@blamejs/exceptd-skills 0.13.113 → 0.13.115
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/data/_indexes/_meta.json +9 -9
- package/data/_indexes/activity-feed.json +2 -2
- package/data/_indexes/catalog-summaries.json +2 -2
- package/data/_indexes/chains.json +776 -0
- package/data/atlas-ttps.json +4 -0
- package/data/attack-techniques.json +22 -3
- package/data/cve-catalog.json +416 -0
- package/data/cwe-catalog.json +12 -3
- package/data/framework-control-gaps.json +36 -2
- package/data/zeroday-lessons.json +200 -0
- package/manifest.json +44 -44
- package/package.json +2 -2
- package/sbom.cdx.json +25 -25
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,13 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 0.13.115 — 2026-05-26
|
|
4
|
+
|
|
5
|
+
CVE catalog — Dify object-level authorization bypass. Adds two flaws in Dify where an API trusts a user-controlled key without an ownership check (CWE-639). **CVE-2026-41947** (VulnCheck CNA CVSS 9.1 CRITICAL / v4.0 9.3) — the trace-configuration endpoints miss tenant-ownership checks, so an authenticated editor configures trace settings for any application and can redirect victim trace data to an attacker-controlled provider; fixed in 1.14.2. **CVE-2026-41950** (VulnCheck CNA CVSS 6.5 MEDIUM) — the chat-messages endpoint accepts an arbitrary file UUID in the files array without verifying ownership, so an authenticated user reads files uploaded by other users in the same tenant; fixed in 1.14.0. Both are patched and reuse the AI-app API object-authorization control (NEW-CTRL-106) shared with the Label Studio privilege-escalation chain — an LLM app platform must enforce object-level authorization on every request that references an object by a caller-supplied id. CVE count 404 → 406.
|
|
6
|
+
|
|
7
|
+
## 0.13.114 — 2026-05-26
|
|
8
|
+
|
|
9
|
+
CVE catalog — Dify password-recovery account takeover. Adds two flaws in Dify's password-reset flow, both yielding takeover of any account including administrators (CWE-640 weak password-recovery mechanism). **CVE-2025-1796** (CWE-338 / CWE-640, NVD CVSS 8.8 HIGH; huntr CNA 7.5) — reset codes are generated with a weak pseudo-random number generator (`random.randint`), so an attacker predicts the code and resets any account. **CVE-2024-12776** (CWE-287 / CWE-640, huntr CNA CVSS 8.1 HIGH; NVD classifies it CWE-305) — the `/forgot-password/resets` endpoint does not verify the reset code before allowing a reset. Neither has a fixed version published, so mitigation is generating reset tokens with a CSPRNG and verifying them server-side. Both introduce NEW-CTRL-108: an AI app's password-recovery flow must use cryptographically secure, single-use, short-lived reset tokens and verify them server-side before any reset. CVE count 402 → 404.
|
|
10
|
+
|
|
3
11
|
## 0.13.113 — 2026-05-26
|
|
4
12
|
|
|
5
13
|
CVE catalog — Dify LLM app-platform. Adds two flaws in Dify, the low-code LLM application-development platform. **CVE-2025-3466** (CWE-94 / CWE-693, NVD CVSS 7.2 HIGH; huntr CNA 9.8 CRITICAL) — the code node runs user-supplied code in a sandbox, but unsanitized input lets an attacker override global functions (e.g. `parseInt`) before the sandbox restrictions are applied, escaping the sandbox and executing code with root-level access; fixed in 1.1.3. (NVD classifies it CWE-1100; the catalog maps that to the catalogued CWE-94 + CWE-693.) **CVE-2025-56520** (CWE-918, CISA-ADP CVSS 5.3 MEDIUM) — the `RemoteFileUploadApi` fetches a user-supplied URL without validating the destination, so an unauthenticated attacker reaches internal services or cloud metadata via the server; no fixed version is published, so mitigation is destination allowlisting and network isolation. The code-node RCE reuses the LLM-app-builder execution control (NEW-CTRL-103) — an app builder must initialize its sandbox before evaluating user input — and the SSRF reuses the data-pipeline SSRF control (NEW-CTRL-105). CVE count 400 → 402.
