@blamejs/exceptd-skills 0.13.101 → 0.13.102

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +896 -0
  6. package/data/atlas-ttps.json +7 -1
  7. package/data/attack-techniques.json +4 -0
  8. package/data/cve-catalog.json +215 -0
  9. package/data/cwe-catalog.json +3 -0
  10. package/data/framework-control-gaps.json +20 -0
  11. package/data/zeroday-lessons.json +100 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/data/_indexes/chains.json CHANGED
@@ -38621,6 +38621,854 @@
38621
38621
  ]
38622
38622
  }
38623
38623
  },
38624
+ "CVE-2024-5565": {
38625
+ "name": "Vanna.AI Prompt Injection to Remote Code Execution",
38626
+ "rwep": 40,
38627
+ "cvss": 8.1,
38628
+ "cisa_kev": false,
38629
+ "epss_score": null,
38630
+ "referencing_skills": [
38631
+ "ai-attack-surface",
38632
+ "mcp-agent-trust",
38633
+ "compliance-theater",
38634
+ "rag-pipeline-security",
38635
+ "ai-c2-detection",
38636
+ "threat-modeling-methodology",
38637
+ "webapp-security",
38638
+ "api-security",
38639
+ "cloud-security",
38640
+ "container-runtime-security",
38641
+ "email-security-anti-phishing"
38642
+ ],
38643
+ "chain": {
38644
+ "cwes": [
38645
+ {
38646
+ "id": "CWE-1039",
38647
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
38648
+ "category": "AI/ML"
38649
+ },
38650
+ {
38651
+ "id": "CWE-1188",
38652
+ "name": "Initialization of a Resource with an Insecure Default",
38653
+ "category": "Configuration"
38654
+ },
38655
+ {
38656
+ "id": "CWE-1395",
38657
+ "name": "Dependency on Vulnerable Third-Party Component",
38658
+ "category": "Supply Chain"
38659
+ },
38660
+ {
38661
+ "id": "CWE-1426",
38662
+ "name": "Improper Validation of Generative AI Output",
38663
+ "category": "AI/ML"
38664
+ },
38665
+ {
38666
+ "id": "CWE-200",
38667
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
38668
+ "category": "Information Exposure"
38669
+ },
38670
+ {
38671
+ "id": "CWE-22",
38672
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
38673
+ "category": "Path/Resource"
38674
+ },
38675
+ {
38676
+ "id": "CWE-269",
38677
+ "name": "Improper Privilege Management",
38678
+ "category": "Authorization"
38679
+ },
38680
+ {
38681
+ "id": "CWE-287",
38682
+ "name": "Improper Authentication",
38683
+ "category": "Authentication"
38684
+ },
38685
+ {
38686
+ "id": "CWE-345",
38687
+ "name": "Insufficient Verification of Data Authenticity",
38688
+ "category": "Authenticity / Supply Chain"
38689
+ },
38690
+ {
38691
+ "id": "CWE-352",
38692
+ "name": "Cross-Site Request Forgery (CSRF)",
38693
+ "category": "Session"
38694
+ },
38695
+ {
38696
+ "id": "CWE-434",
38697
+ "name": "Unrestricted Upload of File with Dangerous Type",
38698
+ "category": "File Handling"
38699
+ },
38700
+ {
38701
+ "id": "CWE-494",
38702
+ "name": "Download of Code Without Integrity Check",
38703
+ "category": "Supply Chain"
38704
+ },
38705
+ {
38706
+ "id": "CWE-502",
38707
+ "name": "Deserialization of Untrusted Data",
38708
+ "category": "Serialization"
38709
+ },
38710
+ {
38711
+ "id": "CWE-732",
38712
+ "name": "Incorrect Permission Assignment for Critical Resource",
38713
+ "category": "Authorization"
38714
+ },
38715
+ {
38716
+ "id": "CWE-77",
38717
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
38718
+ "category": "Injection"
38719
+ },
38720
+ {
38721
+ "id": "CWE-78",
38722
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
38723
+ "category": "Injection"
38724
+ },
38725
+ {
38726
+ "id": "CWE-787",
38727
+ "name": "Out-of-bounds Write",
38728
+ "category": "Memory Safety"
38729
+ },
38730
+ {
38731
+ "id": "CWE-79",
38732
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
38733
+ "category": "Injection"
38734
+ },
38735
+ {
38736
+ "id": "CWE-798",
38737
+ "name": "Use of Hard-coded Credentials",
38738
+ "category": "Credentials"
38739
+ },
38740
+ {
38741
+ "id": "CWE-862",
38742
+ "name": "Missing Authorization",
38743
+ "category": "Authorization"
38744
+ },
38745
+ {
38746
+ "id": "CWE-863",
38747
+ "name": "Incorrect Authorization",
38748
+ "category": "Authorization"
38749
+ },
38750
+ {
38751
+ "id": "CWE-89",
38752
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
38753
+ "category": "Injection"
38754
+ },
38755
+ {
38756
+ "id": "CWE-918",
38757
+ "name": "Server-Side Request Forgery (SSRF)",
38758
+ "category": "Network"
38759
+ },
38760
+ {
38761
+ "id": "CWE-94",
38762
