@blamejs/exceptd-skills 0.13.103 → 0.13.105

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +8 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +1486 -0
  6. package/data/atlas-ttps.json +9 -0
  7. package/data/attack-techniques.json +14 -1
  8. package/data/cve-catalog.json +426 -0
  9. package/data/cwe-catalog.json +4 -0
  10. package/data/framework-control-gaps.json +36 -0
  11. package/data/zeroday-lessons.json +200 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/data/_indexes/chains.json CHANGED
@@ -40198,6 +40198,1416 @@
40198
40198
  ]
40199
40199
  }
40200
40200
  },
40201
+ "CVE-2024-24590": {
40202
+ "name": "ClearML Client SDK Artifact Deserialization Remote Code Execution",
40203
+ "rwep": 42,
40204
+ "cvss": 8.8,
40205
+ "cisa_kev": false,
40206
+ "epss_score": null,
40207
+ "referencing_skills": [
40208
+ "ai-attack-surface",
40209
+ "mcp-agent-trust",
40210
+ "compliance-theater",
40211
+ "rag-pipeline-security",
40212
+ "threat-modeling-methodology",
40213
+ "webapp-security",
40214
+ "api-security",
40215
+ "cloud-security",
40216
+ "container-runtime-security"
40217
+ ],
40218
+ "chain": {
40219
+ "cwes": [
40220
+ {
40221
+ "id": "CWE-1039",
40222
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
40223
+ "category": "AI/ML"
40224
+ },
40225
+ {
40226
+ "id": "CWE-1188",
40227
+ "name": "Initialization of a Resource with an Insecure Default",
40228
+ "category": "Configuration"
40229
+ },
40230
+ {
40231
+ "id": "CWE-1395",
40232
+ "name": "Dependency on Vulnerable Third-Party Component",
40233
+ "category": "Supply Chain"
40234
+ },
40235
+ {
40236
+ "id": "CWE-1426",
40237
+ "name": "Improper Validation of Generative AI Output",
40238
+ "category": "AI/ML"
40239
+ },
40240
+ {
40241
+ "id": "CWE-200",
40242
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
40243
+ "category": "Information Exposure"
40244
+ },
40245
+ {
40246
+ "id": "CWE-22",
40247
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
40248
+ "category": "Path/Resource"
40249
+ },
40250
+ {
40251
+ "id": "CWE-269",
40252
+ "name": "Improper Privilege Management",
40253
+ "category": "Authorization"
40254
+ },
40255
+ {
40256
+ "id": "CWE-287",
40257
+ "name": "Improper Authentication",
40258
+ "category": "Authentication"
40259
+ },
40260
+ {
40261
+ "id": "CWE-345",
40262
+ "name": "Insufficient Verification of Data Authenticity",
40263
+ "category": "Authenticity / Supply Chain"
40264
+ },
40265
+ {
40266
+ "id": "CWE-352",
40267
+ "name": "Cross-Site Request Forgery (CSRF)",
40268
+ "category": "Session"
40269
+ },
40270
+ {
40271
+ "id": "CWE-434",
40272
+ "name": "Unrestricted Upload of File with Dangerous Type",
40273
+ "category": "File Handling"
40274
+ },
40275
+ {
40276
+ "id": "CWE-494",
40277
+ "name": "Download of Code Without Integrity Check",
40278
+ "category": "Supply Chain"
40279
+ },
40280
+ {
40281
+ "id": "CWE-502",
40282
+ "name": "Deserialization of Untrusted Data",
40283
+ "category": "Serialization"
40284
+ },
40285
+ {
40286
+ "id": "CWE-732",
40287
+ "name": "Incorrect Permission Assignment for Critical Resource",
40288
+ "category": "Authorization"
40289
+ },
40290
+ {
40291
+ "id": "CWE-77",
40292
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
40293
+ "category": "Injection"
40294
+ },
40295
+ {
40296
+ "id": "CWE-78",
40297
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
40298
+ "category": "Injection"
40299
+ },
40300
+ {
40301
+ "id": "CWE-787",
40302
+ "name": "Out-of-bounds Write",
40303
+ "category": "Memory Safety"
40304
+ },
40305
+ {
40306
+ "id": "CWE-79",
40307
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
40308
+ "category": "Injection"
40309
+ },
40310
+ {
40311
+ "id": "CWE-798",
40312
+ "name": "Use of Hard-coded Credentials",
40313
+ "category": "Credentials"
40314
+ },
40315
+ {
40316
+ "id": "CWE-862",
40317
+ "name": "Missing Authorization",
40318
+ "category": "Authorization"
40319
+ },
40320
+ {
40321
+ "id": "CWE-863",
40322
+ "name": "Incorrect Authorization",
40323
+ "category": "Authorization"
40324
+ },
40325
+ {
40326
+ "id": "CWE-89",
40327
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
40328
+ "category": "Injection"
40329
+ },
40330
+ {
40331
+ "id": "CWE-918",
40332
+ "name": "Server-Side Request Forgery (SSRF)",
40333
+ "category": "Network"
40334
+ },
40335
+ {
40336
+ "id": "CWE-94",
40337
+ "name": "Improper Control of Generation of Code (Code Injection)",
40338
+ "category": "Injection"
40339
+ }
40340
+ ],
40341
+ "atlas": [
40342
+ {
40343
+ "id": "AML.T0010",
40344
+ "name": "ML Supply Chain Compromise",
40345
+ "tactic": "Initial Access"
40346
+ },
40347
+ {
40348
+ "id": "AML.T0016",
40349
+ "name": "Obtain Capabilities: Develop Capabilities",
40350
+ "tactic": "Resource Development"
40351
+ },
40352
+ {
40353
+ "id": "AML.T0017",
40354
+ "name": "Discover ML Model Ontology",
40355
+ "tactic": "Discovery"
40356
+ },
40357
+ {
40358
+ "id": "AML.T0018",
40359
+ "name": "Backdoor ML Model",
40360
+ "tactic": "Persistence"
40361
+ },
40362
+ {
40363
+ "id": "AML.T0020",
40364
+ "name": "Poison Training Data",
40365
+ "tactic": "ML Attack Staging"
40366
+ },
40367
+ {
40368
+ "id": "AML.T0043",
40369
+ "name": "Craft Adversarial Data",
40370
+ "tactic": "ML Attack Staging"
40371
+ },
40372
+ {
40373
+ "id": "AML.T0051",
40374
+ "name": "LLM Prompt Injection",
40375
+ "tactic": "Execution"
40376
+ },
40377
+ {
40378
+ "id": "AML.T0054",
40379
+ "name": "LLM Jailbreak",
40380
+ "tactic": "Defense Evasion"
40381
+ },
40382
+ {
40383
+ "id": "AML.T0096",
40384
+ "name": "AI API as Covert C2 Channel",
40385
+ "tactic": "Command and Control"
40386
+ }
40387
+ ],
40388
+ "d3fend": [
40389
+ {
40390
+ "id": "D3-CBAN",
40391
+ "name": "Certificate-based Authentication",
40392
+ "tactic": "Harden"
40393
+ },
40394
+ {
40395
+ "id": "D3-CSPP",
40396
+ "name": "Client-server Payload Profiling",
40397
+ "tactic": "Detect"
40398
+ },
40399
+ {
40400
+ "id": "D3-EAL",
40401
+ "name": "Executable Allowlisting",
40402
+ "tactic": "Harden"
40403
+ },
40404
+ {
40405
+ "id": "D3-EHB",
40406
+ "name": "Executable Hashbased Allowlist",
40407
+ "tactic": "Harden"
40408
+ },
40409
+ {
40410
+ "id": "D3-IOPR",
40411
+ "name": "Input/Output Profiling Resource",
40412
+ "tactic": "Detect"
40413
+ },
40414
+ {
40415
+ "id": "D3-MFA",
40416
+ "name": "Multi-factor Authentication",
40417
+ "tactic": "Harden"
40418
+ },
40419
+ {
40420
+ "id": "D3-NTA",
40421
