@blamejs/exceptd-skills 0.13.106 → 0.13.107

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +816 -0
  6. package/data/atlas-ttps.json +6 -0
  7. package/data/attack-techniques.json +6 -0
  8. package/data/cve-catalog.json +212 -0
  9. package/data/cwe-catalog.json +2 -0
  10. package/data/framework-control-gaps.json +18 -0
  11. package/data/zeroday-lessons.json +100 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/data/_indexes/chains.json CHANGED
@@ -42456,6 +42456,772 @@
42456
42456
  ]
42457
42457
  }
42458
42458
  },
42459
+ "CVE-2024-37052": {
42460
+ "name": "MLflow scikit-learn Model Deserialization Remote Code Execution",
42461
+ "rwep": 42,
42462
+ "cvss": 8.8,
42463
+ "cisa_kev": false,
42464
+ "epss_score": null,
42465
+ "referencing_skills": [
42466
+ "kernel-lpe-triage",
42467
+ "ai-attack-surface",
42468
+ "compliance-theater",
42469
+ "rag-pipeline-security",
42470
+ "threat-modeling-methodology",
42471
+ "webapp-security",
42472
+ "api-security",
42473
+ "container-runtime-security"
42474
+ ],
42475
+ "chain": {
42476
+ "cwes": [
42477
+ {
42478
+ "id": "CWE-1039",
42479
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
42480
+ "category": "AI/ML"
42481
+ },
42482
+ {
42483
+ "id": "CWE-1188",
42484
+ "name": "Initialization of a Resource with an Insecure Default",
42485
+ "category": "Configuration"
42486
+ },
42487
+ {
42488
+ "id": "CWE-125",
42489
+ "name": "Out-of-bounds Read",
42490
+ "category": "Memory Safety"
42491
+ },
42492
+ {
42493
+ "id": "CWE-1395",
42494
+ "name": "Dependency on Vulnerable Third-Party Component",
42495
+ "category": "Supply Chain"
42496
+ },
42497
+ {
42498
+ "id": "CWE-1426",
42499
+ "name": "Improper Validation of Generative AI Output",
42500
+ "category": "AI/ML"
42501
+ },
42502
+ {
42503
+ "id": "CWE-200",
42504
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
42505
+ "category": "Information Exposure"
42506
+ },
42507
+ {
42508
+ "id": "CWE-22",
42509
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
42510
+ "category": "Path/Resource"
42511
+ },
42512
+ {
42513
+ "id": "CWE-269",
42514
+ "name": "Improper Privilege Management",
42515
+ "category": "Authorization"
42516
+ },
42517
+ {
42518
+ "id": "CWE-287",
42519
+ "name": "Improper Authentication",
42520
+ "category": "Authentication"
42521
+ },
42522
+ {
42523
+ "id": "CWE-352",
42524
+ "name": "Cross-Site Request Forgery (CSRF)",
42525
+ "category": "Session"
42526
+ },
42527
+ {
42528
+ "id": "CWE-362",
42529
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
42530
+ "category": "Concurrency"
42531
+ },
42532
+ {
42533
+ "id": "CWE-416",
42534
+ "name": "Use After Free",
42535
+ "category": "Memory Safety"
42536
+ },
42537
+ {
42538
+ "id": "CWE-434",
42539
+ "name": "Unrestricted Upload of File with Dangerous Type",
42540
+ "category": "File Handling"
42541
+ },
42542
+ {
42543
+ "id": "CWE-502",
42544
+ "name": "Deserialization of Untrusted Data",
42545
+ "category": "Serialization"
42546
+ },
42547
+ {
42548
+ "id": "CWE-672",
42549
+ "name": "Operation on a Resource after Expiration or Release",
42550
+ "category": "Memory Safety"
42551
+ },
42552
+ {
42553
+ "id": "CWE-732",
42554
+ "name": "Incorrect Permission Assignment for Critical Resource",
42555
+ "category": "Authorization"
42556
+ },
42557
+ {
42558
+ "id": "CWE-77",
42559
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
42560
+ "category": "Injection"
42561
+ },
42562
+ {
42563
+ "id": "CWE-78",
42564
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
42565
+ "category": "Injection"
42566
+ },
42567
+ {
42568
+ "id": "CWE-787",
42569