+ "name": "Improper Control of Generation of Code (Code Injection)",
38763
+ "category": "Injection"
38764
+ }
38765
+ ],
38766
+ "atlas": [
38767
+ {
38768
+ "id": "AML.T0010",
38769
+ "name": "ML Supply Chain Compromise",
38770
+ "tactic": "Initial Access"
38771
+ },
38772
+ {
38773
+ "id": "AML.T0016",
38774
+ "name": "Obtain Capabilities: Develop Capabilities",
38775
+ "tactic": "Resource Development"
38776
+ },
38777
+ {
38778
+ "id": "AML.T0017",
38779
+ "name": "Discover ML Model Ontology",
38780
+ "tactic": "Discovery"
38781
+ },
38782
+ {
38783
+ "id": "AML.T0018",
38784
+ "name": "Backdoor ML Model",
38785
+ "tactic": "Persistence"
38786
+ },
38787
+ {
38788
+ "id": "AML.T0020",
38789
+ "name": "Poison Training Data",
38790
+ "tactic": "ML Attack Staging"
38791
+ },
38792
+ {
38793
+ "id": "AML.T0043",
38794
+ "name": "Craft Adversarial Data",
38795
+ "tactic": "ML Attack Staging"
38796
+ },
38797
+ {
38798
+ "id": "AML.T0051",
38799
+ "name": "LLM Prompt Injection",
38800
+ "tactic": "Execution"
38801
+ },
38802
+ {
38803
+ "id": "AML.T0054",
38804
+ "name": "LLM Jailbreak",
38805
+ "tactic": "Defense Evasion"
38806
+ },
38807
+ {
38808
+ "id": "AML.T0096",
38809
+ "name": "AI API as Covert C2 Channel",
38810
+ "tactic": "Command and Control"
38811
+ }
38812
+ ],
38813
+ "d3fend": [
38814
+ {
38815
+ "id": "D3-CA",
38816
+ "name": "Certificate Analysis",
38817
+ "tactic": "Detect"
38818
+ },
38819
+ {
38820
+ "id": "D3-CBAN",
38821
+ "name": "Certificate-based Authentication",
38822
+ "tactic": "Harden"
38823
+ },
38824
+ {
38825
+ "id": "D3-CSPP",
38826
+ "name": "Client-server Payload Profiling",
38827
+ "tactic": "Detect"
38828
+ },
38829
+ {
38830
+ "id": "D3-DA",
38831
+ "name": "Domain Analysis",
38832
+ "tactic": "Detect"
38833
+ },
38834
+ {
38835
+ "id": "D3-EAL",
38836
+ "name": "Executable Allowlisting",
38837
+ "tactic": "Harden"
38838
+ },
38839
+ {
38840
+ "id": "D3-EHB",
38841
+ "name": "Executable Hashbased Allowlist",
38842
+ "tactic": "Harden"
38843
+ },
38844
+ {
38845
+ "id": "D3-IOPR",
38846
+ "name": "Input/Output Profiling Resource",
38847
+ "tactic": "Detect"
38848
+ },
38849
+ {
38850
+ "id": "D3-MFA",
38851
+ "name": "Multi-factor Authentication",
38852
+ "tactic": "Harden"
38853
+ },
38854
+ {
38855
+ "id": "D3-NI",
38856
+ "name": "Network Isolation",
38857
+ "tactic": "Isolate"
38858
+ },
38859
+ {
38860
+ "id": "D3-NTA",
38861
+ "name": "Network Traffic Analysis",
38862
+ "tactic": "Detect"
38863
+ },
38864
+ {
38865
+ "id": "D3-NTPM",
38866
+ "name": "Network Traffic Policy Mapping",
38867
+ "tactic": "Model"
38868
+ }
38869
+ ],
38870
+ "framework_gaps": [
38871
+ {
38872
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
38873
+ "framework": "ALL",
38874
+ "control_name": "AI Pipeline Integrity"
38875
+ },
38876
+ {
38877
+ "id": "ALL-MCP-TOOL-TRUST",
38878
+ "framework": "ALL",
38879
+ "control_name": "MCP/Agent Tool Trust Boundaries"
38880
+ },
38881
+ {
38882
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
38883
+ "framework": "ALL",
38884
+ "control_name": "Prompt Injection as Access Control Failure"
38885
+ },
38886
+ {
38887
+ "id": "CMMC-2.0-Level-2",
38888
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
38889
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
38890
+ },
38891
+ {
38892
+ "id": "FedRAMP-Rev5-Moderate",
38893
+ "framework": "FedRAMP Rev 5 Moderate",
38894
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
38895
+ },
38896
+ {
38897
+ "id": "ISO-27001-2022-A.8.16",
38898
+ "framework": "ISO/IEC 27001:2022",
38899
+ "control_name": "Monitoring activities"
38900
+ },
38901
+ {
38902
+ "id": "ISO-27001-2022-A.8.28",
38903
+ "framework": "ISO/IEC 27001:2022",
38904
+ "control_name": "Secure coding"
38905
+ },
38906
+ {
38907
+ "id": "ISO-27001-2022-A.8.30",
38908
+ "framework": "ISO/IEC 27001:2022",
38909
+ "control_name": "Outsourced development"
38910
+ },
38911
+ {
38912
+ "id": "ISO-IEC-23894-2023-clause-7",
38913
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
38914
+ "control_name": "AI risk management process"
38915
+ },
38916
+ {
38917
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
38918
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
38919
+ "control_name": "AI risk assessment"
38920
+ },
38921
+ {
38922
+ "id": "NIST-800-218-SSDF",
38923
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