+ "name": "Network Traffic Analysis",
40422
+ "tactic": "Detect"
40423
+ }
40424
+ ],
40425
+ "framework_gaps": [
40426
+ {
40427
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
40428
+ "framework": "ALL",
40429
+ "control_name": "AI Pipeline Integrity"
40430
+ },
40431
+ {
40432
+ "id": "ALL-MCP-TOOL-TRUST",
40433
+ "framework": "ALL",
40434
+ "control_name": "MCP/Agent Tool Trust Boundaries"
40435
+ },
40436
+ {
40437
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
40438
+ "framework": "ALL",
40439
+ "control_name": "Prompt Injection as Access Control Failure"
40440
+ },
40441
+ {
40442
+ "id": "CMMC-2.0-Level-2",
40443
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
40444
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
40445
+ },
40446
+ {
40447
+ "id": "FedRAMP-Rev5-Moderate",
40448
+ "framework": "FedRAMP Rev 5 Moderate",
40449
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
40450
+ },
40451
+ {
40452
+ "id": "ISO-27001-2022-A.8.28",
40453
+ "framework": "ISO/IEC 27001:2022",
40454
+ "control_name": "Secure coding"
40455
+ },
40456
+ {
40457
+ "id": "ISO-27001-2022-A.8.30",
40458
+ "framework": "ISO/IEC 27001:2022",
40459
+ "control_name": "Outsourced development"
40460
+ },
40461
+ {
40462
+ "id": "ISO-IEC-23894-2023-clause-7",
40463
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
40464
+ "control_name": "AI risk management process"
40465
+ },
40466
+ {
40467
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
40468
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
40469
+ "control_name": "AI risk assessment"
40470
+ },
40471
+ {
40472
+ "id": "NIST-800-218-SSDF",
40473
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
40474
+ "control_name": "Secure Software Development Framework"
40475
+ },
40476
+ {
40477
+ "id": "NIST-800-53-AC-2",
40478
+ "framework": "NIST SP 800-53 Rev 5",
40479
+ "control_name": "Account Management"
40480
+ },
40481
+ {
40482
+ "id": "NIST-800-53-CM-7",
40483
+ "framework": "NIST SP 800-53 Rev 5",
40484
+ "control_name": "Least Functionality"
40485
+ },
40486
+ {
40487
+ "id": "NIST-800-53-SA-12",
40488
+ "framework": "NIST SP 800-53 Rev 5",
40489
+ "control_name": "Supply Chain Protection"
40490
+ },
40491
+ {
40492
+ "id": "NIST-800-53-SI-12",
40493
+ "framework": "NIST SP 800-53 Rev 5",
40494
+ "control_name": "Information Management and Retention"
40495
+ },
40496
+ {
40497
+ "id": "NIST-800-53-SI-3",
40498
+ "framework": "NIST SP 800-53 Rev 5",
40499
+ "control_name": "Malicious Code Protection"
40500
+ },
40501
+ {
40502
+ "id": "NIST-AI-RMF-MEASURE-2.5",
40503
+ "framework": "NIST AI RMF 1.0",
40504
+ "control_name": "AI system to human interaction evaluation"
40505
+ },
40506
+ {
40507
+ "id": "OWASP-ASVS-v5.0-V14",
40508
+ "framework": "OWASP ASVS v5.0",
40509
+ "control_name": "Configuration verification"
40510
+ },
40511
+ {
40512
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
40513
+ "framework": "OWASP Top 10 for LLM Applications 2025",
40514
+ "control_name": "Prompt Injection"
40515
+ },
40516
+ {
40517
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
40518
+ "framework": "OWASP Top 10 for LLM Applications 2025",
40519
+ "control_name": "Sensitive Information Disclosure"
40520
+ },
40521
+ {
40522
+ "id": "OWASP-LLM-Top-10-2025-LLM06",
40523
+ "framework": "OWASP Top 10 for LLM Applications 2025",
40524
+ "control_name": "Excessive Agency"
40525
+ },
40526
+ {
40527
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
40528
+ "framework": "OWASP Top 10 for LLM Applications 2025",
40529
+ "control_name": "Vector and Embedding Weaknesses"
40530
+ },
40531
+ {
40532
+ "id": "SLSA-v1.0-Build-L3",
40533
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
40534
+ "control_name": "Hardened build platform with non-falsifiable provenance"
40535
+ },
40536
+ {
40537
+ "id": "SOC2-CC6-logical-access",
40538
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
40539
+ "control_name": "Logical and Physical Access Controls"
40540
+ },
40541
+ {
40542
+ "id": "SOC2-CC9-vendor-management",
40543
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
40544
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
40545
+ },
40546
+ {
40547
+ "id": "SWIFT-CSCF-v2026-1.1",
40548
+ "framework": "SWIFT Customer Security Controls Framework v2026",
40549
+ "control_name": "SWIFT Environment Protection"
40550
+ }
40551
+ ],
40552
+ "attack_refs": [
40553
+ "T1059",
40554
+ "T1068",
40555
+ "T1078",
40556
+ "T1190",
40557
+ "T1195.001",
40558
+ "T1505",
40559
+ "T1530",
40560
+ "T1552",
40561
+ "T1565",
40562
+ "T1566",
40563
+ "T1567",
40564
+ "T1610",
40565
+ "T1611"
40566
+ ],
40567
+ "rfc_refs": [
40568
+ "RFC-6749",
40569
+ "RFC-7519",
40570
+ "RFC-8032",
40571
+ "RFC-8446",
40572
+ "RFC-8725",
40573
+ "RFC-9114",
40574
+ "RFC-9180",
40575
+ "RFC-9421",
40576
+ "RFC-9700"
40577
+ ]
40578
+ }
40579
+ },
40580
+ "CVE-2024-24591": {
40581
+ "name": "ClearML Client SDK Dataset Path Traversal Arbitrary File Write",
40582
+ "rwep": 38,
40583
+ "cvss": 8.8,
40584
+ "cisa_kev": false,
40585
+ "epss_score": null,
40586
+ "referencing_skills": [
40587
+ "ai-attack-surface",
40588
+ "mcp-agent-trust",
40589
+ "compliance-theater",
40590
+ "rag-pipeline-security",
40591
+ "threat-modeling-methodology",
40592
+ "webapp-security",
40593
+ "api-security",
40594
+ "cloud-security",
40595
+ "container-runtime-security"
40596
+ ],
40597
+ "chain": {
40598
+ "cwes": [
40599
+ {
40600
+ "id": "CWE-1039",
40601
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
40602
+ "category": "AI/ML"
40603
+ },
40604
+ {
40605
+ "id": "CWE-1188",
40606
+ "name": "Initialization of a Resource with an Insecure Default",
40607
+ "category": "Configuration"
40608
+ },
40609
+ {
40610
+ "id": "CWE-1395",
40611
+ "name": "Dependency on Vulnerable Third-Party Component",
40612
+ "category": "Supply Chain"
40613
+ },
40614
+ {
40615
+ "id": "CWE-1426",
40616
+ "name": "Improper Validation of Generative AI Output",
40617
+ "category": "AI/ML"
40618
+ },
40619
+ {
40620
+ "id": "CWE-200",
40621
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
40622
+ "category": "Information Exposure"
40623
+ },
40624
+ {
40625
+ "id": "CWE-22",
40626
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
40627
+ "category": "Path/Resource"
40628
+ },
40629
+ {
40630
+ "id": "CWE-269",
40631
+ "name": "Improper Privilege Management",
40632
+ "category": "Authorization"
40633
+ },
40634
+ {
40635