+ "name": "Out-of-bounds Write",
42570
+ "category": "Memory Safety"
42571
+ },
42572
+ {
42573
+ "id": "CWE-79",
42574
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
42575
+ "category": "Injection"
42576
+ },
42577
+ {
42578
+ "id": "CWE-862",
42579
+ "name": "Missing Authorization",
42580
+ "category": "Authorization"
42581
+ },
42582
+ {
42583
+ "id": "CWE-863",
42584
+ "name": "Incorrect Authorization",
42585
+ "category": "Authorization"
42586
+ },
42587
+ {
42588
+ "id": "CWE-89",
42589
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
42590
+ "category": "Injection"
42591
+ },
42592
+ {
42593
+ "id": "CWE-918",
42594
+ "name": "Server-Side Request Forgery (SSRF)",
42595
+ "category": "Network"
42596
+ },
42597
+ {
42598
+ "id": "CWE-94",
42599
+ "name": "Improper Control of Generation of Code (Code Injection)",
42600
+ "category": "Injection"
42601
+ }
42602
+ ],
42603
+ "atlas": [
42604
+ {
42605
+ "id": "AML.T0010",
42606
+ "name": "ML Supply Chain Compromise",
42607
+ "tactic": "Initial Access"
42608
+ },
42609
+ {
42610
+ "id": "AML.T0016",
42611
+ "name": "Obtain Capabilities: Develop Capabilities",
42612
+ "tactic": "Resource Development"
42613
+ },
42614
+ {
42615
+ "id": "AML.T0017",
42616
+ "name": "Discover ML Model Ontology",
42617
+ "tactic": "Discovery"
42618
+ },
42619
+ {
42620
+ "id": "AML.T0018",
42621
+ "name": "Backdoor ML Model",
42622
+ "tactic": "Persistence"
42623
+ },
42624
+ {
42625
+ "id": "AML.T0020",
42626
+ "name": "Poison Training Data",
42627
+ "tactic": "ML Attack Staging"
42628
+ },
42629
+ {
42630
+ "id": "AML.T0043",
42631
+ "name": "Craft Adversarial Data",
42632
+ "tactic": "ML Attack Staging"
42633
+ },
42634
+ {
42635
+ "id": "AML.T0051",
42636
+ "name": "LLM Prompt Injection",
42637
+ "tactic": "Execution"
42638
+ },
42639
+ {
42640
+ "id": "AML.T0054",
42641
+ "name": "LLM Jailbreak",
42642
+ "tactic": "Defense Evasion"
42643
+ },
42644
+ {
42645
+ "id": "AML.T0096",
42646
+ "name": "AI API as Covert C2 Channel",
42647
+ "tactic": "Command and Control"
42648
+ }
42649
+ ],
42650
+ "d3fend": [
42651
+ {
42652
+ "id": "D3-ASLR",
42653
+ "name": "Address Space Layout Randomization",
42654
+ "tactic": "Harden"
42655
+ },
42656
+ {
42657
+ "id": "D3-CSPP",
42658
+ "name": "Client-server Payload Profiling",
42659
+ "tactic": "Detect"
42660
+ },
42661
+ {
42662
+ "id": "D3-EAL",
42663
+ "name": "Executable Allowlisting",
42664
+ "tactic": "Harden"
42665
+ },
42666
+ {
42667
+ "id": "D3-IOPR",
42668
+ "name": "Input/Output Profiling Resource",
42669
+ "tactic": "Detect"
42670
+ },
42671
+ {
42672
+ "id": "D3-NTA",
42673
+ "name": "Network Traffic Analysis",
42674
+ "tactic": "Detect"
42675
+ },
42676
+ {
42677
+ "id": "D3-PHRA",
42678
+ "name": "Process Hardware Resource Access",
42679
+ "tactic": "Isolate"
42680
+ },
42681
+ {
42682
+ "id": "D3-PSEP",
42683
+ "name": "Process Segment Execution Prevention",
42684
+ "tactic": "Harden"
42685
+ }
42686
+ ],
42687
+ "framework_gaps": [
42688
+ {
42689
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
42690
+ "framework": "ALL",
42691
+ "control_name": "AI Pipeline Integrity"
42692
+ },
42693
+ {
42694
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
42695
+ "framework": "ALL",
42696
+ "control_name": "Prompt Injection as Access Control Failure"
42697
+ },
42698
+ {
42699
+ "id": "CIS-Controls-v8-Control7",
42700
+ "framework": "CIS Controls v8",
42701
+ "control_name": "Continuous Vulnerability Management"
42702
+ },
42703
+ {
42704
+ "id": "CMMC-2.0-Level-2",
42705
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
42706
