npm - @blamejs/exceptd-skills - Versions diffs - 0.13.101 → 0.13.103 - Mend

@blamejs/exceptd-skills 0.13.101 → 0.13.103

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/CHANGELOG.md +8 -0
package/data/_indexes/_meta.json +9 -9
package/data/_indexes/activity-feed.json +2 -2
package/data/_indexes/catalog-summaries.json +2 -2
package/data/_indexes/chains.json +2558 -891
package/data/atlas-ttps.json +9 -1
package/data/attack-techniques.json +9 -0
package/data/cve-catalog.json +438 -98
package/data/cwe-catalog.json +5 -0
package/data/framework-control-gaps.json +45 -6
package/data/zeroday-lessons.json +200 -32
package/manifest.json +44 -44
package/package.json +2 -2
package/sbom.cdx.json +25 -25

package/data/atlas-ttps.json CHANGED Viewed

@@ -549,7 +549,9 @@
     "last_verified": "2026-05-19",
     "cve_refs": [
       "CVE-2023-44467",
+      "CVE-2024-12366",
       "CVE-2024-21513",
+      "CVE-2024-5565",
       "CVE-2025-53773",
       "CVE-2025-55319",
       "CVE-2025-68664",
@@ -1743,6 +1745,7 @@
       "CVE-2024-6587",
       "CVE-2025-30202",
       "CVE-2025-32444",
+      "CVE-2025-3248",
       "CVE-2025-64496",
       "CVE-2025-64513",
       "CVE-2025-67818",
@@ -1751,6 +1754,7 @@
       "CVE-2026-24214",
       "CVE-2026-24215",
       "CVE-2026-26190",
+      "CVE-2026-33017",
       "CVE-2026-34159",
       "CVE-2026-45829"
     ]
@@ -3277,7 +3281,11 @@
       "ATLAS"
     ],
     "stix_id": "attack-pattern--073f16fc-c4c0-5351-8a22-9c77aaaab91f",
-    "is_subtechnique": true
+    "is_subtechnique": true,
+    "cve_refs": [
+      "CVE-2024-12366",
+      "CVE-2024-5565"
+    ]
   },
   "AML.T0051.001": {
     "id": "AML.T0051.001",

package/data/attack-techniques.json CHANGED Viewed

@@ -281,6 +281,7 @@
       "CVE-2024-11392",
       "CVE-2024-11393",
       "CVE-2024-11394",
+      "CVE-2024-12366",
       "CVE-2024-13059",
       "CVE-2024-21513",
       "CVE-2024-21575",
@@ -289,6 +290,7 @@
       "CVE-2024-42479",
       "CVE-2024-4889",
       "CVE-2024-50050",
+      "CVE-2024-5565",
       "CVE-2025-1094",
       "CVE-2025-11837",
       "CVE-2025-1550",
@@ -297,6 +299,7 @@
       "CVE-2025-30165",
       "CVE-2025-32434",
       "CVE-2025-32444",
+      "CVE-2025-3248",
       "CVE-2025-33236",
       "CVE-2025-34291",
       "CVE-2025-49596",
@@ -323,6 +326,7 @@
       "CVE-2026-30624",
       "CVE-2026-30625",
       "CVE-2026-32202",
+      "CVE-2026-33017",
       "CVE-2026-34159",
       "CVE-2026-39884",
       "CVE-2026-39987",
@@ -373,8 +377,12 @@
     "version": "v19",
     "cve_refs": [
       "CVE-2023-44467",
+      "CVE-2024-12366",
       "CVE-2024-21513",
+      "CVE-2024-5565",
+      "CVE-2025-3248",
       "CVE-2025-49844",
+      "CVE-2026-33017",
       "MAL-2026-3083"
     ],
     "description_full": "Adversaries may abuse Python commands and scripts for execution. Python is a very popular scripting/programming language, with capabilities to perform many functions. Python can be executed interactively from the command-line (via the <code>python.exe</code> interpreter) or via scripts (.py) that can be written and distributed to different systems. Python code can also be compiled into binary executables.(Citation: Zscaler APT31 Covid-19 October 2020) Python comes with many built-in packages to interact with the underlying system, such as file operations and device I/O. Adversaries can use these libraries to download and execute commands or other scripts as well as perform various malicious behaviors.",
@@ -922,6 +930,7 @@
       "CVE-2025-32433",
       "CVE-2025-32444",
       "CVE-2025-32463",
+      "CVE-2025-3248",
       "CVE-2025-32706",
       "CVE-2025-32756",
       "CVE-2025-33053",