|
package/data/_indexes/_meta.json
CHANGED
|
@@ -1,21 +1,21 @@
|
|
|
1
1
|
{
|
|
2
2
|
"schema_version": "1.1.0",
|
|
3
|
-
"generated_at": "2026-05-
|
|
3
|
+
"generated_at": "2026-05-26T21:15:14.058Z",
|
|
4
4
|
"generator": "scripts/build-indexes.js",
|
|
5
5
|
"source_count": 54,
|
|
6
6
|
"source_hashes": {
|
|
7
|
-
"manifest.json": "
|
|
8
|
-
"data/atlas-ttps.json": "
|
|
9
|
-
"data/attack-techniques.json": "
|
|
10
|
-
"data/cve-catalog.json": "
|
|
11
|
-
"data/cwe-catalog.json": "
|
|
7
|
+
"manifest.json": "29c003c17f482b43e69fe3c31572971f4d904745efe075f4d646e1ffebee0ebd",
|
|
8
|
+
"data/atlas-ttps.json": "8dca8b3a370632548b3d7f465686ac6b47a26920bf6f618db401e349af2a33e2",
|
|
9
|
+
"data/attack-techniques.json": "82c228e6a9a3a6220430225dd8721751c857fd3c901898533a8b8d3d0223ef09",
|
|
10
|
+
"data/cve-catalog.json": "a93e2b20c6d1fd47de1efbc31b977c5c04c0c7b17bf6d1a7abcc32abfb8b9078",
|
|
11
|
+
"data/cwe-catalog.json": "13b8dbb4d05dfb9b5f1c9162fdbadace9a49bb5892997a046b65d899bcfa1d49",
|
|
12
12
|
"data/d3fend-catalog.json": "9a54bccb9f24f84b32024216cc3f53819a053721ac8ab43c326859e68fc0ffaf",
|
|
13
13
|
"data/dlp-controls.json": "d2406c482dddd30e49203879999dc4b3a7fd4d0494d6a61d86b91ee76415df19",
|
|
14
14
|
"data/exploit-availability.json": "ec2656f0d9a893610e27b43eb6035fe9b18e057c9f6dfaac7e7d4959bbcbb795",
|
|
15
|
-
"data/framework-control-gaps.json": "
|
|
15
|
+
"data/framework-control-gaps.json": "542c4c7d1a36aa34c07ec34544ca85477244c5bb55c640e0ae45aaba4828713d",
|
|
16
16
|
"data/global-frameworks.json": "9ba563a85f7f8d6c3c957de64945e20925a89d0ed6ea6fc561cf093811acf558",
|
|
17
17
|
"data/rfc-references.json": "66ef2e1f444a2cf0c2700a754f0a66030bb8a91d9e68394b9537ea1fe8b904fe",
|
|
18
|
-
"data/zeroday-lessons.json": "
|
|
18
|
+
"data/zeroday-lessons.json": "e324773cafcb779b1f1cf47f932acf9b54d307e013711a0412142eed9150a93a",
|
|
19
19
|
"skills/kernel-lpe-triage/skill.md": "08b3e9815ba481c57c80f5fc0ccbf5bb7cbb41f570c235ba6ff9596b8c07354d",
|
|
20
20
|
"skills/ai-attack-surface/skill.md": "c4c1eb22a38ca7a959b5725222bab8fbd4f4044a548a93f3e288e6f698334b72",
|
|
21
21
|
"skills/mcp-agent-trust/skill.md": "89ac89084391d2341b6513fefb1be2d36b93de1c130f057696219c1c59440f13",
|
|
@@ -72,7 +72,7 @@
|
|
|
72
72
|
"dlp_refs": 0
|
|
73
73
|
},
|
|
74
74
|
"trigger_table_entries": 538,
|
|
75
|
-
"chains_cve_entries":
|
|
75
|
+
"chains_cve_entries": 395,
|
|
76
76
|
"chains_cwe_entries": 171,
|
|
77
77
|
"jurisdictions_indexed": 29,
|
|
78
78
|
"handoff_dag_nodes": 42,
|
|
@@ -149,7 +149,7 @@
|
|
|
149
149
|
"artifact": "data/cve-catalog.json",
|
|
150
150
|
"path": "data/cve-catalog.json",
|
|
151
151
|
"schema_version": "1.0.0",
|
|
152
|
-
"entry_count":
|
|
152
|
+
"entry_count": 406
|
|
153
153
|
},
|
|
154
154
|
{
|
|
155
155
|
"date": "2026-05-18",
|
|
@@ -165,7 +165,7 @@
|
|
|
165
165
|
"artifact": "data/zeroday-lessons.json",
|
|
166
166
|
"path": "data/zeroday-lessons.json",
|
|
167
167
|
"schema_version": "1.1.0",
|
|
168
|
-
"entry_count":
|
|
168
|
+
"entry_count": 401
|
|
169
169
|
},
|
|
170
170
|
{
|
|
171
171
|
"date": "2026-05-17",
|
|
@@ -62,7 +62,7 @@
|
|
|
62
62
|
"rebuild_after_days": 365,
|
|
63
63
|
"note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
|
|
64
64
|
},
|
|
65
|
-
"entry_count":
|
|
65
|
+
"entry_count": 406,
|
|
66
66
|
"sample_keys": [
|
|
67
67
|
"CVE-2025-53773",
|
|
68
68
|
"CVE-2026-30615",
|
|
@@ -238,7 +238,7 @@
|
|
|
238
238
|
"rebuild_after_days": 365,
|
|
239
239
|
"note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
|
|
240
240
|
},
|
|
241
|
-
"entry_count":
|
|
241
|
+
"entry_count": 401,
|
|
242
242
|
"sample_keys": [
|
|
243
243
|
"CVE-2026-31431",
|
|
244
244
|
"CVE-2025-53773",
|