38924
+ "control_name": "Secure Software Development Framework"
38925
+ },
38926
+ {
38927
+ "id": "NIST-800-53-AC-2",
38928
+ "framework": "NIST SP 800-53 Rev 5",
38929
+ "control_name": "Account Management"
38930
+ },
38931
+ {
38932
+ "id": "NIST-800-53-CM-7",
38933
+ "framework": "NIST SP 800-53 Rev 5",
38934
+ "control_name": "Least Functionality"
38935
+ },
38936
+ {
38937
+ "id": "NIST-800-53-SA-12",
38938
+ "framework": "NIST SP 800-53 Rev 5",
38939
+ "control_name": "Supply Chain Protection"
38940
+ },
38941
+ {
38942
+ "id": "NIST-800-53-SC-7",
38943
+ "framework": "NIST SP 800-53 Rev 5",
38944
+ "control_name": "Boundary Protection"
38945
+ },
38946
+ {
38947
+ "id": "NIST-800-53-SI-12",
38948
+ "framework": "NIST SP 800-53 Rev 5",
38949
+ "control_name": "Information Management and Retention"
38950
+ },
38951
+ {
38952
+ "id": "NIST-800-53-SI-3",
38953
+ "framework": "NIST SP 800-53 Rev 5",
38954
+ "control_name": "Malicious Code Protection"
38955
+ },
38956
+ {
38957
+ "id": "NIST-AI-RMF-MEASURE-2.5",
38958
+ "framework": "NIST AI RMF 1.0",
38959
+ "control_name": "AI system to human interaction evaluation"
38960
+ },
38961
+ {
38962
+ "id": "OWASP-ASVS-v5.0-V14",
38963
+ "framework": "OWASP ASVS v5.0",
38964
+ "control_name": "Configuration verification"
38965
+ },
38966
+ {
38967
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
38968
+ "framework": "OWASP Top 10 for LLM Applications 2025",
38969
+ "control_name": "Prompt Injection"
38970
+ },
38971
+ {
38972
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
38973
+ "framework": "OWASP Top 10 for LLM Applications 2025",
38974
+ "control_name": "Sensitive Information Disclosure"
38975
+ },
38976
+ {
38977
+ "id": "OWASP-LLM-Top-10-2025-LLM06",
38978
+ "framework": "OWASP Top 10 for LLM Applications 2025",
38979
+ "control_name": "Excessive Agency"
38980
+ },
38981
+ {
38982
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
38983
+ "framework": "OWASP Top 10 for LLM Applications 2025",
38984
+ "control_name": "Vector and Embedding Weaknesses"
38985
+ },
38986
+ {
38987
+ "id": "SLSA-v1.0-Build-L3",
38988
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
38989
+ "control_name": "Hardened build platform with non-falsifiable provenance"
38990
+ },
38991
+ {
38992
+ "id": "SOC2-CC6-logical-access",
38993
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
38994
+ "control_name": "Logical and Physical Access Controls"
38995
+ },
38996
+ {
38997
+ "id": "SOC2-CC7-anomaly-detection",
38998
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
38999
+ "control_name": "System Operations — Threat and Vulnerability Management"
39000
+ },
39001
+ {
39002
+ "id": "SOC2-CC9-vendor-management",
39003
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
39004
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
39005
+ },
39006
+ {
39007
+ "id": "SWIFT-CSCF-v2026-1.1",
39008
+ "framework": "SWIFT Customer Security Controls Framework v2026",
39009
+ "control_name": "SWIFT Environment Protection"
39010
+ }
39011
+ ],
39012
+ "attack_refs": [
39013
+ "T1059",
39014
+ "T1068",
39015
+ "T1071",
39016
+ "T1078",
39017
+ "T1102",
39018
+ "T1190",
39019
+ "T1195.001",
39020
+ "T1505",
39021
+ "T1530",
39022
+ "T1552",
39023
+ "T1565",
39024
+ "T1566",
39025
+ "T1566.001",
39026
+ "T1566.002",
39027
+ "T1566.003",
39028
+ "T1567",
39029
+ "T1568",
39030
+ "T1610",
39031
+ "T1611"
39032
+ ],
39033
+ "rfc_refs": [
39034
+ "RFC-6749",
39035
+ "RFC-7519",
39036
+ "RFC-8032",
39037
+ "RFC-8446",
39038
+ "RFC-8725",
39039
+ "RFC-9000",
39040
+ "RFC-9114",
39041
+ "RFC-9180",
39042
+ "RFC-9421",
39043
+ "RFC-9458",
39044
+ "RFC-9700"
39045
+ ]
39046
+ }
39047
+ },
39048
+ "CVE-2024-12366": {
39049
+ "name": "PandasAI Prompt Injection to Remote Code Execution",
39050
+ "rwep": 46,
39051
+ "cvss": 9.8,
39052
+ "cisa_kev": false,
39053
+ "epss_score": null,
39054
+ "referencing_skills": [
39055
+ "ai-attack-surface",
39056
+ "mcp-agent-trust",
39057
+ "compliance-theater",
39058
+ "rag-pipeline-security",
39059
+ "ai-c2-detection",
39060
+ "threat-modeling-methodology",
39061
+ "webapp-security",
39062
+ "api-security",
39063
+ "cloud-security",
39064
+ "container-runtime-security",
39065
+ "email-security-anti-phishing"
39066
+ ],
39067
+ "chain": {
39068
+ "cwes": [
39069
+ {
39070
+ "id": "CWE-1039",
39071