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
42707
+ },
42708
+ {
42709
+ "id": "FedRAMP-Rev5-Moderate",
42710
+ "framework": "FedRAMP Rev 5 Moderate",
42711
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
42712
+ },
42713
+ {
42714
+ "id": "ISO-27001-2022-A.8.28",
42715
+ "framework": "ISO/IEC 27001:2022",
42716
+ "control_name": "Secure coding"
42717
+ },
42718
+ {
42719
+ "id": "ISO-27001-2022-A.8.8",
42720
+ "framework": "ISO/IEC 27001:2022",
42721
+ "control_name": "Management of technical vulnerabilities"
42722
+ },
42723
+ {
42724
+ "id": "ISO-IEC-23894-2023-clause-7",
42725
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
42726
+ "control_name": "AI risk management process"
42727
+ },
42728
+ {
42729
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
42730
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
42731
+ "control_name": "AI risk assessment"
42732
+ },
42733
+ {
42734
+ "id": "NIS2-Art21-patch-management",
42735
+ "framework": "EU NIS2 Directive",
42736
+ "control_name": "Vulnerability handling and disclosure"
42737
+ },
42738
+ {
42739
+ "id": "NIST-800-218-SSDF",
42740
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
42741
+ "control_name": "Secure Software Development Framework"
42742
+ },
42743
+ {
42744
+ "id": "NIST-800-53-AC-2",
42745
+ "framework": "NIST SP 800-53 Rev 5",
42746
+ "control_name": "Account Management"
42747
+ },
42748
+ {
42749
+ "id": "NIST-800-53-CM-7",
42750
+ "framework": "NIST SP 800-53 Rev 5",
42751
+ "control_name": "Least Functionality"
42752
+ },
42753
+ {
42754
+ "id": "NIST-800-53-SC-8",
42755
+ "framework": "NIST SP 800-53 Rev 5",
42756
+ "control_name": "Transmission Confidentiality and Integrity"
42757
+ },
42758
+ {
42759
+ "id": "NIST-800-53-SI-12",
42760
+ "framework": "NIST SP 800-53 Rev 5",
42761
+ "control_name": "Information Management and Retention"
42762
+ },
42763
+ {
42764
+ "id": "NIST-800-53-SI-2",
42765
+ "framework": "NIST SP 800-53 Rev 5",
42766
+ "control_name": "Flaw Remediation"
42767
+ },
42768
+ {
42769
+ "id": "NIST-800-53-SI-3",
42770
+ "framework": "NIST SP 800-53 Rev 5",
42771
+ "control_name": "Malicious Code Protection"
42772
+ },
42773
+ {
42774
+ "id": "NIST-AI-RMF-MEASURE-2.5",
42775
+ "framework": "NIST AI RMF 1.0",
42776
+ "control_name": "AI system to human interaction evaluation"
42777
+ },
42778
+ {
42779
+ "id": "OWASP-ASVS-v5.0-V14",
42780
+ "framework": "OWASP ASVS v5.0",
42781
+ "control_name": "Configuration verification"
42782
+ },
42783
+ {
42784
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
42785
+ "framework": "OWASP Top 10 for LLM Applications 2025",
42786
+ "control_name": "Prompt Injection"
42787
+ },
42788
+ {
42789
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
42790
+ "framework": "OWASP Top 10 for LLM Applications 2025",
42791
+ "control_name": "Sensitive Information Disclosure"
42792
+ },
42793
+ {
42794
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
42795
+ "framework": "OWASP Top 10 for LLM Applications 2025",
42796
+ "control_name": "Vector and Embedding Weaknesses"
42797
+ },
42798
+ {
42799
+ "id": "PCI-DSS-4.0-6.3.3",
42800
+ "framework": "PCI DSS 4.0",
42801
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
42802
+ },
42803
+ {
42804
+ "id": "SLSA-v1.0-Build-L3",
42805
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
42806
+ "control_name": "Hardened build platform with non-falsifiable provenance"
42807
+ },
42808
+ {
42809
+ "id": "SOC2-CC6-logical-access",
42810
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
42811
+ "control_name": "Logical and Physical Access Controls"
42812
+ }
42813
