@blamejs/exceptd-skills 0.13.104 → 0.13.105

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +680 -0
  6. package/data/atlas-ttps.json +4 -0
  7. package/data/attack-techniques.json +5 -0
  8. package/data/cve-catalog.json +211 -0
  9. package/data/cwe-catalog.json +2 -0
  10. package/data/framework-control-gaps.json +18 -0
  11. package/data/zeroday-lessons.json +100 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/data/_indexes/chains.json CHANGED
@@ -40956,6 +40956,658 @@
40956
40956
  ]
40957
40957
  }
40958
40958
  },
40959
+ "CVE-2023-6016": {
40960
+ "name": "H2O-3 POJO Model Import Unauthenticated Remote Code Execution",
40961
+ "rwep": 48,
40962
+ "cvss": 9.8,
40963
+ "cisa_kev": false,
40964
+ "epss_score": null,
40965
+ "referencing_skills": [
40966
+ "ai-attack-surface",
40967
+ "mcp-agent-trust",
40968
+ "compliance-theater",
40969
+ "rag-pipeline-security",
40970
+ "ai-c2-detection",
40971
+ "threat-modeling-methodology",
40972
+ "webapp-security",
40973
+ "api-security",
40974
+ "cloud-security",
40975
+ "container-runtime-security",
40976
+ "email-security-anti-phishing"
40977
+ ],
40978
+ "chain": {
40979
+ "cwes": [
40980
+ {
40981
+ "id": "CWE-1039",
40982
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
40983
+ "category": "AI/ML"
40984
+ },
40985
+ {
40986
+ "id": "CWE-1188",
40987
+ "name": "Initialization of a Resource with an Insecure Default",
40988
+ "category": "Configuration"
40989
+ },
40990
+ {
40991
+ "id": "CWE-1395",
40992
+ "name": "Dependency on Vulnerable Third-Party Component",
40993
+ "category": "Supply Chain"
40994
+ },
40995
+ {
40996
+ "id": "CWE-1426",
40997
+ "name": "Improper Validation of Generative AI Output",
40998
+ "category": "AI/ML"
40999
+ },
41000
+ {
41001
+ "id": "CWE-200",
41002
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
41003
+ "category": "Information Exposure"
41004
+ },
41005
+ {
41006
+ "id": "CWE-22",
41007
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
41008
+ "category": "Path/Resource"
41009
+ },
41010
+ {
41011
+ "id": "CWE-269",
41012
+ "name": "Improper Privilege Management",
41013
+ "category": "Authorization"
41014
+ },
41015
+ {
41016
+ "id": "CWE-287",
41017
+ "name": "Improper Authentication",
41018
+ "category": "Authentication"
41019
+ },
41020
+ {
41021
+ "id": "CWE-345",
41022
+ "name": "Insufficient Verification of Data Authenticity",
41023
+ "category": "Authenticity / Supply Chain"
41024
+ },
41025
+ {
41026
+ "id": "CWE-352",
41027
+ "name": "Cross-Site Request Forgery (CSRF)",
41028
+ "category": "Session"
41029
+ },
41030
+ {
41031
+ "id": "CWE-434",
41032
+ "name": "Unrestricted Upload of File with Dangerous Type",
41033
+ "category": "File Handling"
41034
+ },
41035
+ {
41036
+ "id": "CWE-494",
41037
+ "name": "Download of Code Without Integrity Check",
41038
+ "category": "Supply Chain"
41039
+ },
41040
+ {
41041
+ "id": "CWE-502",
41042
+ "name": "Deserialization of Untrusted Data",
41043
+ "category": "Serialization"
41044
+ },
41045
+ {
41046
+ "id": "CWE-732",
41047
+ "name": "Incorrect Permission Assignment for Critical Resource",
41048
