@blamejs/exceptd-skills 0.13.1 → 0.13.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +73 -0
- package/bin/exceptd.js +140 -7
- package/data/_indexes/_meta.json +28 -28
- package/data/_indexes/activity-feed.json +3 -3
- package/data/_indexes/catalog-summaries.json +3 -3
- package/data/_indexes/chains.json +1897 -88
- package/data/_indexes/frequency.json +20 -0
- package/data/_indexes/section-offsets.json +574 -574
- package/data/_indexes/token-budget.json +97 -97
- package/data/atlas-ttps.json +2 -0
- package/data/attack-techniques.json +24 -3
- package/data/cve-catalog.json +96 -29
- package/data/cwe-catalog.json +20 -3
- package/data/framework-control-gaps.json +700 -1
- package/data/zeroday-lessons.json +889 -0
- package/lib/lint-skills.js +54 -1
- package/lib/source-advisories.js +26 -0
- package/manifest.json +62 -62
- package/orchestrator/index.js +155 -3
- package/package.json +1 -1
- package/sbom.cdx.json +50 -39
- package/scripts/check-test-count.js +146 -0
- package/scripts/predeploy.js +16 -0
- package/skills/age-gates-child-safety/skill.md +1 -0
- package/skills/ai-risk-management/skill.md +1 -0
- package/skills/api-security/skill.md +14 -4
- package/skills/cloud-iam-incident/skill.md +1 -1
- package/skills/defensive-countermeasure-mapping/skill.md +1 -0
- package/skills/email-security-anti-phishing/skill.md +15 -4
- package/skills/fuzz-testing-strategy/skill.md +1 -0
- package/skills/mlops-security/skill.md +1 -0
- package/skills/ot-ics-security/skill.md +1 -0
- package/skills/researcher/skill.md +1 -0
- package/skills/sector-energy/skill.md +1 -0
- package/skills/sector-federal-government/skill.md +1 -0
- package/skills/sector-telecom/skill.md +1 -0
- package/skills/skill-update-loop/skill.md +1 -0
- package/skills/threat-model-currency/skill.md +1 -0
- package/skills/threat-modeling-methodology/skill.md +1 -0
- package/skills/webapp-security/skill.md +1 -0
- package/skills/zeroday-gap-learn/skill.md +1 -0
|
@@ -3539,14 +3539,222 @@
|
|
|
3539
3539
|
"cvss": 8.1,
|
|
3540
3540
|
"cisa_kev": false,
|
|
3541
3541
|
"epss_score": 0.012,
|
|
3542
|
-
"referencing_skills": [
|
|
3542
|
+
"referencing_skills": [
|
|
3543
|
+
"mcp-agent-trust",
|
|
3544
|
+
"cloud-security",
|
|
3545
|
+
"container-runtime-security"
|
|
3546
|
+
],
|
|
3543
3547
|
"chain": {
|
|
3544
|
-
"cwes": [
|
|
3545
|
-
|
|
3546
|
-
|
|
3547
|
-
|
|
3548
|
-
|
|
3549
|
-
|
|
3548
|
+
"cwes": [
|
|
3549
|
+
{
|
|
3550
|
+
"id": "CWE-1188",
|
|
3551
|
+
"name": "Initialization of a Resource with an Insecure Default",
|
|
3552
|
+
"category": "Configuration"
|
|
3553
|
+
},
|
|
3554
|
+
{
|
|
3555
|
+
"id": "CWE-1395",
|
|
3556
|
+
"name": "Dependency on Vulnerable Third-Party Component",
|
|
3557
|
+
"category": "Supply Chain"
|
|
3558
|
+
},
|
|
3559
|
+
{
|
|
3560
|
+
"id": "CWE-200",
|
|
3561
|
+
"name": "Exposure of Sensitive Information to an Unauthorized Actor",
|
|
3562
|
+
"category": "Information Exposure"
|
|
3563
|
+
},
|
|
3564
|
+
{
|
|
3565
|
+
"id": "CWE-22",
|
|
3566
|
+
"name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
|
|
3567
|
+
"category": "Path/Resource"
|
|
3568
|
+
},
|
|
3569
|
+
{
|
|
3570
|
+
"id": "CWE-269",
|
|
3571
|
+
"name": "Improper Privilege Management",
|
|
3572
|
+
"category": "Authorization"
|
|
3573
|
+
},
|
|
3574
|
+
{
|
|
3575
|
+
"id": "CWE-287",
|
|
3576
|
+
"name": "Improper Authentication",
|
|
3577
|
+
"category": "Authentication"
|
|
3578
|
+
},
|
|
3579
|
+
{
|
|
3580
|
+
"id": "CWE-345",
|
|
3581
|
+
"name": "Insufficient Verification of Data Authenticity",
|
|
3582
|
+
"category": "Authenticity / Supply Chain"
|
|
3583
|
+
},
|
|
3584
|
+
{
|
|
3585
|
+
"id": "CWE-352",
|
|
3586
|
+
"name": "Cross-Site Request Forgery (CSRF)",
|
|
3587
|
+
"category": "Session"
|
|
3588
|
+
},
|
|
3589
|
+
{
|
|
3590
|
+
"id": "CWE-434",
|
|
3591
|
+
"name": "Unrestricted Upload of File with Dangerous Type",
|
|
3592
|
+
"category": "File Handling"
|
|
3593
|
+
},
|
|
3594
|
+
{
|
|
3595
|
+
"id": "CWE-494",
|
|
3596
|
+
"name": "Download of Code Without Integrity Check",
|
|
3597
|
+
"category": "Supply Chain"
|
|
3598
|
+
},
|
|
3599
|
+
{
|
|
3600
|
+
"id": "CWE-732",
|
|
3601
|
+
"name": "Incorrect Permission Assignment for Critical Resource",
|
|
3602
|
+
"category": "Authorization"
|
|
3603
|
+
},
|
|
3604
|
+
{
|
|
3605
|
+
"id": "CWE-77",
|
|
3606
|
+
"name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
|
|
3607
|
+
"category": "Injection"
|
|
3608
|
+
},
|
|
3609
|
+
{
|
|
3610
|
+
"id": "CWE-787",
|
|
3611
|
+
"name": "Out-of-bounds Write",
|
|
3612
|
+
"category": "Memory Safety"
|
|
3613
|
+
},
|
|
3614
|
+
{
|
|
3615
|
+
"id": "CWE-798",
|
|
3616
|
+
"name": "Use of Hard-coded Credentials",
|
|
3617
|
+
"category": "Credentials"
|
|
3618
|
+
},
|
|
3619
|
+
{
|
|
3620
|
+
"id": "CWE-862",
|
|
3621
|
+
"name": "Missing Authorization",
|
|
3622
|
+
"category": "Authorization"
|
|
3623
|
+
},
|
|
3624
|
+
{
|
|
3625
|
+
"id": "CWE-918",
|
|
3626
|
+
"name": "Server-Side Request Forgery (SSRF)",
|
|
3627
|
+
"category": "Network"
|
|
3628
|
+
},
|
|
3629
|
+
{
|
|
3630
|
+
"id": "CWE-94",
|
|
3631
|
+
"name": "Improper Control of Generation of Code (Code Injection)",
|
|
3632
|
+
"category": "Injection"
|
|
3633
|
+
}
|
|
3634
|
+
],
|
|
3635
|
+
"atlas": [
|
|
3636
|
+
{
|
|
3637
|
+
"id": "AML.T0010",
|
|
3638
|
+
"name": "ML Supply Chain Compromise",
|
|
3639
|
+
"tactic": "Initial Access"
|
|
3640
|
+
},
|
|
3641
|
+
{
|
|
3642
|
+
"id": "AML.T0016",
|
|
3643
|
+
"name": "Obtain Capabilities: Develop Capabilities",
|
|
3644
|
+
"tactic": "Resource Development"
|
|
3645
|
+
},
|
|
3646
|
+
{
|
|
3647
|
+
"id": "AML.T0017",
|
|
3648
|
+
"name": "Discover ML Model Ontology",
|
|
3649
|
+
"tactic": "Discovery"
|
|
3650
|
+
},
|
|
3651
|
+
{
|
|
3652
|
+
"id": "AML.T0096",
|
|
3653
|
+
"name": "AI API as Covert C2 Channel",
|
|
3654
|
+
"tactic": "Command and Control"
|
|
3655
|
+
}
|
|
3656
|
+
],
|
|
3657
|
+
"d3fend": [
|
|
3658
|
+
{
|
|
3659
|
+
"id": "D3-CBAN",
|
|
3660
|
+
"name": "Certificate-based Authentication",
|
|
3661
|
+
"tactic": "Harden"
|
|
3662
|
+
},
|
|
3663
|
+
{
|
|
3664
|
+
"id": "D3-CSPP",
|
|
3665
|
+
"name": "Client-server Payload Profiling",
|
|
3666
|
+
"tactic": "Detect"
|
|
3667
|
+
},
|
|
3668
|
+
{
|
|
3669
|
+
"id": "D3-EAL",
|
|
3670
|
+
"name": "Executable Allowlisting",
|
|
3671
|
+
"tactic": "Harden"
|
|
3672
|
+
},
|
|
3673
|
+
{
|
|
3674
|
+
"id": "D3-EHB",
|
|
3675
|
+
"name": "Executable Hashbased Allowlist",
|
|
3676
|
+
"tactic": "Harden"
|
|
3677
|
+
},
|
|
3678
|
+
{
|
|
3679
|
+
"id": "D3-MFA",
|
|
3680
|
+
"name": "Multi-factor Authentication",
|
|
3681
|
+
"tactic": "Harden"
|
|
3682
|
+
}
|
|
3683
|
+
],
|
|
3684
|
+
"framework_gaps": [
|
|
3685
|
+
{
|
|
3686
|
+
"id": "ALL-MCP-TOOL-TRUST",
|
|
3687
|
+
"framework": "ALL",
|
|
3688
|
+
"control_name": "MCP/Agent Tool Trust Boundaries"
|
|
3689
|
+
},
|
|
3690
|
+
{
|
|
3691
|
+
"id": "FedRAMP-Rev5-Moderate",
|
|
3692
|
+
"framework": "FedRAMP Rev 5 Moderate",
|
|
3693
|
+
"control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
|
|
3694
|
+
},
|
|
3695
|
+
{
|
|
3696
|
+
"id": "ISO-27001-2022-A.8.28",
|
|
3697
|
+
"framework": "ISO/IEC 27001:2022",
|
|
3698
|
+
"control_name": "Secure coding"
|
|
3699
|
+
},
|
|
3700
|
+
{
|
|
3701
|
+
"id": "ISO-27001-2022-A.8.30",
|
|
3702
|
+
"framework": "ISO/IEC 27001:2022",
|
|
3703
|
+
"control_name": "Outsourced development"
|
|
3704
|
+
},
|
|
3705
|
+
{
|
|
3706
|
+
"id": "NIST-800-53-CM-7",
|
|
3707
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
3708
|
+
"control_name": "Least Functionality"
|
|
3709
|
+
},
|
|
3710
|
+
{
|
|
3711
|
+
"id": "NIST-800-53-SA-12",
|
|
3712
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
3713
|
+
"control_name": "Supply Chain Protection"
|
|
3714
|
+
},
|
|
3715
|
+
{
|
|
3716
|
+
"id": "OWASP-LLM-Top-10-2025-LLM06",
|
|
3717
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
3718
|
+
"control_name": "Excessive Agency"
|
|
3719
|
+
},
|
|
3720
|
+
{
|
|
3721
|
+
"id": "SLSA-v1.0-Build-L3",
|
|
3722
|
+
"framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
|
|
3723
|
+
"control_name": "Hardened build platform with non-falsifiable provenance"
|
|
3724
|
+
},
|
|
3725
|
+
{
|
|
3726
|
+
"id": "SOC2-CC9-vendor-management",
|
|
3727
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
3728
|
+
"control_name": "Risk Mitigation — Vendor and Business Partner Risk"
|
|
3729
|
+
},
|
|
3730
|
+
{
|
|
3731
|
+
"id": "SWIFT-CSCF-v2026-1.1",
|
|
3732
|
+
"framework": "SWIFT Customer Security Controls Framework v2026",
|
|
3733
|
+
"control_name": "SWIFT Environment Protection"
|
|
3734
|
+
}
|
|
3735
|
+
],
|
|
3736
|
+
"attack_refs": [
|
|
3737
|
+
"T1059",
|
|
3738
|
+
"T1068",
|
|
3739
|
+
"T1078",
|
|
3740
|
+
"T1190",
|
|
3741
|
+
"T1195.001",
|
|
3742
|
+
"T1530",
|
|
3743
|
+
"T1552",
|
|
3744
|
+
"T1610",
|
|
3745
|
+
"T1611"
|
|
3746
|
+
],
|
|
3747
|
+
"rfc_refs": [
|
|
3748
|
+
"RFC-6749",
|
|
3749
|
+
"RFC-7519",
|
|
3750
|
+
"RFC-8032",
|
|
3751
|
+
"RFC-8446",
|
|
3752
|
+
"RFC-8725",
|
|
3753
|
+
"RFC-9114",
|
|
3754
|
+
"RFC-9180",
|
|
3755
|
+
"RFC-9421",
|
|
3756
|
+
"RFC-9700"
|
|
3757
|
+
]
|
|
3550
3758
|
}
|
|
3551
3759
|
},
|
|
3552
3760
|
"CVE-2023-43472": {
|
|
@@ -3555,38 +3763,303 @@
|
|
|
3555
3763
|
"cvss": 7.5,
|
|
3556
3764
|
"cisa_kev": false,
|
|
3557
3765
|
"epss_score": 0.014,
|
|
3558
|
-
"referencing_skills": [
|
|
3559
|
-
|
|
3560
|
-
"
|
|
3561
|
-
"
|
|
3562
|
-
"
|
|
3563
|
-
"
|
|
3564
|
-
"
|
|
3565
|
-
|
|
3566
|
-
}
|
|
3567
|
-
},
|
|
3568
|
-
"CVE-2020-10148": {
|
|
3569
|
-
"name": "SolarWinds Orion API authentication bypass (SUNBURST chain)",
|
|
3570
|
-
"rwep": 75,
|
|
3571
|
-
"cvss": 9.8,
|
|
3572
|
-
"cisa_kev": true,
|
|
3573
|
-
"epss_score": 0.945,
|
|
3574
|
-
"referencing_skills": [],
|
|
3766
|
+
"referencing_skills": [
|
|
3767
|
+
"ai-attack-surface",