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
39072
+ "category": "AI/ML"
39073
+ },
39074
+ {
39075
+ "id": "CWE-1188",
39076
+ "name": "Initialization of a Resource with an Insecure Default",
39077
+ "category": "Configuration"
39078
+ },
39079
+ {
39080
+ "id": "CWE-1395",
39081
+ "name": "Dependency on Vulnerable Third-Party Component",
39082
+ "category": "Supply Chain"
39083
+ },
39084
+ {
39085
+ "id": "CWE-1426",
39086
+ "name": "Improper Validation of Generative AI Output",
39087
+ "category": "AI/ML"
39088
+ },
39089
+ {
39090
+ "id": "CWE-200",
39091
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
39092
+ "category": "Information Exposure"
39093
+ },
39094
+ {
39095
+ "id": "CWE-22",
39096
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
39097
+ "category": "Path/Resource"
39098
+ },
39099
+ {
39100
+ "id": "CWE-269",
39101
+ "name": "Improper Privilege Management",
39102
+ "category": "Authorization"
39103
+ },
39104
+ {
39105
+ "id": "CWE-287",
39106
+ "name": "Improper Authentication",
39107
+ "category": "Authentication"
39108
+ },
39109
+ {
39110
+ "id": "CWE-345",
39111
+ "name": "Insufficient Verification of Data Authenticity",
39112
+ "category": "Authenticity / Supply Chain"
39113
+ },
39114
+ {
39115
+ "id": "CWE-352",
39116
+ "name": "Cross-Site Request Forgery (CSRF)",
39117
+ "category": "Session"
39118
+ },
39119
+ {
39120
+ "id": "CWE-434",
39121
+ "name": "Unrestricted Upload of File with Dangerous Type",
39122
+ "category": "File Handling"
39123
+ },
39124
+ {
39125
+ "id": "CWE-494",
39126
+ "name": "Download of Code Without Integrity Check",
39127
+ "category": "Supply Chain"
39128
+ },
39129
+ {
39130
+ "id": "CWE-502",
39131
+ "name": "Deserialization of Untrusted Data",
39132
+ "category": "Serialization"
39133
+ },
39134
+ {
39135
+ "id": "CWE-732",
39136
+ "name": "Incorrect Permission Assignment for Critical Resource",
39137
+ "category": "Authorization"
39138
+ },
39139
+ {
39140
+ "id": "CWE-77",
39141
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
39142
+ "category": "Injection"
39143
+ },
39144
+ {
39145
+ "id": "CWE-78",
39146
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
39147
+ "category": "Injection"
39148
+ },
39149
+ {
39150
+ "id": "CWE-787",
39151
+ "name": "Out-of-bounds Write",
39152
+ "category": "Memory Safety"
39153
+ },
39154
+ {
39155
+ "id": "CWE-79",
39156
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
39157
+ "category": "Injection"
39158
+ },
39159
+ {
39160
+ "id": "CWE-798",
39161
+ "name": "Use of Hard-coded Credentials",
39162
+ "category": "Credentials"
39163
+ },
39164
+ {
39165
+ "id": "CWE-862",
39166
+ "name": "Missing Authorization",
39167
+ "category": "Authorization"
39168
+ },
39169
+ {
39170
+ "id": "CWE-863",
39171
+ "name": "Incorrect Authorization",
39172
+ "category": "Authorization"
39173
+ },
39174
+ {
39175
+ "id": "CWE-89",
39176
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
39177
+ "category": "Injection"
39178
+ },
39179
+ {
39180
+ "id": "CWE-918",
39181
+ "name": "Server-Side Request Forgery (SSRF)",
39182
+ "category": "Network"
39183
+ },
39184
+ {
39185
+ "id": "CWE-94",
39186
+ "name": "Improper Control of Generation of Code (Code Injection)",
39187
+ "category": "Injection"
39188
+ }
39189
+ ],
39190
+ "atlas": [
39191
+ {
39192
+ "id": "AML.T0010",
39193
+ "name": "ML Supply Chain Compromise",
39194
+ "tactic": "Initial Access"
39195
+ },
39196
+ {
39197
+ "id": "AML.T0016",
39198
+ "name": "Obtain Capabilities: Develop Capabilities",
39199
+ "tactic": "Resource Development"
39200
+ },
39201
+ {
39202
+ "id": "AML.T0017",
39203
+ "name": "Discover ML Model Ontology",
39204
+ "tactic": "Discovery"
39205
+ },
39206
+ {
39207
+ "id": "AML.T0018",
39208
+ "name": "Backdoor ML Model",
39209
+ "tactic": "Persistence"
39210
+ },
39211
+ {
39212
+ "id": "AML.T0020",
39213
+ "name": "Poison Training Data",
39214
+ "tactic": "ML Attack Staging"
39215
+ },
39216
+ {
39217
+ "id": "AML.T0043",
39218
+ "name": "Craft Adversarial Data",
39219
+ "tactic": "ML Attack Staging"
39220
+ },
39221
+ {
39222
+ "id": "AML.T0051",
39223
+ "name": "LLM Prompt Injection",
39224
+ "tactic": "Execution"
39225
+ },
39226
+ {
39227
+ "id": "AML.T0054",
39228
+ "name": "LLM Jailbreak",
39229
+ "tactic": "Defense Evasion"
39230
+ },
39231
+ {
39232
+ "id": "AML.T0096",
39233
