@blamejs/exceptd-skills 0.13.113 → 0.13.115
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/data/_indexes/_meta.json +9 -9
- package/data/_indexes/activity-feed.json +2 -2
- package/data/_indexes/catalog-summaries.json +2 -2
- package/data/_indexes/chains.json +776 -0
- package/data/atlas-ttps.json +4 -0
- package/data/attack-techniques.json +22 -3
- package/data/cve-catalog.json +416 -0
- package/data/cwe-catalog.json +12 -3
- package/data/framework-control-gaps.json +36 -2
- package/data/zeroday-lessons.json +200 -0
- package/manifest.json +44 -44
- package/package.json +2 -2
- package/sbom.cdx.json +25 -25
|
@@ -46402,6 +46402,766 @@
|
|
|
46402
46402
|
]
|
|
46403
46403
|
}
|
|
46404
46404
|
},
|
|
46405
|
+
"CVE-2025-1796": {
|
|
46406
|
+
"name": "Dify Weak-PRNG Password Reset Account Takeover",
|
|
46407
|
+
"rwep": 44,
|
|
46408
|
+
"cvss": 8.8,
|
|
46409
|
+
"cisa_kev": false,
|
|
46410
|
+
"epss_score": null,
|
|
46411
|
+
"referencing_skills": [
|
|
46412
|
+
"ai-attack-surface",
|
|
46413
|
+
"compliance-theater"
|
|
46414
|
+
],
|
|
46415
|
+
"chain": {
|
|
46416
|
+
"cwes": [
|
|
46417
|
+
{
|
|
46418
|
+
"id": "CWE-1039",
|
|
46419
|
+
"name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
|
|
46420
|
+
"category": "AI/ML"
|
|
46421
|
+
},
|
|
46422
|
+
{
|
|
46423
|
+
"id": "CWE-1426",
|
|
46424
|
+
"name": "Improper Validation of Generative AI Output",
|
|
46425
|
+
"category": "AI/ML"
|
|
46426
|
+
},
|
|
46427
|
+
{
|
|
46428
|
+
"id": "CWE-94",
|
|
46429
|
+
"name": "Improper Control of Generation of Code (Code Injection)",
|
|
46430
|
+
"category": "Injection"
|
|
46431
|
+
}
|
|
46432
|
+
],
|
|
46433
|
+
"atlas": [
|
|
46434
|
+
{
|
|
46435
|
+
"id": "AML.T0016",
|
|
46436
|
+
"name": "Obtain Capabilities: Develop Capabilities",
|
|
46437
|
+
"tactic": "Resource Development"
|
|
46438
|
+
},
|
|
46439
|
+
{
|
|
46440
|
+
"id": "AML.T0017",
|
|
46441
|
+
"name": "Discover ML Model Ontology",
|
|
46442
|
+
"tactic": "Discovery"
|
|
46443
|
+
},
|
|
46444
|
+
{
|
|
46445
|
+
"id": "AML.T0018",
|
|
46446
|
+
"name": "Backdoor ML Model",
|
|
46447
|
+
"tactic": "Persistence"
|
|
46448
|
+
},
|
|
46449
|
+
{
|
|
46450
|
+
"id": "AML.T0020",
|
|
46451
|
+
"name": "Poison Training Data",
|
|
46452
|
+
"tactic": "ML Attack Staging"
|
|
46453
|
+
},
|
|
46454
|
+
{
|
|
46455
|
+
"id": "AML.T0043",
|
|
46456
|
+
"name": "Craft Adversarial Data",
|
|
46457
|
+
"tactic": "ML Attack Staging"
|
|
46458
|
+
},
|
|
46459
|
+
{
|
|
46460
|
+
"id": "AML.T0051",
|
|
46461
|
+
"name": "LLM Prompt Injection",
|
|
46462
|
+
"tactic": "Execution"
|
|
46463
|
+
},
|
|
46464
|
+
{
|
|
46465
|
+
"id": "AML.T0054",
|
|
46466
|
+
"name": "LLM Jailbreak",
|
|
46467
|
+
"tactic": "Defense Evasion"
|
|
46468
|
+
},
|
|
46469
|
+
{
|
|
46470
|
+
"id": "AML.T0096",
|
|
46471
|
+
"name": "AI API as Covert C2 Channel",
|
|
46472
|
+
"tactic": "Command and Control"
|
|
46473
|
+
}
|
|
46474
|
+
],
|
|
46475
|
+
"d3fend": [
|
|
46476
|
+
{
|
|
46477
|
+
"id": "D3-IOPR",
|
|
46478
|
+
"name": "Input/Output Profiling Resource",
|
|
46479
|
+
"tactic": "Detect"
|
|
46480
|
+
},
|
|
46481
|
+
{
|
|
46482
|
+
"id": "D3-NTA",
|
|
46483
|
+
"name": "Network Traffic Analysis",
|
|
46484
|
+
"tactic": "Detect"
|
|
46485
|
+
}
|
|
46486
|
+
],
|
|
46487
|
+
"framework_gaps": [
|
|
46488
|
+
{
|
|
46489
|
+
"id": "ALL-AI-PIPELINE-INTEGRITY",
|
|
46490
|
+
"framework": "ALL",
|
|
46491
|
+
"control_name": "AI Pipeline Integrity"
|
|
46492
|
+
},
|
|
46493
|
+
{
|
|
46494
|
+
"id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
|
|
46495
|
+
"framework": "ALL",
|
|
46496
|
+
"control_name": "Prompt Injection as Access Control Failure"
|
|
46497
|
+
},
|
|
46498
|
+
{
|
|
46499
|
+
"id": "CMMC-2.0-Level-2",