|
|
3768
|
+
"rag-pipeline-security",
|
|
3769
|
+
"threat-modeling-methodology",
|
|
3770
|
+
"webapp-security",
|
|
3771
|
+
"api-security",
|
|
3772
|
+
"container-runtime-security"
|
|
3773
|
+
],
|
|
3575
3774
|
"chain": {
|
|
3576
|
-
"cwes": [
|
|
3577
|
-
|
|
3578
|
-
|
|
3579
|
-
|
|
3580
|
-
|
|
3581
|
-
|
|
3582
|
-
|
|
3583
|
-
|
|
3584
|
-
|
|
3585
|
-
|
|
3586
|
-
|
|
3775
|
+
"cwes": [
|
|
3776
|
+
{
|
|
3777
|
+
"id": "CWE-1039",
|
|
3778
|
+
"name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
|
|
3779
|
+
"category": "AI/ML"
|
|
3780
|
+
},
|
|
3781
|
+
{
|
|
3782
|
+
"id": "CWE-1188",
|
|
3783
|
+
"name": "Initialization of a Resource with an Insecure Default",
|
|
3784
|
+
"category": "Configuration"
|
|
3785
|
+
},
|
|
3786
|
+
{
|
|
3787
|
+
"id": "CWE-1395",
|
|
3788
|
+
"name": "Dependency on Vulnerable Third-Party Component",
|
|
3789
|
+
"category": "Supply Chain"
|
|
3790
|
+
},
|
|
3791
|
+
{
|
|
3792
|
+
"id": "CWE-1426",
|
|
3793
|
+
"name": "Improper Validation of Generative AI Output",
|
|
3794
|
+
"category": "AI/ML"
|
|
3795
|
+
},
|
|
3796
|
+
{
|
|
3797
|
+
"id": "CWE-200",
|
|
3798
|
+
"name": "Exposure of Sensitive Information to an Unauthorized Actor",
|
|
3799
|
+
"category": "Information Exposure"
|
|
3800
|
+
},
|
|
3801
|
+
{
|
|
3802
|
+
"id": "CWE-22",
|
|
3803
|
+
"name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
|
|
3804
|
+
"category": "Path/Resource"
|
|
3805
|
+
},
|
|
3806
|
+
{
|
|
3807
|
+
"id": "CWE-269",
|
|
3808
|
+
"name": "Improper Privilege Management",
|
|
3809
|
+
"category": "Authorization"
|
|
3810
|
+
},
|
|
3811
|
+
{
|
|
3812
|
+
"id": "CWE-287",
|
|
3813
|
+
"name": "Improper Authentication",
|
|
3814
|
+
"category": "Authentication"
|
|
3815
|
+
},
|
|
3816
|
+
{
|
|
3817
|
+
"id": "CWE-352",
|
|
3818
|
+
"name": "Cross-Site Request Forgery (CSRF)",
|
|
3819
|
+
"category": "Session"
|
|
3820
|
+
},
|
|
3821
|
+
{
|
|
3822
|
+
"id": "CWE-434",
|
|
3823
|
+
"name": "Unrestricted Upload of File with Dangerous Type",
|
|
3824
|
+
"category": "File Handling"
|
|
3825
|
+
},
|
|
3826
|
+
{
|
|
3827
|
+
"id": "CWE-502",
|
|
3828
|
+
"name": "Deserialization of Untrusted Data",
|
|
3829
|
+
"category": "Serialization"
|
|
3830
|
+
},
|
|
3831
|
+
{
|
|
3832
|
+
"id": "CWE-732",
|
|
3833
|
+
"name": "Incorrect Permission Assignment for Critical Resource",
|
|
3834
|
+
"category": "Authorization"
|
|
3835
|
+
},
|
|
3836
|
+
{
|
|
3837
|
+
"id": "CWE-77",
|
|
3838
|
+
"name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
|
|
3839
|
+
"category": "Injection"
|
|
3840
|
+
},
|
|
3841
|
+
{
|
|
3842
|
+
"id": "CWE-78",
|
|
3843
|
+
"name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
|
|
3844
|
+
"category": "Injection"
|
|
3845
|
+
},
|
|
3846
|
+
{
|
|
3847
|
+
"id": "CWE-787",
|
|
3848
|
+
"name": "Out-of-bounds Write",
|
|
3849
|
+
"category": "Memory Safety"
|
|
3850
|
+
},
|
|
3851
|
+
{
|
|
3852
|
+
"id": "CWE-79",
|
|
3853
|
+
"name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
|
|
3854
|
+
"category": "Injection"
|
|
3855
|
+
},
|
|
3856
|
+
{
|
|
3857
|
+
"id": "CWE-862",
|
|
3858
|
+
"name": "Missing Authorization",
|
|
3859
|
+
"category": "Authorization"
|
|
3860
|
+
},
|
|
3861
|
+
{
|
|
3862
|
+
"id": "CWE-863",
|
|
3863
|
+
"name": "Incorrect Authorization",
|
|
3864
|
+
"category": "Authorization"
|
|
3865
|
+
},
|
|
3866
|
+
{
|
|
3867
|
+
"id": "CWE-89",
|
|
3868
|
+
"name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
|
|
3869
|
+
"category": "Injection"
|
|
3870
|
+
},
|
|
3871
|
+
{
|
|
3872
|
+
"id": "CWE-918",
|
|
3873
|
+
"name": "Server-Side Request Forgery (SSRF)",
|
|
3874
|
+
"category": "Network"
|
|
3875
|
+
},
|
|
3876
|
+
{
|
|
3877
|
+
"id": "CWE-94",
|
|
3878
|
+
"name": "Improper Control of Generation of Code (Code Injection)",
|
|
3879
|
+
"category": "Injection"
|
|
3880
|
+
}
|
|
3881
|
+
],
|
|
3882
|
+
"atlas": [
|
|
3883
|
+
{
|
|
3884
|
+
"id": "AML.T0010",
|
|
3885
|
+
"name": "ML Supply Chain Compromise",
|
|
3886
|
+
"tactic": "Initial Access"
|
|
3887
|
+
},
|
|
3888
|
+
{
|
|
3889
|
+
"id": "AML.T0016",
|
|
3890
|
+
"name": "Obtain Capabilities: Develop Capabilities",
|
|
3891
|
+
"tactic": "Resource Development"
|
|
3892
|
+
},
|
|
3893
|
+
{
|
|
3894
|
+
"id": "AML.T0017",
|
|
3895
|
+
"name": "Discover ML Model Ontology",
|
|
3896
|
+
"tactic": "Discovery"
|
|
3897
|
+
},
|
|
3898
|
+
{
|
|
3899
|
+
"id": "AML.T0018",
|
|
3900
|
+
"name": "Backdoor ML Model",
|
|
3901
|
+
"tactic": "Persistence"
|
|
3902
|
+
},
|
|
3903
|
+
{
|
|
3904
|
+
"id": "AML.T0020",
|
|
3905
|
+
"name": "Poison Training Data",
|
|
3906
|
+
"tactic": "ML Attack Staging"
|
|
3907
|
+
},
|
|
3908
|
+
{
|
|
3909
|
+
"id": "AML.T0043",
|
|
3910
|
+
"name": "Craft Adversarial Data",
|
|
3911
|
+
"tactic": "ML Attack Staging"
|
|
3912
|
+
},
|
|
3913
|
+
{
|
|
3914
|
+
"id": "AML.T0051",
|
|
3915
|
+
"name": "LLM Prompt Injection",
|
|
3916
|
+
"tactic": "Execution"
|
|
3917
|
+
},
|
|
3918
|
+
{
|
|
3919
|
+
"id": "AML.T0054",
|
|
3920
|
+
"name": "LLM Jailbreak",
|
|
3921
|
+
"tactic": "Defense Evasion"
|
|
3922
|
+
},
|
|
3923
|
+
{
|
|
3924
|
+
"id": "AML.T0096",
|
|
3925
|
+
"name": "AI API as Covert C2 Channel",
|
|
3926
|
+
"tactic": "Command and Control"
|
|
3927
|
+
}
|
|
3928
|
+
],
|
|
3929
|
+
"d3fend": [
|
|
3930
|
+
{
|
|
3931
|
+
"id": "D3-CSPP",
|
|
3932
|
+
"name": "Client-server Payload Profiling",
|
|
3933
|
+
"tactic": "Detect"
|
|
3934
|
+
},
|
|
3935
|
+
{
|
|
3936
|
+
"id": "D3-IOPR",
|
|
3937
|
+
"name": "Input/Output Profiling Resource",
|
|
3938
|
+
"tactic": "Detect"
|
|
3939
|
+
},
|
|
3940
|
+
{
|
|
3941
|
+
"id": "D3-NTA",
|
|
3942
|
+
"name": "Network Traffic Analysis",
|
|
3943
|
+
"tactic": "Detect"
|
|
3944
|
+
}
|
|
3945
|
+
],
|
|
3946
|
+
"framework_gaps": [
|
|
3947
|
+
{
|
|
3948
|
+
"id": "ALL-AI-PIPELINE-INTEGRITY",
|
|
3949
|
+
"framework": "ALL",
|
|
3950
|
+
"control_name": "AI Pipeline Integrity"
|
|
3951
|
+
},
|
|
3952
|
+
{
|
|
3953
|
+
"id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
|
|
3954
|
+
"framework": "ALL",
|
|
3955
|
+
"control_name": "Prompt Injection as Access Control Failure"
|
|
3956
|
+
},
|
|
3957
|
+
{
|
|
3958
|
+
"id": "ISO-27001-2022-A.8.28",
|
|
3959
|
+
"framework": "ISO/IEC 27001:2022",
|
|
3960
|
+
"control_name": "Secure coding"
|
|
3961
|
+
},
|
|
3962
|
+
{
|
|
3963
|
+
"id": "ISO-IEC-23894-2023-clause-7",
|
|
3964
|
+
"framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
|
|
3965
|
+
"control_name": "AI risk management process"
|
|
3966
|
+
},
|
|
3967
|
+
{
|
|
3968
|
+
"id": "ISO-IEC-42001-2023-clause-6.1.2",
|
|
3969
|
+
"framework": "ISO/IEC 42001:2023 (AI Management System)",
|
|
3970
|
+
"control_name": "AI risk assessment"
|
|
3971
|
+
},
|
|
3972
|
+
{
|
|
3973
|
+
"id": "NIST-800-218-SSDF",
|
|
3974
|
+
"framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
|
|
3975
|
+
"control_name": "Secure Software Development Framework"
|
|
3976
|
+
},
|
|
3977
|
+
{
|
|
3978
|
+
"id": "NIST-800-53-AC-2",
|
|
3979
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
3980
|
+
"control_name": "Account Management"
|
|
3981
|
+
},
|
|
3982
|
+
{
|
|
3983
|
+
"id": "NIST-800-53-CM-7",
|
|
3984
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
3985
|
+
"control_name": "Least Functionality"
|
|
3986
|
+
},
|
|
3987
|
+
{
|
|
3988
|
+
"id": "NIST-800-53-SI-12",
|
|
3989
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
3990
|
+
"control_name": "Information Management and Retention"
|
|
3991
|
+
},
|
|
3992
|
+
{
|
|
3993
|
+
"id": "NIST-800-53-SI-3",
|
|
3994
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
3995
|
+
"control_name": "Malicious Code Protection"
|
|
3996
|
+
},
|
|
3997
|
+
{
|
|
3998
|
+
"id": "NIST-AI-RMF-MEASURE-2.5",
|
|
3999
|
+
"framework": "NIST AI RMF 1.0",
|
|
4000
|
+
"control_name": "AI system to human interaction evaluation"
|
|
4001
|
+
},
|
|
4002
|
+
{
|
|
4003
|
+
"id": "OWASP-ASVS-v5.0-V14",
|
|
4004
|
+
"framework": "OWASP ASVS v5.0",
|
|
4005
|
+
"control_name": "Configuration verification"
|
|
4006
|
+
},
|
|
4007
|
+
{
|
|
4008
|
+
"id": "OWASP-LLM-Top-10-2025-LLM01",
|
|
4009
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
4010
|
+
"control_name": "Prompt Injection"
|
|
4011
|
+
},
|
|
4012
|
+
{
|
|
4013
|
+
"id": "OWASP-LLM-Top-10-2025-LLM02",
|
|
4014
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
4015
|
+
"control_name": "Sensitive Information Disclosure"
|
|
4016
|
+
},
|
|
4017
|
+
{
|
|
4018
|
+
"id": "OWASP-LLM-Top-10-2025-LLM08",
|
|
4019
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
4020
|
+
"control_name": "Vector and Embedding Weaknesses"
|
|
4021
|
+
},
|
|
4022
|
+
{
|
|
4023
|
+
"id": "SLSA-v1.0-Build-L3",
|
|
4024
|
+
"framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
|
|
4025
|
+
"control_name": "Hardened build platform with non-falsifiable provenance"
|
|
4026
|
+
},
|
|
4027
|
+
{
|
|
4028
|
+
"id": "SOC2-CC6-logical-access",
|
|
4029
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
4030
|
+
"control_name": "Logical and Physical Access Controls"
|
|
4031
|
+
}
|
|
4032
|
+
],
|
|
4033
|
+
"attack_refs": [
|
|
4034
|
+
"T1059",
|
|
4035
|
+
"T1068",
|
|
4036
|
+
"T1078",
|
|
4037
|
+
"T1190",
|
|
4038
|
+
"T1505",
|
|
4039
|
+
"T1565",
|
|
4040
|
+
"T1566",
|
|
4041
|
+
"T1567",
|
|
4042
|
+
"T1610",
|
|
4043
|
+
"T1611"
|
|
4044
|
+
],
|
|
4045
|
+
"rfc_refs": [
|
|
4046
|
+
"RFC-6749",
|
|
4047
|
+
"RFC-7519",
|
|
4048
|
+
"RFC-8032",
|
|
4049
|
+
"RFC-8446",
|
|
4050
|
+
"RFC-8725",
|
|
4051
|
+
"RFC-9114",
|
|
4052
|
+
"RFC-9421",
|
|
4053
|
+
"RFC-9700"
|
|
4054
|
+
]
|
|
4055
|
+
}
|
|
4056
|
+
},
|
|
4057
|
+
"CVE-2020-10148": {
|
|
4058
|
+
"name": "SolarWinds Orion API authentication bypass (SUNBURST chain)",
|
|
4059
|
+
"rwep": 75,
|
|
3587
4060
|
"cvss": 9.8,
|
|
3588
4061
|
"cisa_kev": true,
|
|
3589
|
-
"epss_score": 0.
