
6271
  {
4194
6272
  "id": "CWE-362",
4195
6273
  "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
@@ -4209,19 +6287,49 @@
4209
6287
  "id": "CWE-787",
4210
6288
  "name": "Out-of-bounds Write",
4211
6289
  "category": "Memory Safety"
6290
+ },
6291
+ {
6292
+ "id": "CWE-94",
6293
+ "name": "Improper Control of Generation of Code (Code Injection)",
6294
+ "category": "Injection"
4212
6295
  }
4213
6296
  ],
4214
6297
  "atlas": [
6298
+ {
6299
+ "id": "AML.T0016",
6300
+ "name": "Obtain Capabilities: Develop Capabilities",
6301
+ "tactic": "Resource Development"
6302
+ },
4215
6303
  {
4216
6304
  "id": "AML.T0017",
4217
6305
  "name": "Discover ML Model Ontology",
4218
6306
  "tactic": "Discovery"
4219
6307
  },
6308
+ {
6309
+ "id": "AML.T0018",
6310
+ "name": "Backdoor ML Model",
6311
+ "tactic": "Persistence"
6312
+ },
6313
+ {
6314
+ "id": "AML.T0020",
6315
+ "name": "Poison Training Data",
6316
+ "tactic": "ML Attack Staging"
6317
+ },
6318
+ {
6319
+ "id": "AML.T0043",
6320
+ "name": "Craft Adversarial Data",
6321
+ "tactic": "ML Attack Staging"
6322
+ },
4220
6323
  {
4221
6324
  "id": "AML.T0051",
4222
6325
  "name": "LLM Prompt Injection",
4223
6326
  "tactic": "Execution"
4224
6327
  },
6328
+ {
6329
+ "id": "AML.T0054",
6330
+ "name": "LLM Jailbreak",
6331
+ "tactic": "Defense Evasion"
6332
+ },
4225
6333
  {
4226
6334
  "id": "AML.T0096",
4227
6335
  "name": "AI API as Covert C2 Channel",
@@ -4286,30 +6394,40 @@
4286
6394
  }
4287
6395
  ],
4288
6396
  "framework_gaps": [
6397
+ {
6398
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
6399
+ "framework": "ALL",
6400
+ "control_name": "AI Pipeline Integrity"
6401
+ },
6402
+ {
6403
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
6404
+ "framework": "ALL",
6405
+ "control_name": "Prompt Injection as Access Control Failure"
6406
+ },
4289
6407
  {
4290
6408
  "id": "CIS-Controls-v8-Control7",
4291
6409
  "framework": "CIS Controls v8",
4292
6410
  "control_name": "Continuous Vulnerability Management"
4293
6411
  },
4294
- {
4295
- "id": "HIPAA-Security-Rule-164.312(a)(1)",
4296
- "framework": "HIPAA Security Rule (45 CFR § 164.312)",
4297
- "control_name": "Access control standard (technical safeguards)"
4298
- },
4299
6412
  {
4300
6413
  "id": "ISO-27001-2022-A.8.16",
4301
6414
  "framework": "ISO/IEC 27001:2022",
4302
6415
  "control_name": "Monitoring activities"
4303
6416
  },
6417
+ {
6418
+ "id": "ISO-27001-2022-A.8.28",
6419
+ "framework": "ISO/IEC 27001:2022",
6420
+ "control_name": "Secure coding"
6421
+ },
4304
6422
  {
4305
6423
  "id": "ISO-27001-2022-A.8.8",
4306
6424
  "framework": "ISO/IEC 27001:2022",
4307
6425
  "control_name": "Management of technical vulnerabilities"
4308
6426
  },
4309
6427
  {
4310
- "id": "ISO-IEC-42001-2023-clause-6.1.2",
4311
- "framework": "ISO/IEC 42001:2023 (AI Management System)",
4312
- "control_name": "AI risk assessment"
6428
+ "id": "ISO-IEC-23894-2023-clause-7",
6429
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
6430
+ "control_name": "AI risk management process"
4313
6431
  },
4314
6432
  {
4315
6433
  "id": "NIS2-Art21-patch-management",
@@ -4317,9 +6435,9 @@
4317
6435
  "control_name": "Vulnerability handling and disclosure"
4318
6436
  },
4319
6437
  {
4320
- "id": "NIST-800-53-SC-28",
6438
+ "id": "NIST-800-53-AC-2",
4321
6439
  "framework": "NIST SP 800-53 Rev 5",
4322
- "control_name": "Protection of Information at Rest"
6440
+ "control_name": "Account Management"
4323
6441
  },
4324
6442
  {
4325
6443
  "id": "NIST-800-53-SC-7",
@@ -4341,11 +6459,26 @@
4341
6459
  "framework": "NIST SP 800-53 Rev 5",
4342
6460
  "control_name": "Malicious Code Protection"
4343
6461
  },
6462
+ {
6463
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
6464
+ "framework": "OWASP Top 10 for LLM Applications 2025",
6465
+ "control_name": "Prompt Injection"
6466
+ },
6467
+ {
6468
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
6469
+ "framework": "OWASP Top 10 for LLM Applications 2025",
6470
+ "control_name": "Sensitive Information Disclosure"
6471
+ },
4344
6472
  {
4345
6473
  "id": "PCI-DSS-4.0-6.3.3",
4346
6474
  "framework": "PCI DSS 4.0",
4347
6475
  "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
4348
6476
  },
6477
+ {
6478
+ "id": "SOC2-CC6-logical-access",
6479
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
6480
+ "control_name": "Logical and Physical Access Controls"
6481
+ },
4349
6482
  {
4350
6483
  "id": "SOC2-CC7-anomaly-detection",
4351
6484
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
@@ -4353,14 +6486,17 @@
4353
6486
  }
4354
6487
  ],
4355
6488
  "attack_refs": [
4356
- "T1041",
6489
+ "T1059",
4357
6490
  "T1068",
4358
6491
  "T1071",
6492
+ "T1078",
4359
6493
  "T1102",
4360
- "T1213",
4361
- "T1530",
6494
+ "T1190",
4362
6495
  "T1548.001",
4363
- "T1567",
6496
+ "T1566",
6497
+ "T1566.001",
6498
+ "T1566.002",
6499
+ "T1566.003",
4364
6500
  "T1568"
4365
6501
  ],
4366
6502
  "rfc_refs": [
@@ -4376,34 +6512,90 @@
4376
6512
  ]
4377
6513
  }
4378
6514
  },
4379
- "CVE-2026-32202": {
4380
- "name": "Microsoft Windows Shell LNK Mark-of-the-Web Bypass (APT28)",
4381
- "rwep": 85,
4382
- "cvss": 7.5,
4383
- "cisa_kev": true,
6515
+ "MAL-2026-NODE-IPC-STEALER": {
6516
+ "name": "node-ipc credential-stealer (expired-domain account-recovery compromise)",
6517
+ "rwep": 43,
6518
+ "cvss": 9.8,
6519
+ "cisa_kev": false,
4384
6520
  "epss_score": null,
4385
6521
  "referencing_skills": [
4386
- "kernel-lpe-triage",
4387
- "ai-attack-surface",
4388
- "ai-c2-detection",
4389
- "email-security-anti-phishing"
6522
+ "fuzz-testing-strategy",
6523
+ "supply-chain-integrity",
6524
+ "coordinated-vuln-disclosure",
6525
+ "threat-modeling-methodology",
6526
+ "webapp-security",
6527
+ "sector-federal-government",
6528
+ "api-security",
6529
+ "container-runtime-security",
6530
+ "mlops-security",
6531
+ "idp-incident-response"
4390
6532
  ],
4391
6533
  "chain": {
4392
6534
  "cwes": [
4393
6535
  {
4394
- "id": "CWE-1039",
4395
- "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
4396
- "category": "AI/ML"
6536
+ "id": "CWE-1188",
6537
+ "name": "Initialization of a Resource with an Insecure Default",
6538
+ "category": "Configuration"
6539
+ },
6540
+ {
6541
+ "id": "CWE-125",
6542
+ "name": "Out-of-bounds Read",
6543
+ "category": "Memory Safety"
6544
+ },
6545
+ {
6546
+ "id": "CWE-1357",
6547
+ "name": "Reliance on Insufficiently Trustworthy Component",
6548
+ "category": "Supply Chain"
6549
+ },
6550
+ {
6551
+ "id": "CWE-1395",
6552
+ "name": "Dependency on Vulnerable Third-Party Component",
6553
+ "category": "Supply Chain"
6554
+ },
6555
+ {
6556
+ "id": "CWE-1426",
6557
+ "name": "Improper Validation of Generative AI Output",
6558
+ "category": "AI/ML"
6559
+ },
6560
+ {
6561
+ "id": "CWE-20",
6562
+ "name": "Improper Input Validation",
6563
+ "category": "Validation"
6564
+ },
6565
+ {
6566
+ "id": "CWE-200",
6567
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
6568
+ "category": "Information Exposure"
6569
+ },
6570
+ {
6571
+ "id": "CWE-22",
6572
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
6573
+ "category": "Path/Resource"