+ "id": "CWE-287",
40636
+ "name": "Improper Authentication",
40637
+ "category": "Authentication"
40638
+ },
40639
+ {
40640
+ "id": "CWE-345",
40641
+ "name": "Insufficient Verification of Data Authenticity",
40642
+ "category": "Authenticity / Supply Chain"
40643
+ },
40644
+ {
40645
+ "id": "CWE-352",
40646
+ "name": "Cross-Site Request Forgery (CSRF)",
40647
+ "category": "Session"
40648
+ },
40649
+ {
40650
+ "id": "CWE-434",
40651
+ "name": "Unrestricted Upload of File with Dangerous Type",
40652
+ "category": "File Handling"
40653
+ },
40654
+ {
40655
+ "id": "CWE-494",
40656
+ "name": "Download of Code Without Integrity Check",
40657
+ "category": "Supply Chain"
40658
+ },
40659
+ {
40660
+ "id": "CWE-502",
40661
+ "name": "Deserialization of Untrusted Data",
40662
+ "category": "Serialization"
40663
+ },
40664
+ {
40665
+ "id": "CWE-732",
40666
+ "name": "Incorrect Permission Assignment for Critical Resource",
40667
+ "category": "Authorization"
40668
+ },
40669
+ {
40670
+ "id": "CWE-77",
40671
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
40672
+ "category": "Injection"
40673
+ },
40674
+ {
40675
+ "id": "CWE-78",
40676
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
40677
+ "category": "Injection"
40678
+ },
40679
+ {
40680
+ "id": "CWE-787",
40681
+ "name": "Out-of-bounds Write",
40682
+ "category": "Memory Safety"
40683
+ },
40684
+ {
40685
+ "id": "CWE-79",
40686
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
40687
+ "category": "Injection"
40688
+ },
40689
+ {
40690
+ "id": "CWE-798",
40691
+ "name": "Use of Hard-coded Credentials",
40692
+ "category": "Credentials"
40693
+ },
40694
+ {
40695
+ "id": "CWE-862",
40696
+ "name": "Missing Authorization",
40697
+ "category": "Authorization"
40698
+ },
40699
+ {
40700
+ "id": "CWE-863",
40701
+ "name": "Incorrect Authorization",
40702
+ "category": "Authorization"
40703
+ },
40704
+ {
40705
+ "id": "CWE-89",
40706
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
40707
+ "category": "Injection"
40708
+ },
40709
+ {
40710
+ "id": "CWE-918",
40711
+ "name": "Server-Side Request Forgery (SSRF)",
40712
+ "category": "Network"
40713
+ },
40714
+ {
40715
+ "id": "CWE-94",
40716
+ "name": "Improper Control of Generation of Code (Code Injection)",
40717
+ "category": "Injection"
40718
+ }
40719
+ ],
40720
+ "atlas": [
40721
+ {
40722
+ "id": "AML.T0010",
40723
+ "name": "ML Supply Chain Compromise",
40724
+ "tactic": "Initial Access"
40725
+ },
40726
+ {
40727
+ "id": "AML.T0016",
40728
+ "name": "Obtain Capabilities: Develop Capabilities",
40729
+ "tactic": "Resource Development"
40730
+ },
40731
+ {
40732
+ "id": "AML.T0017",
40733
+ "name": "Discover ML Model Ontology",
40734
+ "tactic": "Discovery"
40735
+ },
40736
+ {
40737
+ "id": "AML.T0018",
40738
+ "name": "Backdoor ML Model",
40739
+ "tactic": "Persistence"
40740
+ },
40741
+ {
40742
+ "id": "AML.T0020",
40743
+ "name": "Poison Training Data",
40744
+ "tactic": "ML Attack Staging"
40745
+ },
40746
+ {
40747
+ "id": "AML.T0043",
40748
+ "name": "Craft Adversarial Data",
40749
+ "tactic": "ML Attack Staging"
40750
+ },
40751
+ {
40752
+ "id": "AML.T0051",
40753
+ "name": "LLM Prompt Injection",
40754
+ "tactic": "Execution"
40755
+ },
40756
+ {
40757
+ "id": "AML.T0054",
40758
+ "name": "LLM Jailbreak",
40759
+ "tactic": "Defense Evasion"
40760
+ },
40761
+ {
40762
+ "id": "AML.T0096",
40763
+ "name": "AI API as Covert C2 Channel",
40764
+ "tactic": "Command and Control"
40765
+ }
40766
+ ],
40767
+ "d3fend": [
40768
+ {
40769
+ "id": "D3-CBAN",
40770
+ "name": "Certificate-based Authentication",
40771
+ "tactic": "Harden"
40772
+ },
40773
+ {
40774
+ "id": "D3-CSPP",
40775
+ "name": "Client-server Payload Profiling",
40776
+ "tactic": "Detect"
40777
+ },
40778
+ {
40779
+ "id": "D3-EAL",
40780
+ "name": "Executable Allowlisting",
40781
+ "tactic": "Harden"
40782
+ },
40783
+ {
40784
+ "id": "D3-EHB",
40785
+ "name": "Executable Hashbased Allowlist",
40786
+ "tactic": "Harden"
40787
+ },
40788
+ {
40789
+ "id": "D3-IOPR",
40790
+ "name": "Input/Output Profiling Resource",
40791
+ "tactic": "Detect"
40792
+ },
40793
+ {
40794
+ "id": "D3-MFA",
40795
+ "name": "Multi-factor Authentication",
40796
+ "tactic": "Harden"
40797
+ },
40798
+ {
40799
+ "id": "D3-NTA",
40800
+ "name": "Network Traffic Analysis",
40801
+ "tactic": "Detect"
40802
+ }
40803
+ ],
40804
+ "framework_gaps": [
40805
+ {
40806
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
40807
+ "framework": "ALL",
40808
+ "control_name": "AI Pipeline Integrity"
40809
+ },
40810
+ {
40811
+ "id": "ALL-MCP-TOOL-TRUST",
40812
+ "framework": "ALL",
40813
+ "control_name": "MCP/Agent Tool Trust Boundaries"
40814
+ },
40815
+ {
40816
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
40817
+ "framework": "ALL",
40818
+ "control_name": "Prompt Injection as Access Control Failure"
40819
+ },
40820
+ {
40821
+ "id": "CMMC-2.0-Level-2",
40822
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
40823
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
40824
+ },
40825
+ {
40826
+ "id": "FedRAMP-Rev5-Moderate",
40827
+ "framework": "FedRAMP Rev 5 Moderate",
40828
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
40829
+ },
40830
+ {
40831
+ "id": "ISO-27001-2022-A.8.28",
40832
+ "framework": "ISO/IEC 27001:2022",
40833
+ "control_name": "Secure coding"
40834
+ },
40835
+ {
40836
+ "id": "ISO-27001-2022-A.8.30",
40837
+ "framework": "ISO/IEC 27001:2022",
40838
+ "control_name": "Outsourced development"
40839
+ },
40840
+ {
40841
+ "id": "ISO-IEC-23894-2023-clause-7",
40842
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
40843
+ "control_name": "AI risk management process"
40844
+ },
40845
+ {
40846
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
40847
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
40848
+ "control_name": "AI risk assessment"
40849
+ },
40850
+ {
40851
+ "id": "NIST-800-218-SSDF",
40852
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
40853
+ "control_name": "Secure Software Development Framework"
40854
+ },
40855
+ {
40856
+ "id": "NIST-800-53-AC-2",
40857
+ "framework": "NIST SP 800-53 Rev 5",
40858
+ "control_name": "Account Management"
40859
+ },
40860
+ {
40861
+ "id": "NIST-800-53-CM-7",
40862
+ "framework": "NIST SP 800-53 Rev 5",
40863
+ "control_name": "Least Functionality"
40864
+ },
40865
+ {
40866
+ "id": "NIST-800-53-SA-12",
40867
+ "framework": "NIST SP 800-53 Rev 5",
40868