+ "name": "AI API as Covert C2 Channel",
39234
+ "tactic": "Command and Control"
39235
+ }
39236
+ ],
39237
+ "d3fend": [
39238
+ {
39239
+ "id": "D3-CA",
39240
+ "name": "Certificate Analysis",
39241
+ "tactic": "Detect"
39242
+ },
39243
+ {
39244
+ "id": "D3-CBAN",
39245
+ "name": "Certificate-based Authentication",
39246
+ "tactic": "Harden"
39247
+ },
39248
+ {
39249
+ "id": "D3-CSPP",
39250
+ "name": "Client-server Payload Profiling",
39251
+ "tactic": "Detect"
39252
+ },
39253
+ {
39254
+ "id": "D3-DA",
39255
+ "name": "Domain Analysis",
39256
+ "tactic": "Detect"
39257
+ },
39258
+ {
39259
+ "id": "D3-EAL",
39260
+ "name": "Executable Allowlisting",
39261
+ "tactic": "Harden"
39262
+ },
39263
+ {
39264
+ "id": "D3-EHB",
39265
+ "name": "Executable Hashbased Allowlist",
39266
+ "tactic": "Harden"
39267
+ },
39268
+ {
39269
+ "id": "D3-IOPR",
39270
+ "name": "Input/Output Profiling Resource",
39271
+ "tactic": "Detect"
39272
+ },
39273
+ {
39274
+ "id": "D3-MFA",
39275
+ "name": "Multi-factor Authentication",
39276
+ "tactic": "Harden"
39277
+ },
39278
+ {
39279
+ "id": "D3-NI",
39280
+ "name": "Network Isolation",
39281
+ "tactic": "Isolate"
39282
+ },
39283
+ {
39284
+ "id": "D3-NTA",
39285
+ "name": "Network Traffic Analysis",
39286
+ "tactic": "Detect"
39287
+ },
39288
+ {
39289
+ "id": "D3-NTPM",
39290
+ "name": "Network Traffic Policy Mapping",
39291
+ "tactic": "Model"
39292
+ }
39293
+ ],
39294
+ "framework_gaps": [
39295
+ {
39296
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
39297
+ "framework": "ALL",
39298
+ "control_name": "AI Pipeline Integrity"
39299
+ },
39300
+ {
39301
+ "id": "ALL-MCP-TOOL-TRUST",
39302
+ "framework": "ALL",
39303
+ "control_name": "MCP/Agent Tool Trust Boundaries"
39304
+ },
39305
+ {
39306
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
39307
+ "framework": "ALL",
39308
+ "control_name": "Prompt Injection as Access Control Failure"
39309
+ },
39310
+ {
39311
+ "id": "CMMC-2.0-Level-2",
39312
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
39313
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
39314
+ },
39315
+ {
39316
+ "id": "FedRAMP-Rev5-Moderate",
39317
+ "framework": "FedRAMP Rev 5 Moderate",
39318
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
39319
+ },
39320
+ {
39321
+ "id": "ISO-27001-2022-A.8.16",
39322
+ "framework": "ISO/IEC 27001:2022",
39323
+ "control_name": "Monitoring activities"
39324
+ },
39325
+ {
39326
+ "id": "ISO-27001-2022-A.8.28",
39327
+ "framework": "ISO/IEC 27001:2022",
39328
+ "control_name": "Secure coding"
39329
+ },
39330
+ {
39331
+ "id": "ISO-27001-2022-A.8.30",
39332
+ "framework": "ISO/IEC 27001:2022",
39333
+ "control_name": "Outsourced development"
39334
+ },
39335
+ {
39336
+ "id": "ISO-IEC-23894-2023-clause-7",
39337
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
39338
+ "control_name": "AI risk management process"
39339
+ },
39340
+ {
39341
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
39342
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
39343
+ "control_name": "AI risk assessment"
39344
+ },
39345
+ {
39346
+ "id": "NIST-800-218-SSDF",
39347
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
39348
+ "control_name": "Secure Software Development Framework"
39349
+ },
39350
+ {
39351
+ "id": "NIST-800-53-AC-2",
39352
+ "framework": "NIST SP 800-53 Rev 5",
39353
+ "control_name": "Account Management"
39354
+ },
39355
+ {
39356
+ "id": "NIST-800-53-CM-7",
39357
+ "framework": "NIST SP 800-53 Rev 5",
39358
+ "control_name": "Least Functionality"
39359
+ },
39360
+ {
39361
+ "id": "NIST-800-53-SA-12",
39362
+ "framework": "NIST SP 800-53 Rev 5",
39363
+ "control_name": "Supply Chain Protection"
39364
+ },
39365
+ {
39366
+ "id": "NIST-800-53-SC-7",
39367
+ "framework": "NIST SP 800-53 Rev 5",
39368
+ "control_name": "Boundary Protection"
39369
+ },
39370
+ {
39371
+ "id": "NIST-800-53-SI-12",
39372
+ "framework": "NIST SP 800-53 Rev 5",
39373
+ "control_name": "Information Management and Retention"
39374
+ },
39375
+ {
39376
+ "id": "NIST-800-53-SI-3",
39377
+ "framework": "NIST SP 800-53 Rev 5",
39378
+ "control_name": "Malicious Code Protection"
39379
+ },
39380
+ {
39381
+ "id": "NIST-AI-RMF-MEASURE-2.5",
39382
+ "framework": "NIST AI RMF 1.0",
39383
+ "control_name": "AI system to human interaction evaluation"
39384
+ },
39385
+ {
39386
+ "id": "OWASP-ASVS-v5.0-V14",