+ "category": "Authorization"
41049
+ },
41050
+ {
41051
+ "id": "CWE-77",
41052
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
41053
+ "category": "Injection"
41054
+ },
41055
+ {
41056
+ "id": "CWE-78",
41057
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
41058
+ "category": "Injection"
41059
+ },
41060
+ {
41061
+ "id": "CWE-787",
41062
+ "name": "Out-of-bounds Write",
41063
+ "category": "Memory Safety"
41064
+ },
41065
+ {
41066
+ "id": "CWE-79",
41067
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
41068
+ "category": "Injection"
41069
+ },
41070
+ {
41071
+ "id": "CWE-798",
41072
+ "name": "Use of Hard-coded Credentials",
41073
+ "category": "Credentials"
41074
+ },
41075
+ {
41076
+ "id": "CWE-862",
41077
+ "name": "Missing Authorization",
41078
+ "category": "Authorization"
41079
+ },
41080
+ {
41081
+ "id": "CWE-863",
41082
+ "name": "Incorrect Authorization",
41083
+ "category": "Authorization"
41084
+ },
41085
+ {
41086
+ "id": "CWE-89",
41087
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
41088
+ "category": "Injection"
41089
+ },
41090
+ {
41091
+ "id": "CWE-918",
41092
+ "name": "Server-Side Request Forgery (SSRF)",
41093
+ "category": "Network"
41094
+ },
41095
+ {
41096
+ "id": "CWE-94",
41097
+ "name": "Improper Control of Generation of Code (Code Injection)",
41098
+ "category": "Injection"
41099
+ }
41100
+ ],
41101
+ "atlas": [
41102
+ {
41103
+ "id": "AML.T0010",
41104
+ "name": "ML Supply Chain Compromise",
41105
+ "tactic": "Initial Access"
41106
+ },
41107
+ {
41108
+ "id": "AML.T0016",
41109
+ "name": "Obtain Capabilities: Develop Capabilities",
41110
+ "tactic": "Resource Development"
41111
+ },
41112
+ {
41113
+ "id": "AML.T0017",
41114
+ "name": "Discover ML Model Ontology",
41115
+ "tactic": "Discovery"
41116
+ },
41117
+ {
41118
+ "id": "AML.T0018",
41119
+ "name": "Backdoor ML Model",
41120
+ "tactic": "Persistence"
41121
+ },
41122
+ {
41123
+ "id": "AML.T0020",
41124
+ "name": "Poison Training Data",
41125
+ "tactic": "ML Attack Staging"
41126
+ },
41127
+ {
41128
+ "id": "AML.T0043",
41129
+ "name": "Craft Adversarial Data",
41130
+ "tactic": "ML Attack Staging"
41131
+ },
41132
+ {
41133
+ "id": "AML.T0051",
41134
+ "name": "LLM Prompt Injection",
41135
+ "tactic": "Execution"
41136
+ },
41137
+ {
41138
+ "id": "AML.T0054",
41139
+ "name": "LLM Jailbreak",
41140
+ "tactic": "Defense Evasion"
41141
+ },
41142
+ {
41143
+ "id": "AML.T0096",
41144
+ "name": "AI API as Covert C2 Channel",
41145
+ "tactic": "Command and Control"
41146
+ }
41147
+ ],
41148
+ "d3fend": [
41149
+ {
41150
+ "id": "D3-CA",
41151
+ "name": "Certificate Analysis",
41152
+ "tactic": "Detect"
41153
+ },
41154
+ {
41155
+ "id": "D3-CBAN",
41156
+ "name": "Certificate-based Authentication",
41157
+ "tactic": "Harden"
41158
+ },
41159
+ {
41160
+ "id": "D3-CSPP",
41161
+ "name": "Client-server Payload Profiling",
41162
+ "tactic": "Detect"
41163
+ },
41164
+ {
41165
+ "id": "D3-DA",
41166
+ "name": "Domain Analysis",
41167
+ "tactic": "Detect"
41168
+ },
41169
+ {
41170
+ "id": "D3-EAL",
41171
+ "name": "Executable Allowlisting",
41172
+ "tactic": "Harden"