|
|
46500
|
+
"framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
|
|
46501
|
+
"control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
|
|
46502
|
+
},
|
|
46503
|
+
{
|
|
46504
|
+
"id": "FedRAMP-Rev5-Moderate",
|
|
46505
|
+
"framework": "FedRAMP Rev 5 Moderate",
|
|
46506
|
+
"control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
|
|
46507
|
+
},
|
|
46508
|
+
{
|
|
46509
|
+
"id": "ISO-27001-2022-A.8.28",
|
|
46510
|
+
"framework": "ISO/IEC 27001:2022",
|
|
46511
|
+
"control_name": "Secure coding"
|
|
46512
|
+
},
|
|
46513
|
+
{
|
|
46514
|
+
"id": "ISO-IEC-23894-2023-clause-7",
|
|
46515
|
+
"framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
|
|
46516
|
+
"control_name": "AI risk management process"
|
|
46517
|
+
},
|
|
46518
|
+
{
|
|
46519
|
+
"id": "NIST-800-53-AC-2",
|
|
46520
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
46521
|
+
"control_name": "Account Management"
|
|
46522
|
+
},
|
|
46523
|
+
{
|
|
46524
|
+
"id": "NIST-800-53-SI-3",
|
|
46525
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
46526
|
+
"control_name": "Malicious Code Protection"
|
|
46527
|
+
},
|
|
46528
|
+
{
|
|
46529
|
+
"id": "OWASP-LLM-Top-10-2025-LLM01",
|
|
46530
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
46531
|
+
"control_name": "Prompt Injection"
|
|
46532
|
+
},
|
|
46533
|
+
{
|
|
46534
|
+
"id": "OWASP-LLM-Top-10-2025-LLM02",
|
|
46535
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
46536
|
+
"control_name": "Sensitive Information Disclosure"
|
|
46537
|
+
},
|
|
46538
|
+
{
|
|
46539
|
+
"id": "SOC2-CC6-logical-access",
|
|
46540
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
46541
|
+
"control_name": "Logical and Physical Access Controls"
|
|
46542
|
+
}
|
|
46543
|
+
],
|
|
46544
|
+
"attack_refs": [
|
|
46545
|
+
"T1059",
|
|
46546
|
+
"T1190",
|
|
46547
|
+
"T1566"
|
|
46548
|
+
],
|
|
46549
|
+
"rfc_refs": []
|
|
46550
|
+
}
|
|
46551
|
+
},
|
|
46552
|
+
"CVE-2024-12776": {
|
|
46553
|
+
"name": "Dify Unverified Password-Reset Endpoint Account Takeover",
|
|
46554
|
+
"rwep": 44,
|
|
46555
|
+
"cvss": 8.1,
|
|
46556
|
+
"cisa_kev": false,
|
|
46557
|
+
"epss_score": null,
|
|
46558
|
+
"referencing_skills": [
|
|
46559
|
+
"ai-attack-surface",
|
|
46560
|
+
"compliance-theater"
|
|
46561
|
+
],
|
|
46562
|
+
"chain": {
|
|
46563
|
+
"cwes": [
|
|
46564
|
+
{
|
|
46565
|
+
"id": "CWE-1039",
|
|
46566
|
+
"name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
|
|
46567
|
+
"category": "AI/ML"
|
|
46568
|
+
},
|
|
46569
|
+
{
|
|
46570
|
+
"id": "CWE-1426",
|
|
46571
|
+
"name": "Improper Validation of Generative AI Output",
|
|
46572
|
+
"category": "AI/ML"
|
|
46573
|
+
},
|
|
46574
|
+
{
|
|
46575
|
+
"id": "CWE-94",
|
|
46576
|
+
"name": "Improper Control of Generation of Code (Code Injection)",
|
|
46577
|
+
"category": "Injection"
|
|
46578
|
+
}
|
|
46579
|
+
],
|
|
46580
|
+
"atlas": [
|
|
46581
|
+
{
|
|
46582
|
+
"id": "AML.T0016",
|
|
46583
|
+
"name": "Obtain Capabilities: Develop Capabilities",
|
|
46584
|
+
"tactic": "Resource Development"
|
|
46585
|
+
},
|
|
46586
|
+
{
|
|
46587
|
+
"id": "AML.T0017",
|
|
46588
|
+
"name": "Discover ML Model Ontology",
|
|
46589
|
+
"tactic": "Discovery"
|
|
46590
|
+
},
|
|
46591
|
+
{
|
|
46592
|
+
"id": "AML.T0018",
|
|
46593
|
+
"name": "Backdoor ML Model",
|
|
46594
|
+
"tactic": "Persistence"
|
|
46595
|
+
},
|
|
46596
|
+
{
|
|
46597
|
+
"id": "AML.T0020",
|
|
46598
|
+
"name": "Poison Training Data",
|
|
46599
|
+
"tactic": "ML Attack Staging"
|
|
46600
|
+
},
|
|
46601
|
+
{
|
|
46602
|
+
"id": "AML.T0043",
|
|
46603
|
+
"name": "Craft Adversarial Data",
|
|
46604
|
+
"tactic": "ML Attack Staging"
|
|
46605
|
+
},
|
|
46606
|
+
{
|
|
46607
|