39387
+ "framework": "OWASP ASVS v5.0",
39388
+ "control_name": "Configuration verification"
39389
+ },
39390
+ {
39391
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
39392
+ "framework": "OWASP Top 10 for LLM Applications 2025",
39393
+ "control_name": "Prompt Injection"
39394
+ },
39395
+ {
39396
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
39397
+ "framework": "OWASP Top 10 for LLM Applications 2025",
39398
+ "control_name": "Sensitive Information Disclosure"
39399
+ },
39400
+ {
39401
+ "id": "OWASP-LLM-Top-10-2025-LLM06",
39402
+ "framework": "OWASP Top 10 for LLM Applications 2025",
39403
+ "control_name": "Excessive Agency"
39404
+ },
39405
+ {
39406
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
39407
+ "framework": "OWASP Top 10 for LLM Applications 2025",
39408
+ "control_name": "Vector and Embedding Weaknesses"
39409
+ },
39410
+ {
39411
+ "id": "SLSA-v1.0-Build-L3",
39412
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
39413
+ "control_name": "Hardened build platform with non-falsifiable provenance"
39414
+ },
39415
+ {
39416
+ "id": "SOC2-CC6-logical-access",
39417
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
39418
+ "control_name": "Logical and Physical Access Controls"
39419
+ },
39420
+ {
39421
+ "id": "SOC2-CC7-anomaly-detection",
39422
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
39423
+ "control_name": "System Operations — Threat and Vulnerability Management"
39424
+ },
39425
+ {
39426
+ "id": "SOC2-CC9-vendor-management",
39427
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
39428
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
39429
+ },
39430
+ {
39431
+ "id": "SWIFT-CSCF-v2026-1.1",
39432
+ "framework": "SWIFT Customer Security Controls Framework v2026",
39433
+ "control_name": "SWIFT Environment Protection"
39434
+ }
39435
+ ],
39436
+ "attack_refs": [
39437
+ "T1059",
39438
+ "T1068",
39439
+ "T1071",
39440
+ "T1078",
39441
+ "T1102",
39442
+ "T1190",
39443
+ "T1195.001",
39444
+ "T1505",
39445
+ "T1530",
39446
+ "T1552",
39447
+ "T1565",
39448
+ "T1566",
39449
+ "T1566.001",
39450
+ "T1566.002",
39451
+ "T1566.003",
39452
+ "T1567",
39453
+ "T1568",
39454
+ "T1610",
39455
+ "T1611"
39456
+ ],
39457
+ "rfc_refs": [
39458
+ "RFC-6749",
39459
+ "RFC-7519",
39460
+ "RFC-8032",
39461
+ "RFC-8446",
39462
+ "RFC-8725",
39463
+ "RFC-9000",
39464
+ "RFC-9114",
39465
+ "RFC-9180",
39466
+ "RFC-9421",
39467
+ "RFC-9458",
39468
+ "RFC-9700"
39469
+ ]
39470
+ }
39471
+ },
38624
39472
  "CVE-2026-41091": {
38625
39473
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
38626
39474
  "rwep": 45,
@@ -65009,6 +65857,7 @@
65009
65857
  "CVE-2024-11392",
65010
65858
  "CVE-2024-11393",
65011
65859
  "CVE-2024-11394",
65860
+ "CVE-2024-12366",
65012
65861
  "CVE-2024-13059",
65013
65862
  "CVE-2024-1561",
65014
65863
  "CVE-2024-21513",
@@ -65023,6 +65872,7 @@
65023
65872
  "CVE-2024-42479",
65024
65873
  "CVE-2024-4889",
65025
65874
  "CVE-2024-50050",
65875
+ "CVE-2024-5565",
65026
65876
  "CVE-2024-6587",
65027
65877
  "CVE-2025-0133",
65028
65878
  "CVE-2025-10585",
@@ -65260,8 +66110,10 @@
65260
66110
  "related_cves": [
65261
66111
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
65262
66112
  "CVE-2023-43472",
66113
+ "CVE-2024-12366",
65263
66114
  "CVE-2024-3094",
65264
66115
  "CVE-2024-3154",
66116
+ "CVE-2024-5565",
65265
66117
  "CVE-2025-0133",
65266
66118
  "CVE-2025-1094",
65267
66119
  "CVE-2025-49844",
@@ -65417,6 +66269,7 @@
65417
66269
  "CVE-2024-11392",
65418
66270
  "CVE-2024-11393",
65419
66271
  "CVE-2024-11394",
66272
+ "CVE-2024-12366",
65420
66273
  "CVE-2024-13059",
65421
66274
  "CVE-2024-1561",
65422
66275
  "CVE-2024-21513",
@@ -65429,6 +66282,7 @@
65429
66282
  "CVE-2024-42479",
65430
66283
  "CVE-2024-4889",
65431
66284
  "CVE-2024-50050",
66285
+ "CVE-2024-5565",
65432
66286
  "CVE-2024-6587",
65433
66287
  "CVE-2025-0133",
65434
66288
  "CVE-2025-10585",
@@ -65616,6 +66470,7 @@
65616
66470
  "CVE-2024-11392",
65617
66471
  "CVE-2024-11393",
65618
66472
  "CVE-2024-11394",
66473
+ "CVE-2024-12366",
65619
66474
  "CVE-2024-13059",
65620
66475
  "CVE-2024-1561",
65621
66476
  "CVE-2024-21513",
@@ -65628,6 +66483,7 @@
65628
66483
  "CVE-2024-42479",
65629
66484
  "CVE-2024-4889",
65630
66485
  "CVE-2024-50050",
66486
+ "CVE-2024-5565",
65631
66487
  "CVE-2024-6587",
65632
66488