+ "control_name": "Supply Chain Protection"
40869
+ },
40870
+ {
40871
+ "id": "NIST-800-53-SI-12",
40872
+ "framework": "NIST SP 800-53 Rev 5",
40873
+ "control_name": "Information Management and Retention"
40874
+ },
40875
+ {
40876
+ "id": "NIST-800-53-SI-3",
40877
+ "framework": "NIST SP 800-53 Rev 5",
40878
+ "control_name": "Malicious Code Protection"
40879
+ },
40880
+ {
40881
+ "id": "NIST-AI-RMF-MEASURE-2.5",
40882
+ "framework": "NIST AI RMF 1.0",
40883
+ "control_name": "AI system to human interaction evaluation"
40884
+ },
40885
+ {
40886
+ "id": "OWASP-ASVS-v5.0-V14",
40887
+ "framework": "OWASP ASVS v5.0",
40888
+ "control_name": "Configuration verification"
40889
+ },
40890
+ {
40891
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
40892
+ "framework": "OWASP Top 10 for LLM Applications 2025",
40893
+ "control_name": "Prompt Injection"
40894
+ },
40895
+ {
40896
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
40897
+ "framework": "OWASP Top 10 for LLM Applications 2025",
40898
+ "control_name": "Sensitive Information Disclosure"
40899
+ },
40900
+ {
40901
+ "id": "OWASP-LLM-Top-10-2025-LLM06",
40902
+ "framework": "OWASP Top 10 for LLM Applications 2025",
40903
+ "control_name": "Excessive Agency"
40904
+ },
40905
+ {
40906
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
40907
+ "framework": "OWASP Top 10 for LLM Applications 2025",
40908
+ "control_name": "Vector and Embedding Weaknesses"
40909
+ },
40910
+ {
40911
+ "id": "SLSA-v1.0-Build-L3",
40912
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
40913
+ "control_name": "Hardened build platform with non-falsifiable provenance"
40914
+ },
40915
+ {
40916
+ "id": "SOC2-CC6-logical-access",
40917
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
40918
+ "control_name": "Logical and Physical Access Controls"
40919
+ },
40920
+ {
40921
+ "id": "SOC2-CC9-vendor-management",
40922
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
40923
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
40924
+ },
40925
+ {
40926
+ "id": "SWIFT-CSCF-v2026-1.1",
40927
+ "framework": "SWIFT Customer Security Controls Framework v2026",
40928
+ "control_name": "SWIFT Environment Protection"
40929
+ }
40930
+ ],
40931
+ "attack_refs": [
40932
+ "T1059",
40933
+ "T1068",
40934
+ "T1078",
40935
+ "T1190",
40936
+ "T1195.001",
40937
+ "T1505",
40938
+ "T1530",
40939
+ "T1552",
40940
+ "T1565",
40941
+ "T1566",
40942
+ "T1567",
40943
+ "T1610",
40944
+ "T1611"
40945
+ ],
40946
+ "rfc_refs": [
40947
+ "RFC-6749",
40948
+ "RFC-7519",
40949
+ "RFC-8032",
40950
+ "RFC-8446",
40951
+ "RFC-8725",
40952
+ "RFC-9114",
40953
+ "RFC-9180",
40954
+ "RFC-9421",
40955
+ "RFC-9700"
40956
+ ]
40957
+ }
40958
+ },
40959
+ "CVE-2023-6016": {
40960
+ "name": "H2O-3 POJO Model Import Unauthenticated Remote Code Execution",
40961
+ "rwep": 48,
40962
+ "cvss": 9.8,
40963
+ "cisa_kev": false,
40964
+ "epss_score": null,
40965
+ "referencing_skills": [
40966
+ "ai-attack-surface",
40967
+ "mcp-agent-trust",
40968
+ "compliance-theater",
40969
+ "rag-pipeline-security",
40970
+ "ai-c2-detection",
40971
+ "threat-modeling-methodology",
40972
+ "webapp-security",
40973
+ "api-security",
40974
+ "cloud-security",
40975
+ "container-runtime-security",
40976
+ "email-security-anti-phishing"
40977
+ ],
40978
+ "chain": {
40979
+ "cwes": [
40980
+ {
40981
+ "id": "CWE-1039",
40982
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
40983
+ "category": "AI/ML"
40984
+ },
40985
+ {
40986
+ "id": "CWE-1188",
40987
+ "name": "Initialization of a Resource with an Insecure Default",
40988
+ "category": "Configuration"
40989
+ },
40990
+ {
40991
+ "id": "CWE-1395",
40992
+ "name": "Dependency on Vulnerable Third-Party Component",
40993
+ "category": "Supply Chain"
40994
+ },
40995
+ {
40996
+ "id": "CWE-1426",
40997
+ "name": "Improper Validation of Generative AI Output",
40998
+ "category": "AI/ML"
40999
+ },
41000
+ {
41001
+ "id": "CWE-200",
41002
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
41003
+ "category": "Information Exposure"
41004
+ },
41005
+ {
41006
+ "id": "CWE-22",
41007
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
41008
+ "category": "Path/Resource"
41009
+ },
41010
+ {
41011
+ "id": "CWE-269",
41012
+ "name": "Improper Privilege Management",
41013
+ "category": "Authorization"
41014
+ },
41015
+ {
41016
+ "id": "CWE-287",
41017
+ "name": "Improper Authentication",
41018
+ "category": "Authentication"
41019
+ },
41020
+ {
41021
+ "id": "CWE-345",
41022
+ "name": "Insufficient Verification of Data Authenticity",
41023
+ "category": "Authenticity / Supply Chain"
41024
+ },
41025
+ {
41026
+ "id": "CWE-352",
41027
+ "name": "Cross-Site Request Forgery (CSRF)",
41028
+ "category": "Session"
41029
+ },
41030
+ {
41031
+ "id": "CWE-434",
41032
+ "name": "Unrestricted Upload of File with Dangerous Type",
41033
+ "category": "File Handling"
41034
+ },
41035
+ {
41036
+ "id": "CWE-494",
41037
+ "name": "Download of Code Without Integrity Check",
41038
+ "category": "Supply Chain"
41039
+ },
41040
+ {
41041
+ "id": "CWE-502",
41042
+ "name": "Deserialization of Untrusted Data",
41043
+ "category": "Serialization"
41044
+ },
41045
+ {
41046
+ "id": "CWE-732",
41047
+ "name": "Incorrect Permission Assignment for Critical Resource",
41048
+ "category": "Authorization"
41049
+ },
41050
+ {
41051
+ "id": "CWE-77",
41052
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
41053
+ "category": "Injection"
41054
+ },
41055
+ {
41056
+ "id": "CWE-78",
41057
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
41058
+ "category": "Injection"
41059
+ },
41060
+ {
41061
+ "id": "CWE-787",
41062
+ "name": "Out-of-bounds Write",
41063
+ "category": "Memory Safety"
41064
+ },
41065
+ {
41066
+ "id": "CWE-79",
41067
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
41068
+ "category": "Injection"
41069
+ },
41070
+ {
41071
+ "id": "CWE-798",
41072
+ "name": "Use of Hard-coded Credentials",
41073
+ "category": "Credentials"
41074
+ },
41075
+ {
41076
+ "id": "CWE-862",
41077
+ "name": "Missing Authorization",
41078
+ "category": "Authorization"
41079
+ },
41080
+ {
41081
+ "id": "CWE-863",
41082
+ "name": "Incorrect Authorization",
41083
+ "category": "Authorization"
41084
+ },
41085
+ {
41086
+ "id": "CWE-89",
41087
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
41088
+ "category": "Injection"
41089
+ },
41090
+ {
41091
+ "id": "CWE-918",
41092
+ "name": "Server-Side Request Forgery (SSRF)",