41173
+ },
41174
+ {
41175
+ "id": "D3-EHB",
41176
+ "name": "Executable Hashbased Allowlist",
41177
+ "tactic": "Harden"
41178
+ },
41179
+ {
41180
+ "id": "D3-IOPR",
41181
+ "name": "Input/Output Profiling Resource",
41182
+ "tactic": "Detect"
41183
+ },
41184
+ {
41185
+ "id": "D3-MFA",
41186
+ "name": "Multi-factor Authentication",
41187
+ "tactic": "Harden"
41188
+ },
41189
+ {
41190
+ "id": "D3-NI",
41191
+ "name": "Network Isolation",
41192
+ "tactic": "Isolate"
41193
+ },
41194
+ {
41195
+ "id": "D3-NTA",
41196
+ "name": "Network Traffic Analysis",
41197
+ "tactic": "Detect"
41198
+ },
41199
+ {
41200
+ "id": "D3-NTPM",
41201
+ "name": "Network Traffic Policy Mapping",
41202
+ "tactic": "Model"
41203
+ }
41204
+ ],
41205
+ "framework_gaps": [
41206
+ {
41207
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
41208
+ "framework": "ALL",
41209
+ "control_name": "AI Pipeline Integrity"
41210
+ },
41211
+ {
41212
+ "id": "ALL-MCP-TOOL-TRUST",
41213
+ "framework": "ALL",
41214
+ "control_name": "MCP/Agent Tool Trust Boundaries"
41215
+ },
41216
+ {
41217
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
41218
+ "framework": "ALL",
41219
+ "control_name": "Prompt Injection as Access Control Failure"
41220
+ },
41221
+ {
41222
+ "id": "CMMC-2.0-Level-2",
41223
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
41224
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
41225
+ },
41226
+ {
41227
+ "id": "FedRAMP-Rev5-Moderate",
41228
+ "framework": "FedRAMP Rev 5 Moderate",
41229
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
41230
+ },
41231
+ {
41232
+ "id": "ISO-27001-2022-A.8.16",
41233
+ "framework": "ISO/IEC 27001:2022",
41234
+ "control_name": "Monitoring activities"
41235
+ },
41236
+ {
41237
+ "id": "ISO-27001-2022-A.8.28",
41238
+ "framework": "ISO/IEC 27001:2022",
41239
+ "control_name": "Secure coding"
41240
+ },
41241
+ {
41242
+ "id": "ISO-27001-2022-A.8.30",
41243
+ "framework": "ISO/IEC 27001:2022",
41244
+ "control_name": "Outsourced development"
41245
+ },
41246
+ {
41247
+ "id": "ISO-IEC-23894-2023-clause-7",
41248
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
41249
+ "control_name": "AI risk management process"
41250
+ },
41251
+ {
41252
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
41253
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
41254
+ "control_name": "AI risk assessment"
41255
+ },
41256
+ {
41257
+ "id": "NIST-800-218-SSDF",
41258
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
41259
+ "control_name": "Secure Software Development Framework"
41260
+ },
41261
+ {
41262
+ "id": "NIST-800-53-AC-2",
41263
+ "framework": "NIST SP 800-53 Rev 5",
41264
+ "control_name": "Account Management"
41265
+ },
41266
+ {
41267
+ "id": "NIST-800-53-CM-7",
41268
+ "framework": "NIST SP 800-53 Rev 5",
41269
+ "control_name": "Least Functionality"
41270
+ },
41271
+ {
41272
+ "id": "NIST-800-53-SA-12",
41273
+ "framework": "NIST SP 800-53 Rev 5",
41274
+ "control_name": "Supply Chain Protection"
41275
+ },
41276
+ {
41277
+ "id": "NIST-800-53-SC-7",
41278
+ "framework": "NIST SP 800-53 Rev 5",
41279
+ "control_name": "Boundary Protection"