|
|
4062
|
+
"epss_score": 0.945,
|
|
3590
4063
|
"referencing_skills": [],
|
|
3591
4064
|
"chain": {
|
|
3592
4065
|
"cwes": [],
|
|
@@ -3597,6 +4070,109 @@
|
|
|
3597
4070
|
"rfc_refs": []
|
|
3598
4071
|
}
|
|
3599
4072
|
},
|
|
4073
|
+
"CVE-2023-3519": {
|
|
4074
|
+
"name": "Citrix NetScaler ADC/Gateway unauth RCE (CitrixBleed precursor)",
|
|
4075
|
+
"rwep": 80,
|
|
4076
|
+
"cvss": 9.8,
|
|
4077
|
+
"cisa_kev": true,
|
|
4078
|
+
"epss_score": 0.967,
|
|
4079
|
+
"referencing_skills": [
|
|
4080
|
+
"kernel-lpe-triage"
|
|
4081
|
+
],
|
|
4082
|
+
"chain": {
|
|
4083
|
+
"cwes": [
|
|
4084
|
+
{
|
|
4085
|
+
"id": "CWE-125",
|
|
4086
|
+
"name": "Out-of-bounds Read",
|
|
4087
|
+
"category": "Memory Safety"
|
|
4088
|
+
},
|
|
4089
|
+
{
|
|
4090
|
+
"id": "CWE-362",
|
|
4091
|
+
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
|
|
4092
|
+
"category": "Concurrency"
|
|
4093
|
+
},
|
|
4094
|
+
{
|
|
4095
|
+
"id": "CWE-416",
|
|
4096
|
+
"name": "Use After Free",
|
|
4097
|
+
"category": "Memory Safety"
|
|
4098
|
+
},
|
|
4099
|
+
{
|
|
4100
|
+
"id": "CWE-672",
|
|
4101
|
+
"name": "Operation on a Resource after Expiration or Release",
|
|
4102
|
+
"category": "Memory Safety"
|
|
4103
|
+
},
|
|
4104
|
+
{
|
|
4105
|
+
"id": "CWE-787",
|
|
4106
|
+
"name": "Out-of-bounds Write",
|
|
4107
|
+
"category": "Memory Safety"
|
|
4108
|
+
}
|
|
4109
|
+
],
|
|
4110
|
+
"atlas": [],
|
|
4111
|
+
"d3fend": [
|
|
4112
|
+
{
|
|
4113
|
+
"id": "D3-ASLR",
|
|
4114
|
+
"name": "Address Space Layout Randomization",
|
|
4115
|
+
"tactic": "Harden"
|
|
4116
|
+
},
|
|
4117
|
+
{
|
|
4118
|
+
"id": "D3-EAL",
|
|
4119
|
+
"name": "Executable Allowlisting",
|
|
4120
|
+
"tactic": "Harden"
|
|
4121
|
+
},
|
|
4122
|
+
{
|
|
4123
|
+
"id": "D3-PHRA",
|
|
4124
|
+
"name": "Process Hardware Resource Access",
|
|
4125
|
+
"tactic": "Isolate"
|
|
4126
|
+
},
|
|
4127
|
+
{
|
|
4128
|
+
"id": "D3-PSEP",
|
|
4129
|
+
"name": "Process Segment Execution Prevention",
|
|
4130
|
+
"tactic": "Harden"
|
|
4131
|
+
}
|
|
4132
|
+
],
|
|
4133
|
+
"framework_gaps": [
|
|
4134
|
+
{
|
|
4135
|
+
"id": "CIS-Controls-v8-Control7",
|
|
4136
|
+
"framework": "CIS Controls v8",
|
|
4137
|
+
"control_name": "Continuous Vulnerability Management"
|
|
4138
|
+
},
|
|
4139
|
+
{
|
|
4140
|
+
"id": "ISO-27001-2022-A.8.8",
|
|
4141
|
+
"framework": "ISO/IEC 27001:2022",
|
|
4142
|
+
"control_name": "Management of technical vulnerabilities"
|
|
4143
|
+
},
|
|
4144
|
+
{
|
|
4145
|
+
"id": "NIS2-Art21-patch-management",
|
|
4146
|
+
"framework": "EU NIS2 Directive",
|
|
4147
|
+
"control_name": "Vulnerability handling and disclosure"
|
|
4148
|
+
},
|
|
4149
|
+
{
|
|
4150
|
+
"id": "NIST-800-53-SC-8",
|
|
4151
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4152
|
+
"control_name": "Transmission Confidentiality and Integrity"
|
|
4153
|
+
},
|
|
4154
|
+
{
|
|
4155
|
+
"id": "NIST-800-53-SI-2",
|
|
4156
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4157
|
+
"control_name": "Flaw Remediation"
|
|
4158
|
+
},
|
|
4159
|
+
{
|
|
4160
|
+
"id": "PCI-DSS-4.0-6.3.3",
|
|
4161
|
+
"framework": "PCI DSS 4.0",
|
|
4162
|
+
"control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
|
|
4163
|
+
}
|
|
4164
|
+
],
|
|
4165
|
+
"attack_refs": [
|
|
4166
|
+
"T1068",
|
|
4167
|
+
"T1548.001"
|
|
4168
|
+
],
|
|
4169
|
+
"rfc_refs": [
|
|
4170
|
+
"RFC-4301",
|
|
4171
|
+
"RFC-4303",
|
|
4172
|
+
"RFC-7296"
|
|
4173
|
+
]
|
|
4174
|
+
}
|
|
4175
|
+
},
|
|
3600
4176
|
"CVE-2024-1709": {
|
|
3601
4177
|
"name": "ConnectWise ScreenConnect auth-bypass",
|
|
3602
4178
|
"rwep": 75,
|
|
@@ -3635,14 +4211,136 @@
|
|
|
3635
4211
|
"cvss": 5.9,
|
|
3636
4212
|
"cisa_kev": false,
|
|
3637
4213
|
"epss_score": 0.005,
|
|
3638
|
-
"referencing_skills": [
|
|
4214
|
+
"referencing_skills": [
|
|
4215
|
+
"ai-c2-detection",
|
|
4216
|
+
"dlp-gap-analysis"
|
|
4217
|
+
],
|
|
3639
4218
|
"chain": {
|
|
3640
|
-
"cwes": [
|
|
3641
|
-
|
|
3642
|
-
|
|
3643
|
-
|
|
3644
|
-
|
|
3645
|
-
|
|
4219
|
+
"cwes": [
|
|
4220
|
+
{
|
|
4221
|
+
"id": "CWE-1426",
|
|
4222
|
+
"name": "Improper Validation of Generative AI Output",
|
|
4223
|
+
"category": "AI/ML"
|
|
4224
|
+
},
|
|
4225
|
+
{
|
|
4226
|
+
"id": "CWE-200",
|
|
4227
|
+
"name": "Exposure of Sensitive Information to an Unauthorized Actor",
|
|
4228
|
+
"category": "Information Exposure"
|
|
4229
|
+
}
|
|
4230
|
+
],
|
|
4231
|
+
"atlas": [
|
|
4232
|
+
{
|
|
4233
|
+
"id": "AML.T0017",
|
|
4234
|
+
"name": "Discover ML Model Ontology",
|
|
4235
|
+
"tactic": "Discovery"
|
|
4236
|
+
},
|
|
4237
|
+
{
|
|
4238
|
+
"id": "AML.T0051",
|
|
4239
|
+
"name": "LLM Prompt Injection",
|
|
4240
|
+
"tactic": "Execution"
|
|
4241
|
+
},
|
|
4242
|
+
{
|
|
4243
|
+
"id": "AML.T0096",
|
|
4244
|
+
"name": "AI API as Covert C2 Channel",
|
|
4245
|
+
"tactic": "Command and Control"
|
|
4246
|
+
}
|
|
4247
|
+
],
|
|
4248
|
+
"d3fend": [
|
|
4249
|
+
{
|
|
4250
|
+
"id": "D3-CA",
|
|
4251
|
+
"name": "Certificate Analysis",
|
|
4252
|
+
"tactic": "Detect"
|
|
4253
|
+
},
|
|
4254
|
+
{
|
|
4255
|
+
"id": "D3-CSPP",
|
|
4256
|
+
"name": "Client-server Payload Profiling",
|
|
4257
|
+
"tactic": "Detect"
|
|
4258
|
+
},
|
|
4259
|
+
{
|
|
4260
|
+
"id": "D3-DA",
|
|
4261
|
+
"name": "Domain Analysis",
|
|
4262
|
+
"tactic": "Detect"
|
|
4263
|
+
},
|
|
4264
|
+
{
|
|
4265
|
+
"id": "D3-EAL",
|
|
4266
|
+
"name": "Executable Allowlisting",
|
|
4267
|
+
"tactic": "Harden"
|
|
4268
|
+
},
|
|
4269
|
+
{
|
|
4270
|
+
"id": "D3-IOPR",
|
|
4271
|
+
"name": "Input/Output Profiling Resource",
|
|
4272
|
+
"tactic": "Detect"
|
|
4273
|
+
},
|
|
4274
|
+
{
|
|
4275
|
+
"id": "D3-NI",
|
|
4276
|
+
"name": "Network Isolation",
|
|
4277
|
+
"tactic": "Isolate"
|
|
4278
|
+
},
|
|
4279
|
+
{
|
|
4280
|
+
"id": "D3-NTA",
|
|
4281
|
+
"name": "Network Traffic Analysis",
|
|
4282
|
+
"tactic": "Detect"
|
|
4283
|
+
},
|
|
4284
|
+
{
|
|
4285
|
+
"id": "D3-NTPM",
|
|
4286
|
+
"name": "Network Traffic Policy Mapping",
|
|
4287
|
+
"tactic": "Model"
|
|
4288
|
+
}
|
|
4289
|
+
],
|
|
4290
|
+
"framework_gaps": [
|
|
4291
|
+
{
|
|
4292
|
+
"id": "HIPAA-Security-Rule-164.312(a)(1)",
|
|
4293
|
+
"framework": "HIPAA Security Rule (45 CFR § 164.312)",
|
|
4294
|
+
"control_name": "Access control standard (technical safeguards)"
|
|
4295
|
+
},
|
|
4296
|
+
{
|
|
4297
|
+
"id": "ISO-27001-2022-A.8.16",
|
|
4298
|
+
"framework": "ISO/IEC 27001:2022",
|
|
4299
|
+
"control_name": "Monitoring activities"
|
|
4300
|
+
},
|
|
4301
|
+
{
|
|
4302
|
+
"id": "ISO-IEC-42001-2023-clause-6.1.2",
|
|
4303
|
+
"framework": "ISO/IEC 42001:2023 (AI Management System)",
|
|
4304
|
+
"control_name": "AI risk assessment"
|
|
4305
|
+
},
|
|
4306
|
+
{
|
|
4307
|
+
"id": "NIST-800-53-SC-28",
|
|
4308
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4309
|
+
"control_name": "Protection of Information at Rest"
|
|
4310
|
+
},
|
|
4311
|
+
{
|
|
4312
|
+
"id": "NIST-800-53-SC-7",
|
|
4313
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4314
|
+
"control_name": "Boundary Protection"
|
|
4315
|
+
},
|
|
4316
|
+
{
|
|
4317
|
+
"id": "NIST-800-53-SI-3",
|
|
4318
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4319
|
+
"control_name": "Malicious Code Protection"
|
|
4320
|
+
},
|
|
4321
|
+
{
|
|
4322
|
+
"id": "SOC2-CC7-anomaly-detection",
|
|
4323
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
4324
|
+
"control_name": "System Operations — Threat and Vulnerability Management"
|
|
4325
|
+
}
|
|
4326
|
+
],
|
|
4327
|
+
"attack_refs": [
|
|
4328
|
+
"T1041",
|
|
4329
|
+
"T1071",
|
|
4330
|
+
"T1102",
|
|
4331
|
+
"T1213",
|
|
4332
|
+
"T1530",
|
|
4333
|
+
"T1567",
|
|
4334
|
+
"T1568"
|
|
4335
|
+
],
|
|
4336
|
+
"rfc_refs": [
|
|
4337
|
+
"RFC-8446",
|
|
4338
|
+
"RFC-9000",
|
|
4339
|
+
"RFC-9114",
|
|
4340
|
+
"RFC-9180",
|
|
4341
|
+
"RFC-9421",
|
|
4342
|
+
"RFC-9458"
|
|
4343
|
+
]
|
|
3646
4344
|
}
|
|
3647
4345
|
},
|
|
3648
4346
|
"MAL-2026-TANSTACK-MINI": {
|
|
@@ -3699,14 +4397,295 @@
|
|
|
3699
4397
|
"cvss": 8.8,
|
|
3700
4398
|
"cisa_kev": false,
|
|
3701
4399
|
"epss_score": 0.02,
|
|
3702
|
-
"referencing_skills": [
|
|
4400
|
+
"referencing_skills": [
|
|
4401
|
+
"ai-attack-surface",
|
|
4402
|
+
"rag-pipeline-security",
|
|
4403
|
+
"threat-modeling-methodology",
|
|
4404
|
+
"webapp-security",
|
|
4405
|
+
"api-security",
|
|
4406
|
+
"container-runtime-security"
|
|
4407
|
+
],
|
|
3703
4408
|
"chain": {
|
|
3704
|
-
"cwes": [
|
|
3705
|
-
|
|
3706
|
-
|
|
3707
|
-
|
|
3708
|
-
|
|
3709
|
-
|
|
4409
|
+
"cwes": [
|
|
4410
|
+
{
|
|
4411
|
+
"id": "CWE-1039",
|
|
4412
|
+
"name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
|
|
4413
|
+
"category": "AI/ML"
|
|
4414
|
+
},
|
|
4415
|
+
{
|
|
4416
|
+
"id": "CWE-1188",
|
|
4417
|
+
"name": "Initialization of a Resource with an Insecure Default",
|
|
4418
|
+
"category": "Configuration"
|
|
4419
|
+
},
|
|
4420
|
+
{
|
|
4421
|
+
"id": "CWE-1395",
|
|
4422
|
+
"name": "Dependency on Vulnerable Third-Party Component",
|
|
4423
|
+
"category": "Supply Chain"
|
|
4424
|
+
},
|
|
4425
|
+
{
|
|
4426
|
+
"id": "CWE-1426",
|
|
4427
|
+
"name": "Improper Validation of Generative AI Output",
|
|
4428
|
+
"category": "AI/ML"
|
|
4429
|
+
},
|
|
4430
|
+
{
|
|
4431
|
+
"id": "CWE-200",
|
|
4432
|
+