41093
+ "category": "Network"
41094
+ },
41095
+ {
41096
+ "id": "CWE-94",
41097
+ "name": "Improper Control of Generation of Code (Code Injection)",
41098
+ "category": "Injection"
41099
+ }
41100
+ ],
41101
+ "atlas": [
41102
+ {
41103
+ "id": "AML.T0010",
41104
+ "name": "ML Supply Chain Compromise",
41105
+ "tactic": "Initial Access"
41106
+ },
41107
+ {
41108
+ "id": "AML.T0016",
41109
+ "name": "Obtain Capabilities: Develop Capabilities",
41110
+ "tactic": "Resource Development"
41111
+ },
41112
+ {
41113
+ "id": "AML.T0017",
41114
+ "name": "Discover ML Model Ontology",
41115
+ "tactic": "Discovery"
41116
+ },
41117
+ {
41118
+ "id": "AML.T0018",
41119
+ "name": "Backdoor ML Model",
41120
+ "tactic": "Persistence"
41121
+ },
41122
+ {
41123
+ "id": "AML.T0020",
41124
+ "name": "Poison Training Data",
41125
+ "tactic": "ML Attack Staging"
41126
+ },
41127
+ {
41128
+ "id": "AML.T0043",
41129
+ "name": "Craft Adversarial Data",
41130
+ "tactic": "ML Attack Staging"
41131
+ },
41132
+ {
41133
+ "id": "AML.T0051",
41134
+ "name": "LLM Prompt Injection",
41135
+ "tactic": "Execution"
41136
+ },
41137
+ {
41138
+ "id": "AML.T0054",
41139
+ "name": "LLM Jailbreak",
41140
+ "tactic": "Defense Evasion"
41141
+ },
41142
+ {
41143
+ "id": "AML.T0096",
41144
+ "name": "AI API as Covert C2 Channel",
41145
+ "tactic": "Command and Control"
41146
+ }
41147
+ ],
41148
+ "d3fend": [
41149
+ {
41150
+ "id": "D3-CA",
41151
+ "name": "Certificate Analysis",
41152
+ "tactic": "Detect"
41153
+ },
41154
+ {
41155
+ "id": "D3-CBAN",
41156
+ "name": "Certificate-based Authentication",
41157
+ "tactic": "Harden"
41158
+ },
41159
+ {
41160
+ "id": "D3-CSPP",
41161
+ "name": "Client-server Payload Profiling",
41162
+ "tactic": "Detect"
41163
+ },
41164
+ {
41165
+ "id": "D3-DA",
41166
+ "name": "Domain Analysis",
41167
+ "tactic": "Detect"
41168
+ },
41169
+ {
41170
+ "id": "D3-EAL",
41171
+ "name": "Executable Allowlisting",
41172
+ "tactic": "Harden"
41173
+ },
41174
+ {
41175
+ "id": "D3-EHB",
41176
+ "name": "Executable Hashbased Allowlist",
41177
+ "tactic": "Harden"
41178
+ },
41179
+ {
41180
+ "id": "D3-IOPR",
41181
+ "name": "Input/Output Profiling Resource",
41182
+ "tactic": "Detect"
41183
+ },
41184
+ {
41185
+ "id": "D3-MFA",
41186
+ "name": "Multi-factor Authentication",
41187
+ "tactic": "Harden"
41188
+ },
41189
+ {
41190
+ "id": "D3-NI",
41191
+ "name": "Network Isolation",
41192
+ "tactic": "Isolate"
41193
+ },
41194
+ {
41195
+ "id": "D3-NTA",
41196
+ "name": "Network Traffic Analysis",
41197
+ "tactic": "Detect"
41198
+ },
41199
+ {
41200
+ "id": "D3-NTPM",
41201
+ "name": "Network Traffic Policy Mapping",
41202
+ "tactic": "Model"
41203
+ }
41204
+ ],
41205
+ "framework_gaps": [
41206
+ {
41207
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
41208
+ "framework": "ALL",
41209
+ "control_name": "AI Pipeline Integrity"
41210
+ },
41211
+ {
41212
+ "id": "ALL-MCP-TOOL-TRUST",
41213
+ "framework": "ALL",
41214
+ "control_name": "MCP/Agent Tool Trust Boundaries"
41215
+ },
41216
+ {
41217
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
41218
+ "framework": "ALL",
41219
+ "control_name": "Prompt Injection as Access Control Failure"
41220
+ },
41221
+ {
41222
+ "id": "CMMC-2.0-Level-2",
41223
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
41224
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
41225
+ },
41226
+ {
41227
+ "id": "FedRAMP-Rev5-Moderate",
41228
+ "framework": "FedRAMP Rev 5 Moderate",
41229
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
41230
+ },
41231
+ {
41232
+ "id": "ISO-27001-2022-A.8.16",
41233
+ "framework": "ISO/IEC 27001:2022",
41234
+ "control_name": "Monitoring activities"
41235
+ },
41236
+ {
41237
+ "id": "ISO-27001-2022-A.8.28",
41238
+ "framework": "ISO/IEC 27001:2022",
41239
+ "control_name": "Secure coding"
41240
+ },
41241
+ {
41242
+ "id": "ISO-27001-2022-A.8.30",
41243
+ "framework": "ISO/IEC 27001:2022",
41244
+ "control_name": "Outsourced development"
41245
+ },
41246
+ {
41247
+ "id": "ISO-IEC-23894-2023-clause-7",
41248
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
41249
+ "control_name": "AI risk management process"
41250
+ },
41251
+ {
41252
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
41253
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
41254
+ "control_name": "AI risk assessment"
41255
+ },
41256
+ {
41257
+ "id": "NIST-800-218-SSDF",
41258
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
41259
+ "control_name": "Secure Software Development Framework"
41260
+ },
41261
+ {
41262
+ "id": "NIST-800-53-AC-2",
41263
+ "framework": "NIST SP 800-53 Rev 5",
41264
+ "control_name": "Account Management"
41265
+ },
41266
+ {
41267
+ "id": "NIST-800-53-CM-7",
41268
+ "framework": "NIST SP 800-53 Rev 5",
41269
+ "control_name": "Least Functionality"
41270
+ },
41271
+ {
41272
+ "id": "NIST-800-53-SA-12",
41273
+ "framework": "NIST SP 800-53 Rev 5",
41274
+ "control_name": "Supply Chain Protection"
41275
+ },
41276
+ {
41277
+ "id": "NIST-800-53-SC-7",
41278
+ "framework": "NIST SP 800-53 Rev 5",
41279
+ "control_name": "Boundary Protection"
41280
+ },
41281
+ {
41282
+ "id": "NIST-800-53-SI-12",
41283
+ "framework": "NIST SP 800-53 Rev 5",
41284
+ "control_name": "Information Management and Retention"
41285
+ },
41286
+ {
41287
+ "id": "NIST-800-53-SI-3",
41288
+ "framework": "NIST SP 800-53 Rev 5",
41289
+ "control_name": "Malicious Code Protection"
41290
+ },
41291
+ {
41292
+ "id": "NIST-AI-RMF-MEASURE-2.5",
41293
+ "framework": "NIST AI RMF 1.0",
41294
+ "control_name": "AI system to human interaction evaluation"
41295
+ },
41296
+ {
41297
+ "id": "OWASP-ASVS-v5.0-V14",
41298
+ "framework": "OWASP ASVS v5.0",
41299
+ "control_name": "Configuration verification"
41300
+ },
41301
+ {
41302
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
41303
+ "framework": "OWASP Top 10 for LLM Applications 2025",
41304
+ "control_name": "Prompt Injection"
41305
+ },
41306
+ {
41307
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
41308
+ "framework": "OWASP Top 10 for LLM Applications 2025",
41309
+ "control_name": "Sensitive Information Disclosure"
41310
+ },
41311
+ {
41312
+ "id": "OWASP-LLM-Top-10-2025-LLM06",
41313
+ "framework": "OWASP Top 10 for LLM Applications 2025",
41314
+ "control_name": "Excessive Agency"
41315
+ },
41316
+ {
41317
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
41318
+ "framework": "OWASP Top 10 for LLM Applications 2025",