6574
+ },
6575
+ {
6576
+ "id": "CWE-269",
6577
+ "name": "Improper Privilege Management",
6578
+ "category": "Authorization"
6579
+ },
6580
+ {
6581
+ "id": "CWE-284",
6582
+ "name": "Improper Access Control",
6583
+ "category": "Access Control"
6584
+ },
6585
+ {
6586
+ "id": "CWE-287",
6587
+ "name": "Improper Authentication",
6588
+ "category": "Authentication"
4397
6589
  },
4398
6590
  {
4399
- "id": "CWE-125",
4400
- "name": "Out-of-bounds Read",
4401
- "category": "Memory Safety"
6591
+ "id": "CWE-345",
6592
+ "name": "Insufficient Verification of Data Authenticity",
6593
+ "category": "Authenticity / Supply Chain"
4402
6594
  },
4403
6595
  {
4404
- "id": "CWE-1426",
4405
- "name": "Improper Validation of Generative AI Output",
4406
- "category": "AI/ML"
6596
+ "id": "CWE-352",
6597
+ "name": "Cross-Site Request Forgery (CSRF)",
6598
+ "category": "Session"
4407
6599
  },
4408
6600
  {
4409
6601
  "id": "CWE-362",
@@ -4416,15 +6608,75 @@
4416
6608
  "category": "Memory Safety"
4417
6609
  },
4418
6610
  {
4419
- "id": "CWE-672",
4420
- "name": "Operation on a Resource after Expiration or Release",
4421
- "category": "Memory Safety"
6611
+ "id": "CWE-434",
6612
+ "name": "Unrestricted Upload of File with Dangerous Type",
6613
+ "category": "File Handling"
6614
+ },
6615
+ {
6616
+ "id": "CWE-494",
6617
+ "name": "Download of Code Without Integrity Check",
6618
+ "category": "Supply Chain"
6619
+ },
6620
+ {
6621
+ "id": "CWE-502",
6622
+ "name": "Deserialization of Untrusted Data",
6623
+ "category": "Serialization"
6624
+ },
6625
+ {
6626
+ "id": "CWE-522",
6627
+ "name": "Insufficiently Protected Credentials",
6628
+ "category": "Credentials Management"
6629
+ },
6630
+ {
6631
+ "id": "CWE-732",
6632
+ "name": "Incorrect Permission Assignment for Critical Resource",
6633
+ "category": "Authorization"
6634
+ },
6635
+ {
6636
+ "id": "CWE-77",
6637
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
6638
+ "category": "Injection"
6639
+ },
6640
+ {
6641
+ "id": "CWE-78",
6642
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
6643
+ "category": "Injection"
4422
6644
  },
4423
6645
  {
4424
6646
  "id": "CWE-787",
4425
6647
  "name": "Out-of-bounds Write",
4426
6648
  "category": "Memory Safety"
4427
6649
  },
6650
+ {
6651
+ "id": "CWE-79",
6652
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
6653
+ "category": "Injection"
6654
+ },
6655
+ {
6656
+ "id": "CWE-829",
6657
+ "name": "Inclusion of Functionality from Untrusted Control Sphere",
6658
+ "category": "Supply Chain"
6659
+ },
6660
+ {
6661
+ "id": "CWE-862",
6662
+ "name": "Missing Authorization",
6663
+ "category": "Authorization"
6664
+ },
6665
+ {
6666
+ "id": "CWE-863",
6667
+ "name": "Incorrect Authorization",
6668
+ "category": "Authorization"
6669
+ },
6670
+ {
6671
+ "id": "CWE-89",
6672
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
6673
+ "category": "Injection"
6674
+ },
6675
+ {
6676
+ "id": "CWE-918",
6677
+ "name": "Server-Side Request Forgery (SSRF)",
6678
+ "category": "Network"
6679
+ },
4428
6680
  {
4429
6681
  "id": "CWE-94",
4430
6682
  "name": "Improper Control of Generation of Code (Code Injection)",
@@ -4433,9 +6685,9 @@
4433
6685
  ],
4434
6686
  "atlas": [
4435
6687
  {
4436
- "id": "AML.T0016",
4437
- "name": "Obtain Capabilities: Develop Capabilities",
4438
- "tactic": "Resource Development"
6688
+ "id": "AML.T0010",
6689
+ "name": "ML Supply Chain Compromise",
6690
+ "tactic": "Initial Access"
4439
6691
  },
4440
6692
  {
4441
6693
  "id": "AML.T0017",
@@ -4462,11 +6714,6 @@
4462
6714
  "name": "LLM Prompt Injection",
4463
6715
  "tactic": "Execution"
4464
6716
  },
4465
- {
4466
- "id": "AML.T0054",
4467
- "name": "LLM Jailbreak",
4468
- "tactic": "Defense Evasion"
4469
- },
4470
6717
  {
4471
6718
  "id": "AML.T0096",
4472
6719
  "name": "AI API as Covert C2 Channel",
@@ -4475,55 +6722,35 @@
4475
6722
  ],
4476
6723
  "d3fend": [
4477
6724
  {
4478
- "id": "D3-ASLR",
4479
- "name": "Address Space Layout Randomization",
6725
+ "id": "D3-CBAN",
6726
+ "name": "Certificate-based Authentication",
4480
6727
  "tactic": "Harden"
4481
6728
  },
4482
- {
4483
- "id": "D3-CA",
4484
- "name": "Certificate Analysis",
4485
- "tactic": "Detect"
4486
- },
4487
- {
4488
- "id": "D3-CSPP",
4489
- "name": "Client-server Payload Profiling",
4490
- "tactic": "Detect"
4491
- },
4492
- {
4493
- "id": "D3-DA",
4494
- "name": "Domain Analysis",
4495
- "tactic": "Detect"
4496
- },
4497
6729
  {
4498
6730
  "id": "D3-EAL",
4499
6731
  "name": "Executable Allowlisting",
4500
6732
  "tactic": "Harden"
4501
6733
  },
6734
+ {
6735
+ "id": "D3-EHB",
6736
+ "name": "Executable Hashbased Allowlist",
6737
+ "tactic": "Harden"
6738
+ },
4502
6739
  {
4503
6740
  "id": "D3-IOPR",
4504
6741
  "name": "Input/Output Profiling Resource",
4505
6742
  "tactic": "Detect"
4506
6743
  },
4507
6744
  {
4508
- "id": "D3-NI",
4509
- "name": "Network Isolation",
4510
- "tactic": "Isolate"
6745
+ "id": "D3-MFA",
6746
+ "name": "Multi-factor Authentication",
6747
+ "tactic": "Harden"
4511
6748
  },
4512
6749
  {
4513
6750
  "id": "D3-NTA",
4514
6751
  "name": "Network Traffic Analysis",
4515
6752
  "tactic": "Detect"
4516
6753
  },
4517
- {
4518
- "id": "D3-NTPM",
4519
- "name": "Network Traffic Policy Mapping",
4520
- "tactic": "Model"
4521
- },
4522
- {
4523
- "id": "D3-PHRA",
4524
- "name": "Process Hardware Resource Access",
4525
- "tactic": "Isolate"
4526
- },
4527
6754
  {
4528
6755
  "id": "D3-PSEP",
4529
6756
  "name": "Process Segment Execution Prevention",
@@ -4532,24 +6759,39 @@
4532
6759
  ],
4533
6760
  "framework_gaps": [
4534
6761
  {
4535
- "id": "ALL-AI-PIPELINE-INTEGRITY",
4536
- "framework": "ALL",
4537
- "control_name": "AI Pipeline Integrity"
6762
+ "id": "AU-ISM-1559-IdP",
6763
+ "framework": "AU ISM",
6764
+ "control_name": "Privileged Account Credential Management — IdP-tenant control-plane extension"
4538
6765
  },
4539
6766
  {
4540
- "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
4541
- "framework": "ALL",
4542
- "control_name": "Prompt Injection as Access Control Failure"
6767
+ "id": "CMMC-2.0-Level-2",
6768
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
6769
+ "control_name": "Level 2 Advanced (110 NIST 800-171 Rev 2 controls)"
4543
6770
  },
4544
6771
  {
4545
- "id": "CIS-Controls-v8-Control7",
4546
- "framework": "CIS Controls v8",
4547
- "control_name": "Continuous Vulnerability Management"
6772
+ "id": "CycloneDX-v1.6-SBOM",
6773
+ "framework": "CycloneDX v1.6 (OWASP SBOM standard)",
6774
+ "control_name": "Software Bill of Materials"
4548
6775
  },
4549
6776
  {
4550
- "id": "ISO-27001-2022-A.8.16",
6777
+ "id": "DORA-Art-19-IdP-4h",
6778
+ "framework": "EU DORA",
6779
+ "control_name": "Major-ICT-related-incident notification — IdP-specific 4-hour clock"
6780
+ },
6781
+ {
6782
+ "id": "FedRAMP-Rev5-Moderate",
6783
+ "framework": "FedRAMP Rev 5 Moderate",
6784
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
6785
+ },
6786
+ {
6787
+ "id": "HITRUST-CSF-v11.4-09.l",
6788
+ "framework": "HITRUST CSF v11.4",
6789
+ "control_name": "Outsourced services management"
6790
+ },
6791
+ {
6792