"name": "Exposure of Sensitive Information to an Unauthorized Actor",
|
|
4433
|
+
"category": "Information Exposure"
|
|
4434
|
+
},
|
|
4435
|
+
{
|
|
4436
|
+
"id": "CWE-22",
|
|
4437
|
+
"name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
|
|
4438
|
+
"category": "Path/Resource"
|
|
4439
|
+
},
|
|
4440
|
+
{
|
|
4441
|
+
"id": "CWE-269",
|
|
4442
|
+
"name": "Improper Privilege Management",
|
|
4443
|
+
"category": "Authorization"
|
|
4444
|
+
},
|
|
4445
|
+
{
|
|
4446
|
+
"id": "CWE-287",
|
|
4447
|
+
"name": "Improper Authentication",
|
|
4448
|
+
"category": "Authentication"
|
|
4449
|
+
},
|
|
4450
|
+
{
|
|
4451
|
+
"id": "CWE-352",
|
|
4452
|
+
"name": "Cross-Site Request Forgery (CSRF)",
|
|
4453
|
+
"category": "Session"
|
|
4454
|
+
},
|
|
4455
|
+
{
|
|
4456
|
+
"id": "CWE-434",
|
|
4457
|
+
"name": "Unrestricted Upload of File with Dangerous Type",
|
|
4458
|
+
"category": "File Handling"
|
|
4459
|
+
},
|
|
4460
|
+
{
|
|
4461
|
+
"id": "CWE-502",
|
|
4462
|
+
"name": "Deserialization of Untrusted Data",
|
|
4463
|
+
"category": "Serialization"
|
|
4464
|
+
},
|
|
4465
|
+
{
|
|
4466
|
+
"id": "CWE-732",
|
|
4467
|
+
"name": "Incorrect Permission Assignment for Critical Resource",
|
|
4468
|
+
"category": "Authorization"
|
|
4469
|
+
},
|
|
4470
|
+
{
|
|
4471
|
+
"id": "CWE-77",
|
|
4472
|
+
"name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
|
|
4473
|
+
"category": "Injection"
|
|
4474
|
+
},
|
|
4475
|
+
{
|
|
4476
|
+
"id": "CWE-78",
|
|
4477
|
+
"name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
|
|
4478
|
+
"category": "Injection"
|
|
4479
|
+
},
|
|
4480
|
+
{
|
|
4481
|
+
"id": "CWE-787",
|
|
4482
|
+
"name": "Out-of-bounds Write",
|
|
4483
|
+
"category": "Memory Safety"
|
|
4484
|
+
},
|
|
4485
|
+
{
|
|
4486
|
+
"id": "CWE-79",
|
|
4487
|
+
"name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
|
|
4488
|
+
"category": "Injection"
|
|
4489
|
+
},
|
|
4490
|
+
{
|
|
4491
|
+
"id": "CWE-862",
|
|
4492
|
+
"name": "Missing Authorization",
|
|
4493
|
+
"category": "Authorization"
|
|
4494
|
+
},
|
|
4495
|
+
{
|
|
4496
|
+
"id": "CWE-863",
|
|
4497
|
+
"name": "Incorrect Authorization",
|
|
4498
|
+
"category": "Authorization"
|
|
4499
|
+
},
|
|
4500
|
+
{
|
|
4501
|
+
"id": "CWE-89",
|
|
4502
|
+
"name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
|
|
4503
|
+
"category": "Injection"
|
|
4504
|
+
},
|
|
4505
|
+
{
|
|
4506
|
+
"id": "CWE-918",
|
|
4507
|
+
"name": "Server-Side Request Forgery (SSRF)",
|
|
4508
|
+
"category": "Network"
|
|
4509
|
+
},
|
|
4510
|
+
{
|
|
4511
|
+
"id": "CWE-94",
|
|
4512
|
+
"name": "Improper Control of Generation of Code (Code Injection)",
|
|
4513
|
+
"category": "Injection"
|
|
4514
|
+
}
|
|
4515
|
+
],
|
|
4516
|
+
"atlas": [
|
|
4517
|
+
{
|
|
4518
|
+
"id": "AML.T0010",
|
|
4519
|
+
"name": "ML Supply Chain Compromise",
|
|
4520
|
+
"tactic": "Initial Access"
|
|
4521
|
+
},
|
|
4522
|
+
{
|
|
4523
|
+
"id": "AML.T0016",
|
|
4524
|
+
"name": "Obtain Capabilities: Develop Capabilities",
|
|
4525
|
+
"tactic": "Resource Development"
|
|
4526
|
+
},
|
|
4527
|
+
{
|
|
4528
|
+
"id": "AML.T0017",
|
|
4529
|
+
"name": "Discover ML Model Ontology",
|
|
4530
|
+
"tactic": "Discovery"
|
|
4531
|
+
},
|
|
4532
|
+
{
|
|
4533
|
+
"id": "AML.T0018",
|
|
4534
|
+
"name": "Backdoor ML Model",
|
|
4535
|
+
"tactic": "Persistence"
|
|
4536
|
+
},
|
|
4537
|
+
{
|
|
4538
|
+
"id": "AML.T0020",
|
|
4539
|
+
"name": "Poison Training Data",
|
|
4540
|
+
"tactic": "ML Attack Staging"
|
|
4541
|
+
},
|
|
4542
|
+
{
|
|
4543
|
+
"id": "AML.T0043",
|
|
4544
|
+
"name": "Craft Adversarial Data",
|
|
4545
|
+
"tactic": "ML Attack Staging"
|
|
4546
|
+
},
|
|
4547
|
+
{
|
|
4548
|
+
"id": "AML.T0051",
|
|
4549
|
+
"name": "LLM Prompt Injection",
|
|
4550
|
+
"tactic": "Execution"
|
|
4551
|
+
},
|
|
4552
|
+
{
|
|
4553
|
+
"id": "AML.T0054",
|
|
4554
|
+
"name": "LLM Jailbreak",
|
|
4555
|
+
"tactic": "Defense Evasion"
|
|
4556
|
+
},
|
|
4557
|
+
{
|
|
4558
|
+
"id": "AML.T0096",
|
|
4559
|
+
"name": "AI API as Covert C2 Channel",
|
|
4560
|
+
"tactic": "Command and Control"
|
|
4561
|
+
}
|
|
4562
|
+
],
|
|
4563
|
+
"d3fend": [
|
|
4564
|
+
{
|
|
4565
|
+
"id": "D3-CSPP",
|
|
4566
|
+
"name": "Client-server Payload Profiling",
|
|
4567
|
+
"tactic": "Detect"
|
|
4568
|
+
},
|
|
4569
|
+
{
|
|
4570
|
+
"id": "D3-IOPR",
|
|
4571
|
+
"name": "Input/Output Profiling Resource",
|
|
4572
|
+
"tactic": "Detect"
|
|
4573
|
+
},
|
|
4574
|
+
{
|
|
4575
|
+
"id": "D3-NTA",
|
|
4576
|
+
"name": "Network Traffic Analysis",
|
|
4577
|
+
"tactic": "Detect"
|
|
4578
|
+
}
|
|
4579
|
+
],
|
|
4580
|
+
"framework_gaps": [
|
|
4581
|
+
{
|
|
4582
|
+
"id": "ALL-AI-PIPELINE-INTEGRITY",
|
|
4583
|
+
"framework": "ALL",
|
|
4584
|
+
"control_name": "AI Pipeline Integrity"
|
|
4585
|
+
},
|
|
4586
|
+
{
|
|
4587
|
+
"id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
|
|
4588
|
+
"framework": "ALL",
|
|
4589
|
+
"control_name": "Prompt Injection as Access Control Failure"
|
|
4590
|
+
},
|
|
4591
|
+
{
|
|
4592
|
+
"id": "ISO-27001-2022-A.8.28",
|
|
4593
|
+
"framework": "ISO/IEC 27001:2022",
|
|
4594
|
+
"control_name": "Secure coding"
|
|
4595
|
+
},
|
|
4596
|
+
{
|
|
4597
|
+
"id": "ISO-IEC-23894-2023-clause-7",
|
|
4598
|
+
"framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
|
|
4599
|
+
"control_name": "AI risk management process"
|
|
4600
|
+
},
|
|
4601
|
+
{
|
|
4602
|
+
"id": "ISO-IEC-42001-2023-clause-6.1.2",
|
|
4603
|
+
"framework": "ISO/IEC 42001:2023 (AI Management System)",
|
|
4604
|
+
"control_name": "AI risk assessment"
|
|
4605
|
+
},
|
|
4606
|
+
{
|
|
4607
|
+
"id": "NIST-800-218-SSDF",
|
|
4608
|
+
"framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
|
|
4609
|
+
"control_name": "Secure Software Development Framework"
|
|
4610
|
+
},
|
|
4611
|
+
{
|
|
4612
|
+
"id": "NIST-800-53-AC-2",
|
|
4613
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4614
|
+
"control_name": "Account Management"
|
|
4615
|
+
},
|
|
4616
|
+
{
|
|
4617
|
+
"id": "NIST-800-53-CM-7",
|
|
4618
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4619
|
+
"control_name": "Least Functionality"
|
|
4620
|
+
},
|
|
4621
|
+
{
|
|
4622
|
+
"id": "NIST-800-53-SI-12",
|
|
4623
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4624
|
+
"control_name": "Information Management and Retention"
|
|
4625
|
+
},
|
|
4626
|
+
{
|
|
4627
|
+
"id": "NIST-800-53-SI-3",
|
|
4628
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4629
|
+
"control_name": "Malicious Code Protection"
|
|
4630
|
+
},
|
|
4631
|
+
{
|
|
4632
|
+
"id": "NIST-AI-RMF-MEASURE-2.5",
|
|
4633
|
+
"framework": "NIST AI RMF 1.0",
|
|
4634
|
+
"control_name": "AI system to human interaction evaluation"
|
|
4635
|
+
},
|
|
4636
|
+
{
|
|
4637
|
+
"id": "OWASP-ASVS-v5.0-V14",
|
|
4638
|
+
"framework": "OWASP ASVS v5.0",
|
|
4639
|
+
"control_name": "Configuration verification"
|
|
4640
|
+
},
|
|
4641
|
+
{
|
|
4642
|
+
"id": "OWASP-LLM-Top-10-2025-LLM01",
|
|
4643
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
4644
|
+
"control_name": "Prompt Injection"
|
|
4645
|
+
},
|
|
4646
|
+
{
|
|
4647
|
+
"id": "OWASP-LLM-Top-10-2025-LLM02",
|
|
4648
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
4649
|
+
"control_name": "Sensitive Information Disclosure"
|
|
4650
|
+
},
|
|
4651
|
+
{
|
|
4652
|
+
"id": "OWASP-LLM-Top-10-2025-LLM08",
|
|
4653
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
4654
|
+
"control_name": "Vector and Embedding Weaknesses"
|
|
4655
|
+
},
|
|
4656
|
+
{
|
|
4657
|
+
"id": "SLSA-v1.0-Build-L3",
|
|
4658
|
+
"framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
|
|
4659
|
+
"control_name": "Hardened build platform with non-falsifiable provenance"
|
|
4660
|
+
},
|
|
4661
|
+
{
|
|
4662
|
+
"id": "SOC2-CC6-logical-access",
|
|
4663
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
4664
|
+
"control_name": "Logical and Physical Access Controls"
|
|
4665
|
+
}
|
|
4666
|
+
],
|
|
4667
|
+
"attack_refs": [
|
|
4668
|
+
"T1059",
|
|
4669
|
+
"T1068",
|
|
4670
|
+
"T1078",
|
|
4671
|
+
"T1190",
|
|
4672
|
+
"T1505",
|
|
4673
|
+
"T1565",
|
|
4674
|
+
"T1566",
|
|
4675
|
+
"T1567",
|
|
4676
|
+
"T1610",
|
|
4677
|
+
"T1611"
|
|
4678
|
+
],
|
|
4679
|
+
"rfc_refs": [
|
|
4680
|
+
"RFC-6749",
|
|
4681
|
+
"RFC-7519",
|
|
4682
|
+
"RFC-8032",
|
|
4683
|
+
"RFC-8446",
|
|
4684
|
+
"RFC-8725",
|
|
4685
|
+
"RFC-9114",
|
|
4686
|
+
"RFC-9421",
|
|
4687
|
+
"RFC-9700"
|
|
4688
|
+
]
|
|
3710
4689
|
}
|
|
3711
4690
|
},
|
|
3712
4691
|
"CVE-2025-12686": {
|
|
@@ -3715,14 +4694,101 @@
|
|
|
3715
4694
|
"cvss": 9.8,
|
|
3716
4695
|
"cisa_kev": false,
|
|
3717
4696
|
"epss_score": 0.04,
|
|
3718
|
-
"referencing_skills": [
|
|
4697
|
+
"referencing_skills": [
|
|
4698
|
+
"kernel-lpe-triage"
|
|
4699
|
+
],
|
|
3719
4700
|
"chain": {
|
|
3720
|
-
"cwes": [
|
|
3721
|
-
|
|
3722
|
-
|
|
3723
|
-
|
|
3724
|
-
|
|
3725
|
-
|
|
4701
|
+
"cwes": [
|
|
4702
|
+
{
|
|
4703
|
+
"id": "CWE-125",
|
|
4704
|
+
"name": "Out-of-bounds Read",
|
|
4705
|
+
"category": "Memory Safety"
|
|
4706
|
+
},
|
|
4707
|
+
{
|
|
4708
|
+
"id": "CWE-362",
|
|
4709
|
+
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
|
|
4710
|
+
"category": "Concurrency"
|
|
4711
|
+
},
|
|
4712
|
+
{
|
|
4713
|
+
"id": "CWE-416",