41280
+ },
41281
+ {
41282
+ "id": "NIST-800-53-SI-12",
41283
+ "framework": "NIST SP 800-53 Rev 5",
41284
+ "control_name": "Information Management and Retention"
41285
+ },
41286
+ {
41287
+ "id": "NIST-800-53-SI-3",
41288
+ "framework": "NIST SP 800-53 Rev 5",
41289
+ "control_name": "Malicious Code Protection"
41290
+ },
41291
+ {
41292
+ "id": "NIST-AI-RMF-MEASURE-2.5",
41293
+ "framework": "NIST AI RMF 1.0",
41294
+ "control_name": "AI system to human interaction evaluation"
41295
+ },
41296
+ {
41297
+ "id": "OWASP-ASVS-v5.0-V14",
41298
+ "framework": "OWASP ASVS v5.0",
41299
+ "control_name": "Configuration verification"
41300
+ },
41301
+ {
41302
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
41303
+ "framework": "OWASP Top 10 for LLM Applications 2025",
41304
+ "control_name": "Prompt Injection"
41305
+ },
41306
+ {
41307
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
41308
+ "framework": "OWASP Top 10 for LLM Applications 2025",
41309
+ "control_name": "Sensitive Information Disclosure"
41310
+ },
41311
+ {
41312
+ "id": "OWASP-LLM-Top-10-2025-LLM06",
41313
+ "framework": "OWASP Top 10 for LLM Applications 2025",
41314
+ "control_name": "Excessive Agency"
41315
+ },
41316
+ {
41317
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
41318
+ "framework": "OWASP Top 10 for LLM Applications 2025",
41319
+ "control_name": "Vector and Embedding Weaknesses"
41320
+ },
41321
+ {
41322
+ "id": "SLSA-v1.0-Build-L3",
41323
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
41324
+ "control_name": "Hardened build platform with non-falsifiable provenance"
41325
+ },
41326
+ {
41327
+ "id": "SOC2-CC6-logical-access",
41328
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
41329
+ "control_name": "Logical and Physical Access Controls"
41330
+ },
41331
+ {
41332
+ "id": "SOC2-CC7-anomaly-detection",
41333
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
41334
+ "control_name": "System Operations — Threat and Vulnerability Management"
41335
+ },
41336
+ {
41337
+ "id": "SOC2-CC9-vendor-management",
41338
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
41339
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
41340
+ },
41341
+ {
41342
+ "id": "SWIFT-CSCF-v2026-1.1",
41343
+ "framework": "SWIFT Customer Security Controls Framework v2026",
41344
+ "control_name": "SWIFT Environment Protection"
41345
+ }
41346
+ ],
41347
+ "attack_refs": [
41348
+ "T1059",
41349
+ "T1068",
41350
+ "T1071",
41351
+ "T1078",
41352
+ "T1102",
41353
+ "T1190",
41354
+ "T1195.001",
41355
+ "T1505",
41356
+ "T1530",
41357
+ "T1552",
41358
+ "T1565",
41359
+ "T1566",
41360
+ "T1566.001",
41361
+ "T1566.002",
41362
+ "T1566.003",
41363
+ "T1567",
41364
+ "T1568",
41365
+ "T1610",
41366
+ "T1611"
41367
+ ],
41368
+ "rfc_refs": [
41369
+ "RFC-6749",
41370
+ "RFC-7519",
41371
+ "RFC-8032",
41372
+ "RFC-8446",
41373
+ "RFC-8725",
41374
+ "RFC-9000",
41375
+ "RFC-9114",
41376
+ "RFC-9180",
41377
+ "RFC-9421",
41378
+ "RFC-9458",
41379
+ "RFC-9700"
41380
+ ]
41381
+ }
41382
+ },
41383
+ "CVE-2023-6038": {
41384
+ "name": "H2O-3 REST API Unauthenticated Local File Inclusion (Arbitrary File Read)",