+ "id": "ISO-27001-2022-A.5.16-Federated",
4551
6793
  "framework": "ISO/IEC 27001:2022",
4552
- "control_name": "Monitoring activities"
6794
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
4553
6795
  },
4554
6796
  {
4555
6797
  "id": "ISO-27001-2022-A.8.28",
@@ -4567,9 +6809,24 @@
4567
6809
  "control_name": "AI risk management process"
4568
6810
  },
4569
6811
  {
4570
- "id": "NIS2-Art21-patch-management",
6812
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
6813
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
6814
+ "control_name": "AI risk assessment"
6815
+ },
6816
+ {
6817
+ "id": "NIS2-Art-21-Federated-Identity",
4571
6818
  "framework": "EU NIS2 Directive",
4572
- "control_name": "Vulnerability handling and disclosure"
6819
+ "control_name": "Cryptography + Access Control — federated-identity extension"
6820
+ },
6821
+ {
6822
+ "id": "NIST-800-115",
6823
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
6824
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
6825
+ },
6826
+ {
6827
+ "id": "NIST-800-218-SSDF",
6828
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
6829
+ "control_name": "Secure Software Development Framework"
4573
6830
  },
4574
6831
  {
4575
6832
  "id": "NIST-800-53-AC-2",
@@ -4577,24 +6834,34 @@
4577
6834
  "control_name": "Account Management"
4578
6835
  },
4579
6836
  {
4580
- "id": "NIST-800-53-SC-7",
6837
+ "id": "NIST-800-53-CM-7",
4581
6838
  "framework": "NIST SP 800-53 Rev 5",
4582
- "control_name": "Boundary Protection"
6839
+ "control_name": "Least Functionality"
4583
6840
  },
4584
6841
  {
4585
- "id": "NIST-800-53-SC-8",
4586
- "framework": "NIST SP 800-53 Rev 5",
4587
- "control_name": "Transmission Confidentiality and Integrity"
6842
+ "id": "NIST-800-53-IA-5-Federated",
6843
+ "framework": "NIST 800-53 Rev.5",
6844
+ "control_name": "Authenticator Management federated-trust extension"
4588
6845
  },
4589
6846
  {
4590
- "id": "NIST-800-53-SI-2",
6847
+ "id": "NIST-800-53-SA-12",
4591
6848
  "framework": "NIST SP 800-53 Rev 5",
4592
- "control_name": "Flaw Remediation"
6849
+ "control_name": "Supply Chain Protection"
4593
6850
  },
4594
6851
  {
4595
- "id": "NIST-800-53-SI-3",
4596
- "framework": "NIST SP 800-53 Rev 5",
4597
- "control_name": "Malicious Code Protection"
6852
+ "id": "NIST-AI-RMF-MEASURE-2.5",
6853
+ "framework": "NIST AI RMF 1.0",
6854
+ "control_name": "AI system to human interaction evaluation"
6855
+ },
6856
+ {
6857
+ "id": "OFAC-Sanctions-Threat-Actor-Negotiation",
6858
+ "framework": "US Treasury OFAC + EU sanctions overlay + UK OFSI",
6859
+ "control_name": "Sanctions screening on ransomware-payment / threat-actor negotiation"
6860
+ },
6861
+ {
6862
+ "id": "OWASP-ASVS-v5.0-V14",
6863
+ "framework": "OWASP ASVS v5.0",
6864
+ "control_name": "Configuration verification"
4598
6865
  },
4599
6866
  {
4600
6867
  "id": "OWASP-LLM-Top-10-2025-LLM01",
@@ -4602,71 +6869,96 @@
4602
6869
  "control_name": "Prompt Injection"
4603
6870
  },
4604
6871
  {
4605
- "id": "OWASP-LLM-Top-10-2025-LLM02",
6872
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
4606
6873
  "framework": "OWASP Top 10 for LLM Applications 2025",
4607
- "control_name": "Sensitive Information Disclosure"
6874
+ "control_name": "Vector and Embedding Weaknesses"
4608
6875
  },
4609
6876
  {
4610
- "id": "PCI-DSS-4.0-6.3.3",
4611
- "framework": "PCI DSS 4.0",
4612
- "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
6877
+ "id": "SLSA-v1.0-Build-L3",
6878
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
6879
+ "control_name": "Hardened build platform with non-falsifiable provenance"
4613
6880
  },
4614
6881
  {
4615
- "id": "SOC2-CC6-logical-access",
6882
+ "id": "SOC2-CC6-OAuth-Consent",
4616
6883
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
4617
- "control_name": "Logical and Physical Access Controls"
6884
+ "control_name": "Logical and Physical Access Controls — OAuth consent extension"
4618
6885
  },
4619
6886
  {
4620
- "id": "SOC2-CC7-anomaly-detection",
6887
+ "id": "SOC2-CC9-vendor-management",
4621
6888
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
4622
- "control_name": "System OperationsThreat and Vulnerability Management"
6889
+ "control_name": "Risk MitigationVendor and Business Partner Risk"
6890
+ },
6891
+ {
6892
+ "id": "SPDX-v3.0-SBOM",
6893
+ "framework": "SPDX v3.0 (ISO/IEC 5962-aligned SBOM standard)",
6894
+ "control_name": "Software Package Data Exchange — SBOM"
6895
+ },
6896
+ {
6897
+ "id": "SWIFT-CSCF-v2026-1.1",
6898
+ "framework": "SWIFT Customer Security Controls Framework v2026",
6899
+ "control_name": "SWIFT Environment Protection"
6900
+ },
6901
+ {
6902
+ "id": "UK-CAF-B2-IdP-Tenant",
6903
+ "framework": "UK NCSC CAF",
6904
+ "control_name": "Identity and Access Control — IdP-tenant control-plane extension"
6905
+ },
6906
+ {
6907
+ "id": "VEX-CSAF-v2.1",
6908
+ "framework": "VEX via OASIS CSAF 2.1 (Common Security Advisory Framework)",
6909
+ "control_name": "Vulnerability Exploitability eXchange profile"
4623
6910
  }
4624
6911
  ],
4625
6912
  "attack_refs": [
4626
6913
  "T1059",
4627
6914
  "T1068",
4628
- "T1071",
4629
6915
  "T1078",
4630
- "T1102",
6916
+ "T1078.004",
6917
+ "T1098.001",
4631
6918
  "T1190",
4632
- "T1548.001",
4633
- "T1566",
4634
- "T1566.001",
4635
- "T1566.002",
4636
- "T1566.003",
4637
- "T1568"
6919
+ "T1195.001",
6920
+ "T1195.002",
6921
+ "T1199",
6922
+ "T1505",
6923
+ "T1554",
6924
+ "T1556.007",
6925
+ "T1565",
6926
+ "T1567",
6927
+ "T1606.002",
6928
+ "T1610",
6929
+ "T1611"
4638
6930
  ],
4639
6931
  "rfc_refs": [
4640
- "RFC-4301",
4641
- "RFC-4303",
4642
- "RFC-7296",
6932
+ "RFC-6749",
6933
+ "RFC-7519",
6934
+ "RFC-7591",
6935
+ "RFC-8032",
4643
6936
  "RFC-8446",
4644
- "RFC-9000",
6937
+ "RFC-8725",
4645
6938
  "RFC-9114",
4646
- "RFC-9180",
4647
6939
  "RFC-9421",
4648
- "RFC-9458"
6940
+ "RFC-9700"
4649
6941
  ]
4650
6942
  }
4651
6943
  },
4652
- "CVE-2026-33825": {
4653
- "name": "BlueHammer — Microsoft Defender File-Remediation TOCTOU LPE",
4654
- "rwep": 68,
4655
- "cvss": 7.8,
4656
- "cisa_kev": true,
4657
- "epss_score": null,
6944
+ "CVE-2026-46333": {
6945
+ "name": "ssh-keysign-pwn",
6946
+ "rwep": 30,
6947
+ "cvss": 7,
6948
+ "cisa_kev": false,
4658
6949
  "referencing_skills": [
4659
6950
  "kernel-lpe-triage",
4660
- "ai-attack-surface",
4661
- "ai-c2-detection",
4662
- "email-security-anti-phishing"
6951
+ "attack-surface-pentest",
6952
+ "ot-ics-security",
6953
+ "coordinated-vuln-disclosure",
6954
+ "sector-energy"
4663
6955
  ],
4664
6956
  "chain": {
4665
6957
  "cwes": [
4666
6958
  {
4667
- "id": "CWE-1039",
4668
- "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
4669
- "category": "AI/ML"
6959
+ "id": "CWE-1037",
6960
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
6961
+ "category": "Hardware / Side Channel"
4670
6962
  },
4671
6963
  {
4672
6964
  "id": "CWE-125",
@@ -4674,9 +6966,39 @@
4674
6966
  "category": "Memory Safety"
4675
6967
  },
4676
6968
  {
4677
- "id": "CWE-1426",
4678
- "name": "Improper Validation of Generative AI Output",
4679
- "category": "AI/ML"
6969
+ "id": "CWE-1357",
6970