  "CVE-2025-0133",
65633
66489
  "CVE-2025-10585",
@@ -65829,6 +66685,7 @@
65829
66685
  "CVE-2024-11392",
65830
66686
  "CVE-2024-11393",
65831
66687
  "CVE-2024-11394",
66688
+ "CVE-2024-12366",
65832
66689
  "CVE-2024-13059",
65833
66690
  "CVE-2024-1561",
65834
66691
  "CVE-2024-21513",
@@ -65841,6 +66698,7 @@
65841
66698
  "CVE-2024-42479",
65842
66699
  "CVE-2024-4889",
65843
66700
  "CVE-2024-50050",
66701
+ "CVE-2024-5565",
65844
66702
  "CVE-2024-6587",
65845
66703
  "CVE-2025-0133",
65846
66704
  "CVE-2025-10585",
@@ -66146,6 +67004,7 @@
66146
67004
  "CVE-2024-11392",
66147
67005
  "CVE-2024-11393",
66148
67006
  "CVE-2024-11394",
67007
+ "CVE-2024-12366",
66149
67008
  "CVE-2024-13059",
66150
67009
  "CVE-2024-1561",
66151
67010
  "CVE-2024-21513",
@@ -66160,6 +67019,7 @@
66160
67019
  "CVE-2024-42479",
66161
67020
  "CVE-2024-4889",
66162
67021
  "CVE-2024-50050",
67022
+ "CVE-2024-5565",
66163
67023
  "CVE-2024-6587",
66164
67024
  "CVE-2025-0133",
66165
67025
  "CVE-2025-1094",
@@ -66903,6 +67763,7 @@
66903
67763
  "CVE-2023-48022",
66904
67764
  "CVE-2023-51449",
66905
67765
  "CVE-2024-0132",
67766
+ "CVE-2024-12366",
66906
67767
  "CVE-2024-1561",
66907
67768
  "CVE-2024-21575",
66908
67769
  "CVE-2024-21576",
@@ -66911,6 +67772,7 @@
66911
67772
  "CVE-2024-40635",
66912
67773
  "CVE-2024-42478",
66913
67774
  "CVE-2024-42479",
67775
+ "CVE-2024-5565",
66914
67776
  "CVE-2025-0133",
66915
67777
  "CVE-2025-1094",
66916
67778
  "CVE-2025-14847",
@@ -67280,6 +68142,7 @@
67280
68142
  "CVE-2024-11392",
67281
68143
  "CVE-2024-11393",
67282
68144
  "CVE-2024-11394",
68145
+ "CVE-2024-12366",
67283
68146
  "CVE-2024-13059",
67284
68147
  "CVE-2024-1561",
67285
68148
  "CVE-2024-21513",
@@ -67294,6 +68157,7 @@
67294
68157
  "CVE-2024-42479",
67295
68158
  "CVE-2024-4889",
67296
68159
  "CVE-2024-50050",
68160
+ "CVE-2024-5565",
67297
68161
  "CVE-2024-6587",
67298
68162
  "CVE-2025-0133",
67299
68163
  "CVE-2025-10585",
@@ -67918,6 +68782,7 @@
67918
68782
  "CVE-2024-11392",
67919
68783
  "CVE-2024-11393",
67920
68784
  "CVE-2024-11394",
68785
+ "CVE-2024-12366",
67921
68786
  "CVE-2024-13059",
67922
68787
  "CVE-2024-1561",
67923
68788
  "CVE-2024-21513",
@@ -67932,6 +68797,7 @@
67932
68797
  "CVE-2024-42479",
67933
68798
  "CVE-2024-4889",
67934
68799
  "CVE-2024-50050",
68800
+ "CVE-2024-5565",
67935
68801
  "CVE-2024-6587",
67936
68802
  "CVE-2025-0133",
67937
68803
  "CVE-2025-10585",
@@ -68654,8 +69520,10 @@
68654
69520
  },
68655
69521
  "related_cves": [
68656
69522
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
69523
+ "CVE-2024-12366",
68657
69524
  "CVE-2024-3094",
68658
69525
  "CVE-2024-3154",
69526
+ "CVE-2024-5565",
68659
69527
  "CVE-2025-49844",
68660
69528
  "CVE-2025-53773",
68661
69529
  "CVE-2026-30615",
@@ -68896,6 +69764,7 @@
68896
69764
  "CVE-2024-11392",
68897
69765
  "CVE-2024-11393",
68898
69766
  "CVE-2024-11394",
69767
+ "CVE-2024-12366",
68899
69768
  "CVE-2024-13059",
68900
69769
  "CVE-2024-1561",
68901
69770
  "CVE-2024-21513",
@@ -68910,6 +69779,7 @@
68910
69779
  "CVE-2024-42479",
68911
69780
  "CVE-2024-4889",
68912
69781
  "CVE-2024-50050",
69782
+ "CVE-2024-5565",
68913
69783
  "CVE-2024-6587",
68914
69784
  "CVE-2025-0133",
68915
69785
  "CVE-2025-10585",
@@ -70125,6 +70995,7 @@
70125
70995
  "CVE-2024-11392",
70126
70996
  "CVE-2024-11393",
70127
70997
  "CVE-2024-11394",
70998
+ "CVE-2024-12366",
70128
70999
  "CVE-2024-13059",
70129
71000
  "CVE-2024-1561",
70130
71001
  "CVE-2024-21513",
@@ -70139,6 +71010,7 @@
70139
71010
  "CVE-2024-42479",
70140
71011
  "CVE-2024-4889",
70141
71012
  "CVE-2024-50050",
71013
+ "CVE-2024-5565",
70142
71014
  "CVE-2024-6587",
70143
71015
  "CVE-2025-0133",
70144
71016
  "CVE-2025-10585",
@@ -70388,8 +71260,10 @@
70388
71260
  },
70389
71261
  "related_cves": [
70390
71262
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
71263
+ "CVE-2024-12366",
70391
71264
  "CVE-2024-3094",
70392
71265
  "CVE-2024-3154",
71266
+ "CVE-2024-5565",
70393
71267
  "CVE-2025-49844",
70394
71268
  "CVE-2025-53773",
70395
71269
  "CVE-2026-30615",
@@ -70580,7 +71454,9 @@
70580
71454
  },
70581
71455
  "related_cves": [
70582
71456
  "CVE-2023-43472",
71457
+ "CVE-2024-12366",
70583
71458
  "CVE-2024-3094",
71459
+ "CVE-2024-5565",
70584
71460
  "CVE-2025-0133",
70585
71461
  "CVE-2025-1094",
70586
71462
  "CVE-2025-6965",