41319
+ "control_name": "Vector and Embedding Weaknesses"
41320
+ },
41321
+ {
41322
+ "id": "SLSA-v1.0-Build-L3",
41323
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
41324
+ "control_name": "Hardened build platform with non-falsifiable provenance"
41325
+ },
41326
+ {
41327
+ "id": "SOC2-CC6-logical-access",
41328
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
41329
+ "control_name": "Logical and Physical Access Controls"
41330
+ },
41331
+ {
41332
+ "id": "SOC2-CC7-anomaly-detection",
41333
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
41334
+ "control_name": "System Operations — Threat and Vulnerability Management"
41335
+ },
41336
+ {
41337
+ "id": "SOC2-CC9-vendor-management",
41338
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
41339
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
41340
+ },
41341
+ {
41342
+ "id": "SWIFT-CSCF-v2026-1.1",
41343
+ "framework": "SWIFT Customer Security Controls Framework v2026",
41344
+ "control_name": "SWIFT Environment Protection"
41345
+ }
41346
+ ],
41347
+ "attack_refs": [
41348
+ "T1059",
41349
+ "T1068",
41350
+ "T1071",
41351
+ "T1078",
41352
+ "T1102",
41353
+ "T1190",
41354
+ "T1195.001",
41355
+ "T1505",
41356
+ "T1530",
41357
+ "T1552",
41358
+ "T1565",
41359
+ "T1566",
41360
+ "T1566.001",
41361
+ "T1566.002",
41362
+ "T1566.003",
41363
+ "T1567",
41364
+ "T1568",
41365
+ "T1610",
41366
+ "T1611"
41367
+ ],
41368
+ "rfc_refs": [
41369
+ "RFC-6749",
41370
+ "RFC-7519",
41371
+ "RFC-8032",
41372
+ "RFC-8446",
41373
+ "RFC-8725",
41374
+ "RFC-9000",
41375
+ "RFC-9114",
41376
+ "RFC-9180",
41377
+ "RFC-9421",
41378
+ "RFC-9458",
41379
+ "RFC-9700"
41380
+ ]
41381
+ }
41382
+ },
41383
+ "CVE-2023-6038": {
41384
+ "name": "H2O-3 REST API Unauthenticated Local File Inclusion (Arbitrary File Read)",
41385
+ "rwep": 38,
41386
+ "cvss": 7.5,
41387
+ "cisa_kev": false,
41388
+ "epss_score": null,
41389
+ "referencing_skills": [
41390
+ "ai-attack-surface",
41391
+ "compliance-theater",
41392
+ "ai-c2-detection",
41393
+ "dlp-gap-analysis"
41394
+ ],
41395
+ "chain": {
41396
+ "cwes": [
41397
+ {
41398
+ "id": "CWE-1039",
41399
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
41400
+ "category": "AI/ML"
41401
+ },
41402
+ {
41403
+ "id": "CWE-1426",
41404
+ "name": "Improper Validation of Generative AI Output",
41405
+ "category": "AI/ML"
41406
+ },
41407
+ {
41408
+ "id": "CWE-200",
41409
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
41410
+ "category": "Information Exposure"
41411
+ },
41412
+ {
41413
+ "id": "CWE-94",
41414
+ "name": "Improper Control of Generation of Code (Code Injection)",
41415
+ "category": "Injection"
41416
+ }
41417
+ ],
41418
+ "atlas": [
41419
+ {
41420
+ "id": "AML.T0016",
41421
+ "name": "Obtain Capabilities: Develop Capabilities",
41422
+ "tactic": "Resource Development"
41423
+ },
41424
+ {
41425
+ "id": "AML.T0017",
41426
+ "name": "Discover ML Model Ontology",
41427
+ "tactic": "Discovery"
41428
+ },
41429
+ {
41430
+ "id": "AML.T0018",
41431
+ "name": "Backdoor ML Model",
41432
+ "tactic": "Persistence"
41433
+ },
41434
+ {
41435
+ "id": "AML.T0020",
41436
+ "name": "Poison Training Data",
41437
+ "tactic": "ML Attack Staging"
41438
+ },
41439
+ {
41440
+ "id": "AML.T0043",
41441
+ "name": "Craft Adversarial Data",
41442
+ "tactic": "ML Attack Staging"
41443
+ },
41444
+ {
41445
+ "id": "AML.T0051",
41446
+ "name": "LLM Prompt Injection",
41447
+ "tactic": "Execution"
41448
+ },
41449
+ {
41450
+ "id": "AML.T0054",
41451
+ "name": "LLM Jailbreak",
41452
+ "tactic": "Defense Evasion"
41453
+ },
41454
+ {
41455
+ "id": "AML.T0096",
41456
+ "name": "AI API as Covert C2 Channel",
41457
+ "tactic": "Command and Control"
41458
+ }
41459
+ ],
41460
+ "d3fend": [
41461
+ {
41462
+ "id": "D3-CA",
41463
+ "name": "Certificate Analysis",
41464
+ "tactic": "Detect"
41465
+ },
41466
+ {
41467
+ "id": "D3-CSPP",
41468
+ "name": "Client-server Payload Profiling",
41469
+ "tactic": "Detect"
41470
+ },
41471
+ {
41472
+ "id": "D3-DA",
41473
+ "name": "Domain Analysis",
41474
+ "tactic": "Detect"
41475
+ },
41476
+ {
41477
+ "id": "D3-EAL",
41478
+ "name": "Executable Allowlisting",
41479
+ "tactic": "Harden"
41480
+ },
41481
+ {
41482
+ "id": "D3-IOPR",
41483
+ "name": "Input/Output Profiling Resource",
41484
+ "tactic": "Detect"
41485
+ },
41486
+ {
41487
+ "id": "D3-NI",
41488
+ "name": "Network Isolation",
41489
+ "tactic": "Isolate"
41490
+ },
41491
+ {
41492
+ "id": "D3-NTA",
41493
+ "name": "Network Traffic Analysis",
41494
+ "tactic": "Detect"
41495
+ },
41496
+ {
41497
+ "id": "D3-NTPM",
41498
+ "name": "Network Traffic Policy Mapping",
41499
+ "tactic": "Model"
41500
+ }
41501
+ ],
41502
+ "framework_gaps": [
41503
+ {
41504
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
41505
+ "framework": "ALL",
41506
+ "control_name": "AI Pipeline Integrity"
41507
+ },
41508
+ {
41509
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
41510
+ "framework": "ALL",
41511
+ "control_name": "Prompt Injection as Access Control Failure"
41512
+ },
41513
+ {
41514
+ "id": "CMMC-2.0-Level-2",
41515
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
41516
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
41517
+ },
41518
+ {
41519
+ "id": "FedRAMP-Rev5-Moderate",
41520
+ "framework": "FedRAMP Rev 5 Moderate",
41521
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
41522
+ },
41523
+ {
41524
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
41525
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
41526
+ "control_name": "Access control standard (technical safeguards)"
41527
+ },
41528
+ {
41529
+ "id": "ISO-27001-2022-A.8.16",
41530
+ "framework": "ISO/IEC 27001:2022",
41531
+ "control_name": "Monitoring activities"
41532
+ },
41533
+ {
41534
+ "id": "ISO-27001-2022-A.8.28",
41535
+ "framework": "ISO/IEC 27001:2022",
41536
+ "control_name": "Secure coding"
41537
+ },
41538
+ {
41539
+ "id": "ISO-IEC-23894-2023-clause-7",
41540
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
41541
+ "control_name": "AI risk management process"
41542
+ },
41543
+ {
41544
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
41545
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
41546
+ "control_name": "AI risk assessment"
41547
+ },
41548
+ {
41549
+ "id": "NIST-800-53-AC-2",
41550
+ "framework": "NIST SP 800-53 Rev 5",
41551
+ "control_name": "Account Management"
41552
+ },
41553
+ {
41554
+ "id": "NIST-800-53-SC-28",