+ "name": "Reliance on Insufficiently Trustworthy Component",
6971
+ "category": "Supply Chain"
6972
+ },
6973
+ {
6974
+ "id": "CWE-1395",
6975
+ "name": "Dependency on Vulnerable Third-Party Component",
6976
+ "category": "Supply Chain"
6977
+ },
6978
+ {
6979
+ "id": "CWE-22",
6980
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
6981
+ "category": "Path/Resource"
6982
+ },
6983
+ {
6984
+ "id": "CWE-269",
6985
+ "name": "Improper Privilege Management",
6986
+ "category": "Authorization"
6987
+ },
6988
+ {
6989
+ "id": "CWE-287",
6990
+ "name": "Improper Authentication",
6991
+ "category": "Authentication"
6992
+ },
6993
+ {
6994
+ "id": "CWE-306",
6995
+ "name": "Missing Authentication for Critical Function",
6996
+ "category": "Authentication"
6997
+ },
6998
+ {
6999
+ "id": "CWE-352",
7000
+ "name": "Cross-Site Request Forgery (CSRF)",
7001
+ "category": "Session"
4680
7002
  },
4681
7003
  {
4682
7004
  "id": "CWE-362",
@@ -4688,42 +7010,57 @@
4688
7010
  "name": "Use After Free",
4689
7011
  "category": "Memory Safety"
4690
7012
  },
7013
+ {
7014
+ "id": "CWE-434",
7015
+ "name": "Unrestricted Upload of File with Dangerous Type",
7016
+ "category": "File Handling"
7017
+ },
4691
7018
  {
4692
7019
  "id": "CWE-672",
4693
7020
  "name": "Operation on a Resource after Expiration or Release",
4694
7021
  "category": "Memory Safety"
4695
7022
  },
7023
+ {
7024
+ "id": "CWE-732",
7025
+ "name": "Incorrect Permission Assignment for Critical Resource",
7026
+ "category": "Authorization"
7027
+ },
7028
+ {
7029
+ "id": "CWE-78",
7030
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
7031
+ "category": "Injection"
7032
+ },
4696
7033
  {
4697
7034
  "id": "CWE-787",
4698
7035
  "name": "Out-of-bounds Write",
4699
7036
  "category": "Memory Safety"
4700
7037
  },
4701
7038
  {
4702
- "id": "CWE-94",
4703
- "name": "Improper Control of Generation of Code (Code Injection)",
7039
+ "id": "CWE-79",
7040
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
4704
7041
  "category": "Injection"
4705
- }
4706
- ],
4707
- "atlas": [
4708
- {
4709
- "id": "AML.T0016",
4710
- "name": "Obtain Capabilities: Develop Capabilities",
4711
- "tactic": "Resource Development"
4712
7042
  },
4713
7043
  {
4714
- "id": "AML.T0017",
4715
- "name": "Discover ML Model Ontology",
4716
- "tactic": "Discovery"
7044
+ "id": "CWE-798",
7045
+ "name": "Use of Hard-coded Credentials",
7046
+ "category": "Credentials"
4717
7047
  },
4718
7048
  {
4719
- "id": "AML.T0018",
4720
- "name": "Backdoor ML Model",
4721
- "tactic": "Persistence"
7049
+ "id": "CWE-89",
7050
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
7051
+ "category": "Injection"
4722
7052
  },
4723
7053
  {
4724
- "id": "AML.T0020",
4725
- "name": "Poison Training Data",
4726
- "tactic": "ML Attack Staging"
7054
+ "id": "CWE-918",
7055
+ "name": "Server-Side Request Forgery (SSRF)",
7056
+ "category": "Network"
7057
+ }
7058
+ ],
7059
+ "atlas": [
7060
+ {
7061
+ "id": "AML.T0010",
7062
+ "name": "ML Supply Chain Compromise",
7063
+ "tactic": "Initial Access"
4727
7064
  },
4728
7065
  {
4729
7066
  "id": "AML.T0043",
@@ -4734,16 +7071,6 @@
4734
7071
  "id": "AML.T0051",
4735
7072
  "name": "LLM Prompt Injection",
4736
7073
  "tactic": "Execution"
4737
- },
4738
- {
4739
- "id": "AML.T0054",
4740
- "name": "LLM Jailbreak",
4741
- "tactic": "Defense Evasion"
4742
- },
4743
- {
4744
- "id": "AML.T0096",
4745
- "name": "AI API as Covert C2 Channel",
4746
- "tactic": "Command and Control"
4747
7074
  }
4748
7075
  ],
4749
7076
  "d3fend": [
@@ -4752,46 +7079,21 @@
4752
7079
  "name": "Address Space Layout Randomization",
4753
7080
  "tactic": "Harden"
4754
7081
  },
4755
- {
4756
- "id": "D3-CA",
4757
- "name": "Certificate Analysis",
4758
- "tactic": "Detect"
4759
- },
4760
7082
  {
4761
7083
  "id": "D3-CSPP",
4762
7084
  "name": "Client-server Payload Profiling",
4763
7085
  "tactic": "Detect"
4764
7086
  },
4765
- {
4766
- "id": "D3-DA",
4767
- "name": "Domain Analysis",
4768
- "tactic": "Detect"
4769
- },
4770
7087
  {
4771
7088
  "id": "D3-EAL",
4772
7089
  "name": "Executable Allowlisting",
4773
7090
  "tactic": "Harden"
4774
7091
  },
4775
- {
4776
- "id": "D3-IOPR",
4777
- "name": "Input/Output Profiling Resource",
4778
- "tactic": "Detect"
4779
- },
4780
- {
4781
- "id": "D3-NI",
4782
- "name": "Network Isolation",
4783
- "tactic": "Isolate"
4784
- },
4785
7092
  {
4786
7093
  "id": "D3-NTA",
4787
7094
  "name": "Network Traffic Analysis",
4788
7095
  "tactic": "Detect"
4789
7096
  },
4790
- {
4791
- "id": "D3-NTPM",
4792
- "name": "Network Traffic Policy Mapping",
4793
- "tactic": "Model"
4794
- },
4795
7097
  {
4796
7098
  "id": "D3-PHRA",
4797
7099
  "name": "Process Hardware Resource Access",
@@ -4804,30 +7106,15 @@
4804
7106
  }
4805
7107
  ],
4806
7108
  "framework_gaps": [
4807
- {
4808
- "id": "ALL-AI-PIPELINE-INTEGRITY",
4809
- "framework": "ALL",
4810
- "control_name": "AI Pipeline Integrity"
4811
- },
4812
- {
4813
- "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
4814
- "framework": "ALL",
4815
- "control_name": "Prompt Injection as Access Control Failure"
4816
- },
4817
7109
  {
4818
7110
  "id": "CIS-Controls-v8-Control7",
4819
7111
  "framework": "CIS Controls v8",
4820
7112
  "control_name": "Continuous Vulnerability Management"
4821
7113
  },
4822
7114
  {
4823
- "id": "ISO-27001-2022-A.8.16",
4824
- "framework": "ISO/IEC 27001:2022",
4825
- "control_name": "Monitoring activities"
4826
- },
4827
- {
4828
- "id": "ISO-27001-2022-A.8.28",
4829
- "framework": "ISO/IEC 27001:2022",
4830
- "control_name": "Secure coding"
7115
+ "id": "IEC-62443-3-3",
7116
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
7117
+ "control_name": "System security requirements and security levels"
4831
7118
  },
4832
7119
  {
4833
7120
  "id": "ISO-27001-2022-A.8.8",
@@ -4835,9 +7122,9 @@
4835
7122
  "control_name": "Management of technical vulnerabilities"
4836
7123
  },
4837
7124
  {
4838
- "id": "ISO-IEC-23894-2023-clause-7",
4839
- "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
4840
- "control_name": "AI risk management process"
7125
+ "id": "NERC-CIP-007-6-R4",
7126
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
7127
+ "control_name": "Security event monitoring"
4841
7128
  },
4842
7129
  {
4843
7130
  "id": "NIS2-Art21-patch-management",
@@ -4845,14 +7132,14 @@
4845
7132
  "control_name": "Vulnerability handling and disclosure"
4846
7133
  },
4847
7134
  {
4848
- "id": "NIST-800-53-AC-2",
4849
- "framework": "NIST SP 800-53 Rev 5",
4850
- "control_name": "Account Management"
7135
+ "id": "NIST-800-115",
7136
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
7137
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
4851
7138
  },
4852
7139
  {
4853
- "id": "NIST-800-53-SC-7",
4854
- "framework": "NIST SP 800-53 Rev 5",
4855
- "control_name": "Boundary Protection"
7140
+ "id": "NIST-800-218-SSDF",
7141
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
7142
+ "control_name": "Secure Software Development Framework"
4856
7143
  },
4857
7144
  {
4858
7145
  "id": "NIST-800-53-SC-8",
@@ -4865,19 +7152,14 @@
4865
7152
  "control_name": "Flaw Remediation"
4866
7153