+ ],
42814
+ "attack_refs": [
42815
+ "T1059",
42816
+ "T1068",
42817
+ "T1078",
42818
+ "T1190",
42819
+ "T1505",
42820
+ "T1548.001",
42821
+ "T1565",
42822
+ "T1566",
42823
+ "T1567",
42824
+ "T1610",
42825
+ "T1611"
42826
+ ],
42827
+ "rfc_refs": [
42828
+ "RFC-4301",
42829
+ "RFC-4303",
42830
+ "RFC-6749",
42831
+ "RFC-7296",
42832
+ "RFC-7519",
42833
+ "RFC-8032",
42834
+ "RFC-8446",
42835
+ "RFC-8725",
42836
+ "RFC-9114",
42837
+ "RFC-9421",
42838
+ "RFC-9700"
42839
+ ]
42840
+ }
42841
+ },
42842
+ "CVE-2024-37060": {
42843
+ "name": "MLflow Recipe Deserialization Remote Code Execution",
42844
+ "rwep": 42,
42845
+ "cvss": 8.8,
42846
+ "cisa_kev": false,
42847
+ "epss_score": null,
42848
+ "referencing_skills": [
42849
+ "kernel-lpe-triage",
42850
+ "ai-attack-surface",
42851
+ "compliance-theater",
42852
+ "rag-pipeline-security",
42853
+ "threat-modeling-methodology",
42854
+ "webapp-security",
42855
+ "api-security",
42856
+ "container-runtime-security"
42857
+ ],
42858
+ "chain": {
42859
+ "cwes": [
42860
+ {
42861
+ "id": "CWE-1039",
42862
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
42863
+ "category": "AI/ML"
42864
+ },
42865
+ {
42866
+ "id": "CWE-1188",
42867
+ "name": "Initialization of a Resource with an Insecure Default",
42868
+ "category": "Configuration"
42869
+ },
42870
+ {
42871
+ "id": "CWE-125",
42872
+ "name": "Out-of-bounds Read",
42873
+ "category": "Memory Safety"
42874
+ },
42875
+ {
42876
+ "id": "CWE-1395",
42877
+ "name": "Dependency on Vulnerable Third-Party Component",
42878
+ "category": "Supply Chain"
42879
+ },
42880
+ {
42881
+ "id": "CWE-1426",
42882
+ "name": "Improper Validation of Generative AI Output",
42883
+ "category": "AI/ML"
42884
+ },
42885
+ {
42886
+ "id": "CWE-200",
42887
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
42888
+ "category": "Information Exposure"
42889
+ },
42890
+ {
42891
+ "id": "CWE-22",
42892
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
42893
+ "category": "Path/Resource"
42894
+ },
42895
+ {
42896
+ "id": "CWE-269",
42897
+ "name": "Improper Privilege Management",
42898
+ "category": "Authorization"
42899
+ },
42900
+ {
42901
+ "id": "CWE-287",
42902
+ "name": "Improper Authentication",
42903
+ "category": "Authentication"
42904
+ },
42905
+ {
42906
+ "id": "CWE-352",
42907
+ "name": "Cross-Site Request Forgery (CSRF)",
42908
+ "category": "Session"
42909
+ },
42910
+ {
42911
+ "id": "CWE-362",
42912
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
42913
+ "category": "Concurrency"
42914
+ },
42915
+ {
42916
+ "id": "CWE-416",
42917
+ "name": "Use After Free",
42918
+ "category": "Memory Safety"
42919
+ },
42920
+ {
42921
+ "id": "CWE-434",
42922
+ "name": "Unrestricted Upload of File with Dangerous Type",
42923
+ "category": "File Handling"
42924
+ },
42925
+ {
42926
+ "id": "CWE-502",
42927
+ "name": "Deserialization of Untrusted Data",
42928
+ "category": "Serialization"
42929
+ },
42930
+ {
42931
+ "id": "CWE-672",
42932
+ "name": "Operation on a Resource after Expiration or Release",
42933
+ "category": "Memory Safety"
42934
+ },
42935
+ {
42936
+ "id": "CWE-732",
42937
+ "name": "Incorrect Permission Assignment for Critical Resource",
42938
+ "category": "Authorization"
42939
+ },
42940
+ {
42941
+ "id": "CWE-77",
42942
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
42943
+ "category": "Injection"
42944
+ },
42945
+ {
42946
+ "id": "CWE-78",
42947
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
42948
+ "category": "Injection"
42949
+ },
42950
+ {
42951
+ "id": "CWE-787",
42952
+ "name": "Out-of-bounds Write",
42953