41555
+ "framework": "NIST SP 800-53 Rev 5",
41556
+ "control_name": "Protection of Information at Rest"
41557
+ },
41558
+ {
41559
+ "id": "NIST-800-53-SC-7",
41560
+ "framework": "NIST SP 800-53 Rev 5",
41561
+ "control_name": "Boundary Protection"
41562
+ },
41563
+ {
41564
+ "id": "NIST-800-53-SI-3",
41565
+ "framework": "NIST SP 800-53 Rev 5",
41566
+ "control_name": "Malicious Code Protection"
41567
+ },
41568
+ {
41569
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
41570
+ "framework": "OWASP Top 10 for LLM Applications 2025",
41571
+ "control_name": "Prompt Injection"
41572
+ },
41573
+ {
41574
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
41575
+ "framework": "OWASP Top 10 for LLM Applications 2025",
41576
+ "control_name": "Sensitive Information Disclosure"
41577
+ },
41578
+ {
41579
+ "id": "SOC2-CC6-logical-access",
41580
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
41581
+ "control_name": "Logical and Physical Access Controls"
41582
+ },
41583
+ {
41584
+ "id": "SOC2-CC7-anomaly-detection",
41585
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
41586
+ "control_name": "System Operations — Threat and Vulnerability Management"
41587
+ }
41588
+ ],
41589
+ "attack_refs": [
41590
+ "T1041",
41591
+ "T1059",
41592
+ "T1071",
41593
+ "T1102",
41594
+ "T1190",
41595
+ "T1213",
41596
+ "T1530",
41597
+ "T1566",
41598
+ "T1567",
41599
+ "T1568"
41600
+ ],
41601
+ "rfc_refs": [
41602
+ "RFC-8446",
41603
+ "RFC-9000",
41604
+ "RFC-9114",
41605
+ "RFC-9180",
41606
+ "RFC-9421",
41607
+ "RFC-9458"
41608
+ ]
41609
+ }
41610
+ },
40201
41611
  "CVE-2026-41091": {
40202
41612
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
40203
41613
  "rwep": 45,
@@ -66579,6 +67989,7 @@
66579
67989
  "CVE-2023-44467",
66580
67990
  "CVE-2023-48022",
66581
67991
  "CVE-2023-51449",
67992
+ "CVE-2023-6016",
66582
67993
  "CVE-2023-6019",
66583
67994
  "CVE-2023-6021",
66584
67995
  "CVE-2024-0129",
@@ -66592,6 +68003,8 @@
66592
68003
  "CVE-2024-21513",
66593
68004
  "CVE-2024-21575",
66594
68005
  "CVE-2024-21576",
68006
+ "CVE-2024-24590",
68007
+ "CVE-2024-24591",
66595
68008
  "CVE-2024-27132",
66596
68009
  "CVE-2024-3094",
66597
68010
  "CVE-2024-3154",
@@ -66841,7 +68254,10 @@
66841
68254
  "related_cves": [
66842
68255
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
66843
68256
  "CVE-2023-43472",
68257
+ "CVE-2023-6016",
66844
68258
  "CVE-2024-12366",
68259
+ "CVE-2024-24590",
68260
+ "CVE-2024-24591",
66845
68261
  "CVE-2024-3094",
66846
68262
  "CVE-2024-3154",
66847
68263
  "CVE-2024-5565",
@@ -66995,6 +68411,7 @@
66995
68411
  "CVE-2023-44467",
66996
68412
  "CVE-2023-48022",
66997
68413
  "CVE-2023-51449",
68414
+ "CVE-2023-6016",
66998
68415
  "CVE-2023-6019",
66999
68416
  "CVE-2023-6021",
67000
68417
  "CVE-2024-0129",
@@ -67008,6 +68425,8 @@
67008
68425
  "CVE-2024-21513",
67009
68426
  "CVE-2024-21575",
67010
68427
  "CVE-2024-21576",
68428
+ "CVE-2024-24590",
68429
+ "CVE-2024-24591",
67011
68430
  "CVE-2024-27132",
67012
68431
  "CVE-2024-37032",
67013
68432
  "CVE-2024-39722",
@@ -67198,6 +68617,7 @@
67198
68617
  "CVE-2023-44467",
67199
68618
  "CVE-2023-48022",
67200
68619
  "CVE-2023-51449",
68620
+ "CVE-2023-6016",
67201
68621
  "CVE-2023-6019",
67202
68622
  "CVE-2023-6021",
67203
68623
  "CVE-2024-0129",
@@ -67211,6 +68631,8 @@
67211
68631
  "CVE-2024-21513",
67212
68632
  "CVE-2024-21575",
67213
68633
  "CVE-2024-21576",
68634
+ "CVE-2024-24590",
68635
+ "CVE-2024-24591",
67214
68636
  "CVE-2024-27132",
67215
68637
  "CVE-2024-37032",
67216
68638
  "CVE-2024-39722",
@@ -67415,6 +68837,7 @@
67415
68837
  "CVE-2023-44467",
67416
68838
  "CVE-2023-48022",
67417
68839
  "CVE-2023-51449",
68840
+ "CVE-2023-6016",
67418
68841
  "CVE-2023-6019",
67419
68842
  "CVE-2023-6021",
67420
68843
  "CVE-2024-0129",
@@ -67428,6 +68851,8 @@
67428
68851
  "CVE-2024-21513",
67429
68852
  "CVE-2024-21575",
67430
68853
  "CVE-2024-21576",
68854
+ "CVE-2024-24590",
68855
+ "CVE-2024-24591",
67431
68856
  "CVE-2024-27132",
67432
68857
  "CVE-2024-37032",
67433
68858
  "CVE-2024-39722",
@@ -67736,8 +69161,10 @@
67736
69161
  "CVE-2023-44467",
67737
69162
  "CVE-2023-48022",
67738
69163
  "CVE-2023-51449",
69164
+ "CVE-2023-6016",
67739
69165
  "CVE-2023-6019",
67740
69166
  "CVE-2023-6021",
69167
+ "CVE-2023-6038",
67741
69168
  "CVE-2024-0129",
67742
69169
  "CVE-2024-0132",
67743
69170
  "CVE-2024-11392",
@@ -67749,6 +69176,8 @@
67749
69176
  "CVE-2024-21513",
67750
69177
  "CVE-2024-21575",
67751
69178
  "CVE-2024-21576",
69179
+ "CVE-2024-24590",
69180
+ "CVE-2024-24591",
67752
69181
  "CVE-2024-27132",
67753
69182
  "CVE-2024-3094",
67754
69183
  "CVE-2024-3154",
@@ -68502,11 +69931,15 @@
68502
69931
  "CVE-2023-43472",
68503
69932
  "CVE-2023-48022",
68504
69933
  "CVE-2023-51449",
69934
+ "CVE-2023-6016",
69935
+ "CVE-2023-6038",
68505
69936
  "CVE-2024-0132",
68506
69937
  "CVE-2024-12366",
68507
69938
  "CVE-2024-1561",
68508
69939
  "CVE-2024-21575",
68509
69940
  "CVE-2024-21576",
69941
+ "CVE-2024-24590",
69942
+ "CVE-2024-24591",
68510
69943
  "CVE-2024-3094",
68511
69944
  "CVE-2024-3154",
68512
69945
  "CVE-2024-40635",
@@ -68877,6 +70310,7 @@
68877
70310
  "CVE-2023-44467",
68878
70311
  "CVE-2023-48022",
68879
70312
  "CVE-2023-51449",
70313
+ "CVE-2023-6016",
68880
70314
  "CVE-2023-6019",
68881
70315
  "CVE-2023-6021",
68882
70316
  "CVE-2024-0129",
@@ -68890,6 +70324,8 @@
68890
70324
  "CVE-2024-21513",
68891
70325
  "CVE-2024-21575",
68892
70326
  "CVE-2024-21576",
70327
+ "CVE-2024-24590",
70328
+ "CVE-2024-24591",
68893
70329
  "CVE-2024-27132",
68894
70330
  "CVE-2024-3094",
68895
70331
  "CVE-2024-3154",
@@ -69519,6 +70955,7 @@
69519
70955
  "CVE-2023-44467",
69520
70956
  "CVE-2023-48022",
69521
70957
  "CVE-2023-51449",
70958
+ "CVE-2023-6016",
69522
70959
  "CVE-2023-6019",
69523
70960
  "CVE-2023-6021",
69524
70961
  "CVE-2024-0129",
@@ -69532,6 +70969,8 @@
69532
70969
  "CVE-2024-21513",
69533
70970
  "CVE-2024-21575",
69534
70971
  "CVE-2024-21576",
70972
+ "CVE-2024-24590",
70973
+ "CVE-2024-24591",
69535
70974
  "CVE-2024-27132",
69536
70975
  "CVE-2024-3094",
69537
70976
  "CVE-2024-3154",
@@ -70266,7 +71705,10 @@
70266
71705
  },
70267
71706
  "related_cves": [
70268
71707
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
71708
+ "CVE-2023-6016",
70269
71709
  "CVE-2024-12366",
71710
+ "CVE-2024-24590",
71711
+ "CVE-2024-24591",
70270
71712
  "CVE-2024-3094",