|
|
4714
|
+
"name": "Use After Free",
|
|
4715
|
+
"category": "Memory Safety"
|
|
4716
|
+
},
|
|
4717
|
+
{
|
|
4718
|
+
"id": "CWE-672",
|
|
4719
|
+
"name": "Operation on a Resource after Expiration or Release",
|
|
4720
|
+
"category": "Memory Safety"
|
|
4721
|
+
},
|
|
4722
|
+
{
|
|
4723
|
+
"id": "CWE-787",
|
|
4724
|
+
"name": "Out-of-bounds Write",
|
|
4725
|
+
"category": "Memory Safety"
|
|
4726
|
+
}
|
|
4727
|
+
],
|
|
4728
|
+
"atlas": [],
|
|
4729
|
+
"d3fend": [
|
|
4730
|
+
{
|
|
4731
|
+
"id": "D3-ASLR",
|
|
4732
|
+
"name": "Address Space Layout Randomization",
|
|
4733
|
+
"tactic": "Harden"
|
|
4734
|
+
},
|
|
4735
|
+
{
|
|
4736
|
+
"id": "D3-EAL",
|
|
4737
|
+
"name": "Executable Allowlisting",
|
|
4738
|
+
"tactic": "Harden"
|
|
4739
|
+
},
|
|
4740
|
+
{
|
|
4741
|
+
"id": "D3-PHRA",
|
|
4742
|
+
"name": "Process Hardware Resource Access",
|
|
4743
|
+
"tactic": "Isolate"
|
|
4744
|
+
},
|
|
4745
|
+
{
|
|
4746
|
+
"id": "D3-PSEP",
|
|
4747
|
+
"name": "Process Segment Execution Prevention",
|
|
4748
|
+
"tactic": "Harden"
|
|
4749
|
+
}
|
|
4750
|
+
],
|
|
4751
|
+
"framework_gaps": [
|
|
4752
|
+
{
|
|
4753
|
+
"id": "CIS-Controls-v8-Control7",
|
|
4754
|
+
"framework": "CIS Controls v8",
|
|
4755
|
+
"control_name": "Continuous Vulnerability Management"
|
|
4756
|
+
},
|
|
4757
|
+
{
|
|
4758
|
+
"id": "ISO-27001-2022-A.8.8",
|
|
4759
|
+
"framework": "ISO/IEC 27001:2022",
|
|
4760
|
+
"control_name": "Management of technical vulnerabilities"
|
|
4761
|
+
},
|
|
4762
|
+
{
|
|
4763
|
+
"id": "NIS2-Art21-patch-management",
|
|
4764
|
+
"framework": "EU NIS2 Directive",
|
|
4765
|
+
"control_name": "Vulnerability handling and disclosure"
|
|
4766
|
+
},
|
|
4767
|
+
{
|
|
4768
|
+
"id": "NIST-800-53-SC-8",
|
|
4769
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4770
|
+
"control_name": "Transmission Confidentiality and Integrity"
|
|
4771
|
+
},
|
|
4772
|
+
{
|
|
4773
|
+
"id": "NIST-800-53-SI-2",
|
|
4774
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4775
|
+
"control_name": "Flaw Remediation"
|
|
4776
|
+
},
|
|
4777
|
+
{
|
|
4778
|
+
"id": "PCI-DSS-4.0-6.3.3",
|
|
4779
|
+
"framework": "PCI DSS 4.0",
|
|
4780
|
+
"control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
|
|
4781
|
+
}
|
|
4782
|
+
],
|
|
4783
|
+
"attack_refs": [
|
|
4784
|
+
"T1068",
|
|
4785
|
+
"T1548.001"
|
|
4786
|
+
],
|
|
4787
|
+
"rfc_refs": [
|
|
4788
|
+
"RFC-4301",
|
|
4789
|
+
"RFC-4303",
|
|
4790
|
+
"RFC-7296"
|
|
4791
|
+
]
|
|
3726
4792
|
}
|
|
3727
4793
|
},
|
|
3728
4794
|
"CVE-2025-62847": {
|
|
@@ -3731,14 +4797,101 @@
|
|
|
3731
4797
|
"cvss": 9.8,
|
|
3732
4798
|
"cisa_kev": false,
|
|
3733
4799
|
"epss_score": 0.03,
|
|
3734
|
-
"referencing_skills": [
|
|
4800
|
+
"referencing_skills": [
|
|
4801
|
+
"kernel-lpe-triage"
|
|
4802
|
+
],
|
|
3735
4803
|
"chain": {
|
|
3736
|
-
"cwes": [
|
|
4804
|
+
"cwes": [
|
|
4805
|
+
{
|
|
4806
|
+
"id": "CWE-125",
|
|
4807
|
+
"name": "Out-of-bounds Read",
|
|
4808
|
+
"category": "Memory Safety"
|
|
4809
|
+
},
|
|
4810
|
+
{
|
|
4811
|
+
"id": "CWE-362",
|
|
4812
|
+
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
|
|
4813
|
+
"category": "Concurrency"
|
|
4814
|
+
},
|
|
4815
|
+
{
|
|
4816
|
+
"id": "CWE-416",
|
|
4817
|
+
"name": "Use After Free",
|
|
4818
|
+
"category": "Memory Safety"
|
|
4819
|
+
},
|
|
4820
|
+
{
|
|
4821
|
+
"id": "CWE-672",
|
|
4822
|
+
"name": "Operation on a Resource after Expiration or Release",
|
|
4823
|
+
"category": "Memory Safety"
|
|
4824
|
+
},
|
|
4825
|
+
{
|
|
4826
|
+
"id": "CWE-787",
|
|
4827
|
+
"name": "Out-of-bounds Write",
|
|
4828
|
+
"category": "Memory Safety"
|
|
4829
|
+
}
|
|
4830
|
+
],
|
|
3737
4831
|
"atlas": [],
|
|
3738
|
-
"d3fend": [
|
|
3739
|
-
|
|
3740
|
-
|
|
3741
|
-
|
|
4832
|
+
"d3fend": [
|
|
4833
|
+
{
|
|
4834
|
+
"id": "D3-ASLR",
|
|
4835
|
+
"name": "Address Space Layout Randomization",
|
|
4836
|
+
"tactic": "Harden"
|
|
4837
|
+
},
|
|
4838
|
+
{
|
|
4839
|
+
"id": "D3-EAL",
|
|
4840
|
+
"name": "Executable Allowlisting",
|
|
4841
|
+
"tactic": "Harden"
|
|
4842
|
+
},
|
|
4843
|
+
{
|
|
4844
|
+
"id": "D3-PHRA",
|
|
4845
|
+
"name": "Process Hardware Resource Access",
|
|
4846
|
+
"tactic": "Isolate"
|
|
4847
|
+
},
|
|
4848
|
+
{
|
|
4849
|
+
"id": "D3-PSEP",
|
|
4850
|
+
"name": "Process Segment Execution Prevention",
|
|
4851
|
+
"tactic": "Harden"
|
|
4852
|
+
}
|
|
4853
|
+
],
|
|
4854
|
+
"framework_gaps": [
|
|
4855
|
+
{
|
|
4856
|
+
"id": "CIS-Controls-v8-Control7",
|
|
4857
|
+
"framework": "CIS Controls v8",
|
|
4858
|
+
"control_name": "Continuous Vulnerability Management"
|
|
4859
|
+
},
|
|
4860
|
+
{
|
|
4861
|
+
"id": "ISO-27001-2022-A.8.8",
|
|
4862
|
+
"framework": "ISO/IEC 27001:2022",
|
|
4863
|
+
"control_name": "Management of technical vulnerabilities"
|
|
4864
|
+
},
|
|
4865
|
+
{
|
|
4866
|
+
"id": "NIS2-Art21-patch-management",
|
|
4867
|
+
"framework": "EU NIS2 Directive",
|
|
4868
|
+
"control_name": "Vulnerability handling and disclosure"
|
|
4869
|
+
},
|
|
4870
|
+
{
|
|
4871
|
+
"id": "NIST-800-53-SC-8",
|
|
4872
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4873
|
+
"control_name": "Transmission Confidentiality and Integrity"
|
|
4874
|
+
},
|
|
4875
|
+
{
|
|
4876
|
+
"id": "NIST-800-53-SI-2",
|
|
4877
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4878
|
+
"control_name": "Flaw Remediation"
|
|
4879
|
+
},
|
|
4880
|
+
{
|
|
4881
|
+
"id": "PCI-DSS-4.0-6.3.3",
|
|
4882
|
+
"framework": "PCI DSS 4.0",
|
|
4883
|
+
"control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
|
|
4884
|
+
}
|
|
4885
|
+
],
|
|
4886
|
+
"attack_refs": [
|
|
4887
|
+
"T1068",
|
|
4888
|
+
"T1548.001"
|
|
4889
|
+
],
|
|
4890
|
+
"rfc_refs": [
|
|
4891
|
+
"RFC-4301",
|
|
4892
|
+
"RFC-4303",
|
|
4893
|
+
"RFC-7296"
|
|
4894
|
+
]
|
|
3742
4895
|
}
|
|
3743
4896
|
},
|
|
3744
4897
|
"CVE-2025-62848": {
|
|
@@ -3747,14 +4900,101 @@
|
|
|
3747
4900
|
"cvss": 9.8,
|
|
3748
4901
|
"cisa_kev": false,
|
|
3749
4902
|
"epss_score": 0.03,
|
|
3750
|
-
"referencing_skills": [
|
|
4903
|
+
"referencing_skills": [
|
|
4904
|
+
"kernel-lpe-triage"
|
|
4905
|
+
],
|
|
3751
4906
|
"chain": {
|
|
3752
|
-
"cwes": [
|
|
4907
|
+
"cwes": [
|
|
4908
|
+
{
|
|
4909
|
+
"id": "CWE-125",
|
|
4910
|
+
"name": "Out-of-bounds Read",
|
|
4911
|
+
"category": "Memory Safety"
|
|
4912
|
+
},
|
|
4913
|
+
{
|
|
4914
|
+
"id": "CWE-362",
|
|
4915
|
+
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
|
|
4916
|
+
"category": "Concurrency"
|
|
4917
|
+
},
|
|
4918
|
+
{
|
|
4919
|
+
"id": "CWE-416",
|
|
4920
|
+
"name": "Use After Free",
|
|
4921
|
+
"category": "Memory Safety"
|
|
4922
|
+
},
|
|
4923
|
+
{
|
|
4924
|
+
"id": "CWE-672",
|
|
4925
|
+
"name": "Operation on a Resource after Expiration or Release",
|
|
4926
|
+
"category": "Memory Safety"
|
|
4927
|
+
},
|
|
4928
|
+
{
|
|
4929
|
+
"id": "CWE-787",
|
|
4930
|
+
"name": "Out-of-bounds Write",
|
|
4931
|
+
"category": "Memory Safety"
|
|
4932
|
+
}
|
|
4933
|
+
],
|
|
3753
4934
|
"atlas": [],
|
|
3754
|
-
"d3fend": [
|
|
3755
|
-
|
|
3756
|
-
|
|
3757
|
-
|
|
4935
|
+
"d3fend": [
|
|
4936
|
+
{
|
|
4937
|
+
"id": "D3-ASLR",
|
|
4938
|
+
"name": "Address Space Layout Randomization",
|
|
4939
|
+
"tactic": "Harden"
|
|
4940
|
+
},
|
|
4941
|
+
{
|
|
4942
|
+
"id": "D3-EAL",
|
|
4943
|
+
"name": "Executable Allowlisting",
|
|
4944
|
+
"tactic": "Harden"
|
|
4945
|
+
},
|
|
4946
|
+
{
|
|
4947
|
+
"id": "D3-PHRA",
|
|
4948
|
+
"name": "Process Hardware Resource Access",
|
|
4949
|
+
"tactic": "Isolate"
|
|
4950
|
+
},
|
|
4951
|
+
{
|
|
4952
|
+
"id": "D3-PSEP",
|
|
4953
|
+
"name": "Process Segment Execution Prevention",
|
|
4954
|
+
"tactic": "Harden"
|
|
4955
|
+
}
|
|
4956
|
+
],
|
|
4957
|
+
"framework_gaps": [
|
|
4958
|
+
{
|
|
4959
|
+
"id": "CIS-Controls-v8-Control7",
|
|
4960
|
+
"framework": "CIS Controls v8",
|
|
4961
|
+
"control_name": "Continuous Vulnerability Management"
|
|
4962
|
+
},
|
|
4963
|
+
{
|
|
4964
|
+
"id": "ISO-27001-2022-A.8.8",
|
|
4965
|
+
"framework": "ISO/IEC 27001:2022",
|
|
4966
|
+
"control_name": "Management of technical vulnerabilities"
|
|
4967
|
+
},
|
|
4968
|
+
{
|
|
4969
|
+
"id": "NIS2-Art21-patch-management",
|
|
4970
|
+
"framework": "EU NIS2 Directive",
|
|
4971
|
+
"control_name": "Vulnerability handling and disclosure"
|
|
4972
|
+
},
|
|
4973
|
+
{
|
|
4974
|
+
"id": "NIST-800-53-SC-8",
|
|
4975
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4976
|
+
"control_name": "Transmission Confidentiality and Integrity"
|
|
4977
|
+
},
|
|
4978
|
+
{
|
|
4979
|
+
"id": "NIST-800-53-SI-2",
|
|
4980
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
4981
|
+
"control_name": "Flaw Remediation"
|
|
4982
|
+
},
|
|
4983
|
+
{
|
|
4984
|
+
"id": "PCI-DSS-4.0-6.3.3",
|
|
4985
|
+
"framework": "PCI DSS 4.0",
|
|
4986
|
+
"control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
|
|
4987
|
+
}
|
|
4988
|
+
],
|
|
4989
|
+
"attack_refs": [
|
|
4990
|
+
"T1068",
|
|
4991
|
+
"T1548.001"
|
|
4992
|
+
],
|
|
4993
|
+
"rfc_refs": [
|
|
4994
|
+
"RFC-4301",
|
|
4995
|
+
"RFC-4303",
|
|
4996
|
+
"RFC-7296"
|
|
4997
|
+
]
|
|
3758
4998
|
}
|
|
3759
4999
|
},
|
|
3760
5000
|
"CVE-2025-62849": {
|
|
@@ -3763,14 +5003,101 @@
|
|
|
3763
5003
|
"cvss": 8.8,
|
|
3764
5004
|