+ "category": "Memory Safety"
42954
+ },
42955
+ {
42956
+ "id": "CWE-79",
42957
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
42958
+ "category": "Injection"
42959
+ },
42960
+ {
42961
+ "id": "CWE-862",
42962
+ "name": "Missing Authorization",
42963
+ "category": "Authorization"
42964
+ },
42965
+ {
42966
+ "id": "CWE-863",
42967
+ "name": "Incorrect Authorization",
42968
+ "category": "Authorization"
42969
+ },
42970
+ {
42971
+ "id": "CWE-89",
42972
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
42973
+ "category": "Injection"
42974
+ },
42975
+ {
42976
+ "id": "CWE-918",
42977
+ "name": "Server-Side Request Forgery (SSRF)",
42978
+ "category": "Network"
42979
+ },
42980
+ {
42981
+ "id": "CWE-94",
42982
+ "name": "Improper Control of Generation of Code (Code Injection)",
42983
+ "category": "Injection"
42984
+ }
42985
+ ],
42986
+ "atlas": [
42987
+ {
42988
+ "id": "AML.T0010",
42989
+ "name": "ML Supply Chain Compromise",
42990
+ "tactic": "Initial Access"
42991
+ },
42992
+ {
42993
+ "id": "AML.T0016",
42994
+ "name": "Obtain Capabilities: Develop Capabilities",
42995
+ "tactic": "Resource Development"
42996
+ },
42997
+ {
42998
+ "id": "AML.T0017",
42999
+ "name": "Discover ML Model Ontology",
43000
+ "tactic": "Discovery"
43001
+ },
43002
+ {
43003
+ "id": "AML.T0018",
43004
+ "name": "Backdoor ML Model",
43005
+ "tactic": "Persistence"
43006
+ },
43007
+ {
43008
+ "id": "AML.T0020",
43009
+ "name": "Poison Training Data",
43010
+ "tactic": "ML Attack Staging"
43011
+ },
43012
+ {
43013
+ "id": "AML.T0043",
43014
+ "name": "Craft Adversarial Data",
43015
+ "tactic": "ML Attack Staging"
43016
+ },
43017
+ {
43018
+ "id": "AML.T0051",
43019
+ "name": "LLM Prompt Injection",
43020
+ "tactic": "Execution"
43021
+ },
43022
+ {
43023
+ "id": "AML.T0054",
43024
+ "name": "LLM Jailbreak",
43025
+ "tactic": "Defense Evasion"
43026
+ },
43027
+ {
43028
+ "id": "AML.T0096",
43029
+ "name": "AI API as Covert C2 Channel",
43030
+ "tactic": "Command and Control"
43031
+ }
43032
+ ],
43033
+ "d3fend": [
43034
+ {
43035
+ "id": "D3-ASLR",
43036
+ "name": "Address Space Layout Randomization",
43037
+ "tactic": "Harden"
43038
+ },
43039
+ {
43040
+ "id": "D3-CSPP",
43041
+ "name": "Client-server Payload Profiling",
43042
+ "tactic": "Detect"
43043
+ },
43044
+ {
43045
+ "id": "D3-EAL",
43046
+ "name": "Executable Allowlisting",
43047
+ "tactic": "Harden"
43048
+ },
43049
+ {
43050
+ "id": "D3-IOPR",
43051
+ "name": "Input/Output Profiling Resource",
43052
+ "tactic": "Detect"
43053
+ },
43054
+ {
43055
+ "id": "D3-NTA",
43056
+ "name": "Network Traffic Analysis",
43057
+ "tactic": "Detect"
43058
+ },
43059
+ {
43060
+ "id": "D3-PHRA",
43061
+ "name": "Process Hardware Resource Access",
43062
+ "tactic": "Isolate"
43063
+ },
43064
+ {
43065
+ "id": "D3-PSEP",
43066
+ "name": "Process Segment Execution Prevention",
43067
+ "tactic": "Harden"
43068
+ }
43069
+ ],
43070
+ "framework_gaps": [
43071
+ {
43072
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
43073
+ "framework": "ALL",
43074
+ "control_name": "AI Pipeline Integrity"
43075
+ },
43076
+ {
43077
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
43078
+ "framework": "ALL",
43079
+ "control_name": "Prompt Injection as Access Control Failure"
43080
+ },
43081
+ {
43082
+ "id": "CIS-Controls-v8-Control7",
43083
+ "framework": "CIS Controls v8",
43084
+ "control_name": "Continuous Vulnerability Management"
43085
+ },
43086
+ {
43087
+ "id": "CMMC-2.0-Level-2",
43088
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
43089
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
43090
+ },