70271
71713
  "CVE-2024-3154",
70272
71714
  "CVE-2024-5565",
@@ -70505,6 +71947,7 @@
70505
71947
  "CVE-2023-44467",
70506
71948
  "CVE-2023-48022",
70507
71949
  "CVE-2023-51449",
71950
+ "CVE-2023-6016",
70508
71951
  "CVE-2023-6019",
70509
71952
  "CVE-2023-6021",
70510
71953
  "CVE-2024-0129",
@@ -70518,6 +71961,8 @@
70518
71961
  "CVE-2024-21513",
70519
71962
  "CVE-2024-21575",
70520
71963
  "CVE-2024-21576",
71964
+ "CVE-2024-24590",
71965
+ "CVE-2024-24591",
70521
71966
  "CVE-2024-27132",
70522
71967
  "CVE-2024-3094",
70523
71968
  "CVE-2024-3154",
@@ -71736,6 +73181,7 @@
71736
73181
  "CVE-2023-44467",
71737
73182
  "CVE-2023-48022",
71738
73183
  "CVE-2023-51449",
73184
+ "CVE-2023-6016",
71739
73185
  "CVE-2023-6019",
71740
73186
  "CVE-2023-6021",
71741
73187
  "CVE-2024-0129",
@@ -71749,6 +73195,8 @@
71749
73195
  "CVE-2024-21513",
71750
73196
  "CVE-2024-21575",
71751
73197
  "CVE-2024-21576",
73198
+ "CVE-2024-24590",
73199
+ "CVE-2024-24591",
71752
73200
  "CVE-2024-27132",
71753
73201
  "CVE-2024-3094",
71754
73202
  "CVE-2024-3154",
@@ -72010,7 +73458,10 @@
72010
73458
  },
72011
73459
  "related_cves": [
72012
73460
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
73461
+ "CVE-2023-6016",
72013
73462
  "CVE-2024-12366",
73463
+ "CVE-2024-24590",
73464
+ "CVE-2024-24591",
72014
73465
  "CVE-2024-3094",
72015
73466
  "CVE-2024-3154",
72016
73467
  "CVE-2024-5565",
@@ -72206,7 +73657,10 @@
72206
73657
  },
72207
73658
  "related_cves": [
72208
73659
  "CVE-2023-43472",
73660
+ "CVE-2023-6016",
72209
73661
  "CVE-2024-12366",
73662
+ "CVE-2024-24590",
73663
+ "CVE-2024-24591",
72210
73664
  "CVE-2024-3094",
72211
73665
  "CVE-2024-5565",
72212
73666
  "CVE-2025-0133",
@@ -73133,6 +74587,7 @@
73133
74587
  "CVE-2023-44467",
73134
74588
  "CVE-2023-48022",
73135
74589
  "CVE-2023-51449",
74590
+ "CVE-2023-6016",
73136
74591
  "CVE-2023-6019",
73137
74592
  "CVE-2023-6021",
73138
74593
  "CVE-2024-0129",
@@ -73146,6 +74601,8 @@
73146
74601
  "CVE-2024-21513",
73147
74602
  "CVE-2024-21575",
73148
74603
  "CVE-2024-21576",
74604
+ "CVE-2024-24590",
74605
+ "CVE-2024-24591",
73149
74606
  "CVE-2024-27132",
73150
74607
  "CVE-2024-3094",
73151
74608
  "CVE-2024-3154",
@@ -73495,6 +74952,7 @@
73495
74952
  "CVE-2023-50224",
73496
74953
  "CVE-2023-51449",
73497
74954
  "CVE-2023-52163",
74955
+ "CVE-2023-6016",
73498
74956
  "CVE-2023-6019",
73499
74957
  "CVE-2023-6021",
73500
74958
  "CVE-2024-0129",
@@ -73513,6 +74971,8 @@
73513
74971
  "CVE-2024-21575",
73514
74972
  "CVE-2024-21576",
73515
74973
  "CVE-2024-21762",
74974
+ "CVE-2024-24590",
74975
+ "CVE-2024-24591",
73516
74976
  "CVE-2024-27132",
73517
74977
  "CVE-2024-27199",
73518
74978
  "CVE-2024-27443",
@@ -74071,6 +75531,7 @@
74071
75531
  "CVE-2023-44467",
74072
75532
  "CVE-2023-48022",
74073
75533
  "CVE-2023-51449",
75534
+ "CVE-2023-6016",
74074
75535
  "CVE-2023-6019",
74075
75536
  "CVE-2023-6021",
74076
75537
  "CVE-2024-0129",
@@ -74084,6 +75545,8 @@
74084
75545
  "CVE-2024-21513",
74085
75546
  "CVE-2024-21575",
74086
75547
  "CVE-2024-21576",
75548
+ "CVE-2024-24590",
75549
+ "CVE-2024-24591",
74087
75550
  "CVE-2024-27132",
74088
75551
  "CVE-2024-3094",
74089
75552
  "CVE-2024-3154",
@@ -74448,7 +75911,10 @@
74448
75911
  "related_cves": [
74449
75912
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
74450
75913
  "CVE-2023-43472",
75914
+ "CVE-2023-6016",
74451
75915
  "CVE-2024-12366",
75916
+ "CVE-2024-24590",
75917
+ "CVE-2024-24591",
74452
75918
  "CVE-2024-3094",
74453
75919
  "CVE-2024-3154",
74454
75920
  "CVE-2024-5565",
@@ -74736,7 +76202,10 @@
74736
76202
  },
74737
76203
  "related_cves": [
74738
76204
  "CVE-2023-43472",
76205
+ "CVE-2023-6016",
74739
76206
  "CVE-2024-12366",
76207
+ "CVE-2024-24590",
76208
+ "CVE-2024-24591",
74740
76209
  "CVE-2024-3094",
74741
76210
  "CVE-2024-5565",
74742
76211
  "CVE-2025-0133",
@@ -75056,6 +76525,7 @@
75056
76525
  "CVE-2023-44467",
75057
76526
  "CVE-2023-48022",
75058
76527
  "CVE-2023-51449",
76528
+ "CVE-2023-6016",
75059
76529
  "CVE-2023-6019",
75060
76530
  "CVE-2023-6021",
75061
76531
  "CVE-2024-0129",
@@ -75069,6 +76539,8 @@
75069
76539
  "CVE-2024-21513",
75070
76540
  "CVE-2024-21575",
75071
76541
  "CVE-2024-21576",
76542
+ "CVE-2024-24590",
76543
+ "CVE-2024-24591",
75072
76544
  "CVE-2024-27132",
75073
76545
  "CVE-2024-3094",
75074
76546
  "CVE-2024-3154",
@@ -75404,8 +76876,10 @@
75404
76876
  "CVE-2023-44467",
75405
76877
  "CVE-2023-48022",
75406
76878
  "CVE-2023-51449",
76879
+ "CVE-2023-6016",
75407
76880
  "CVE-2023-6019",
75408
76881
  "CVE-2023-6021",
76882
+ "CVE-2023-6038",
75409
76883
  "CVE-2024-0129",
75410
76884
  "CVE-2024-0132",
75411
76885
  "CVE-2024-11392",
@@ -75417,6 +76891,8 @@
75417
76891
  "CVE-2024-21513",
75418
76892
  "CVE-2024-21575",
75419
76893
  "CVE-2024-21576",
76894
+ "CVE-2024-24590",
76895
+ "CVE-2024-24591",
75420
76896
  "CVE-2024-27132",
75421
76897
  "CVE-2024-37032",
75422
76898
  "CVE-2024-39722",
@@ -75627,7 +77103,10 @@
75627
77103
  "related_cves": [
75628
77104
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
75629
77105
  "CVE-2023-43472",
77106
+ "CVE-2023-6016",
75630
77107
  "CVE-2024-12366",
77108
+ "CVE-2024-24590",
77109
+ "CVE-2024-24591",
75631
77110
  "CVE-2024-3094",
75632
77111
  "CVE-2024-3154",
75633
77112
  "CVE-2024-5565",
@@ -76347,6 +77826,7 @@
76347
77826
  "CVE-2023-44467",
76348
77827
  "CVE-2023-48022",
76349
77828
  "CVE-2023-51449",
77829
+ "CVE-2023-6016",
76350
77830
  "CVE-2023-6019",
76351
77831
  "CVE-2023-6021",
76352
77832
  "CVE-2024-0129",
@@ -76360,6 +77840,8 @@
76360
77840
  "CVE-2024-21513",
76361
77841
  "CVE-2024-21575",
76362
77842
  "CVE-2024-21576",
77843
+ "CVE-2024-24590",
77844
+ "CVE-2024-24591",
76363
77845
  "CVE-2024-27132",
76364
77846
  "CVE-2024-3094",
76365
77847
  "CVE-2024-3154",
@@ -76681,8 +78163,10 @@
76681
78163
  "CVE-2023-44467",
76682
78164
  "CVE-2023-48022",
76683
78165
  "CVE-2023-51449",
78166
+ "CVE-2023-6016",
76684
78167
  "CVE-2023-6019",
76685
78168
  "CVE-2023-6021",
78169
+ "CVE-2023-6038",
76686
78170
  "CVE-2024-0129",
76687
78171
  "CVE-2024-0132",
76688
78172
  "CVE-2024-11392",
@@ -76694,6 +78178,8 @@
76694
78178
  "CVE-2024-21513",
76695
78179
  "CVE-2024-21575",
76696
78180
  "CVE-2024-21576",
78181
+ "CVE-2024-24590",
78182
+ "CVE-2024-24591",
76697
78183
  "CVE-2024-27132",
76698
78184
  "CVE-2024-3094",
76699
78185
  "CVE-2024-37032",