+
"id": "AML.T0051",
|
|
46608
|
+
"name": "LLM Prompt Injection",
|
|
46609
|
+
"tactic": "Execution"
|
|
46610
|
+
},
|
|
46611
|
+
{
|
|
46612
|
+
"id": "AML.T0054",
|
|
46613
|
+
"name": "LLM Jailbreak",
|
|
46614
|
+
"tactic": "Defense Evasion"
|
|
46615
|
+
},
|
|
46616
|
+
{
|
|
46617
|
+
"id": "AML.T0096",
|
|
46618
|
+
"name": "AI API as Covert C2 Channel",
|
|
46619
|
+
"tactic": "Command and Control"
|
|
46620
|
+
}
|
|
46621
|
+
],
|
|
46622
|
+
"d3fend": [
|
|
46623
|
+
{
|
|
46624
|
+
"id": "D3-IOPR",
|
|
46625
|
+
"name": "Input/Output Profiling Resource",
|
|
46626
|
+
"tactic": "Detect"
|
|
46627
|
+
},
|
|
46628
|
+
{
|
|
46629
|
+
"id": "D3-NTA",
|
|
46630
|
+
"name": "Network Traffic Analysis",
|
|
46631
|
+
"tactic": "Detect"
|
|
46632
|
+
}
|
|
46633
|
+
],
|
|
46634
|
+
"framework_gaps": [
|
|
46635
|
+
{
|
|
46636
|
+
"id": "ALL-AI-PIPELINE-INTEGRITY",
|
|
46637
|
+
"framework": "ALL",
|
|
46638
|
+
"control_name": "AI Pipeline Integrity"
|
|
46639
|
+
},
|
|
46640
|
+
{
|
|
46641
|
+
"id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
|
|
46642
|
+
"framework": "ALL",
|
|
46643
|
+
"control_name": "Prompt Injection as Access Control Failure"
|
|
46644
|
+
},
|
|
46645
|
+
{
|
|
46646
|
+
"id": "CMMC-2.0-Level-2",
|
|
46647
|
+
"framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
|
|
46648
|
+
"control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
|
|
46649
|
+
},
|
|
46650
|
+
{
|
|
46651
|
+
"id": "FedRAMP-Rev5-Moderate",
|
|
46652
|
+
"framework": "FedRAMP Rev 5 Moderate",
|
|
46653
|
+
"control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
|
|
46654
|
+
},
|
|
46655
|
+
{
|
|
46656
|
+
"id": "ISO-27001-2022-A.8.28",
|
|
46657
|
+
"framework": "ISO/IEC 27001:2022",
|
|
46658
|
+
"control_name": "Secure coding"
|
|
46659
|
+
},
|
|
46660
|
+
{
|
|
46661
|
+
"id": "ISO-IEC-23894-2023-clause-7",
|
|
46662
|
+
"framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
|
|
46663
|
+
"control_name": "AI risk management process"
|
|
46664
|
+
},
|
|
46665
|
+
{
|
|
46666
|
+
"id": "NIST-800-53-AC-2",
|
|
46667
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
46668
|
+
"control_name": "Account Management"
|
|
46669
|
+
},
|
|
46670
|
+
{
|
|
46671
|
+
"id": "NIST-800-53-SI-3",
|
|
46672
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
46673
|
+
"control_name": "Malicious Code Protection"
|
|
46674
|
+
},
|
|
46675
|
+
{
|
|
46676
|
+
"id": "OWASP-LLM-Top-10-2025-LLM01",
|
|
46677
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
46678
|
+
"control_name": "Prompt Injection"
|
|
46679
|
+
},
|
|
46680
|
+
{
|
|
46681
|
+
"id": "OWASP-LLM-Top-10-2025-LLM02",
|
|
46682
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
46683
|
+
"control_name": "Sensitive Information Disclosure"
|
|
46684
|
+
},
|
|
46685
|
+
{
|
|
46686
|
+
"id": "SOC2-CC6-logical-access",
|
|
46687
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
46688
|
+
"control_name": "Logical and Physical Access Controls"
|
|
46689
|
+
}
|
|
46690
|
+
],
|
|
46691
|
+
"attack_refs": [
|
|
46692
|
+
"T1059",
|
|
46693
|
+
"T1190",
|
|
46694
|
+
"T1566"
|
|
46695
|
+
],
|
|
46696
|
+
"rfc_refs": []
|
|
46697
|
+
}
|
|
46698
|
+
},
|
|
46699
|
+
"CVE-2026-41947": {
|
|
46700
|
+
"name": "Dify Trace-Config Cross-Tenant Authorization Bypass",
|
|
46701
|
+
"rwep": 27,
|
|
46702
|
+
"cvss": 9.1,
|
|
46703
|
+
"cisa_kev": false,
|
|
46704
|
+
"epss_score": null,
|
|
46705
|
+
"referencing_skills": [
|
|
46706
|
+
"ai-attack-surface",
|
|
46707
|
+
"compliance-theater",
|
|
46708
|
+
"pqc-first",
|
|
46709
|
+
"dlp-gap-analysis"
|
|
46710
|
+
],
|
|
46711
|
+
"chain": {
|
|
46712
|
+
"cwes": [
|
|
46713
|
+
{
|
|
46714
|
+
"id": "CWE-1039",
|
|
46715
|
+
