@blamejs/exceptd-skills 0.13.106 → 0.13.107

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +816 -0
  6. package/data/atlas-ttps.json +6 -0
  7. package/data/attack-techniques.json +6 -0
  8. package/data/cve-catalog.json +212 -0
  9. package/data/cwe-catalog.json +2 -0
  10. package/data/framework-control-gaps.json +18 -0
  11. package/data/zeroday-lessons.json +100 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
1
  # Changelog
2
2
 
3
+ ## 0.13.107 — 2026-05-26
4
+
5
+ CVE catalog — MLflow model-artifact deserialization (a model is executable code). Adds two of the Protect AI / HiddenLayer MLflow model-flavor deserialization flaws, where loading a stored artifact runs arbitrary code. **CVE-2024-37052** (CWE-502, HiddenLayer CNA CVSS 8.8 HIGH; NVD unscored) — a maliciously crafted scikit-learn model in MLflow runs code when a user loads it. **CVE-2024-37060** (CWE-502, HiddenLayer CNA CVSS 8.8 HIGH; NVD unscored) — a maliciously crafted MLflow Recipe runs code when executed. Both affect MLflow up to 2.14.1 and have no patched version — loading an untrusted model artifact is inherently code execution — so they are scored without patch credit and the control is provenance verification plus sandboxed loading. Both map MITRE ATLAS AML.T0011.000 (unsafe AI artifacts) and ATT&CK T1204, and reuse the untrusted-model-artifact control (NEW-CTRL-091) shared with the Keras / Hugging Face / NeMo / PyTorch / H2O entries — a model artifact is executable code regardless of platform. CVE count 390 → 392.
6
+
3
7
  ## 0.13.106 — 2026-05-26
4
8
 