43091
+ {
43092
+ "id": "FedRAMP-Rev5-Moderate",
43093
+ "framework": "FedRAMP Rev 5 Moderate",
43094
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
43095
+ },
43096
+ {
43097
+ "id": "ISO-27001-2022-A.8.28",
43098
+ "framework": "ISO/IEC 27001:2022",
43099
+ "control_name": "Secure coding"
43100
+ },
43101
+ {
43102
+ "id": "ISO-27001-2022-A.8.8",
43103
+ "framework": "ISO/IEC 27001:2022",
43104
+ "control_name": "Management of technical vulnerabilities"
43105
+ },
43106
+ {
43107
+ "id": "ISO-IEC-23894-2023-clause-7",
43108
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
43109
+ "control_name": "AI risk management process"
43110
+ },
43111
+ {
43112
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
43113
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
43114
+ "control_name": "AI risk assessment"
43115
+ },
43116
+ {
43117
+ "id": "NIS2-Art21-patch-management",
43118
+ "framework": "EU NIS2 Directive",
43119
+ "control_name": "Vulnerability handling and disclosure"
43120
+ },
43121
+ {
43122
+ "id": "NIST-800-218-SSDF",
43123
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
43124
+ "control_name": "Secure Software Development Framework"
43125
+ },
43126
+ {
43127
+ "id": "NIST-800-53-AC-2",
43128
+ "framework": "NIST SP 800-53 Rev 5",
43129
+ "control_name": "Account Management"
43130
+ },
43131
+ {
43132
+ "id": "NIST-800-53-CM-7",
43133
+ "framework": "NIST SP 800-53 Rev 5",
43134
+ "control_name": "Least Functionality"
43135
+ },
43136
+ {
43137
+ "id": "NIST-800-53-SC-8",
43138
+ "framework": "NIST SP 800-53 Rev 5",
43139
+ "control_name": "Transmission Confidentiality and Integrity"
43140
+ },
43141
+ {
43142
+ "id": "NIST-800-53-SI-12",
43143
+ "framework": "NIST SP 800-53 Rev 5",
43144
+ "control_name": "Information Management and Retention"
43145
+ },
43146
+ {
43147
+ "id": "NIST-800-53-SI-2",
43148
+ "framework": "NIST SP 800-53 Rev 5",
43149
+ "control_name": "Flaw Remediation"
43150
+ },
43151
+ {
43152
+ "id": "NIST-800-53-SI-3",
43153
+ "framework": "NIST SP 800-53 Rev 5",
43154
+ "control_name": "Malicious Code Protection"
43155
+ },
43156
+ {
43157
+ "id": "NIST-AI-RMF-MEASURE-2.5",
43158
+ "framework": "NIST AI RMF 1.0",
43159
+ "control_name": "AI system to human interaction evaluation"
43160
+ },
43161
+ {
43162
+ "id": "OWASP-ASVS-v5.0-V14",
43163
+ "framework": "OWASP ASVS v5.0",
43164
+ "control_name": "Configuration verification"
43165
+ },
43166
+ {
43167
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
43168
+ "framework": "OWASP Top 10 for LLM Applications 2025",
43169
+ "control_name": "Prompt Injection"
43170
+ },
43171
+ {
43172
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
43173
+ "framework": "OWASP Top 10 for LLM Applications 2025",
43174
+ "control_name": "Sensitive Information Disclosure"
43175
+ },
43176
+ {
43177
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
43178
+ "framework": "OWASP Top 10 for LLM Applications 2025",
43179
+ "control_name": "Vector and Embedding Weaknesses"
43180
+ },
43181
+ {
43182
+ "id": "PCI-DSS-4.0-6.3.3",
43183
+ "framework": "PCI DSS 4.0",
43184
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
43185
+ },
43186
+ {
43187
+ "id": "SLSA-v1.0-Build-L3",
43188
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
43189
+ "control_name": "Hardened build platform with non-falsifiable provenance"
43190
+ },
43191
+ {
43192
+ "id": "SOC2-CC6-logical-access",
43193
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
43194
+ "control_name": "Logical and Physical Access Controls"
43195
+ }
43196
+ ],
43197
+ "attack_refs": [
43198
+ "T1059",