"cisa_kev": false,
|
|
3765
5005
|
"epss_score": 0.02,
|
|
3766
|
-
"referencing_skills": [
|
|
5006
|
+
"referencing_skills": [
|
|
5007
|
+
"kernel-lpe-triage"
|
|
5008
|
+
],
|
|
3767
5009
|
"chain": {
|
|
3768
|
-
"cwes": [
|
|
5010
|
+
"cwes": [
|
|
5011
|
+
{
|
|
5012
|
+
"id": "CWE-125",
|
|
5013
|
+
"name": "Out-of-bounds Read",
|
|
5014
|
+
"category": "Memory Safety"
|
|
5015
|
+
},
|
|
5016
|
+
{
|
|
5017
|
+
"id": "CWE-362",
|
|
5018
|
+
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
|
|
5019
|
+
"category": "Concurrency"
|
|
5020
|
+
},
|
|
5021
|
+
{
|
|
5022
|
+
"id": "CWE-416",
|
|
5023
|
+
"name": "Use After Free",
|
|
5024
|
+
"category": "Memory Safety"
|
|
5025
|
+
},
|
|
5026
|
+
{
|
|
5027
|
+
"id": "CWE-672",
|
|
5028
|
+
"name": "Operation on a Resource after Expiration or Release",
|
|
5029
|
+
"category": "Memory Safety"
|
|
5030
|
+
},
|
|
5031
|
+
{
|
|
5032
|
+
"id": "CWE-787",
|
|
5033
|
+
"name": "Out-of-bounds Write",
|
|
5034
|
+
"category": "Memory Safety"
|
|
5035
|
+
}
|
|
5036
|
+
],
|
|
3769
5037
|
"atlas": [],
|
|
3770
|
-
"d3fend": [
|
|
3771
|
-
|
|
3772
|
-
|
|
3773
|
-
|
|
5038
|
+
"d3fend": [
|
|
5039
|
+
{
|
|
5040
|
+
"id": "D3-ASLR",
|
|
5041
|
+
"name": "Address Space Layout Randomization",
|
|
5042
|
+
"tactic": "Harden"
|
|
5043
|
+
},
|
|
5044
|
+
{
|
|
5045
|
+
"id": "D3-EAL",
|
|
5046
|
+
"name": "Executable Allowlisting",
|
|
5047
|
+
"tactic": "Harden"
|
|
5048
|
+
},
|
|
5049
|
+
{
|
|
5050
|
+
"id": "D3-PHRA",
|
|
5051
|
+
"name": "Process Hardware Resource Access",
|
|
5052
|
+
"tactic": "Isolate"
|
|
5053
|
+
},
|
|
5054
|
+
{
|
|
5055
|
+
"id": "D3-PSEP",
|
|
5056
|
+
"name": "Process Segment Execution Prevention",
|
|
5057
|
+
"tactic": "Harden"
|
|
5058
|
+
}
|
|
5059
|
+
],
|
|
5060
|
+
"framework_gaps": [
|
|
5061
|
+
{
|
|
5062
|
+
"id": "CIS-Controls-v8-Control7",
|
|
5063
|
+
"framework": "CIS Controls v8",
|
|
5064
|
+
"control_name": "Continuous Vulnerability Management"
|
|
5065
|
+
},
|
|
5066
|
+
{
|
|
5067
|
+
"id": "ISO-27001-2022-A.8.8",
|
|
5068
|
+
"framework": "ISO/IEC 27001:2022",
|
|
5069
|
+
"control_name": "Management of technical vulnerabilities"
|
|
5070
|
+
},
|
|
5071
|
+
{
|
|
5072
|
+
"id": "NIS2-Art21-patch-management",
|
|
5073
|
+
"framework": "EU NIS2 Directive",
|
|
5074
|
+
"control_name": "Vulnerability handling and disclosure"
|
|
5075
|
+
},
|
|
5076
|
+
{
|
|
5077
|
+
"id": "NIST-800-53-SC-8",
|
|
5078
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
5079
|
+
"control_name": "Transmission Confidentiality and Integrity"
|
|
5080
|
+
},
|
|
5081
|
+
{
|
|
5082
|
+
"id": "NIST-800-53-SI-2",
|
|
5083
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
5084
|
+
"control_name": "Flaw Remediation"
|
|
5085
|
+
},
|
|
5086
|
+
{
|
|
5087
|
+
"id": "PCI-DSS-4.0-6.3.3",
|
|
5088
|
+
"framework": "PCI DSS 4.0",
|
|
5089
|
+
"control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
|
|
5090
|
+
}
|
|
5091
|
+
],
|
|
5092
|
+
"attack_refs": [
|
|
5093
|
+
"T1068",
|
|
5094
|
+
"T1548.001"
|
|
5095
|
+
],
|
|
5096
|
+
"rfc_refs": [
|
|
5097
|
+
"RFC-4301",
|
|
5098
|
+
"RFC-4303",
|
|
5099
|
+
"RFC-7296"
|
|
5100
|
+
]
|
|
3774
5101
|
}
|
|
3775
5102
|
},
|
|
3776
5103
|
"CVE-2025-59389": {
|
|
@@ -3779,14 +5106,101 @@
|
|
|
3779
5106
|
"cvss": 9.8,
|
|
3780
5107
|
"cisa_kev": false,
|
|
3781
5108
|
"epss_score": 0.05,
|
|
3782
|
-
"referencing_skills": [
|
|
5109
|
+
"referencing_skills": [
|
|
5110
|
+
"kernel-lpe-triage"
|
|
5111
|
+
],
|
|
3783
5112
|
"chain": {
|
|
3784
|
-
"cwes": [
|
|
5113
|
+
"cwes": [
|
|
5114
|
+
{
|
|
5115
|
+
"id": "CWE-125",
|
|
5116
|
+
"name": "Out-of-bounds Read",
|
|
5117
|
+
"category": "Memory Safety"
|
|
5118
|
+
},
|
|
5119
|
+
{
|
|
5120
|
+
"id": "CWE-362",
|
|
5121
|
+
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
|
|
5122
|
+
"category": "Concurrency"
|
|
5123
|
+
},
|
|
5124
|
+
{
|
|
5125
|
+
"id": "CWE-416",
|
|
5126
|
+
"name": "Use After Free",
|
|
5127
|
+
"category": "Memory Safety"
|
|
5128
|
+
},
|
|
5129
|
+
{
|
|
5130
|
+
"id": "CWE-672",
|
|
5131
|
+
"name": "Operation on a Resource after Expiration or Release",
|
|
5132
|
+
"category": "Memory Safety"
|
|
5133
|
+
},
|
|
5134
|
+
{
|
|
5135
|
+
"id": "CWE-787",
|
|
5136
|
+
"name": "Out-of-bounds Write",
|
|
5137
|
+
"category": "Memory Safety"
|
|
5138
|
+
}
|
|
5139
|
+
],
|
|
3785
5140
|
"atlas": [],
|
|
3786
|
-
"d3fend": [
|
|
3787
|
-
|
|
3788
|
-
|
|
3789
|
-
|
|
5141
|
+
"d3fend": [
|
|
5142
|
+
{
|
|
5143
|
+
"id": "D3-ASLR",
|
|
5144
|
+
"name": "Address Space Layout Randomization",
|
|
5145
|
+
"tactic": "Harden"
|
|
5146
|
+
},
|
|
5147
|
+
{
|
|
5148
|
+
"id": "D3-EAL",
|
|
5149
|
+
"name": "Executable Allowlisting",
|
|
5150
|
+
"tactic": "Harden"
|
|
5151
|
+
},
|
|
5152
|
+
{
|
|
5153
|
+
"id": "D3-PHRA",
|
|
5154
|
+
"name": "Process Hardware Resource Access",
|
|
5155
|
+
"tactic": "Isolate"
|
|
5156
|
+
},
|
|
5157
|
+
{
|
|
5158
|
+
"id": "D3-PSEP",
|
|
5159
|
+
"name": "Process Segment Execution Prevention",
|
|
5160
|
+
"tactic": "Harden"
|
|
5161
|
+
}
|
|
5162
|
+
],
|
|
5163
|
+
"framework_gaps": [
|
|
5164
|
+
{
|
|
5165
|
+
"id": "CIS-Controls-v8-Control7",
|
|
5166
|
+
"framework": "CIS Controls v8",
|
|
5167
|
+
"control_name": "Continuous Vulnerability Management"
|
|
5168
|
+
},
|
|
5169
|
+
{
|
|
5170
|
+
"id": "ISO-27001-2022-A.8.8",
|
|
5171
|
+
"framework": "ISO/IEC 27001:2022",
|
|
5172
|
+
"control_name": "Management of technical vulnerabilities"
|
|
5173
|
+
},
|
|
5174
|
+
{
|
|
5175
|
+
"id": "NIS2-Art21-patch-management",
|
|
5176
|
+
"framework": "EU NIS2 Directive",
|
|
5177
|
+
"control_name": "Vulnerability handling and disclosure"
|
|
5178
|
+
},
|
|
5179
|
+
{
|
|
5180
|
+
"id": "NIST-800-53-SC-8",
|
|
5181
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
5182
|
+
"control_name": "Transmission Confidentiality and Integrity"
|
|
5183
|
+
},
|
|
5184
|
+
{
|
|
5185
|
+
"id": "NIST-800-53-SI-2",
|
|
5186
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
5187
|
+
"control_name": "Flaw Remediation"
|
|
5188
|
+
},
|
|
5189
|
+
{
|
|
5190
|
+
"id": "PCI-DSS-4.0-6.3.3",
|
|
5191
|
+
"framework": "PCI DSS 4.0",
|
|
5192
|
+
"control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
|
|
5193
|
+
}
|
|
5194
|
+
],
|
|
5195
|
+
"attack_refs": [
|
|
5196
|
+
"T1068",
|
|
5197
|
+
"T1548.001"
|
|
5198
|
+
],
|
|
5199
|
+
"rfc_refs": [
|
|
5200
|
+
"RFC-4301",
|
|
5201
|
+
"RFC-4303",
|
|
5202
|
+
"RFC-7296"
|
|
5203
|
+
]
|
|
3790
5204
|
}
|
|
3791
5205
|
},
|
|
3792
5206
|
"CVE-2025-11837": {
|
|
@@ -3795,14 +5209,190 @@
|
|
|
3795
5209
|
"cvss": 8,
|
|
3796
5210
|
"cisa_kev": false,
|
|
3797
5211
|
"epss_score": 0.025,
|
|
3798
|
-
"referencing_skills": [
|
|
5212
|
+
"referencing_skills": [
|
|
5213
|
+
"ai-attack-surface",
|
|
5214
|
+
"ai-c2-detection",
|
|
5215
|
+
"email-security-anti-phishing"
|
|
5216
|
+
],
|
|
3799
5217
|
"chain": {
|
|
3800
|
-
"cwes": [
|
|
3801
|
-
|
|
3802
|
-
|
|
3803
|
-
|
|
3804
|
-
|
|
3805
|
-
|
|
5218
|
+
"cwes": [
|
|
5219
|
+
{
|
|
5220
|
+
"id": "CWE-1039",
|
|
5221
|
+
"name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
|
|
5222
|
+
"category": "AI/ML"
|
|
5223
|
+
},
|
|
5224
|
+
{
|
|
5225
|
+
"id": "CWE-1426",
|
|
5226
|
+
"name": "Improper Validation of Generative AI Output",
|
|
5227
|
+
"category": "AI/ML"
|
|
5228
|
+
},
|
|
5229
|
+
{
|
|
5230
|
+
"id": "CWE-94",
|
|
5231
|
+
"name": "Improper Control of Generation of Code (Code Injection)",
|
|
5232
|
+
"category": "Injection"
|
|
5233
|
+
}
|
|
5234
|
+
],
|
|
5235
|
+
"atlas": [
|
|
5236
|
+
{
|
|
5237
|
+
"id": "AML.T0016",
|
|
5238
|
+
"name": "Obtain Capabilities: Develop Capabilities",
|
|
5239
|
+
"tactic": "Resource Development"
|
|
5240
|
+
},
|
|
5241
|
+
{
|
|
5242
|
+
"id": "AML.T0017",
|
|
5243
|
+
"name": "Discover ML Model Ontology",
|
|
5244
|
+
"tactic": "Discovery"
|
|
5245
|
+
},
|
|
5246
|
+
{
|
|
5247
|
+
"id": "AML.T0018",
|
|
5248
|
+
"name": "Backdoor ML Model",
|
|
5249
|
+
"tactic": "Persistence"
|
|
5250
|
+
},
|
|
5251
|
+
{
|
|
5252
|
+
"id": "AML.T0020",
|
|
5253
|
+
"name": "Poison Training Data",
|
|
5254
|
+
"tactic": "ML Attack Staging"
|
|
5255
|
+
},
|
|
5256
|
+
{
|
|
5257
|
+
"id": "AML.T0043",
|
|
5258
|
+
"name": "Craft Adversarial Data",
|
|
5259
|
+
"tactic": "ML Attack Staging"
|
|
5260
|
+
},
|
|
5261
|
+
{
|
|
5262
|
+
"id": "AML.T0051",
|
|
5263
|
+
"name": "LLM Prompt Injection",
|
|
5264
|
+
"tactic": "Execution"
|
|
5265
|
+
},
|
|
5266
|
+
{
|
|
5267
|
+
"id": "AML.T0054",
|
|
5268
|
+
"name": "LLM Jailbreak",
|
|
5269
|
+
"tactic": "Defense Evasion"
|
|
5270
|
+
},
|
|
5271
|
+
{
|
|
5272
|
+
"id": "AML.T0096",
|
|
5273
|
+
"name": "AI API as Covert C2 Channel",
|
|
5274
|
+
"tactic": "Command and Control"
|
|
5275
|
+
}
|
|
5276
|
+
],
|
|
5277
|
+
"d3fend": [
|
|
5278
|
+
{
|
|
5279
|
+
"id": "D3-CA",
|
|
5280
|
+
"name": "Certificate Analysis",
|
|
5281
|
+
"tactic": "Detect"
|
|
5282
|
+
},
|
|
5283
|
+
{
|
|
5284
|
+
"id": "D3-CSPP",
|
|
5285
|
+
"name": "Client-server Payload Profiling",
|
|
5286
|
+
"tactic": "Detect"
|
|
5287
|
+
},
|
|
5288
|
+
{
|
|
5289
|
+
"id": "D3-DA",
|
|
5290
|
+
"name": "Domain Analysis",
|
|
5291
|
+
"tactic": "Detect"
|
|
5292
|
+
},
|
|
5293
|
+
{
|
|
5294
|
+
"id": "D3-IOPR",
|
|
5295
|
+