"name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
|
|
46716
|
+
"category": "AI/ML"
|
|
46717
|
+
},
|
|
46718
|
+
{
|
|
46719
|
+
"id": "CWE-1426",
|
|
46720
|
+
"name": "Improper Validation of Generative AI Output",
|
|
46721
|
+
"category": "AI/ML"
|
|
46722
|
+
},
|
|
46723
|
+
{
|
|
46724
|
+
"id": "CWE-200",
|
|
46725
|
+
"name": "Exposure of Sensitive Information to an Unauthorized Actor",
|
|
46726
|
+
"category": "Information Exposure"
|
|
46727
|
+
},
|
|
46728
|
+
{
|
|
46729
|
+
"id": "CWE-327",
|
|
46730
|
+
"name": "Use of a Broken or Risky Cryptographic Algorithm",
|
|
46731
|
+
"category": "Cryptography"
|
|
46732
|
+
},
|
|
46733
|
+
{
|
|
46734
|
+
"id": "CWE-94",
|
|
46735
|
+
"name": "Improper Control of Generation of Code (Code Injection)",
|
|
46736
|
+
"category": "Injection"
|
|
46737
|
+
}
|
|
46738
|
+
],
|
|
46739
|
+
"atlas": [
|
|
46740
|
+
{
|
|
46741
|
+
"id": "AML.T0016",
|
|
46742
|
+
"name": "Obtain Capabilities: Develop Capabilities",
|
|
46743
|
+
"tactic": "Resource Development"
|
|
46744
|
+
},
|
|
46745
|
+
{
|
|
46746
|
+
"id": "AML.T0017",
|
|
46747
|
+
"name": "Discover ML Model Ontology",
|
|
46748
|
+
"tactic": "Discovery"
|
|
46749
|
+
},
|
|
46750
|
+
{
|
|
46751
|
+
"id": "AML.T0018",
|
|
46752
|
+
"name": "Backdoor ML Model",
|
|
46753
|
+
"tactic": "Persistence"
|
|
46754
|
+
},
|
|
46755
|
+
{
|
|
46756
|
+
"id": "AML.T0020",
|
|
46757
|
+
"name": "Poison Training Data",
|
|
46758
|
+
"tactic": "ML Attack Staging"
|
|
46759
|
+
},
|
|
46760
|
+
{
|
|
46761
|
+
"id": "AML.T0043",
|
|
46762
|
+
"name": "Craft Adversarial Data",
|
|
46763
|
+
"tactic": "ML Attack Staging"
|
|
46764
|
+
},
|
|
46765
|
+
{
|
|
46766
|
+
"id": "AML.T0051",
|
|
46767
|
+
"name": "LLM Prompt Injection",
|
|
46768
|
+
"tactic": "Execution"
|
|
46769
|
+
},
|
|
46770
|
+
{
|
|
46771
|
+
"id": "AML.T0054",
|
|
46772
|
+
"name": "LLM Jailbreak",
|
|
46773
|
+
"tactic": "Defense Evasion"
|
|
46774
|
+
},
|
|
46775
|
+
{
|
|
46776
|
+
"id": "AML.T0096",
|
|
46777
|
+
"name": "AI API as Covert C2 Channel",
|
|
46778
|
+
"tactic": "Command and Control"
|
|
46779
|
+
}
|
|
46780
|
+
],
|
|
46781
|
+
"d3fend": [
|
|
46782
|
+
{
|
|
46783
|
+
"id": "D3-CSPP",
|
|
46784
|
+
"name": "Client-server Payload Profiling",
|
|
46785
|
+
"tactic": "Detect"
|
|
46786
|
+
},
|
|
46787
|
+
{
|
|
46788
|
+
"id": "D3-EAL",
|
|
46789
|
+
"name": "Executable Allowlisting",
|
|
46790
|
+
"tactic": "Harden"
|
|
46791
|
+
},
|
|
46792
|
+
{
|
|
46793
|
+
"id": "D3-FE",
|
|
46794
|
+
"name": "File Encryption",
|
|
46795
|
+
"tactic": "Harden"
|
|
46796
|
+
},
|
|
46797
|
+
{
|
|
46798
|
+
"id": "D3-IOPR",
|
|
46799
|
+
"name": "Input/Output Profiling Resource",
|
|
46800
|
+
"tactic": "Detect"
|
|
46801
|
+
},
|
|
46802
|
+
{
|
|
46803
|
+
"id": "D3-MENCR",
|
|
46804
|
+
"name": "Message Encryption",
|
|
46805
|
+
"tactic": "Harden"
|
|
46806
|
+
},
|
|
46807
|
+
{
|
|
46808
|
+
"id": "D3-NTA",
|
|
46809
|
+
"name": "Network Traffic Analysis",
|
|
46810
|
+
"tactic": "Detect"
|
|
46811
|
+
},
|
|
46812
|
+
{
|
|
46813
|
+
"id": "D3-NTPM",
|
|
46814
|
+
"name": "Network Traffic Policy Mapping",
|
|
46815
|
+
"tactic": "Model"
|
|
46816
|
+
}
|
|
46817
|
+
],
|
|
46818
|
+
"framework_gaps": [
|
|
46819
|
+
{
|
|
46820
|
+
"id": "ALL-AI-PIPELINE-INTEGRITY",
|
|
46821
|
+
"framework": "ALL",
|
|
46822
|
+
"control_name": "AI Pipeline Integrity"
|
|
46823
|
+
},
|
|
46824
|
+
{
|
|
46825
|
+
"id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
|
|
46826
|
+
"framework": "ALL",
|
|
46827
|
+
"control_name": "Prompt Injection as Access Control Failure"
|
|
46828
|
+
},
|
|
46829
|
+
{
|
|
46830
|
+
"id": "CMMC-2.0-Level-2",
|
|
46831
|
+
"framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
|
|