41385
+ "rwep": 38,
41386
+ "cvss": 7.5,
41387
+ "cisa_kev": false,
41388
+ "epss_score": null,
41389
+ "referencing_skills": [
41390
+ "ai-attack-surface",
41391
+ "compliance-theater",
41392
+ "ai-c2-detection",
41393
+ "dlp-gap-analysis"
41394
+ ],
41395
+ "chain": {
41396
+ "cwes": [
41397
+ {
41398
+ "id": "CWE-1039",
41399
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
41400
+ "category": "AI/ML"
41401
+ },
41402
+ {
41403
+ "id": "CWE-1426",
41404
+ "name": "Improper Validation of Generative AI Output",
41405
+ "category": "AI/ML"
41406
+ },
41407
+ {
41408
+ "id": "CWE-200",
41409
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
41410
+ "category": "Information Exposure"
41411
+ },
41412
+ {
41413
+ "id": "CWE-94",
41414
+ "name": "Improper Control of Generation of Code (Code Injection)",
41415
+ "category": "Injection"
41416
+ }
41417
+ ],
41418
+ "atlas": [
41419
+ {
41420
+ "id": "AML.T0016",
41421
+ "name": "Obtain Capabilities: Develop Capabilities",
41422
+ "tactic": "Resource Development"
41423
+ },
41424
+ {
41425
+ "id": "AML.T0017",
41426
+ "name": "Discover ML Model Ontology",
41427
+ "tactic": "Discovery"
41428
+ },
41429
+ {
41430
+ "id": "AML.T0018",
41431
+ "name": "Backdoor ML Model",
41432
+ "tactic": "Persistence"
41433
+ },
41434
+ {
41435
+ "id": "AML.T0020",
41436
+ "name": "Poison Training Data",
41437
+ "tactic": "ML Attack Staging"
41438
+ },
41439
+ {
41440
+ "id": "AML.T0043",
41441
+ "name": "Craft Adversarial Data",
41442
+ "tactic": "ML Attack Staging"
41443
+ },
41444
+ {
41445
+ "id": "AML.T0051",
41446
+ "name": "LLM Prompt Injection",
41447
+ "tactic": "Execution"
41448
+ },
41449
+ {
41450
+ "id": "AML.T0054",
41451
+ "name": "LLM Jailbreak",
41452
+ "tactic": "Defense Evasion"
41453
+ },
41454
+ {
41455
+ "id": "AML.T0096",
41456
+ "name": "AI API as Covert C2 Channel",
41457
+ "tactic": "Command and Control"
41458
+ }
41459
+ ],
41460
+ "d3fend": [
41461
+ {
41462
+ "id": "D3-CA",
41463
+ "name": "Certificate Analysis",
41464
+ "tactic": "Detect"
41465
+ },
41466
+ {
41467
+ "id": "D3-CSPP",
41468
+ "name": "Client-server Payload Profiling",
41469
+ "tactic": "Detect"
41470
+ },
41471
+ {
41472
+ "id": "D3-DA",
41473
+ "name": "Domain Analysis",
41474
+ "tactic": "Detect"
41475
+ },
41476
+ {
41477
+ "id": "D3-EAL",
41478
+ "name": "Executable Allowlisting",
41479
+ "tactic": "Harden"
41480
+ },
41481
+ {
41482
+ "id": "D3-IOPR",
41483
+ "name": "Input/Output Profiling Resource",
41484
+ "tactic": "Detect"
41485
+ },
41486
+ {
41487
+ "id": "D3-NI",
41488
+ "name": "Network Isolation",
41489
+ "tactic": "Isolate"
41490
+ },
41491
+ {
41492
+ "id": "D3-NTA",
41493
+ "name": "Network Traffic Analysis",
41494
+ "tactic": "Detect"
41495
+ },
41496
+ {
41497
+ "id": "D3-NTPM",
41498
+ "name": "Network Traffic Policy Mapping",
41499
+ "tactic": "Model"
41500
+ }
41501
+ ],
41502
+ "framework_gaps": [
41503
+ {
41504
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
41505
+ "framework": "ALL",
41506
+ "control_name": "AI Pipeline Integrity"
41507
+ },
41508
+ {
41509