  },
4867
7154
  {
4868
- "id": "NIST-800-53-SI-3",
4869
- "framework": "NIST SP 800-53 Rev 5",
4870
- "control_name": "Malicious Code Protection"
4871
- },
4872
- {
4873
- "id": "OWASP-LLM-Top-10-2025-LLM01",
4874
- "framework": "OWASP Top 10 for LLM Applications 2025",
4875
- "control_name": "Prompt Injection"
7155
+ "id": "NIST-800-82r3",
7156
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
7157
+ "control_name": "Guide to Operational Technology (OT) Security"
4876
7158
  },
4877
7159
  {
4878
- "id": "OWASP-LLM-Top-10-2025-LLM02",
4879
- "framework": "OWASP Top 10 for LLM Applications 2025",
4880
- "control_name": "Sensitive Information Disclosure"
7160
+ "id": "OWASP-Pen-Testing-Guide-v5",
7161
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
7162
+ "control_name": "Web application penetration testing methodology"
4881
7163
  },
4882
7164
  {
4883
7165
  "id": "PCI-DSS-4.0-6.3.3",
@@ -4885,60 +7167,43 @@
4885
7167
  "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
4886
7168
  },
4887
7169
  {
4888
- "id": "SOC2-CC6-logical-access",
4889
- "framework": "SOC 2 (AICPA Trust Services Criteria)",
4890
- "control_name": "Logical and Physical Access Controls"
7170
+ "id": "PTES-Pre-engagement",
7171
+ "framework": "Penetration Testing Execution Standard (PTES)",
7172
+ "control_name": "Pre-engagement Interactions"
4891
7173
  },
4892
7174
  {
4893
- "id": "SOC2-CC7-anomaly-detection",
7175
+ "id": "SOC2-CC9-vendor-management",
4894
7176
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
4895
- "control_name": "System OperationsThreat and Vulnerability Management"
7177
+ "control_name": "Risk MitigationVendor and Business Partner Risk"
4896
7178
  }
4897
7179
  ],
4898
7180
  "attack_refs": [
7181
+ "T0855",
7182
+ "T0883",
4899
7183
  "T1059",
4900
7184
  "T1068",
4901
- "T1071",
4902
7185
  "T1078",
4903
- "T1102",
4904
- "T1190",
4905
- "T1548.001",
4906
- "T1566",
4907
- "T1566.001",
4908
- "T1566.002",
4909
- "T1566.003",
4910
- "T1568"
7186
+ "T1133",
7187
+ "T1190",
7188
+ "T1548.001"
4911
7189
  ],
4912
7190
  "rfc_refs": [
4913
7191
  "RFC-4301",
4914
7192
  "RFC-4303",
4915
- "RFC-7296",
4916
- "RFC-8446",
4917
- "RFC-9000",
4918
- "RFC-9114",
4919
- "RFC-9180",
4920
- "RFC-9421",
4921
- "RFC-9458"
7193
+ "RFC-7296"
4922
7194
  ]
4923
7195
  }
4924
7196
  },
4925
- "MAL-2026-NODE-IPC-STEALER": {
4926
- "name": "node-ipc credential-stealer (expired-domain account-recovery compromise)",
4927
- "rwep": 43,
7197
+ "MAL-2026-SHAI-HULUD-OSS": {
7198
+ "name": "Shai-Hulud worm framework (TeamPCP open-source release)",
7199
+ "rwep": 70,
4928
7200
  "cvss": 9.8,
4929
7201
  "cisa_kev": false,
4930
- "epss_score": null,
4931
7202
  "referencing_skills": [
4932
- "fuzz-testing-strategy",
4933
7203
  "supply-chain-integrity",
4934
- "coordinated-vuln-disclosure",
4935
- "threat-modeling-methodology",
4936
- "webapp-security",
4937
7204
  "sector-federal-government",
4938
- "api-security",
4939
7205
  "container-runtime-security",
4940
- "mlops-security",
4941
- "idp-incident-response"
7206
+ "mlops-security"
4942
7207
  ],
4943
7208
  "chain": {
4944
7209
  "cwes": [
@@ -4947,11 +7212,6 @@
4947
7212
  "name": "Initialization of a Resource with an Insecure Default",
4948
7213
  "category": "Configuration"
4949
7214
  },
4950
- {
4951
- "id": "CWE-125",
4952
- "name": "Out-of-bounds Read",
4953
- "category": "Memory Safety"
4954
- },
4955
7215
  {
4956
7216
  "id": "CWE-1357",
4957
7217
  "name": "Reliance on Insufficiently Trustworthy Component",
@@ -4967,61 +7227,11 @@
4967
7227
  "name": "Improper Validation of Generative AI Output",
4968
7228
  "category": "AI/ML"
4969
7229
  },
4970
- {
4971
- "id": "CWE-20",
4972
- "name": "Improper Input Validation",
4973
- "category": "Validation"
4974
- },
4975
- {
4976
- "id": "CWE-200",
4977
- "name": "Exposure of Sensitive Information to an Unauthorized Actor",
4978
- "category": "Information Exposure"
4979
- },
4980
- {
4981
- "id": "CWE-22",
4982
- "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
4983
- "category": "Path/Resource"
4984
- },
4985
7230
  {
4986
7231
  "id": "CWE-269",
4987
7232
  "name": "Improper Privilege Management",
4988
7233
  "category": "Authorization"
4989
7234
  },
4990
- {
4991
- "id": "CWE-284",
4992
- "name": "Improper Access Control",
4993
- "category": "Access Control"
4994
- },
4995
- {
4996
- "id": "CWE-287",
4997
- "name": "Improper Authentication",
4998
- "category": "Authentication"
4999
- },
5000
- {
5001
- "id": "CWE-345",
5002
- "name": "Insufficient Verification of Data Authenticity",
5003
- "category": "Authenticity / Supply Chain"
5004
- },
5005
- {
5006
- "id": "CWE-352",
5007
- "name": "Cross-Site Request Forgery (CSRF)",
5008
- "category": "Session"
5009
- },
5010
- {
5011
- "id": "CWE-362",
5012
- "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
5013
- "category": "Concurrency"
5014
- },
5015
- {
5016
- "id": "CWE-416",
5017
- "name": "Use After Free",
5018
- "category": "Memory Safety"
5019
- },
5020
- {
5021
- "id": "CWE-434",
5022
- "name": "Unrestricted Upload of File with Dangerous Type",
5023
- "category": "File Handling"
5024
- },
5025
7235
  {
5026
7236
  "id": "CWE-494",
5027
7237
  "name": "Download of Code Without Integrity Check",
@@ -5032,65 +7242,20 @@
5032
7242
  "name": "Deserialization of Untrusted Data",
5033
7243
  "category": "Serialization"
5034
7244
  },
5035
- {
5036
- "id": "CWE-522",
5037
- "name": "Insufficiently Protected Credentials",
5038
- "category": "Credentials Management"
5039
- },
5040
7245
  {
5041
7246
  "id": "CWE-732",
5042
7247
  "name": "Incorrect Permission Assignment for Critical Resource",
5043
7248
  "category": "Authorization"
5044
7249
  },
5045
- {
5046
- "id": "CWE-77",
5047
- "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
5048
- "category": "Injection"
5049
- },
5050
- {
5051
- "id": "CWE-78",
5052
- "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
5053
- "category": "Injection"
5054
- },
5055
7250
  {
5056
7251
  "id": "CWE-787",
5057
7252
  "name": "Out-of-bounds Write",
5058
7253
  "category": "Memory Safety"
5059
7254
  },
5060
- {
5061
- "id": "CWE-79",
5062
- "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
5063
- "category": "Injection"
5064
- },
5065
7255
  {
5066
7256
  "id": "CWE-829",
5067
7257
  "name": "Inclusion of Functionality from Untrusted Control Sphere",
5068
7258
  "category": "Supply Chain"
5069
- },
5070
- {
5071
- "id": "CWE-862",
5072
- "name": "Missing Authorization",
5073
- "category": "Authorization"
5074
- },
5075
- {
5076
- "id": "CWE-863",
5077
- "name": "Incorrect Authorization",
5078
- "category": "Authorization"
5079
- },
5080
- {
5081
- "id": "CWE-89",
5082
- "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
5083
- "category": "Injection"
5084
- },
5085
- {
5086
- "id": "CWE-918",
5087
- "name": "Server-Side Request Forgery (SSRF)",
5088
- "category": "Network"
5089
- },
5090
- {
5091
- "id": "CWE-94",
5092
- "name": "Improper Control of Generation of Code (Code Injection)",
5093
- "category": "Injection"
5094
7259
  }
5095
7260
  ],
5096
7261
  "atlas": [
@@ -5118,16 +7283,6 @@
5118
7283