43199
+ "T1068",
43200
+ "T1078",
43201
+ "T1190",
43202
+ "T1505",
43203
+ "T1548.001",
43204
+ "T1565",
43205
+ "T1566",
43206
+ "T1567",
43207
+ "T1610",
43208
+ "T1611"
43209
+ ],
43210
+ "rfc_refs": [
43211
+ "RFC-4301",
43212
+ "RFC-4303",
43213
+ "RFC-6749",
43214
+ "RFC-7296",
43215
+ "RFC-7519",
43216
+ "RFC-8032",
43217
+ "RFC-8446",
43218
+ "RFC-8725",
43219
+ "RFC-9114",
43220
+ "RFC-9421",
43221
+ "RFC-9700"
43222
+ ]
43223
+ }
43224
+ },
42459
43225
  "CVE-2026-41091": {
42460
43226
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
42461
43227
  "rwep": 45,
@@ -68858,6 +69624,8 @@
68858
69624
  "CVE-2024-3094",
68859
69625
  "CVE-2024-3154",
68860
69626
  "CVE-2024-37032",
69627
+ "CVE-2024-37052",
69628
+ "CVE-2024-37060",
68861
69629
  "CVE-2024-39722",
68862
69630
  "CVE-2024-42478",
68863
69631
  "CVE-2024-42479",
@@ -69111,6 +69879,8 @@
69111
69879
  "CVE-2024-2912",
69112
69880
  "CVE-2024-3094",
69113
69881
  "CVE-2024-3154",
69882
+ "CVE-2024-37052",
69883
+ "CVE-2024-37060",
69114
69884
  "CVE-2024-5565",
69115
69885
  "CVE-2025-0133",
69116
69886
  "CVE-2025-1094",
@@ -69282,6 +70052,8 @@
69282
70052
  "CVE-2024-27132",
69283
70053
  "CVE-2024-2912",
69284
70054
  "CVE-2024-37032",
70055
+ "CVE-2024-37052",
70056
+ "CVE-2024-37060",
69285
70057
  "CVE-2024-39722",
69286
70058
  "CVE-2024-42478",
69287
70059
  "CVE-2024-42479",
@@ -69490,6 +70262,8 @@
69490
70262
  "CVE-2024-27132",
69491
70263
  "CVE-2024-2912",
69492
70264
  "CVE-2024-37032",
70265
+ "CVE-2024-37052",
70266
+ "CVE-2024-37060",
69493
70267
  "CVE-2024-39722",
69494
70268
  "CVE-2024-42478",
69495
70269
  "CVE-2024-42479",
@@ -69712,6 +70486,8 @@
69712
70486
  "CVE-2024-27132",
69713
70487
  "CVE-2024-2912",
69714
70488
  "CVE-2024-37032",
70489
+ "CVE-2024-37052",
70490
+ "CVE-2024-37060",
69715
70491
  "CVE-2024-39722",
69716
70492
  "CVE-2024-42478",
69717
70493
  "CVE-2024-42479",
@@ -70041,6 +70817,8 @@
70041
70817
  "CVE-2024-3094",
70042
70818
  "CVE-2024-3154",
70043
70819
  "CVE-2024-37032",
70820
+ "CVE-2024-37052",
70821
+ "CVE-2024-37060",
70044
70822
  "CVE-2024-39722",
70045
70823
  "CVE-2024-42478",
70046
70824
  "CVE-2024-42479",
@@ -70323,6 +71101,8 @@
70323
71101
  "CVE-2024-27199",
70324
71102
  "CVE-2024-27443",
70325
71103
  "CVE-2024-37032",
71104
+ "CVE-2024-37052",
71105
+ "CVE-2024-37060",
70326
71106
  "CVE-2024-37079",
70327
71107
  "CVE-2024-39722",
70328
71108
  "CVE-2024-42009",
@@ -70803,6 +71583,8 @@
70803
71583
  "CVE-2024-2912",
70804
71584
  "CVE-2024-3094",
70805
71585
  "CVE-2024-3154",
71586
+ "CVE-2024-37052",
71587
+ "CVE-2024-37060",
70806
71588
  "CVE-2024-40635",
70807
71589
  "CVE-2024-42478",
70808
71590
  "CVE-2024-42479",
@@ -71193,6 +71975,8 @@
71193
71975
  "CVE-2024-3094",
71194
71976
  "CVE-2024-3154",
71195
71977
  "CVE-2024-37032",
71978
+ "CVE-2024-37052",
71979
+ "CVE-2024-37060",
71196
71980
  "CVE-2024-39722",
71197
71981
  "CVE-2024-42478",
71198
71982
  "CVE-2024-42479",
@@ -71840,6 +72624,8 @@
71840
72624
  "CVE-2024-3094",
71841
72625
  "CVE-2024-3154",
71842
72626
  "CVE-2024-37032",
72627
+ "CVE-2024-37052",
72628
+ "CVE-2024-37060",
71843
72629
  "CVE-2024-39722",
71844
72630
  "CVE-2024-42478",
71845
72631
  "CVE-2024-42479",
@@ -72836,6 +73622,8 @@
72836
73622
  "CVE-2024-3094",
72837
73623
  "CVE-2024-3154",
72838
73624
  "CVE-2024-37032",
73625
+ "CVE-2024-37052",
73626
+ "CVE-2024-37060",
72839
73627
  "CVE-2024-39722",
72840
73628
  "CVE-2024-42478",
72841
73629
  "CVE-2024-42479",
@@ -73125,6 +73913,8 @@
73125
73913
  "CVE-2024-27199",
73126
73914
  "CVE-2024-27443",
73127
73915