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
41510
+ "framework": "ALL",
41511
+ "control_name": "Prompt Injection as Access Control Failure"
41512
+ },
41513
+ {
41514
+ "id": "CMMC-2.0-Level-2",
41515
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
41516
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
41517
+ },
41518
+ {
41519
+ "id": "FedRAMP-Rev5-Moderate",
41520
+ "framework": "FedRAMP Rev 5 Moderate",
41521
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
41522
+ },
41523
+ {
41524
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
41525
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
41526
+ "control_name": "Access control standard (technical safeguards)"
41527
+ },
41528
+ {
41529
+ "id": "ISO-27001-2022-A.8.16",
41530
+ "framework": "ISO/IEC 27001:2022",
41531
+ "control_name": "Monitoring activities"
41532
+ },
41533
+ {
41534
+ "id": "ISO-27001-2022-A.8.28",
41535
+ "framework": "ISO/IEC 27001:2022",
41536
+ "control_name": "Secure coding"
41537
+ },
41538
+ {
41539
+ "id": "ISO-IEC-23894-2023-clause-7",
41540
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
41541
+ "control_name": "AI risk management process"
41542
+ },
41543
+ {
41544
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
41545
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
41546
+ "control_name": "AI risk assessment"
41547
+ },
41548
+ {
41549
+ "id": "NIST-800-53-AC-2",
41550
+ "framework": "NIST SP 800-53 Rev 5",
41551
+ "control_name": "Account Management"
41552
+ },
41553
+ {
41554
+ "id": "NIST-800-53-SC-28",
41555
+ "framework": "NIST SP 800-53 Rev 5",
41556
+ "control_name": "Protection of Information at Rest"
41557
+ },
41558
+ {
41559
+ "id": "NIST-800-53-SC-7",
41560
+ "framework": "NIST SP 800-53 Rev 5",
41561
+ "control_name": "Boundary Protection"
41562
+ },
41563
+ {
41564
+ "id": "NIST-800-53-SI-3",
41565
+ "framework": "NIST SP 800-53 Rev 5",
41566
+ "control_name": "Malicious Code Protection"
41567
+ },
41568
+ {
41569
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
41570
+ "framework": "OWASP Top 10 for LLM Applications 2025",
41571
+ "control_name": "Prompt Injection"
41572
+ },
41573
+ {
41574
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
41575
+ "framework": "OWASP Top 10 for LLM Applications 2025",
41576
+ "control_name": "Sensitive Information Disclosure"
41577
+ },
41578
+ {
41579
+ "id": "SOC2-CC6-logical-access",
41580
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
41581
+ "control_name": "Logical and Physical Access Controls"
41582
+ },
41583
+ {
41584
+ "id": "SOC2-CC7-anomaly-detection",
41585
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
41586
+ "control_name": "System Operations — Threat and Vulnerability Management"
41587
+ }
41588
+ ],
41589
+ "attack_refs": [
41590
+ "T1041",
41591
+ "T1059",
41592
+ "T1071",
41593
+ "T1102",
41594
+ "T1190",
41595
+ "T1213",
41596
+ "T1530",
41597
+ "T1566",
41598
+ "T1567",
41599
+ "T1568"
41600
+ ],
41601
+ "rfc_refs": [
41602
+ "RFC-8446",
41603
+ "RFC-9000",
41604
+ "RFC-9114",
41605
+ "RFC-9180",
41606
+ "RFC-9421",
41607
+ "RFC-9458"
41608
+ ]
41609
+ }
41610
+ },