  "id": "AML.T0043",
5119
7284
  "name": "Craft Adversarial Data",
5120
7285
  "tactic": "ML Attack Staging"
5121
- },
5122
- {
5123
- "id": "AML.T0051",
5124
- "name": "LLM Prompt Injection",
5125
- "tactic": "Execution"
5126
- },
5127
- {
5128
- "id": "AML.T0096",
5129
- "name": "AI API as Covert C2 Channel",
5130
- "tactic": "Command and Control"
5131
7286
  }
5132
7287
  ],
5133
7288
  "d3fend": [
@@ -5145,34 +7300,9 @@
5145
7300
  "id": "D3-EHB",
5146
7301
  "name": "Executable Hashbased Allowlist",
5147
7302
  "tactic": "Harden"
5148
- },
5149
- {
5150
- "id": "D3-IOPR",
5151
- "name": "Input/Output Profiling Resource",
5152
- "tactic": "Detect"
5153
- },
5154
- {
5155
- "id": "D3-MFA",
5156
- "name": "Multi-factor Authentication",
5157
- "tactic": "Harden"
5158
- },
5159
- {
5160
- "id": "D3-NTA",
5161
- "name": "Network Traffic Analysis",
5162
- "tactic": "Detect"
5163
- },
5164
- {
5165
- "id": "D3-PSEP",
5166
- "name": "Process Segment Execution Prevention",
5167
- "tactic": "Harden"
5168
7303
  }
5169
7304
  ],
5170
7305
  "framework_gaps": [
5171
- {
5172
- "id": "AU-ISM-1559-IdP",
5173
- "framework": "AU ISM",
5174
- "control_name": "Privileged Account Credential Management — IdP-tenant control-plane extension"
5175
- },
5176
7306
  {
5177
7307
  "id": "CMMC-2.0-Level-2",
5178
7308
  "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
@@ -5183,11 +7313,6 @@
5183
7313
  "framework": "CycloneDX v1.6 (OWASP SBOM standard)",
5184
7314
  "control_name": "Software Bill of Materials"
5185
7315
  },
5186
- {
5187
- "id": "DORA-Art-19-IdP-4h",
5188
- "framework": "EU DORA",
5189
- "control_name": "Major-ICT-related-incident notification — IdP-specific 4-hour clock"
5190
- },
5191
7316
  {
5192
7317
  "id": "FedRAMP-Rev5-Moderate",
5193
7318
  "framework": "FedRAMP Rev 5 Moderate",
@@ -5198,61 +7323,26 @@
5198
7323
  "framework": "HITRUST CSF v11.4",
5199
7324
  "control_name": "Outsourced services management"
5200
7325
  },
5201
- {
5202
- "id": "ISO-27001-2022-A.5.16-Federated",
5203
- "framework": "ISO/IEC 27001:2022",
5204
- "control_name": "Identity Management + Authentication Information — federated-state extension"
5205
- },
5206
7326
  {
5207
7327
  "id": "ISO-27001-2022-A.8.28",
5208
7328
  "framework": "ISO/IEC 27001:2022",
5209
7329
  "control_name": "Secure coding"
5210
7330
  },
5211
- {
5212
- "id": "ISO-27001-2022-A.8.8",
5213
- "framework": "ISO/IEC 27001:2022",
5214
- "control_name": "Management of technical vulnerabilities"
5215
- },
5216
- {
5217
- "id": "ISO-IEC-23894-2023-clause-7",
5218
- "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
5219
- "control_name": "AI risk management process"
5220
- },
5221
7331
  {
5222
7332
  "id": "ISO-IEC-42001-2023-clause-6.1.2",
5223
7333
  "framework": "ISO/IEC 42001:2023 (AI Management System)",
5224
7334
  "control_name": "AI risk assessment"
5225
7335
  },
5226
- {
5227
- "id": "NIS2-Art-21-Federated-Identity",
5228
- "framework": "EU NIS2 Directive",
5229
- "control_name": "Cryptography + Access Control — federated-identity extension"
5230
- },
5231
- {
5232
- "id": "NIST-800-115",
5233
- "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
5234
- "control_name": "Technical Guide to Information Security Testing and Assessment"
5235
- },
5236
7336
  {
5237
7337
  "id": "NIST-800-218-SSDF",
5238
7338
  "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
5239
7339
  "control_name": "Secure Software Development Framework"
5240
7340
  },
5241
- {
5242
- "id": "NIST-800-53-AC-2",
5243
- "framework": "NIST SP 800-53 Rev 5",
5244
- "control_name": "Account Management"
5245
- },
5246
7341
  {
5247
7342
  "id": "NIST-800-53-CM-7",
5248
7343
  "framework": "NIST SP 800-53 Rev 5",
5249
7344
  "control_name": "Least Functionality"
5250
7345
  },
5251
- {
5252
- "id": "NIST-800-53-IA-5-Federated",
5253
- "framework": "NIST 800-53 Rev.5",
5254
- "control_name": "Authenticator Management — federated-trust extension"
5255
- },
5256
7346
  {
5257
7347
  "id": "NIST-800-53-SA-12",
5258
7348
  "framework": "NIST SP 800-53 Rev 5",
@@ -5263,21 +7353,6 @@
5263
7353
  "framework": "NIST AI RMF 1.0",
5264
7354
  "control_name": "AI system to human interaction evaluation"
5265
7355
  },
5266
- {
5267
- "id": "OFAC-Sanctions-Threat-Actor-Negotiation",
5268
- "framework": "US Treasury OFAC + EU sanctions overlay + UK OFSI",
5269
- "control_name": "Sanctions screening on ransomware-payment / threat-actor negotiation"
5270
- },
5271
- {
5272
- "id": "OWASP-ASVS-v5.0-V14",
5273
- "framework": "OWASP ASVS v5.0",
5274
- "control_name": "Configuration verification"
5275
- },
5276
- {
5277
- "id": "OWASP-LLM-Top-10-2025-LLM01",
5278
- "framework": "OWASP Top 10 for LLM Applications 2025",
5279
- "control_name": "Prompt Injection"
5280
- },
5281
7356
  {
5282
7357
  "id": "OWASP-LLM-Top-10-2025-LLM08",
5283
7358
  "framework": "OWASP Top 10 for LLM Applications 2025",
@@ -5288,16 +7363,6 @@
5288
7363
  "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
5289
7364
  "control_name": "Hardened build platform with non-falsifiable provenance"
5290
7365
  },
5291
- {
5292
- "id": "SOC2-CC6-OAuth-Consent",
5293
- "framework": "SOC 2 (AICPA Trust Services Criteria)",
5294
- "control_name": "Logical and Physical Access Controls — OAuth consent extension"
5295
- },
5296
- {
5297
- "id": "SOC2-CC9-vendor-management",
5298
- "framework": "SOC 2 (AICPA Trust Services Criteria)",
5299
- "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
5300
- },
5301
7366
  {
5302
7367
  "id": "SPDX-v3.0-SBOM",
5303
7368
  "framework": "SPDX v3.0 (ISO/IEC 5962-aligned SBOM standard)",
@@ -5308,11 +7373,6 @@
5308
7373
  "framework": "SWIFT Customer Security Controls Framework v2026",
5309
7374
  "control_name": "SWIFT Environment Protection"
5310
7375
  },
5311
- {
5312
- "id": "UK-CAF-B2-IdP-Tenant",
5313
- "framework": "UK NCSC CAF",
5314
- "control_name": "Identity and Access Control — IdP-tenant control-plane extension"
5315
- },
5316
7376
  {
5317
7377
  "id": "VEX-CSAF-v2.1",
5318
7378
  "framework": "VEX via OASIS CSAF 2.1 (Common Security Advisory Framework)",
@@ -5320,34 +7380,18 @@
5320
7380
  }
5321
7381
  ],
5322
7382
  "attack_refs": [
5323
- "T1059",
5324
7383
  "T1068",
5325
- "T1078",
5326
- "T1078.004",
5327
- "T1098.001",
5328
7384
  "T1190",
5329
7385
  "T1195.001",
5330
7386
  "T1195.002",
5331
- "T1199",
5332
- "T1505",
5333
7387
  "T1554",
5334
- "T1556.007",
5335
7388
  "T1565",
5336
- "T1567",
5337
- "T1606.002",
5338
7389
  "T1610",
5339
7390
  "T1611"
5340
7391
  ],
5341
7392
  "rfc_refs": [
5342
- "RFC-6749",
5343
- "RFC-7519",
5344
- "RFC-7591",
5345
7393
  "RFC-8032",
5346
- "RFC-8446",
5347
- "RFC-8725",
5348
- "RFC-9114",
5349
- "RFC-9421",
5350
- "RFC-9700"
7394
+ "RFC-8446"
5351
7395
  ]
5352
7396
  }
5353
7397
  },
@@ -5616,14 +7660,18 @@
5616
7660
  ]
5617
7661
  },
5618
7662
  "related_cves": [
7663
+ "CVE-2023-43472",
5619
7664
  "CVE-2024-3094",
7665
+ "CVE-2024-3154",
5620
7666
  "CVE-2025-53773",
5621
7667
  "CVE-2026-30615",
7668
+ "CVE-2026-30623",
5622
7669
  "CVE-2026-31431",
5623
7670
  "CVE-2026-39884",
5624
7671
  "CVE-2026-42208",
5625
7672