46832
|
+
"control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
|
|
46833
|
+
},
|
|
46834
|
+
{
|
|
46835
|
+
"id": "FedRAMP-Rev5-Moderate",
|
|
46836
|
+
"framework": "FedRAMP Rev 5 Moderate",
|
|
46837
|
+
"control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
|
|
46838
|
+
},
|
|
46839
|
+
{
|
|
46840
|
+
"id": "HIPAA-Security-Rule-164.312(a)(1)",
|
|
46841
|
+
"framework": "HIPAA Security Rule (45 CFR § 164.312)",
|
|
46842
|
+
"control_name": "Access control standard (technical safeguards)"
|
|
46843
|
+
},
|
|
46844
|
+
{
|
|
46845
|
+
"id": "ISO-27001-2022-A.8.16",
|
|
46846
|
+
"framework": "ISO/IEC 27001:2022",
|
|
46847
|
+
"control_name": "Monitoring activities"
|
|
46848
|
+
},
|
|
46849
|
+
{
|
|
46850
|
+
"id": "ISO-27001-2022-A.8.28",
|
|
46851
|
+
"framework": "ISO/IEC 27001:2022",
|
|
46852
|
+
"control_name": "Secure coding"
|
|
46853
|
+
},
|
|
46854
|
+
{
|
|
46855
|
+
"id": "ISO-IEC-23894-2023-clause-7",
|
|
46856
|
+
"framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
|
|
46857
|
+
"control_name": "AI risk management process"
|
|
46858
|
+
},
|
|
46859
|
+
{
|
|
46860
|
+
"id": "ISO-IEC-42001-2023-clause-6.1.2",
|
|
46861
|
+
"framework": "ISO/IEC 42001:2023 (AI Management System)",
|
|
46862
|
+
"control_name": "AI risk assessment"
|
|
46863
|
+
},
|
|
46864
|
+
{
|
|
46865
|
+
"id": "NIST-800-53-AC-2",
|
|
46866
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
46867
|
+
"control_name": "Account Management"
|
|
46868
|
+
},
|
|
46869
|
+
{
|
|
46870
|
+
"id": "NIST-800-53-SC-28",
|
|
46871
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
46872
|
+
"control_name": "Protection of Information at Rest"
|
|
46873
|
+
},
|
|
46874
|
+
{
|
|
46875
|
+
"id": "NIST-800-53-SC-7",
|
|
46876
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
46877
|
+
"control_name": "Boundary Protection"
|
|
46878
|
+
},
|
|
46879
|
+
{
|
|
46880
|
+
"id": "NIST-800-53-SC-8",
|
|
46881
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
46882
|
+
"control_name": "Transmission Confidentiality and Integrity"
|
|
46883
|
+
},
|
|
46884
|
+
{
|
|
46885
|
+
"id": "NIST-800-53-SI-3",
|
|
46886
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
46887
|
+
"control_name": "Malicious Code Protection"
|
|
46888
|
+
},
|
|
46889
|
+
{
|
|
46890
|
+
"id": "OWASP-LLM-Top-10-2025-LLM01",
|
|
46891
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
46892
|
+
"control_name": "Prompt Injection"
|
|
46893
|
+
},
|
|
46894
|
+
{
|
|
46895
|
+
"id": "OWASP-LLM-Top-10-2025-LLM02",
|
|
46896
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
46897
|
+
"control_name": "Sensitive Information Disclosure"
|
|
46898
|
+
},
|
|
46899
|
+
{
|
|
46900
|
+
"id": "SOC2-CC6-logical-access",
|
|
46901
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
46902
|
+
"control_name": "Logical and Physical Access Controls"
|
|
46903
|
+
},
|
|
46904
|
+
{
|
|
46905
|
+
"id": "SOC2-CC7-anomaly-detection",
|
|
46906
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
46907
|
+
"control_name": "System Operations — Threat and Vulnerability Management"
|
|
46908
|
+
}
|
|
46909
|
+
],
|
|
46910
|
+
"attack_refs": [
|
|
46911
|
+
"T1041",
|
|
46912
|
+
"T1059",
|
|
46913
|
+
"T1190",
|
|
46914
|
+
"T1213",
|
|
46915
|
+
"T1530",
|
|
46916
|
+
"T1566",
|
|
46917
|
+
"T1567"
|
|
46918
|
+
],
|
|
46919
|
+
"rfc_refs": [
|
|
46920
|
+
"DRAFT-IETF-TLS-ECDHE-MLKEM",
|
|
46921
|
+
"DRAFT-IETF-TLS-HYBRID-DESIGN",
|
|
46922
|
+
"RFC-8032",
|
|
46923
|
+
"RFC-8446",
|
|
46924
|
+
"RFC-9106",
|
|
46925
|
+
"RFC-9180",
|
|
46926
|
+
"RFC-9420",
|
|
46927
|
+
"RFC-9458",
|
|
46928
|
+
"RFC-9794"
|
|
46929
|
+
]
|
|
46930
|
+
}
|
|
46931
|
+
},
|
|
46932
|
+
"CVE-2026-41950": {
|
|
46933
|
+