5
9
  CVE catalog — BentoML model-serving deserialization RCE (recurring class). Adds two unauthenticated insecure-deserialization flaws in BentoML, the model-serving / inference framework, where the serving path reconstructs an attacker-supplied serialized object without validation. **CVE-2024-2912** (CWE-1188, huntr.dev CNA CVSS 10.0 CRITICAL; NVD unscored) — BentoML before 1.2.5 deserializes a malicious object delivered to a valid serving endpoint, giving unauthenticated remote code execution; fixed in 1.2.5. **CVE-2025-27520** (CWE-502, GitHub CNA CVSS 9.8 CRITICAL; NVD unscored) — the deserialization routine in `serde.py` reconstructs an attacker-supplied object from a request, so any unauthenticated user runs code on the server; fixed in 1.4.3, the same class recurring after the 1.2.5 fix. Both are patched (scored with patch credit) and reuse the inference/serving deserialization-safety control (NEW-CTRL-086) shared with the ShadowMQ / vLLM inference-deserialization entries — a model server must never reconstruct an untrusted serialized object from a request. Upgrade BentoML to 1.4.3 or later. CVE count 388 → 390.
package/data/_indexes/_meta.json CHANGED
@@ -1,21 +1,21 @@
1
1
  {
2
2
  "schema_version": "1.1.0",
3
- "generated_at": "2026-05-26T08:54:35.024Z",
3
+ "generated_at": "2026-05-26T09:16:07.078Z",
4
4
  "generator": "scripts/build-indexes.js",
5
5
  "source_count": 54,
6
6
  "source_hashes": {
7
- "manifest.json": "76aeba3c0fd594601b4e137dea4ca7c312356ecbf5e1bee9867663140f329727",
8
- "data/atlas-ttps.json": "92ae4d6c5125f8d649315eef857aa9f457f7dfcd1250eaf8bdb6f989f77fc0d1",
9
- "data/attack-techniques.json": "f797dc6bc71586a07f543587eb744741a1828dc316088f821813322dc994392c",
10
- "data/cve-catalog.json": "cc640848c157dc4f93a1812794f9aaebd70199501f0cfc2c25e709f3ded44613",
11
- "data/cwe-catalog.json": "af8925d063082777c02773dcdf7dc563059c5815b096503b665980fd87a461c3",
7
+ "manifest.json": "df8f85afa0405b3ff9aefb48831e7cd492c9225cc88fec9f99f5ff608200fade",
8
+ "data/atlas-ttps.json": "503911af9c49ceabaa7fd180b805de82fc34f378c0bd394e9c5d579be097906d",
9
+ "data/attack-techniques.json": "e1ce625a1fed3532f1fd0cf3c211956fa4f7e8eb31faddbb6e0433b62bb5e235",
10
+ "data/cve-catalog.json": "d0c7aac820109fdb75faa6ad75148fbb35d197cd350a55b759982657f6e2d2a0",
11
+ "data/cwe-catalog.json": "d28ecf9ad95111bee0c64a9a8f7f97387f195cc6204f9a014d59acb19dd72d85",
12
12
  "data/d3fend-catalog.json": "9a54bccb9f24f84b32024216cc3f53819a053721ac8ab43c326859e68fc0ffaf",
13
13
  "data/dlp-controls.json": "d2406c482dddd30e49203879999dc4b3a7fd4d0494d6a61d86b91ee76415df19",
14
14
  "data/exploit-availability.json": "ec2656f0d9a893610e27b43eb6035fe9b18e057c9f6dfaac7e7d4959bbcbb795",
15
- "data/framework-control-gaps.json": "d2b340e76e27b5df6478addad0ff2935996aa9e0ba3488da6e9abe453b1a16ae",
15
+ "data/framework-control-gaps.json": "3fe4663c19c83d089ea3bfa88dc042b03b9c4834dfe7ab76d02f0d31fa483397",
16
16
  "data/global-frameworks.json": "9ba563a85f7f8d6c3c957de64945e20925a89d0ed6ea6fc561cf093811acf558",
17
17
  "data/rfc-references.json": "66ef2e1f444a2cf0c2700a754f0a66030bb8a91d9e68394b9537ea1fe8b904fe",
18
- "data/zeroday-lessons.json": "baa1b1487c0959815da79bf9a06bd01ac7feb395a86432a8261dc32660bc55fa",
18
+ "data/zeroday-lessons.json": "f1febf504c1916520d85f73b00e9362189d3b0263a6c896e3b21d29d172c3a02",
19
19
  "skills/kernel-lpe-triage/skill.md": "08b3e9815ba481c57c80f5fc0ccbf5bb7cbb41f570c235ba6ff9596b8c07354d",
20
20
  "skills/ai-attack-surface/skill.md": "c4c1eb22a38ca7a959b5725222bab8fbd4f4044a548a93f3e288e6f698334b72",
21
21
  "skills/mcp-agent-trust/skill.md": "89ac89084391d2341b6513fefb1be2d36b93de1c130f057696219c1c59440f13",
@@ -72,7 +72,7 @@
72
72
  "dlp_refs": 0
73
73
  },
74
74
  "trigger_table_entries": 538,
75
- "chains_cve_entries": 379,
75
+ "chains_cve_entries": 381,
76
76
  "chains_cwe_entries": 171,
77
77
  "jurisdictions_indexed": 29,
78
78
  "handoff_dag_nodes": 42,
package/data/_indexes/activity-feed.json CHANGED
@@ -149,7 +149,7 @@
149
149
  "artifact": "data/cve-catalog.json",
150
150
  "path": "data/cve-catalog.json",
151
151
  "schema_version": "1.0.0",
152
- "entry_count": 390
152
+ "entry_count": 392
153
153
  },
154
154
  {
155
155
  "date": "2026-05-18",
@@ -165,7 +165,7 @@
165
165
  "artifact": "data/zeroday-lessons.json",
166
166
  "path": "data/zeroday-lessons.json",
167
167
  "schema_version": "1.1.0",
168
- "entry_count": 385
168
+ "entry_count": 387
169
169
  },
170
170
  {
171
171
  "date": "2026-05-17",
package/data/_indexes/catalog-summaries.json CHANGED
@@ -62,7 +62,7 @@
62
62
  "rebuild_after_days": 365,
63
63
  "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
64
64
  },
65
- "entry_count": 390,
65
+ "entry_count": 392,
66
66
  "sample_keys": [
67
67
  "CVE-2025-53773",
68
68
  "CVE-2026-30615",
@@ -238,7 +238,7 @@
238
238
  "rebuild_after_days": 365,
239
239
  "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
240
240
  },
241
- "entry_count": 385,
241
+ "entry_count": 387,
242
242
  "sample_keys": [
243
243
  "CVE-2026-31431",
244
244
  "CVE-2025-53773",