  "CVE-2026-45321",
5626
7673
  "CVE-2026-46300",
7674
+ "CVE-2026-46333",
5627
7675
  "MAL-2026-3083",
5628
7676
  "MAL-2026-NODE-IPC-STEALER"
5629
7677
  ]
@@ -5801,9 +7849,12 @@
5801
7849
  ]
5802
7850
  },
5803
7851
  "related_cves": [
7852
+ "CVE-2023-43472",
5804
7853
  "CVE-2024-3094",
7854
+ "CVE-2024-3154",
5805
7855
  "CVE-2025-53773",
5806
7856
  "CVE-2026-30615",
7857
+ "CVE-2026-30623",
5807
7858
  "CVE-2026-39884",
5808
7859
  "CVE-2026-42208",
5809
7860
  "CVE-2026-45321",
@@ -5938,11 +7989,14 @@
5938
7989
  ]
5939
7990
  },
5940
7991
  "related_cves": [
7992
+ "CVE-2023-43472",
7993
+ "CVE-2026-30623",
5941
7994
  "CVE-2026-31431",
5942
7995
  "CVE-2026-39884",
5943
7996
  "CVE-2026-42208",
5944
7997
  "CVE-2026-45321",
5945
7998
  "CVE-2026-46300",
7999
+ "CVE-2026-46333",
5946
8000
  "MAL-2026-3083",
5947
8001
  "MAL-2026-NODE-IPC-STEALER"
5948
8002
  ]
@@ -6063,11 +8117,14 @@
6063
8117
  ]
6064
8118
  },
6065
8119
  "related_cves": [
8120
+ "CVE-2023-43472",
8121
+ "CVE-2026-30623",
6066
8122
  "CVE-2026-31431",
6067
8123
  "CVE-2026-39884",
6068
8124
  "CVE-2026-42208",
6069
8125
  "CVE-2026-45321",
6070
8126
  "CVE-2026-46300",
8127
+ "CVE-2026-46333",
6071
8128
  "MAL-2026-3083",
6072
8129
  "MAL-2026-NODE-IPC-STEALER"
6073
8130
  ]
@@ -6202,11 +8259,14 @@
6202
8259
  ]
6203
8260
  },
6204
8261
  "related_cves": [
8262
+ "CVE-2023-43472",
8263
+ "CVE-2026-30623",
6205
8264
  "CVE-2026-31431",
6206
8265
  "CVE-2026-39884",
6207
8266
  "CVE-2026-42208",
6208
8267
  "CVE-2026-45321",
6209
8268
  "CVE-2026-46300",
8269
+ "CVE-2026-46333",
6210
8270
  "MAL-2026-3083",
6211
8271
  "MAL-2026-NODE-IPC-STEALER"
6212
8272
  ]
@@ -6443,9 +8503,13 @@
6443
8503
  ]
6444
8504
  },
6445
8505
  "related_cves": [
8506
+ "CVE-2023-43472",
6446
8507
  "CVE-2024-3094",
8508
+ "CVE-2024-3154",
8509
+ "CVE-2025-11837",
6447
8510
  "CVE-2025-53773",
6448
8511
  "CVE-2026-30615",
8512
+ "CVE-2026-30623",
6449
8513
  "CVE-2026-32202",
6450
8514
  "CVE-2026-33825",
6451
8515
  "CVE-2026-39884",
@@ -6583,6 +8647,12 @@
6583
8647
  ]
6584
8648
  },
6585
8649
  "related_cves": [
8650
+ "CVE-2023-3519",
8651
+ "CVE-2025-12686",
8652
+ "CVE-2025-59389",
8653
+ "CVE-2025-62847",
8654
+ "CVE-2025-62848",
8655
+ "CVE-2025-62849",
6586
8656
  "CVE-2026-0300",
6587
8657
  "CVE-2026-31431",
6588
8658
  "CVE-2026-32202",
@@ -6594,6 +8664,7 @@
6594
8664
  "CVE-2026-43500",
6595
8665
  "CVE-2026-45321",
6596
8666
  "CVE-2026-46300",
8667
+ "CVE-2026-46333",
6597
8668
  "CVE-2026-6973",
6598
8669
  "MAL-2026-3083",
6599
8670
  "MAL-2026-NODE-IPC-STEALER"
@@ -6808,9 +8879,13 @@
6808
8879
  ]
6809
8880
  },
6810
8881
  "related_cves": [
8882
+ "CVE-2023-43472",
6811
8883
  "CVE-2024-3094",
8884
+ "CVE-2024-3154",
8885
+ "CVE-2024-40635",
6812
8886
  "CVE-2025-53773",
6813
8887
  "CVE-2026-30615",
8888
+ "CVE-2026-30623",
6814
8889
  "CVE-2026-39884",
6815
8890
  "CVE-2026-42208",
6816
8891
  "CVE-2026-42897",
@@ -7151,16 +9226,21 @@
7151
9226
  ]
7152
9227
  },
7153
9228
  "related_cves": [
9229
+ "CVE-2023-43472",
7154
9230
  "CVE-2024-3094",
9231
+ "CVE-2024-3154",
7155
9232
  "CVE-2025-53773",
7156
9233
  "CVE-2026-30615",
9234
+ "CVE-2026-30623",
7157
9235
  "CVE-2026-31431",
7158
9236
  "CVE-2026-39884",
7159
9237
  "CVE-2026-42208",
7160
9238
  "CVE-2026-45321",
7161
9239
  "CVE-2026-46300",
9240
+ "CVE-2026-46333",
7162
9241
  "MAL-2026-3083",
7163
- "MAL-2026-NODE-IPC-STEALER"
9242
+ "MAL-2026-NODE-IPC-STEALER",
9243
+ "MAL-2026-SHAI-HULUD-OSS"
7164
9244
  ]
7165
9245
  },
7166
9246
  "CWE-284": {
@@ -7710,14 +9790,18 @@
7710
9790
  ]
7711
9791
  },
7712
9792
  "related_cves": [
9793
+ "CVE-2023-43472",
7713
9794
  "CVE-2024-3094",
9795
+ "CVE-2024-3154",
7714
9796
  "CVE-2025-53773",
7715
9797
  "CVE-2026-30615",
9798
+ "CVE-2026-30623",
7716
9799
  "CVE-2026-31431",
7717
9800
  "CVE-2026-39884",
7718
9801
  "CVE-2026-42208",
7719
9802
  "CVE-2026-45321",
7720
9803
  "CVE-2026-46300",
9804
+ "CVE-2026-46333",
7721
9805
  "MAL-2026-3083",
7722
9806
  "MAL-2026-NODE-IPC-STEALER"
7723
9807
  ]
@@ -7917,6 +10001,7 @@
7917
10001
  "CVE-2026-39884",
7918
10002
  "CVE-2026-45321",
7919
10003
  "CVE-2026-46300",
10004
+ "CVE-2026-46333",
7920
10005
  "MAL-2026-3083"
7921
10006
  ]
7922
10007
  },
@@ -8308,6 +10393,7 @@
8308
10393
  },
8309
10394
  "related_cves": [
8310
10395
  "CVE-2024-3094",
10396
+ "CVE-2024-3154",
8311
10397
  "CVE-2025-53773",
8312
10398
  "CVE-2026-30615",
8313
10399
  "CVE-2026-45321",
@@ -8532,14 +10618,18 @@
8532
10618
  ]
8533
10619
  },
8534
10620
  "related_cves": [
10621
+ "CVE-2023-43472",
8535
10622
  "CVE-2024-3094",
10623
+ "CVE-2024-3154",
8536
10624
  "CVE-2025-53773",
8537
10625
  "CVE-2026-30615",
10626
+ "CVE-2026-30623",
8538
10627
  "CVE-2026-31431",
8539
10628
  "CVE-2026-39884",
8540
10629
  "CVE-2026-42208",
8541
10630
  "CVE-2026-45321",
8542
10631
  "CVE-2026-46300",
10632
+ "CVE-2026-46333",
8543
10633
  "MAL-2026-3083",
8544
10634
  "MAL-2026-NODE-IPC-STEALER"
8545
10635
  ]
@@ -8672,6 +10762,12 @@
8672
10762
  ]
8673
10763
  },
8674
10764
  "related_cves": [
10765
+ "CVE-2023-3519",
10766
+ "CVE-2025-12686",
10767
+ "CVE-2025-59389",
10768
+ "CVE-2025-62847",
10769
+ "CVE-2025-62848",
10770
+ "CVE-2025-62849",
8675
10771
  "CVE-2026-0300",
8676
10772
  "CVE-2026-31431",
8677
10773
  "CVE-2026-32202",
@@ -8683,6 +10779,7 @@
8683
10779
  "CVE-2026-43500",
8684
10780
  "CVE-2026-45321",
8685
10781
  "CVE-2026-46300",
10782
+ "CVE-2026-46333",
8686
10783
  "CVE-2026-6973",
8687
10784
  "MAL-2026-3083",
8688
10785
  "MAL-2026-NODE-IPC-STEALER"
@@ -8802,6 +10899,12 @@
8802
10899
  ]
8803
10900
  },
8804
10901
  "related_cves": [
10902
+ "CVE-2023-3519",
10903
+ "CVE-2025-12686",
10904
+ "CVE-2025-59389",
10905
+ "CVE-2025-62847",
10906
+ "CVE-2025-62848",
10907
+ "CVE-2025-62849",
8805
10908
  "CVE-2026-0300",
8806
10909
  "CVE-2026-31431",
8807
10910
  "CVE-2026-32202",
@@ -8813,6 +10916,7 @@
8813
10916
  "CVE-2026-43500",
8814
10917
  "CVE-2026-45321",
8815
10918
  "CVE-2026-46300",
10919
+ "CVE-2026-46333",
8816
10920
  "CVE-2026-6973",
8817
10921
  "MAL-2026-3083",
8818
10922
  "MAL-2026-NODE-IPC-STEALER"
@@ -9025,14 +11129,18 @@
9025
11129
  ]
9026
11130
  },
9027
11131
  "related_cves": [
11132
+ "CVE-2023-43472",
9028
11133
  "CVE-2024-3094",
11134
+ "CVE-2024-3154",
9029
11135
  "CVE-2025-53773",
9030
11136
  "CVE-2026-30615",
11137
+ "CVE-2026-30623",
9031
11138
  "CVE-2026-31431",
9032
11139
  "CVE-2026-39884",
9033
11140
  "CVE-2026-42208",
9034
11141
  "CVE-2026-45321",
9035
11142
  "CVE-2026-46300",
11143
+ "CVE-2026-46333",
9036
11144
  "MAL-2026-3083",
9037
11145
  "MAL-2026-NODE-IPC-STEALER"
9038
11146
  ]
@@ -9224,11 +11332,13 @@
9224
11332
  },
9225
11333
  "related_cves": [
9226
11334
  "CVE-2024-3094",
11335
+ "CVE-2024-3154",
9227
11336
  "CVE-2025-53773",
9228
11337
  "CVE-2026-30615",
9229
11338
  "CVE-2026-45321",
9230
11339
  "MAL-2026-3083",
9231
- "MAL-2026-NODE-IPC-STEALER"
11340
+ "MAL-2026-NODE-IPC-STEALER",
11341
+ "MAL-2026-SHAI-HULUD-OSS"
9232
11342
  ]
9233
11343
  },
9234
11344
  "CWE-502": {
@@ -9410,13 +11520,16 @@
9410
11520
  ]
9411
11521
  },
9412
11522