"name": "Dify Chat-Messages Arbitrary File-UUID Cross-User File Read",
|
|
46934
|
+
"rwep": 21,
|
|
46935
|
+
"cvss": 6.5,
|
|
46936
|
+
"cisa_kev": false,
|
|
46937
|
+
"epss_score": null,
|
|
46938
|
+
"referencing_skills": [
|
|
46939
|
+
"ai-attack-surface",
|
|
46940
|
+
"compliance-theater",
|
|
46941
|
+
"pqc-first",
|
|
46942
|
+
"dlp-gap-analysis"
|
|
46943
|
+
],
|
|
46944
|
+
"chain": {
|
|
46945
|
+
"cwes": [
|
|
46946
|
+
{
|
|
46947
|
+
"id": "CWE-1039",
|
|
46948
|
+
"name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
|
|
46949
|
+
"category": "AI/ML"
|
|
46950
|
+
},
|
|
46951
|
+
{
|
|
46952
|
+
"id": "CWE-1426",
|
|
46953
|
+
"name": "Improper Validation of Generative AI Output",
|
|
46954
|
+
"category": "AI/ML"
|
|
46955
|
+
},
|
|
46956
|
+
{
|
|
46957
|
+
"id": "CWE-200",
|
|
46958
|
+
"name": "Exposure of Sensitive Information to an Unauthorized Actor",
|
|
46959
|
+
"category": "Information Exposure"
|
|
46960
|
+
},
|
|
46961
|
+
{
|
|
46962
|
+
"id": "CWE-327",
|
|
46963
|
+
"name": "Use of a Broken or Risky Cryptographic Algorithm",
|
|
46964
|
+
"category": "Cryptography"
|
|
46965
|
+
},
|
|
46966
|
+
{
|
|
46967
|
+
"id": "CWE-94",
|
|
46968
|
+
"name": "Improper Control of Generation of Code (Code Injection)",
|
|
46969
|
+
"category": "Injection"
|
|
46970
|
+
}
|
|
46971
|
+
],
|
|
46972
|
+
"atlas": [
|
|
46973
|
+
{
|
|
46974
|
+
"id": "AML.T0016",
|
|
46975
|
+
"name": "Obtain Capabilities: Develop Capabilities",
|
|
46976
|
+
"tactic": "Resource Development"
|
|
46977
|
+
},
|
|
46978
|
+
{
|
|
46979
|
+
"id": "AML.T0017",
|
|
46980
|
+
"name": "Discover ML Model Ontology",
|
|
46981
|
+
"tactic": "Discovery"
|
|
46982
|
+
},
|
|
46983
|
+
{
|
|
46984
|
+
"id": "AML.T0018",
|
|
46985
|
+
"name": "Backdoor ML Model",
|
|
46986
|
+
"tactic": "Persistence"
|
|
46987
|
+
},
|
|
46988
|
+
{
|
|
46989
|
+
"id": "AML.T0020",
|
|
46990
|
+
"name": "Poison Training Data",
|
|
46991
|
+
"tactic": "ML Attack Staging"
|
|
46992
|
+
},
|
|
46993
|
+
{
|
|
46994
|
+
"id": "AML.T0043",
|
|
46995
|
+
"name": "Craft Adversarial Data",
|
|
46996
|
+
"tactic": "ML Attack Staging"
|
|
46997
|
+
},
|
|
46998
|
+
{
|
|
46999
|
+
"id": "AML.T0051",
|
|
47000
|
+
"name": "LLM Prompt Injection",
|
|
47001
|
+
"tactic": "Execution"
|
|
47002
|
+
},
|
|
47003
|
+
{
|
|
47004
|
+
"id": "AML.T0054",
|
|
47005
|
+
"name": "LLM Jailbreak",
|
|
47006
|
+
"tactic": "Defense Evasion"
|
|
47007
|
+
},
|
|
47008
|
+
{
|
|
47009
|
+
"id": "AML.T0096",
|
|
47010
|
+
"name": "AI API as Covert C2 Channel",
|
|
47011
|
+
"tactic": "Command and Control"
|
|
47012
|
+
}
|
|
47013
|
+
],
|
|
47014
|
+
"d3fend": [
|
|
47015
|
+
{
|
|
47016
|
+
"id": "D3-CSPP",
|
|
47017
|
+
"name": "Client-server Payload Profiling",
|
|
47018
|
+
"tactic": "Detect"
|
|
47019
|
+
},
|
|
47020
|
+
{
|
|
47021
|
+
"id": "D3-EAL",
|
|
47022
|
+
"name": "Executable Allowlisting",
|
|
47023
|
+
"tactic": "Harden"
|
|
47024
|
+
},
|
|
47025
|
+
{
|
|
47026
|
+
"id": "D3-FE",
|
|
47027
|
+
"name": "File Encryption",
|
|
47028
|
+
"tactic": "Harden"
|
|
47029
|
+
},
|
|
47030
|
+
{
|
|
47031
|
+
"id": "D3-IOPR",
|
|
47032
|
+
"name": "Input/Output Profiling Resource",
|
|
47033
|
+
"tactic": "Detect"
|
|
47034
|
+
},
|
|
47035
|
+
{
|
|
47036
|
+
"id": "D3-MENCR",
|
|
47037
|
+
"name": "Message Encryption",
|
|
47038
|
+
"tactic": "Harden"
|
|
47039
|
+
},
|
|
47040
|
+
{
|
|
47041
|
+
"id": "D3-NTA",
|
|
47042
|
+
"name": "Network Traffic Analysis",
|
|
47043
|
+
"tactic": "Detect"
|
|
47044
|
+
},
|
|
47045
|
+
{
|
|
47046
|
+
"id": "D3-NTPM",
|
|
47047
|
+
"name": "Network Traffic Policy Mapping",
|
|
47048
|
+
"tactic": "Model"
|
|
47049
|
+
}
|
|
47050
|
+
],
|
|
47051
|
+
"framework_gaps": [
|
|
47052
|
+