40959
41611
  "CVE-2026-41091": {
40960
41612
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
40961
41613
  "rwep": 45,
@@ -67337,6 +67989,7 @@
67337
67989
  "CVE-2023-44467",
67338
67990
  "CVE-2023-48022",
67339
67991
  "CVE-2023-51449",
67992
+ "CVE-2023-6016",
67340
67993
  "CVE-2023-6019",
67341
67994
  "CVE-2023-6021",
67342
67995
  "CVE-2024-0129",
@@ -67601,6 +68254,7 @@
67601
68254
  "related_cves": [
67602
68255
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
67603
68256
  "CVE-2023-43472",
68257
+ "CVE-2023-6016",
67604
68258
  "CVE-2024-12366",
67605
68259
  "CVE-2024-24590",
67606
68260
  "CVE-2024-24591",
@@ -67757,6 +68411,7 @@
67757
68411
  "CVE-2023-44467",
67758
68412
  "CVE-2023-48022",
67759
68413
  "CVE-2023-51449",
68414
+ "CVE-2023-6016",
67760
68415
  "CVE-2023-6019",
67761
68416
  "CVE-2023-6021",
67762
68417
  "CVE-2024-0129",
@@ -67962,6 +68617,7 @@
67962
68617
  "CVE-2023-44467",
67963
68618
  "CVE-2023-48022",
67964
68619
  "CVE-2023-51449",
68620
+ "CVE-2023-6016",
67965
68621
  "CVE-2023-6019",
67966
68622
  "CVE-2023-6021",
67967
68623
  "CVE-2024-0129",
@@ -68181,6 +68837,7 @@
68181
68837
  "CVE-2023-44467",
68182
68838
  "CVE-2023-48022",
68183
68839
  "CVE-2023-51449",
68840
+ "CVE-2023-6016",
68184
68841
  "CVE-2023-6019",
68185
68842
  "CVE-2023-6021",
68186
68843
  "CVE-2024-0129",
@@ -68504,8 +69161,10 @@
68504
69161
  "CVE-2023-44467",
68505
69162
  "CVE-2023-48022",
68506
69163
  "CVE-2023-51449",
69164
+ "CVE-2023-6016",
68507
69165
  "CVE-2023-6019",
68508
69166
  "CVE-2023-6021",
69167
+ "CVE-2023-6038",
68509
69168
  "CVE-2024-0129",
68510
69169
  "CVE-2024-0132",
68511
69170
  "CVE-2024-11392",
@@ -69272,6 +69931,8 @@
69272
69931
  "CVE-2023-43472",
69273
69932
  "CVE-2023-48022",
69274
69933
  "CVE-2023-51449",
69934
+ "CVE-2023-6016",
69935
+ "CVE-2023-6038",
69275
69936
  "CVE-2024-0132",
69276
69937
  "CVE-2024-12366",
69277
69938
  "CVE-2024-1561",
@@ -69649,6 +70310,7 @@
69649
70310
  "CVE-2023-44467",
69650
70311
  "CVE-2023-48022",
69651
70312
  "CVE-2023-51449",
70313
+ "CVE-2023-6016",
69652
70314
  "CVE-2023-6019",
69653
70315
  "CVE-2023-6021",
69654
70316
  "CVE-2024-0129",
@@ -70293,6 +70955,7 @@
70293
70955
  "CVE-2023-44467",
70294
70956
  "CVE-2023-48022",
70295
70957
  "CVE-2023-51449",
70958
+ "CVE-2023-6016",
70296
70959
  "CVE-2023-6019",
70297
70960
  "CVE-2023-6021",
70298
70961
  "CVE-2024-0129",
@@ -71042,6 +71705,7 @@
71042
71705
  },
71043
71706
  "related_cves": [
71044
71707
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
71708
+ "CVE-2023-6016",
71045
71709
  "CVE-2024-12366",
71046
71710
  "CVE-2024-24590",
71047
71711
  "CVE-2024-24591",
@@ -71283,6 +71947,7 @@
71283
71947
  "CVE-2023-44467",
71284
71948
  "CVE-2023-48022",
71285
71949
  "CVE-2023-51449",
71950
+ "CVE-2023-6016",
71286
71951
  "CVE-2023-6019",
71287
71952
  "CVE-2023-6021",
71288
71953
  "CVE-2024-0129",
@@ -72516,6 +73181,7 @@
72516
73181
  "CVE-2023-44467",
72517
73182
  "CVE-2023-48022",
72518
73183
  "CVE-2023-51449",
73184
+ "CVE-2023-6016",
72519
73185
  "CVE-2023-6019",
72520
73186
  "CVE-2023-6021",
72521