  "related_cves": [
11523
+ "CVE-2023-43472",
9413
11524
  "CVE-2024-3094",
9414
11525
  "CVE-2026-30615",
11526
+ "CVE-2026-30623",
9415
11527
  "CVE-2026-39884",
9416
11528
  "CVE-2026-42208",
9417
11529
  "CVE-2026-45321",
9418
11530
  "MAL-2026-3083",
9419
- "MAL-2026-NODE-IPC-STEALER"
11531
+ "MAL-2026-NODE-IPC-STEALER",
11532
+ "MAL-2026-SHAI-HULUD-OSS"
9420
11533
  ]
9421
11534
  },
9422
11535
  "CWE-506": {
@@ -9706,6 +11819,12 @@
9706
11819
  ]
9707
11820
  },
9708
11821
  "related_cves": [
11822
+ "CVE-2023-3519",
11823
+ "CVE-2025-12686",
11824
+ "CVE-2025-59389",
11825
+ "CVE-2025-62847",
11826
+ "CVE-2025-62848",
11827
+ "CVE-2025-62849",
9709
11828
  "CVE-2026-0300",
9710
11829
  "CVE-2026-31431",
9711
11830
  "CVE-2026-32202",
@@ -9717,6 +11836,7 @@
9717
11836
  "CVE-2026-43500",
9718
11837
  "CVE-2026-45321",
9719
11838
  "CVE-2026-46300",
11839
+ "CVE-2026-46333",
9720
11840
  "CVE-2026-6973",
9721
11841
  "MAL-2026-3083"
9722
11842
  ]
@@ -9993,16 +12113,21 @@
9993
12113
  ]
9994
12114
  },
9995
12115
  "related_cves": [
12116
+ "CVE-2023-43472",
9996
12117
  "CVE-2024-3094",
12118
+ "CVE-2024-3154",
9997
12119
  "CVE-2025-53773",
9998
12120
  "CVE-2026-30615",
12121
+ "CVE-2026-30623",
9999
12122
  "CVE-2026-31431",
10000
12123
  "CVE-2026-39884",
10001
12124
  "CVE-2026-42208",
10002
12125
  "CVE-2026-45321",
10003
12126
  "CVE-2026-46300",
12127
+ "CVE-2026-46333",
10004
12128
  "MAL-2026-3083",
10005
- "MAL-2026-NODE-IPC-STEALER"
12129
+ "MAL-2026-NODE-IPC-STEALER",
12130
+ "MAL-2026-SHAI-HULUD-OSS"
10006
12131
  ]
10007
12132
  },
10008
12133
  "CWE-759": {
@@ -10209,10 +12334,19 @@
10209
12334
  ]
10210
12335
  },
10211
12336
  "related_cves": [
12337
+ "CVE-2023-3519",
12338
+ "CVE-2023-43472",
10212
12339
  "CVE-2024-3094",
12340
+ "CVE-2024-3154",
12341
+ "CVE-2025-12686",
10213
12342
  "CVE-2025-53773",
12343
+ "CVE-2025-59389",
12344
+ "CVE-2025-62847",
12345
+ "CVE-2025-62848",
12346
+ "CVE-2025-62849",
10214
12347
  "CVE-2026-0300",
10215
12348
  "CVE-2026-30615",
12349
+ "CVE-2026-30623",
10216
12350
  "CVE-2026-31431",
10217
12351
  "CVE-2026-32202",
10218
12352
  "CVE-2026-33825",
@@ -10223,9 +12357,11 @@
10223
12357
  "CVE-2026-43500",
10224
12358
  "CVE-2026-45321",
10225
12359
  "CVE-2026-46300",
12360
+ "CVE-2026-46333",
10226
12361
  "CVE-2026-6973",
10227
12362
  "MAL-2026-3083",
10228
- "MAL-2026-NODE-IPC-STEALER"
12363
+ "MAL-2026-NODE-IPC-STEALER",
12364
+ "MAL-2026-SHAI-HULUD-OSS"
10229
12365
  ]
10230
12366
  },
10231
12367
  "CWE-798": {
@@ -10512,12 +12648,14 @@
10512
12648
  },
10513
12649
  "related_cves": [
10514
12650
  "CVE-2024-3094",
12651
+ "CVE-2024-3154",
10515
12652
  "CVE-2025-53773",
10516
12653
  "CVE-2026-30615",
10517
12654
  "CVE-2026-31431",
10518
12655
  "CVE-2026-39884",
10519
12656
  "CVE-2026-45321",
10520
12657
  "CVE-2026-46300",
12658
+ "CVE-2026-46333",
10521
12659
  "MAL-2026-3083"
10522
12660
  ]
10523
12661
  },
@@ -10635,7 +12773,8 @@
10635
12773
  "CVE-2026-30615",
10636
12774
  "CVE-2026-45321",
10637
12775
  "MAL-2026-3083",
10638
- "MAL-2026-NODE-IPC-STEALER"
12776
+ "MAL-2026-NODE-IPC-STEALER",
12777
+ "MAL-2026-SHAI-HULUD-OSS"
10639
12778
  ]
10640
12779
  },
10641
12780
  "CWE-862": {
@@ -10813,9 +12952,12 @@
10813
12952
  ]
10814
12953
  },
10815
12954
  "related_cves": [
12955
+ "CVE-2023-43472",
10816
12956
  "CVE-2024-3094",
12957
+ "CVE-2024-3154",
10817
12958
  "CVE-2025-53773",
10818
12959
  "CVE-2026-30615",
12960
+ "CVE-2026-30623",
10819
12961
  "CVE-2026-39884",
10820
12962
  "CVE-2026-42208",
10821
12963
  "CVE-2026-45321",
@@ -11089,9 +13231,11 @@
11089
13231
  ]
11090
13232
  },
11091
13233
  "related_cves": [
13234
+ "CVE-2023-43472",
11092
13235
  "CVE-2024-3094",
11093
13236
  "CVE-2025-53773",
11094
13237
  "CVE-2026-30615",
13238
+ "CVE-2026-30623",
11095
13239
  "CVE-2026-39884",
11096
13240
  "CVE-2026-42208",
11097
13241
  "CVE-2026-45321",
@@ -11393,14 +13537,18 @@
11393
13537
  ]
11394
13538
  },
11395
13539
  "related_cves": [
13540
+ "CVE-2023-43472",
11396
13541
  "CVE-2024-3094",
13542
+ "CVE-2024-3154",
11397
13543
  "CVE-2025-53773",
11398
13544
  "CVE-2026-30615",
13545
+ "CVE-2026-30623",
11399
13546
  "CVE-2026-31431",
11400
13547
  "CVE-2026-39884",
11401
13548
  "CVE-2026-42208",
11402
13549
  "CVE-2026-45321",
11403
13550
  "CVE-2026-46300",
13551
+ "CVE-2026-46333",
11404
13552
  "MAL-2026-3083",
11405
13553
  "MAL-2026-NODE-IPC-STEALER"
11406
13554
  ]
@@ -11458,6 +13606,7 @@
11458
13606
  "CVE-2026-39884",
11459
13607
  "CVE-2026-45321",
11460
13608
  "CVE-2026-46300",
13609
+ "CVE-2026-46333",
11461
13610
  "MAL-2026-3083"
11462
13611
  ]
11463
13612
  },
@@ -11589,7 +13738,10 @@
11589
13738
  "rfc_refs": []
11590
13739
  },
11591
13740
  "related_cves": [
13741
+ "CVE-2023-43472",
13742
+ "CVE-2025-11837",
11592
13743
  "CVE-2025-53773",
13744
+ "CVE-2026-30623",
11593
13745
  "CVE-2026-32202",
11594
13746
  "CVE-2026-33825",
11595
13747
  "CVE-2026-39884",
@@ -11745,14 +13897,18 @@
11745
13897
  ]
11746
13898
  },
11747
13899
  "related_cves": [
13900
+ "CVE-2023-43472",
11748
13901
  "CVE-2024-3094",
13902
+ "CVE-2024-3154",
11749
13903
  "CVE-2025-53773",
11750
13904
  "CVE-2026-30615",
13905
+ "CVE-2026-30623",
11751
13906
  "CVE-2026-39884",
11752
13907
  "CVE-2026-42208",
11753
13908
  "CVE-2026-45321",
11754
13909
  "MAL-2026-3083",
11755
- "MAL-2026-NODE-IPC-STEALER"
13910
+ "MAL-2026-NODE-IPC-STEALER",
13911
+ "MAL-2026-SHAI-HULUD-OSS"
11756
13912
  ]
11757
13913
  },
11758
13914
  "CWE-1357": {
@@ -11915,8 +14071,10 @@
11915
14071
  "CVE-2026-42945",
11916
14072
  "CVE-2026-45321",
11917
14073
  "CVE-2026-46300",
14074
+ "CVE-2026-46333",
11918
14075
  "MAL-2026-3083",
11919
- "MAL-2026-NODE-IPC-STEALER"
14076
+ "MAL-2026-NODE-IPC-STEALER",
14077
+ "MAL-2026-SHAI-HULUD-OSS"
11920
14078
  ]
11921
14079
  },
11922
14080
  "CWE-1395": {
@@ -12130,15 +14288,20 @@
12130
14288
  ]
12131
14289
  },
12132
14290
  "related_cves": [
14291
+ "CVE-2023-43472",
12133
14292
  "CVE-2024-3094",
14293
+ "CVE-2024-3154",
12134
14294
  "CVE-2025-53773",
12135
14295
  "CVE-2026-30615",
14296
+ "CVE-2026-30623",
12136
14297
  "CVE-2026-31431",
12137
14298
  "CVE-2026-39884",
12138
14299
  "CVE-2026-45321",
12139
14300
  "CVE-2026-46300",
14301
+ "CVE-2026-46333",
12140
14302
  "MAL-2026-3083",
12141
- "MAL-2026-NODE-IPC-STEALER"
14303
+ "MAL-2026-NODE-IPC-STEALER",
14304
+ "MAL-2026-SHAI-HULUD-OSS"
12142
14305
  ]
12143
14306
  },
12144
14307
  "CWE-1426": {
@@ -12381,9 +14544,13 @@
12381
14544
  ]
12382
14545
  },
12383
14546
  "related_cves": [
14547
+ "CVE-2023-43472",
12384
14548
  "CVE-2024-3094",
14549
+ "CVE-2024-40635",
14550
+ "CVE-2025-11837",
12385
14551
  "CVE-2025-53773",
12386
14552
  "CVE-2026-30615",
14553
+ "CVE-2026-30623",
12387
14554
  "CVE-2026-32202",
12388
14555
  "CVE-2026-33825",
12389
14556
  "CVE-2026-39884",
@@ -12392,7 +14559,8 @@
12392
14559
  "CVE-2026-43284",
12393
14560
  "CVE-2026-45321",
12394
14561
  "MAL-2026-3083",
12395
- "MAL-2026-NODE-IPC-STEALER"
14562
+ "MAL-2026-NODE-IPC-STEALER",
14563
+ "MAL-2026-SHAI-HULUD-OSS"
12396
14564
  ]
12397
14565
  }
12398
14566
  }