{
|
|
47053
|
+
"id": "ALL-AI-PIPELINE-INTEGRITY",
|
|
47054
|
+
"framework": "ALL",
|
|
47055
|
+
"control_name": "AI Pipeline Integrity"
|
|
47056
|
+
},
|
|
47057
|
+
{
|
|
47058
|
+
"id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
|
|
47059
|
+
"framework": "ALL",
|
|
47060
|
+
"control_name": "Prompt Injection as Access Control Failure"
|
|
47061
|
+
},
|
|
47062
|
+
{
|
|
47063
|
+
"id": "CMMC-2.0-Level-2",
|
|
47064
|
+
"framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
|
|
47065
|
+
"control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
|
|
47066
|
+
},
|
|
47067
|
+
{
|
|
47068
|
+
"id": "FedRAMP-Rev5-Moderate",
|
|
47069
|
+
"framework": "FedRAMP Rev 5 Moderate",
|
|
47070
|
+
"control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
|
|
47071
|
+
},
|
|
47072
|
+
{
|
|
47073
|
+
"id": "HIPAA-Security-Rule-164.312(a)(1)",
|
|
47074
|
+
"framework": "HIPAA Security Rule (45 CFR § 164.312)",
|
|
47075
|
+
"control_name": "Access control standard (technical safeguards)"
|
|
47076
|
+
},
|
|
47077
|
+
{
|
|
47078
|
+
"id": "ISO-27001-2022-A.8.16",
|
|
47079
|
+
"framework": "ISO/IEC 27001:2022",
|
|
47080
|
+
"control_name": "Monitoring activities"
|
|
47081
|
+
},
|
|
47082
|
+
{
|
|
47083
|
+
"id": "ISO-27001-2022-A.8.28",
|
|
47084
|
+
"framework": "ISO/IEC 27001:2022",
|
|
47085
|
+
"control_name": "Secure coding"
|
|
47086
|
+
},
|
|
47087
|
+
{
|
|
47088
|
+
"id": "ISO-IEC-23894-2023-clause-7",
|
|
47089
|
+
"framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
|
|
47090
|
+
"control_name": "AI risk management process"
|
|
47091
|
+
},
|
|
47092
|
+
{
|
|
47093
|
+
"id": "ISO-IEC-42001-2023-clause-6.1.2",
|
|
47094
|
+
"framework": "ISO/IEC 42001:2023 (AI Management System)",
|
|
47095
|
+
"control_name": "AI risk assessment"
|
|
47096
|
+
},
|
|
47097
|
+
{
|
|
47098
|
+
"id": "NIST-800-53-AC-2",
|
|
47099
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
47100
|
+
"control_name": "Account Management"
|
|
47101
|
+
},
|
|
47102
|
+
{
|
|
47103
|
+
"id": "NIST-800-53-SC-28",
|
|
47104
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
47105
|
+
"control_name": "Protection of Information at Rest"
|
|
47106
|
+
},
|
|
47107
|
+
{
|
|
47108
|
+
"id": "NIST-800-53-SC-7",
|
|
47109
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
47110
|
+
"control_name": "Boundary Protection"
|
|
47111
|
+
},
|
|
47112
|
+
{
|
|
47113
|
+
"id": "NIST-800-53-SC-8",
|
|
47114
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
47115
|
+
"control_name": "Transmission Confidentiality and Integrity"
|
|
47116
|
+
},
|
|
47117
|
+
{
|
|
47118
|
+
"id": "NIST-800-53-SI-3",
|
|
47119
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
47120
|
+
"control_name": "Malicious Code Protection"
|
|
47121
|
+
},
|
|
47122
|
+
{
|
|
47123
|
+
"id": "OWASP-LLM-Top-10-2025-LLM01",
|
|
47124
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
47125
|
+
"control_name": "Prompt Injection"
|
|
47126
|
+
},
|
|
47127
|
+
{
|
|
47128
|
+
"id": "OWASP-LLM-Top-10-2025-LLM02",
|
|
47129
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
47130
|
+
"control_name": "Sensitive Information Disclosure"
|
|
47131
|
+
},
|
|
47132
|
+
{
|
|
47133
|
+
"id": "SOC2-CC6-logical-access",
|
|
47134
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
47135
|
+
"control_name": "Logical and Physical Access Controls"
|
|
47136
|
+
},
|
|
47137
|
+
{
|
|
47138
|
+
"id": "SOC2-CC7-anomaly-detection",
|
|
47139
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
47140
|
+
"control_name": "System Operations — Threat and Vulnerability Management"
|
|
47141
|
+
}
|
|
47142
|
+
],
|
|
47143
|
+
"attack_refs": [
|
|
47144
|
+
"T1041",
|
|
47145
|
+
"T1059",
|
|
47146
|
+
"T1190",
|
|
47147