@@ -71511,6 +72387,7 @@
71511
72387
  "CVE-2024-11392",
71512
72388
  "CVE-2024-11393",
71513
72389
  "CVE-2024-11394",
72390
+ "CVE-2024-12366",
71514
72391
  "CVE-2024-13059",
71515
72392
  "CVE-2024-1561",
71516
72393
  "CVE-2024-21513",
@@ -71525,6 +72402,7 @@
71525
72402
  "CVE-2024-42479",
71526
72403
  "CVE-2024-4889",
71527
72404
  "CVE-2024-50050",
72405
+ "CVE-2024-5565",
71528
72406
  "CVE-2024-6587",
71529
72407
  "CVE-2025-0133",
71530
72408
  "CVE-2025-10585",
@@ -71871,6 +72749,7 @@
71871
72749
  "CVE-2024-11392",
71872
72750
  "CVE-2024-11393",
71873
72751
  "CVE-2024-11394",
72752
+ "CVE-2024-12366",
71874
72753
  "CVE-2024-12987",
71875
72754
  "CVE-2024-13059",
71876
72755
  "CVE-2024-1561",
@@ -71894,6 +72773,7 @@
71894
72773
  "CVE-2024-4889",
71895
72774
  "CVE-2024-50050",
71896
72775
  "CVE-2024-54085",
72776
+ "CVE-2024-5565",
71897
72777
  "CVE-2024-56145",
71898
72778
  "CVE-2024-57726",
71899
72779
  "CVE-2024-57728",
@@ -72442,6 +73322,7 @@
72442
73322
  "CVE-2024-11392",
72443
73323
  "CVE-2024-11393",
72444
73324
  "CVE-2024-11394",
73325
+ "CVE-2024-12366",
72445
73326
  "CVE-2024-13059",
72446
73327
  "CVE-2024-1561",
72447
73328
  "CVE-2024-21513",
@@ -72456,6 +73337,7 @@
72456
73337
  "CVE-2024-42479",
72457
73338
  "CVE-2024-4889",
72458
73339
  "CVE-2024-50050",
73340
+ "CVE-2024-5565",
72459
73341
  "CVE-2024-6587",
72460
73342
  "CVE-2025-10585",
72461
73343
  "CVE-2025-1094",
@@ -72808,8 +73690,10 @@
72808
73690
  "related_cves": [
72809
73691
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
72810
73692
  "CVE-2023-43472",
73693
+ "CVE-2024-12366",
72811
73694
  "CVE-2024-3094",
72812
73695
  "CVE-2024-3154",
73696
+ "CVE-2024-5565",
72813
73697
  "CVE-2025-0133",
72814
73698
  "CVE-2025-1094",
72815
73699
  "CVE-2025-49844",
@@ -73092,7 +73976,9 @@
73092
73976
  },
73093
73977
  "related_cves": [
73094
73978
  "CVE-2023-43472",
73979
+ "CVE-2024-12366",
73095
73980
  "CVE-2024-3094",
73981
+ "CVE-2024-5565",
73096
73982
  "CVE-2025-0133",
73097
73983
  "CVE-2025-1094",
73098
73984
  "CVE-2025-53773",
@@ -73415,6 +74301,7 @@
73415
74301
  "CVE-2024-11392",
73416
74302
  "CVE-2024-11393",
73417
74303
  "CVE-2024-11394",
74304
+ "CVE-2024-12366",
73418
74305
  "CVE-2024-13059",
73419
74306
  "CVE-2024-1561",
73420
74307
  "CVE-2024-21513",
@@ -73429,6 +74316,7 @@
73429
74316
  "CVE-2024-42479",
73430
74317
  "CVE-2024-4889",
73431
74318
  "CVE-2024-50050",
74319
+ "CVE-2024-5565",
73432
74320
  "CVE-2024-6587",
73433
74321
  "CVE-2025-0133",
73434
74322
  "CVE-2025-10585",
@@ -73759,6 +74647,7 @@
73759
74647
  "CVE-2024-11392",
73760
74648
  "CVE-2024-11393",
73761
74649
  "CVE-2024-11394",
74650
+ "CVE-2024-12366",
73762
74651
  "CVE-2024-13059",
73763
74652
  "CVE-2024-1561",
73764
74653
  "CVE-2024-21513",
@@ -73771,6 +74660,7 @@
73771
74660
  "CVE-2024-42479",
73772
74661
  "CVE-2024-4889",
73773
74662
  "CVE-2024-50050",
74663
+ "CVE-2024-5565",
73774
74664
  "CVE-2024-6587",
73775
74665
  "CVE-2025-0133",
73776
74666
  "CVE-2025-1094",
@@ -73971,8 +74861,10 @@
73971
74861
  "related_cves": [
73972
74862
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
73973
74863
  "CVE-2023-43472",
74864
+ "CVE-2024-12366",
73974
74865
  "CVE-2024-3094",
73975
74866
  "CVE-2024-3154",
74867
+ "CVE-2024-5565",
73976
74868
  "CVE-2025-0133",
73977
74869
  "CVE-2025-1094",
73978
74870
  "CVE-2025-49844",
@@ -74695,6 +75587,7 @@
74695
75587
  "CVE-2024-11392",
74696
75588
  "CVE-2024-11393",
74697
75589
  "CVE-2024-11394",
75590
+ "CVE-2024-12366",
74698
75591
  "CVE-2024-13059",
74699
75592
  "CVE-2024-1561",
74700
75593
  "CVE-2024-21513",
@@ -74709,6 +75602,7 @@
74709
75602
  "CVE-2024-42479",
74710
75603
  "CVE-2024-4889",
74711
75604
  "CVE-2024-50050",
75605
+ "CVE-2024-5565",
74712
75606
  "CVE-2024-6587",
74713
75607
  "CVE-2025-0133",
74714
75608
  "CVE-2025-10585",
@@ -75025,6 +75919,7 @@
75025
75919
  "CVE-2024-11392",
75026
75920
  "CVE-2024-11393",
75027
75921
  "CVE-2024-11394",
75922
+ "CVE-2024-12366",
75028
75923
  "CVE-2024-13059",
75029
75924
  "CVE-2024-1561",
75030
75925
  "CVE-2024-21513",
@@ -75039,6 +75934,7 @@
75039
75934
  "CVE-2024-42479",
75040
75935
  "CVE-2024-4889",
75041
75936
  "CVE-2024-50050",
75937
+ "CVE-2024-5565",
75042
75938
  "CVE-2024-6587",
75043
75939
  "CVE-2025-0133",
75044
75940
  "CVE-2025-1094",