"name": "Input/Output Profiling Resource",
|
|
5296
|
+
"tactic": "Detect"
|
|
5297
|
+
},
|
|
5298
|
+
{
|
|
5299
|
+
"id": "D3-NI",
|
|
5300
|
+
"name": "Network Isolation",
|
|
5301
|
+
"tactic": "Isolate"
|
|
5302
|
+
},
|
|
5303
|
+
{
|
|
5304
|
+
"id": "D3-NTA",
|
|
5305
|
+
"name": "Network Traffic Analysis",
|
|
5306
|
+
"tactic": "Detect"
|
|
5307
|
+
},
|
|
5308
|
+
{
|
|
5309
|
+
"id": "D3-NTPM",
|
|
5310
|
+
"name": "Network Traffic Policy Mapping",
|
|
5311
|
+
"tactic": "Model"
|
|
5312
|
+
}
|
|
5313
|
+
],
|
|
5314
|
+
"framework_gaps": [
|
|
5315
|
+
{
|
|
5316
|
+
"id": "ALL-AI-PIPELINE-INTEGRITY",
|
|
5317
|
+
"framework": "ALL",
|
|
5318
|
+
"control_name": "AI Pipeline Integrity"
|
|
5319
|
+
},
|
|
5320
|
+
{
|
|
5321
|
+
"id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
|
|
5322
|
+
"framework": "ALL",
|
|
5323
|
+
"control_name": "Prompt Injection as Access Control Failure"
|
|
5324
|
+
},
|
|
5325
|
+
{
|
|
5326
|
+
"id": "ISO-27001-2022-A.8.16",
|
|
5327
|
+
"framework": "ISO/IEC 27001:2022",
|
|
5328
|
+
"control_name": "Monitoring activities"
|
|
5329
|
+
},
|
|
5330
|
+
{
|
|
5331
|
+
"id": "ISO-27001-2022-A.8.28",
|
|
5332
|
+
"framework": "ISO/IEC 27001:2022",
|
|
5333
|
+
"control_name": "Secure coding"
|
|
5334
|
+
},
|
|
5335
|
+
{
|
|
5336
|
+
"id": "ISO-IEC-23894-2023-clause-7",
|
|
5337
|
+
"framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
|
|
5338
|
+
"control_name": "AI risk management process"
|
|
5339
|
+
},
|
|
5340
|
+
{
|
|
5341
|
+
"id": "NIST-800-53-AC-2",
|
|
5342
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
5343
|
+
"control_name": "Account Management"
|
|
5344
|
+
},
|
|
5345
|
+
{
|
|
5346
|
+
"id": "NIST-800-53-SC-7",
|
|
5347
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
5348
|
+
"control_name": "Boundary Protection"
|
|
5349
|
+
},
|
|
5350
|
+
{
|
|
5351
|
+
"id": "NIST-800-53-SI-3",
|
|
5352
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
5353
|
+
"control_name": "Malicious Code Protection"
|
|
5354
|
+
},
|
|
5355
|
+
{
|
|
5356
|
+
"id": "OWASP-LLM-Top-10-2025-LLM01",
|
|
5357
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
5358
|
+
"control_name": "Prompt Injection"
|
|
5359
|
+
},
|
|
5360
|
+
{
|
|
5361
|
+
"id": "OWASP-LLM-Top-10-2025-LLM02",
|
|
5362
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
5363
|
+
"control_name": "Sensitive Information Disclosure"
|
|
5364
|
+
},
|
|
5365
|
+
{
|
|
5366
|
+
"id": "SOC2-CC6-logical-access",
|
|
5367
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
5368
|
+
"control_name": "Logical and Physical Access Controls"
|
|
5369
|
+
},
|
|
5370
|
+
{
|
|
5371
|
+
"id": "SOC2-CC7-anomaly-detection",
|
|
5372
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
5373
|
+
"control_name": "System Operations — Threat and Vulnerability Management"
|
|
5374
|
+
}
|
|
5375
|
+
],
|
|
5376
|
+
"attack_refs": [
|
|
5377
|
+
"T1059",
|
|
5378
|
+
"T1071",
|
|
5379
|
+
"T1078",
|
|
5380
|
+
"T1102",
|
|
5381
|
+
"T1190",
|
|
5382
|
+
"T1566",
|
|
5383
|
+
"T1566.001",
|
|
5384
|
+
"T1566.002",
|
|
5385
|
+
"T1566.003",
|
|
5386
|
+
"T1568"
|
|
5387
|
+
],
|
|
5388
|
+
"rfc_refs": [
|
|
5389
|
+
"RFC-8446",
|
|
5390
|
+
"RFC-9000",
|
|
5391
|
+
"RFC-9114",
|
|
5392
|
+
"RFC-9180",
|
|
5393
|
+
"RFC-9421",
|
|
5394
|
+
"RFC-9458"
|
|
5395
|
+
]
|
|
3806
5396
|
}
|
|
3807
5397
|
},
|
|
3808
5398
|
"CVE-2026-42945": {
|
|
@@ -5805,6 +7395,125 @@
|
|
|
5805
7395
|
]
|
|
5806
7396
|
}
|
|
5807
7397
|
},
|
|
7398
|
+
"CVE-2024-21762": {
|
|
7399
|
+
"name": "Fortinet FortiOS / FortiProxy SSL-VPN out-of-bounds write (sslvpnd preauth RCE)",
|
|
7400
|
+
"rwep": 85,
|
|
7401
|
+
"cvss": 9.8,
|
|
7402
|
+
"cisa_kev": true,
|
|
7403
|
+
"epss_score": null,
|
|
7404
|
+
"referencing_skills": [
|
|
7405
|
+
"kernel-lpe-triage",
|
|
7406
|
+
"coordinated-vuln-disclosure"
|
|
7407
|
+
],
|
|
7408
|
+
"chain": {
|
|
7409
|
+
"cwes": [
|
|
7410
|
+
{
|
|
7411
|
+
"id": "CWE-125",
|
|
7412
|
+
"name": "Out-of-bounds Read",
|
|
7413
|
+
"category": "Memory Safety"
|
|
7414
|
+
},
|
|
7415
|
+
{
|
|
7416
|
+
"id": "CWE-1357",
|
|
7417
|
+
"name": "Reliance on Insufficiently Trustworthy Component",
|
|
7418
|
+
"category": "Supply Chain"
|
|
7419
|
+
},
|
|
7420
|
+
{
|
|
7421
|
+
"id": "CWE-362",
|
|
7422
|
+
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
|
|
7423
|
+
"category": "Concurrency"
|
|
7424
|
+
},
|
|
7425
|
+
{
|
|
7426
|
+
"id": "CWE-416",
|
|
7427
|
+
"name": "Use After Free",
|
|
7428
|
+
"category": "Memory Safety"
|
|
7429
|
+
},
|
|
7430
|
+
{
|
|
7431
|
+
"id": "CWE-672",
|
|
7432
|
+
"name": "Operation on a Resource after Expiration or Release",
|
|
7433
|
+
"category": "Memory Safety"
|
|
7434
|
+
},
|
|
7435
|
+
{
|
|
7436
|
+
"id": "CWE-787",
|
|
7437
|
+
"name": "Out-of-bounds Write",
|
|
7438
|
+
"category": "Memory Safety"
|
|
7439
|
+
}
|
|
7440
|
+
],
|
|
7441
|
+
"atlas": [],
|
|
7442
|
+
"d3fend": [
|
|
7443
|
+
{
|
|
7444
|
+
"id": "D3-ASLR",
|
|
7445
|
+
"name": "Address Space Layout Randomization",
|
|
7446
|
+
"tactic": "Harden"
|
|
7447
|
+
},
|
|
7448
|
+
{
|
|
7449
|
+
"id": "D3-EAL",
|
|
7450
|
+
"name": "Executable Allowlisting",
|
|
7451
|
+
"tactic": "Harden"
|
|
7452
|
+
},
|
|
7453
|
+
{
|
|
7454
|
+
"id": "D3-PHRA",
|
|
7455
|
+
"name": "Process Hardware Resource Access",
|
|
7456
|
+
"tactic": "Isolate"
|
|
7457
|
+
},
|
|
7458
|
+
{
|
|
7459
|
+
"id": "D3-PSEP",
|
|
7460
|
+
"name": "Process Segment Execution Prevention",
|
|
7461
|
+
"tactic": "Harden"
|
|
7462
|
+
}
|
|
7463
|
+
],
|
|
7464
|
+
"framework_gaps": [
|
|
7465
|
+
{
|
|
7466
|
+
"id": "CIS-Controls-v8-Control7",
|
|
7467
|
+
"framework": "CIS Controls v8",
|
|
7468
|
+
"control_name": "Continuous Vulnerability Management"
|
|
7469
|
+
},
|
|
7470
|
+
{
|
|
7471
|
+
"id": "ISO-27001-2022-A.8.8",
|
|
7472
|
+
"framework": "ISO/IEC 27001:2022",
|
|
7473
|
+
"control_name": "Management of technical vulnerabilities"
|
|
7474
|
+
},
|
|
7475
|
+
{
|
|
7476
|
+
"id": "NIS2-Art21-patch-management",
|
|
7477
|
+
"framework": "EU NIS2 Directive",
|
|
7478
|
+
"control_name": "Vulnerability handling and disclosure"
|
|
7479
|
+
},
|
|
7480
|
+
{
|
|
7481
|
+
"id": "NIST-800-218-SSDF",
|
|
7482
|
+
"framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
|
|
7483
|
+
"control_name": "Secure Software Development Framework"
|
|
7484
|
+
},
|
|
7485
|
+
{
|
|
7486
|
+
"id": "NIST-800-53-SC-8",
|
|
7487
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
7488
|
+
"control_name": "Transmission Confidentiality and Integrity"
|
|
7489
|
+
},
|
|
7490
|
+
{
|
|
7491
|
+
"id": "NIST-800-53-SI-2",
|
|
7492
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
7493
|
+
"control_name": "Flaw Remediation"
|
|
7494
|
+
},
|
|
7495
|
+
{
|
|
7496
|
+
"id": "PCI-DSS-4.0-6.3.3",
|
|
7497
|
+
"framework": "PCI DSS 4.0",
|
|
7498
|
+
"control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
|
|
7499
|
+
},
|
|
7500
|
+
{
|
|
7501
|
+
"id": "SOC2-CC9-vendor-management",
|
|
7502
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
7503
|
+
"control_name": "Risk Mitigation — Vendor and Business Partner Risk"
|
|
7504
|
+
}
|
|
7505
|
+
],
|
|
7506
|
+
"attack_refs": [
|
|
7507
|
+
"T1068",
|
|
7508
|
+
"T1548.001"
|
|
7509
|
+
],
|
|
7510
|
+
"rfc_refs": [
|
|
7511
|
+
"RFC-4301",
|
|
7512
|
+
"RFC-4303",
|
|
7513
|
+
"RFC-7296"
|
|
7514
|
+
]
|
|
7515
|
+
}
|
|
7516
|
+
},
|
|
5808
7517
|
"CWE-20": {
|
|
5809
7518
|
"name": "Improper Input Validation",
|
|
5810
7519
|
"category": "Validation",
|
|
@@ -6070,9 +7779,12 @@
|
|
|
6070
7779
|
]
|
|
6071
7780
|
},
|
|
6072
7781
|
"related_cves": [
|
|
7782
|
+
"CVE-2023-43472",
|
|
6073
7783
|
"CVE-2024-3094",
|
|
7784
|
+
"CVE-2024-3154",
|
|
6074
7785
|
"CVE-2025-53773",
|
|
6075
7786
|
"CVE-2026-30615",
|
|
7787
|
+
"CVE-2026-30623",
|
|
6076
7788
|
"CVE-2026-31431",
|
|
6077
7789
|
"CVE-2026-39884",
|
|
6078
7790
|
"CVE-2026-42208",
|
|
@@ -6256,9 +7968,12 @@
|
|
|
6256
7968
|
]
|
|
6257
7969
|
},
|
|
6258
7970
|
"related_cves": [
|
|
7971
|
+
"CVE-2023-43472",
|
|
6259
7972
|
"CVE-2024-3094",
|
|
7973
|
+
"CVE-2024-3154",
|
|
6260
7974
|
"CVE-2025-53773",
|
|
6261
7975
|
"CVE-2026-30615",
|
|
7976
|
+
"CVE-2026-30623",
|
|
6262
7977
|
"CVE-2026-39884",
|
|
6263
7978
|
"CVE-2026-42208",
|
|
6264
7979
|
"CVE-2026-45321",
|
|
@@ -6393,6 +8108,8 @@
|
|
|
6393
8108
|
]
|
|
6394
8109
|
},
|
|
6395
8110
|
"related_cves": [
|
|
8111
|
+
"CVE-2023-43472",
|
|
8112
|
+
"CVE-2026-30623",
|
|
6396
8113
|
"CVE-2026-31431",
|
|
6397
8114
|
"CVE-2026-39884",
|
|
6398
8115
|
"CVE-2026-42208",
|
|
@@ -6519,6 +8236,8 @@
|
|
|
6519
8236
|
]
|
|
6520
8237
|
},
|
|
6521
8238
|
"related_cves": [
|
|
8239
|
+
"CVE-2023-43472",
|
|
8240
|
+
"CVE-2026-30623",
|
|
6522
8241
|
"CVE-2026-31431",
|
|
6523
8242
|
"CVE-2026-39884",
|
|
6524
8243
|
"CVE-2026-42208",
|
|
@@ -6659,6 +8378,8 @@
|
|
|
6659
8378
|
]
|
|
6660
8379
|
},
|
|
6661
8380
|
"related_cves": [
|
|
8381
|
+
"CVE-2023-43472",
|
|
8382
|
+
"CVE-2026-30623",
|
|
6662
8383
|
"CVE-2026-31431",
|
|
6663
8384
|
"CVE-2026-39884",
|
|
6664
8385
|
"CVE-2026-42208",
|
|
@@ -6901,9 +8622,13 @@
|
|
|
6901
8622
|
]
|
|
6902
8623
|
},
|
|
6903
8624
|
"related_cves": [
|
|
8625
|
+
"CVE-2023-43472",
|
|
6904
8626
|
"CVE-2024-3094",
|
|
8627
|
+
"CVE-2024-3154",