|
+
"T1213",
|
|
47148
|
+
"T1530",
|
|
47149
|
+
"T1566",
|
|
47150
|
+
"T1567"
|
|
47151
|
+
],
|
|
47152
|
+
"rfc_refs": [
|
|
47153
|
+
"DRAFT-IETF-TLS-ECDHE-MLKEM",
|
|
47154
|
+
"DRAFT-IETF-TLS-HYBRID-DESIGN",
|
|
47155
|
+
"RFC-8032",
|
|
47156
|
+
"RFC-8446",
|
|
47157
|
+
"RFC-9106",
|
|
47158
|
+
"RFC-9180",
|
|
47159
|
+
"RFC-9420",
|
|
47160
|
+
"RFC-9458",
|
|
47161
|
+
"RFC-9794"
|
|
47162
|
+
]
|
|
47163
|
+
}
|
|
47164
|
+
},
|
|
46405
47165
|
"CVE-2026-41091": {
|
|
46406
47166
|
"name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
|
|
46407
47167
|
"rwep": 45,
|
|
@@ -74014,6 +74774,7 @@
|
|
|
74014
74774
|
"CVE-2024-11393",
|
|
74015
74775
|
"CVE-2024-11394",
|
|
74016
74776
|
"CVE-2024-12366",
|
|
74777
|
+
"CVE-2024-12776",
|
|
74017
74778
|
"CVE-2024-13059",
|
|
74018
74779
|
"CVE-2024-1561",
|
|
74019
74780
|
"CVE-2024-21513",
|
|
@@ -74041,6 +74802,7 @@
|
|
|
74041
74802
|
"CVE-2025-11837",
|
|
74042
74803
|
"CVE-2025-1550",
|
|
74043
74804
|
"CVE-2025-1753",
|
|
74805
|
+
"CVE-2025-1796",
|
|
74044
74806
|
"CVE-2025-23254",
|
|
74045
74807
|
"CVE-2025-23266",
|
|
74046
74808
|
"CVE-2025-25297",
|
|
@@ -74090,6 +74852,8 @@
|
|
|
74090
74852
|
"CVE-2026-34159",
|
|
74091
74853
|
"CVE-2026-39884",
|
|
74092
74854
|
"CVE-2026-40933",
|
|
74855
|
+
"CVE-2026-41947",
|
|
74856
|
+
"CVE-2026-41950",
|
|
74093
74857
|
"CVE-2026-42208",
|
|
74094
74858
|
"CVE-2026-45321",
|
|
74095
74859
|
"CVE-2026-45829",
|
|
@@ -74834,6 +75598,8 @@
|
|
|
74834
75598
|
"CVE-2026-33017",
|
|
74835
75599
|
"CVE-2026-34159",
|
|
74836
75600
|
"CVE-2026-39884",
|
|
75601
|
+
"CVE-2026-41947",
|
|
75602
|
+
"CVE-2026-41950",
|
|
74837
75603
|
"CVE-2026-42208",
|
|
74838
75604
|
"CVE-2026-42897",
|
|
74839
75605
|
"CVE-2026-43284",
|
|
@@ -76328,6 +77094,8 @@
|
|
|
76328
77094
|
"CVE-2023-47117",
|
|
76329
77095
|
"CVE-2025-14847",
|
|
76330
77096
|
"CVE-2025-22226",
|
|
77097
|
+
"CVE-2026-41947",
|
|
77098
|
+
"CVE-2026-41950",
|
|
76331
77099
|
"CVE-2026-43284"
|
|
76332
77100
|
]
|
|
76333
77101
|
},
|
|
@@ -81880,6 +82648,7 @@
|
|
|
81880
82648
|
"CVE-2024-11393",
|
|
81881
82649
|
"CVE-2024-11394",
|
|
81882
82650
|
"CVE-2024-12366",
|
|
82651
|
+
"CVE-2024-12776",
|
|
81883
82652
|
"CVE-2024-13059",
|
|
81884
82653
|
"CVE-2024-1561",
|
|
81885
82654
|
"CVE-2024-21513",
|
|
@@ -81905,6 +82674,7 @@
|
|
|
81905
82674
|
"CVE-2025-11837",
|
|
81906
82675
|
"CVE-2025-1550",
|
|
81907
82676
|
"CVE-2025-1753",
|
|
82677
|
+
"CVE-2025-1796",
|
|
81908
82678
|
"CVE-2025-23254",
|
|
81909
82679
|
"CVE-2025-23266",
|
|
81910
82680
|
"CVE-2025-25297",
|
|
@@ -81952,6 +82722,8 @@
|
|
|
81952
82722
|
"CVE-2026-34159",
|
|
81953
82723
|
"CVE-2026-39884",
|
|
81954
82724
|
"CVE-2026-40933",
|
|
82725
|
+
"CVE-2026-41947",
|
|
82726
|
+
"CVE-2026-41950",
|
|
81955
82727
|
"CVE-2026-42208",
|
|
81956
82728
|
"CVE-2026-45829"
|
|
81957
82729
|
]
|
|
@@ -83199,6 +83971,7 @@
|
|
|
83199
83971
|
"CVE-2024-11393",
|
|
83200
83972
|
"CVE-2024-11394",
|
|
83201
83973
|
"CVE-2024-12366",
|
|
83974
|
+
"CVE-2024-12776",
|
|
83202
83975
|
"CVE-2024-13059",
|
|
83203
83976
|
"CVE-2024-1561",
|
|
83204
83977
|
"CVE-2024-21513",
|
|
@@ -83227,6 +84000,7 @@
|
|
|
83227
84000
|
"CVE-2025-14847",
|
|
83228
84001
|
"CVE-2025-1550",
|
|
83229
84002
|
"CVE-2025-1753",
|
|
84003
|
+
"CVE-2025-1796",
|
|
83230
84004
|
"CVE-2025-22226",
|
|
83231
84005
|
"CVE-2025-23254",
|
|
83232
84006
|
"CVE-2025-23266",
|
|
@@ -83277,6 +84051,8 @@
|
|
|
83277
84051
|
"CVE-2026-34159",
|
|
83278
84052
|
"CVE-2026-39884",
|
|
83279
84053
|
"CVE-2026-40933",
|
|
84054
|
+
"CVE-2026-41947",
|
|
84055
|
+
"CVE-2026-41950",
|
|
83280
84056
|
"CVE-2026-42208",
|
|
83281
84057
|
"CVE-2026-42897",
|
|
83282
84058
|
"CVE-2026-43284",
|