73187
  "CVE-2024-0129",
@@ -72792,6 +73458,7 @@
72792
73458
  },
72793
73459
  "related_cves": [
72794
73460
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
73461
+ "CVE-2023-6016",
72795
73462
  "CVE-2024-12366",
72796
73463
  "CVE-2024-24590",
72797
73464
  "CVE-2024-24591",
@@ -72990,6 +73657,7 @@
72990
73657
  },
72991
73658
  "related_cves": [
72992
73659
  "CVE-2023-43472",
73660
+ "CVE-2023-6016",
72993
73661
  "CVE-2024-12366",
72994
73662
  "CVE-2024-24590",
72995
73663
  "CVE-2024-24591",
@@ -73919,6 +74587,7 @@
73919
74587
  "CVE-2023-44467",
73920
74588
  "CVE-2023-48022",
73921
74589
  "CVE-2023-51449",
74590
+ "CVE-2023-6016",
73922
74591
  "CVE-2023-6019",
73923
74592
  "CVE-2023-6021",
73924
74593
  "CVE-2024-0129",
@@ -74283,6 +74952,7 @@
74283
74952
  "CVE-2023-50224",
74284
74953
  "CVE-2023-51449",
74285
74954
  "CVE-2023-52163",
74955
+ "CVE-2023-6016",
74286
74956
  "CVE-2023-6019",
74287
74957
  "CVE-2023-6021",
74288
74958
  "CVE-2024-0129",
@@ -74861,6 +75531,7 @@
74861
75531
  "CVE-2023-44467",
74862
75532
  "CVE-2023-48022",
74863
75533
  "CVE-2023-51449",
75534
+ "CVE-2023-6016",
74864
75535
  "CVE-2023-6019",
74865
75536
  "CVE-2023-6021",
74866
75537
  "CVE-2024-0129",
@@ -75240,6 +75911,7 @@
75240
75911
  "related_cves": [
75241
75912
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
75242
75913
  "CVE-2023-43472",
75914
+ "CVE-2023-6016",
75243
75915
  "CVE-2024-12366",
75244
75916
  "CVE-2024-24590",
75245
75917
  "CVE-2024-24591",
@@ -75530,6 +76202,7 @@
75530
76202
  },
75531
76203
  "related_cves": [
75532
76204
  "CVE-2023-43472",
76205
+ "CVE-2023-6016",
75533
76206
  "CVE-2024-12366",
75534
76207
  "CVE-2024-24590",
75535
76208
  "CVE-2024-24591",
@@ -75852,6 +76525,7 @@
75852
76525
  "CVE-2023-44467",
75853
76526
  "CVE-2023-48022",
75854
76527
  "CVE-2023-51449",
76528
+ "CVE-2023-6016",
75855
76529
  "CVE-2023-6019",
75856
76530
  "CVE-2023-6021",
75857
76531
  "CVE-2024-0129",
@@ -76202,8 +76876,10 @@
76202
76876
  "CVE-2023-44467",
76203
76877
  "CVE-2023-48022",
76204
76878
  "CVE-2023-51449",
76879
+ "CVE-2023-6016",
76205
76880
  "CVE-2023-6019",
76206
76881
  "CVE-2023-6021",
76882
+ "CVE-2023-6038",
76207
76883
  "CVE-2024-0129",
76208
76884
  "CVE-2024-0132",
76209
76885
  "CVE-2024-11392",
@@ -76427,6 +77103,7 @@
76427
77103
  "related_cves": [
76428
77104
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
76429
77105
  "CVE-2023-43472",
77106
+ "CVE-2023-6016",
76430
77107
  "CVE-2024-12366",
76431
77108
  "CVE-2024-24590",
76432
77109
  "CVE-2024-24591",
@@ -77149,6 +77826,7 @@
77149
77826
  "CVE-2023-44467",
77150
77827
  "CVE-2023-48022",
77151
77828
  "CVE-2023-51449",
77829
+ "CVE-2023-6016",
77152
77830
  "CVE-2023-6019",
77153
77831
  "CVE-2023-6021",
77154
77832
  "CVE-2024-0129",
@@ -77485,8 +78163,10 @@
77485
78163
  "CVE-2023-44467",
77486
78164
  "CVE-2023-48022",
77487
78165
  "CVE-2023-51449",
78166
+ "CVE-2023-6016",
77488
78167
  "CVE-2023-6019",
77489
78168
  "CVE-2023-6021",
78169
+ "CVE-2023-6038",
77490
78170
  "CVE-2024-0129",
77491
78171
  "CVE-2024-0132",
77492
78172
  "CVE-2024-11392",