|
|
8628
|
+
"CVE-2025-11837",
|
|
6905
8629
|
"CVE-2025-53773",
|
|
6906
8630
|
"CVE-2026-30615",
|
|
8631
|
+
"CVE-2026-30623",
|
|
6907
8632
|
"CVE-2026-32202",
|
|
6908
8633
|
"CVE-2026-33825",
|
|
6909
8634
|
"CVE-2026-39884",
|
|
@@ -7041,6 +8766,13 @@
|
|
|
7041
8766
|
]
|
|
7042
8767
|
},
|
|
7043
8768
|
"related_cves": [
|
|
8769
|
+
"CVE-2023-3519",
|
|
8770
|
+
"CVE-2024-21762",
|
|
8771
|
+
"CVE-2025-12686",
|
|
8772
|
+
"CVE-2025-59389",
|
|
8773
|
+
"CVE-2025-62847",
|
|
8774
|
+
"CVE-2025-62848",
|
|
8775
|
+
"CVE-2025-62849",
|
|
7044
8776
|
"CVE-2026-0300",
|
|
7045
8777
|
"CVE-2026-31431",
|
|
7046
8778
|
"CVE-2026-32202",
|
|
@@ -7267,9 +8999,13 @@
|
|
|
7267
8999
|
]
|
|
7268
9000
|
},
|
|
7269
9001
|
"related_cves": [
|
|
9002
|
+
"CVE-2023-43472",
|
|
7270
9003
|
"CVE-2024-3094",
|
|
9004
|
+
"CVE-2024-3154",
|
|
9005
|
+
"CVE-2024-40635",
|
|
7271
9006
|
"CVE-2025-53773",
|
|
7272
9007
|
"CVE-2026-30615",
|
|
9008
|
+
"CVE-2026-30623",
|
|
7273
9009
|
"CVE-2026-39884",
|
|
7274
9010
|
"CVE-2026-42208",
|
|
7275
9011
|
"CVE-2026-42897",
|
|
@@ -7610,9 +9346,12 @@
|
|
|
7610
9346
|
]
|
|
7611
9347
|
},
|
|
7612
9348
|
"related_cves": [
|
|
9349
|
+
"CVE-2023-43472",
|
|
7613
9350
|
"CVE-2024-3094",
|
|
9351
|
+
"CVE-2024-3154",
|
|
7614
9352
|
"CVE-2025-53773",
|
|
7615
9353
|
"CVE-2026-30615",
|
|
9354
|
+
"CVE-2026-30623",
|
|
7616
9355
|
"CVE-2026-31431",
|
|
7617
9356
|
"CVE-2026-39884",
|
|
7618
9357
|
"CVE-2026-42208",
|
|
@@ -8171,9 +9910,12 @@
|
|
|
8171
9910
|
]
|
|
8172
9911
|
},
|
|
8173
9912
|
"related_cves": [
|
|
9913
|
+
"CVE-2023-43472",
|
|
8174
9914
|
"CVE-2024-3094",
|
|
9915
|
+
"CVE-2024-3154",
|
|
8175
9916
|
"CVE-2025-53773",
|
|
8176
9917
|
"CVE-2026-30615",
|
|
9918
|
+
"CVE-2026-30623",
|
|
8177
9919
|
"CVE-2026-31431",
|
|
8178
9920
|
"CVE-2026-39884",
|
|
8179
9921
|
"CVE-2026-42208",
|
|
@@ -8771,6 +10513,7 @@
|
|
|
8771
10513
|
},
|
|
8772
10514
|
"related_cves": [
|
|
8773
10515
|
"CVE-2024-3094",
|
|
10516
|
+
"CVE-2024-3154",
|
|
8774
10517
|
"CVE-2025-53773",
|
|
8775
10518
|
"CVE-2026-30615",
|
|
8776
10519
|
"CVE-2026-45321",
|
|
@@ -8995,9 +10738,12 @@
|
|
|
8995
10738
|
]
|
|
8996
10739
|
},
|
|
8997
10740
|
"related_cves": [
|
|
10741
|
+
"CVE-2023-43472",
|
|
8998
10742
|
"CVE-2024-3094",
|
|
10743
|
+
"CVE-2024-3154",
|
|
8999
10744
|
"CVE-2025-53773",
|
|
9000
10745
|
"CVE-2026-30615",
|
|
10746
|
+
"CVE-2026-30623",
|
|
9001
10747
|
"CVE-2026-31431",
|
|
9002
10748
|
"CVE-2026-39884",
|
|
9003
10749
|
"CVE-2026-42208",
|
|
@@ -9136,6 +10882,13 @@
|
|
|
9136
10882
|
]
|
|
9137
10883
|
},
|
|
9138
10884
|
"related_cves": [
|
|
10885
|
+
"CVE-2023-3519",
|
|
10886
|
+
"CVE-2024-21762",
|
|
10887
|
+
"CVE-2025-12686",
|
|
10888
|
+
"CVE-2025-59389",
|
|
10889
|
+
"CVE-2025-62847",
|
|
10890
|
+
"CVE-2025-62848",
|
|
10891
|
+
"CVE-2025-62849",
|
|
9139
10892
|
"CVE-2026-0300",
|
|
9140
10893
|
"CVE-2026-31431",
|
|
9141
10894
|
"CVE-2026-32202",
|
|
@@ -9267,6 +11020,13 @@
|
|
|
9267
11020
|
]
|
|
9268
11021
|
},
|
|
9269
11022
|
"related_cves": [
|
|
11023
|
+
"CVE-2023-3519",
|
|
11024
|
+
"CVE-2024-21762",
|
|
11025
|
+
"CVE-2025-12686",
|
|
11026
|
+
"CVE-2025-59389",
|
|
11027
|
+
"CVE-2025-62847",
|
|
11028
|
+
"CVE-2025-62848",
|
|
11029
|
+
"CVE-2025-62849",
|
|
9270
11030
|
"CVE-2026-0300",
|
|
9271
11031
|
"CVE-2026-31431",
|
|
9272
11032
|
"CVE-2026-32202",
|
|
@@ -9491,9 +11251,12 @@
|
|
|
9491
11251
|
]
|
|
9492
11252
|
},
|
|
9493
11253
|
"related_cves": [
|
|
11254
|
+
"CVE-2023-43472",
|
|
9494
11255
|
"CVE-2024-3094",
|
|
11256
|
+
"CVE-2024-3154",
|
|
9495
11257
|
"CVE-2025-53773",
|
|
9496
11258
|
"CVE-2026-30615",
|
|
11259
|
+
"CVE-2026-30623",
|
|
9497
11260
|
"CVE-2026-31431",
|
|
9498
11261
|
"CVE-2026-39884",
|
|
9499
11262
|
"CVE-2026-42208",
|
|
@@ -9691,6 +11454,7 @@
|
|
|
9691
11454
|
},
|
|
9692
11455
|
"related_cves": [
|
|
9693
11456
|
"CVE-2024-3094",
|
|
11457
|
+
"CVE-2024-3154",
|
|
9694
11458
|
"CVE-2025-53773",
|
|
9695
11459
|
"CVE-2026-30615",
|
|
9696
11460
|
"CVE-2026-45321",
|
|
@@ -9878,8 +11642,10 @@
|
|
|
9878
11642
|
]
|
|
9879
11643
|
},
|
|
9880
11644
|
"related_cves": [
|
|
11645
|
+
"CVE-2023-43472",
|
|
9881
11646
|
"CVE-2024-3094",
|
|
9882
11647
|
"CVE-2026-30615",
|
|
11648
|
+
"CVE-2026-30623",
|
|
9883
11649
|
"CVE-2026-39884",
|
|
9884
11650
|
"CVE-2026-42208",
|
|
9885
11651
|
"CVE-2026-45321",
|
|
@@ -10175,6 +11941,13 @@
|
|
|
10175
11941
|
]
|
|
10176
11942
|
},
|
|
10177
11943
|
"related_cves": [
|
|
11944
|
+
"CVE-2023-3519",
|
|
11945
|
+
"CVE-2024-21762",
|
|
11946
|
+
"CVE-2025-12686",
|
|
11947
|
+
"CVE-2025-59389",
|
|
11948
|
+
"CVE-2025-62847",
|
|
11949
|
+
"CVE-2025-62848",
|
|
11950
|
+
"CVE-2025-62849",
|
|
10178
11951
|
"CVE-2026-0300",
|
|
10179
11952
|
"CVE-2026-31431",
|
|
10180
11953
|
"CVE-2026-32202",
|
|
@@ -10463,9 +12236,12 @@
|
|
|
10463
12236
|
]
|
|
10464
12237
|
},
|
|
10465
12238
|
"related_cves": [
|
|
12239
|
+
"CVE-2023-43472",
|
|
10466
12240
|
"CVE-2024-3094",
|
|
12241
|
+
"CVE-2024-3154",
|
|
10467
12242
|
"CVE-2025-53773",
|
|
10468
12243
|
"CVE-2026-30615",
|
|
12244
|
+
"CVE-2026-30623",
|
|
10469
12245
|
"CVE-2026-31431",
|
|
10470
12246
|
"CVE-2026-39884",
|
|
10471
12247
|
"CVE-2026-42208",
|
|
@@ -10681,10 +12457,20 @@
|
|
|
10681
12457
|
]
|
|
10682
12458
|
},
|
|
10683
12459
|
"related_cves": [
|
|
12460
|
+
"CVE-2023-3519",
|
|
12461
|
+
"CVE-2023-43472",
|
|
12462
|
+
"CVE-2024-21762",
|
|
10684
12463
|
"CVE-2024-3094",
|
|
12464
|
+
"CVE-2024-3154",
|
|
12465
|
+
"CVE-2025-12686",
|
|
10685
12466
|
"CVE-2025-53773",
|
|
12467
|
+
"CVE-2025-59389",
|
|
12468
|
+
"CVE-2025-62847",
|
|
12469
|
+
"CVE-2025-62848",
|
|
12470
|
+
"CVE-2025-62849",
|
|
10686
12471
|
"CVE-2026-0300",
|
|
10687
12472
|
"CVE-2026-30615",
|
|
12473
|
+
"CVE-2026-30623",
|
|
10688
12474
|
"CVE-2026-31431",
|
|
10689
12475
|
"CVE-2026-32202",
|
|
10690
12476
|
"CVE-2026-33825",
|
|
@@ -10986,6 +12772,7 @@
|
|
|
10986
12772
|
},
|
|
10987
12773
|
"related_cves": [
|
|
10988
12774
|
"CVE-2024-3094",
|
|
12775
|
+
"CVE-2024-3154",
|
|
10989
12776
|
"CVE-2025-53773",
|
|
10990
12777
|
"CVE-2026-30615",
|
|
10991
12778
|
"CVE-2026-31431",
|
|
@@ -11289,9 +13076,12 @@
|
|
|
11289
13076
|
]
|
|
11290
13077
|
},
|
|
11291
13078
|
"related_cves": [
|
|
13079
|
+
"CVE-2023-43472",
|
|
11292
13080
|
"CVE-2024-3094",
|
|
13081
|
+
"CVE-2024-3154",
|
|
11293
13082
|
"CVE-2025-53773",
|
|
11294
13083
|
"CVE-2026-30615",
|
|
13084
|
+
"CVE-2026-30623",
|
|
11295
13085
|
"CVE-2026-39884",
|
|
11296
13086
|
"CVE-2026-42208",
|
|
11297
13087
|
"CVE-2026-45321",
|
|
@@ -11565,9 +13355,11 @@
|
|
|
11565
13355
|
]
|
|
11566
13356
|
},
|
|
11567
13357
|
"related_cves": [
|
|
13358
|
+
"CVE-2023-43472",
|
|
11568
13359
|
"CVE-2024-3094",
|
|
11569
13360
|
"CVE-2025-53773",
|
|
11570
13361
|
"CVE-2026-30615",
|
|
13362
|
+
"CVE-2026-30623",
|
|
11571
13363
|
"CVE-2026-39884",
|
|
11572
13364
|
"CVE-2026-42208",
|
|
11573
13365
|
"CVE-2026-45321",
|
|
@@ -11869,9 +13661,12 @@
|
|
|
11869
13661
|
]
|
|
11870
13662
|
},
|
|
11871
13663
|
"related_cves": [
|
|
13664
|
+
"CVE-2023-43472",
|
|
11872
13665
|
"CVE-2024-3094",
|
|
13666
|
+
"CVE-2024-3154",
|
|
11873
13667
|
"CVE-2025-53773",
|
|
11874
13668
|
"CVE-2026-30615",
|
|
13669
|
+
"CVE-2026-30623",
|
|
11875
13670
|
"CVE-2026-31431",
|
|
11876
13671
|
"CVE-2026-39884",
|
|
11877
13672
|
"CVE-2026-42208",
|
|
@@ -12067,7 +13862,10 @@
|
|
|
12067
13862
|
"rfc_refs": []
|
|
12068
13863
|
},
|
|
12069
13864
|
"related_cves": [
|
|
13865
|
+
"CVE-2023-43472",
|
|
13866
|
+
"CVE-2025-11837",
|
|
12070
13867
|
"CVE-2025-53773",
|
|
13868
|
+
"CVE-2026-30623",
|
|
12071
13869
|
"CVE-2026-32202",
|
|
12072
13870
|
"CVE-2026-33825",
|
|
12073
13871
|
"CVE-2026-39884",
|
|
@@ -12223,9 +14021,12 @@
|
|
|
12223
14021
|
]
|
|
12224
14022
|
},
|
|
12225
14023
|
"related_cves": [
|
|
14024
|
+
"CVE-2023-43472",
|
|
12226
14025
|
"CVE-2024-3094",
|
|
14026
|
+
"CVE-2024-3154",
|
|
12227
14027
|
"CVE-2025-53773",
|
|
12228
14028
|
"CVE-2026-30615",
|
|
14029
|
+
"CVE-2026-30623",
|
|
12229
14030
|
"CVE-2026-39884",
|
|
12230
14031
|
"CVE-2026-42208",
|
|
12231
14032
|
"CVE-2026-45321",
|
|
@@ -12387,6 +14188,7 @@
|
|
|
12387
14188
|
]
|
|
12388
14189
|
},
|
|
12389
14190
|
"related_cves": [
|
|
14191
|
+
"CVE-2024-21762",
|
|
12390
14192
|
"CVE-2024-3094",
|
|
12391
14193
|
"CVE-2026-0300",
|
|
12392
14194
|
"CVE-2026-30615",
|
|
@@ -12611,9 +14413,12 @@
|
|
|
12611
14413
|
]
|
|
12612
14414
|
},
|
|
12613
14415
|
"related_cves": [
|
|
14416
|
+
"CVE-2023-43472",
|
|
12614
14417
|
"CVE-2024-3094",
|
|
14418
|
+
"CVE-2024-3154",
|
|
12615
14419
|
"CVE-2025-53773",
|
|
12616
14420
|
"CVE-2026-30615",
|
|
14421
|
+
"CVE-2026-30623",
|
|
12617
14422
|
"CVE-2026-31431",
|
|
12618
14423
|
"CVE-2026-39884",
|
|
12619
14424
|
"CVE-2026-45321",
|
|
@@ -12864,9 +14669,13 @@
|
|
|
12864
14669
|
]
|
|
12865
14670
|
},
|
|
12866
14671
|
"related_cves": [
|
|
14672
|
+
"CVE-2023-43472",
|
|
12867
14673
|
"CVE-2024-3094",
|
|
14674
|
+
"CVE-2024-40635",
|
|
14675
|
+
"CVE-2025-11837",
|
|
12868
14676
|
"CVE-2025-53773",
|
|
12869
14677
|
"CVE-2026-30615",
|
|
14678
|
+
"CVE-2026-30623",
|
|
12870
14679
|
"CVE-2026-32202",
|
|
12871
14680
|
"CVE-2026-33825",
|
|
12872
14681
|
"CVE-2026-39884",
|