  "CVE-2024-37032",
73916
+ "CVE-2024-37052",
73917
+ "CVE-2024-37060",
73128
73918
  "CVE-2024-37079",
73129
73919
  "CVE-2024-39722",
73130
73920
  "CVE-2024-42009",
@@ -73583,6 +74373,8 @@
73583
74373
  "CVE-2024-27199",
73584
74374
  "CVE-2024-27443",
73585
74375
  "CVE-2024-37032",
74376
+ "CVE-2024-37052",
74377
+ "CVE-2024-37060",
73586
74378
  "CVE-2024-37079",
73587
74379
  "CVE-2024-39722",
73588
74380
  "CVE-2024-42009",
@@ -74072,6 +74864,8 @@
74072
74864
  "CVE-2024-3094",
74073
74865
  "CVE-2024-3154",
74074
74866
  "CVE-2024-37032",
74867
+ "CVE-2024-37052",
74868
+ "CVE-2024-37060",
74075
74869
  "CVE-2024-39722",
74076
74870
  "CVE-2024-42478",
74077
74871
  "CVE-2024-42479",
@@ -74537,6 +75331,8 @@
74537
75331
  "CVE-2024-24591",
74538
75332
  "CVE-2024-2912",
74539
75333
  "CVE-2024-3094",
75334
+ "CVE-2024-37052",
75335
+ "CVE-2024-37060",
74540
75336
  "CVE-2024-5565",
74541
75337
  "CVE-2025-0133",
74542
75338
  "CVE-2025-1094",
@@ -74931,6 +75727,8 @@
74931
75727
  "CVE-2024-27199",
74932
75728
  "CVE-2024-27443",
74933
75729
  "CVE-2024-37032",
75730
+ "CVE-2024-37052",
75731
+ "CVE-2024-37060",
74934
75732
  "CVE-2024-37079",
74935
75733
  "CVE-2024-39722",
74936
75734
  "CVE-2024-42009",
@@ -75484,6 +76282,8 @@
75484
76282
  "CVE-2024-3094",
75485
76283
  "CVE-2024-3154",
75486
76284
  "CVE-2024-37032",
76285
+ "CVE-2024-37052",
76286
+ "CVE-2024-37060",
75487
76287
  "CVE-2024-39722",
75488
76288
  "CVE-2024-42478",
75489
76289
  "CVE-2024-42479",
@@ -75858,6 +76658,8 @@
75858
76658
  "CVE-2024-3094",
75859
76659
  "CVE-2024-3154",
75860
76660
  "CVE-2024-37032",
76661
+ "CVE-2024-37052",
76662
+ "CVE-2024-37060",
75861
76663
  "CVE-2024-37079",
75862
76664
  "CVE-2024-39722",
75863
76665
  "CVE-2024-42009",
@@ -76800,6 +77602,8 @@
76800
77602
  "CVE-2024-2912",
76801
77603
  "CVE-2024-3094",
76802
77604
  "CVE-2024-3154",
77605
+ "CVE-2024-37052",
77606
+ "CVE-2024-37060",
76803
77607
  "CVE-2024-5565",
76804
77608
  "CVE-2025-0133",
76805
77609
  "CVE-2025-1094",
@@ -77092,6 +77896,8 @@
77092
77896
  "CVE-2024-24591",
77093
77897
  "CVE-2024-2912",
77094
77898
  "CVE-2024-3094",
77899
+ "CVE-2024-37052",
77900
+ "CVE-2024-37060",
77095
77901
  "CVE-2024-5565",
77096
77902
  "CVE-2025-0133",
77097
77903
  "CVE-2025-1094",
@@ -77432,6 +78238,8 @@
77432
78238
  "CVE-2024-3094",
77433
78239
  "CVE-2024-3154",
77434
78240
  "CVE-2024-37032",
78241
+ "CVE-2024-37052",
78242
+ "CVE-2024-37060",
77435
78243
  "CVE-2024-39722",
77436
78244
  "CVE-2024-42478",
77437
78245
  "CVE-2024-42479",
@@ -77784,6 +78592,8 @@
77784
78592
  "CVE-2024-27132",
77785
78593
  "CVE-2024-2912",
77786
78594
  "CVE-2024-37032",
78595
+ "CVE-2024-37052",
78596
+ "CVE-2024-37060",
77787
78597
  "CVE-2024-39722",
77788
78598
  "CVE-2024-42478",
77789
78599
  "CVE-2024-42479",
@@ -78000,6 +78810,8 @@
78000
78810
  "CVE-2024-2912",
78001
78811
  "CVE-2024-3094",
78002
78812
  "CVE-2024-3154",
78813
+ "CVE-2024-37052",
78814
+ "CVE-2024-37060",
78003
78815
  "CVE-2024-5565",
78004
78816
  "CVE-2025-0133",
78005
78817
  "CVE-2025-1094",
@@ -78739,6 +79551,8 @@
78739
79551
  "CVE-2024-3094",
78740
79552
  "CVE-2024-3154",
78741
79553
  "CVE-2024-37032",
79554
+ "CVE-2024-37052",
79555
+ "CVE-2024-37060",
78742
79556
  "CVE-2024-39722",
78743
79557
  "CVE-2024-42478",
78744
79558
  "CVE-2024-42479",
@@ -79078,6 +79892,8 @@
79078
79892
  "CVE-2024-2912",
79079
79893
  "CVE-2024-3094",
79080
79894
  "CVE-2024-37032",
79895
+ "CVE-2024-37052",
79896
+ "CVE-2024-37060",
79081
79897
  "CVE-2024-39722",
79082
79898
  "CVE-2024-40635",
79083
79899
  "CVE-2024-42478",