@blamejs/exceptd-skills 0.13.114 → 0.13.115

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +476 -0
  6. package/data/atlas-ttps.json +2 -0
  7. package/data/attack-techniques.json +10 -0
  8. package/data/cve-catalog.json +208 -0
  9. package/data/cwe-catalog.json +4 -1
  10. package/data/framework-control-gaps.json +20 -2
  11. package/data/zeroday-lessons.json +100 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
1
  # Changelog
2
2
 
3
+ ## 0.13.115 — 2026-05-26
4
+
5
+ CVE catalog — Dify object-level authorization bypass. Adds two flaws in Dify where an API trusts a user-controlled key without an ownership check (CWE-639). **CVE-2026-41947** (VulnCheck CNA CVSS 9.1 CRITICAL / v4.0 9.3) — the trace-configuration endpoints miss tenant-ownership checks, so an authenticated editor configures trace settings for any application and can redirect victim trace data to an attacker-controlled provider; fixed in 1.14.2. **CVE-2026-41950** (VulnCheck CNA CVSS 6.5 MEDIUM) — the chat-messages endpoint accepts an arbitrary file UUID in the files array without verifying ownership, so an authenticated user reads files uploaded by other users in the same tenant; fixed in 1.14.0. Both are patched and reuse the AI-app API object-authorization control (NEW-CTRL-106) shared with the Label Studio privilege-escalation chain — an LLM app platform must enforce object-level authorization on every request that references an object by a caller-supplied id. CVE count 404 → 406.
6
+
3
7
  ## 0.13.114 — 2026-05-26
4
8
 
5
9
  CVE catalog — Dify password-recovery account takeover. Adds two flaws in Dify's password-reset flow, both yielding takeover of any account including administrators (CWE-640 weak password-recovery mechanism). **CVE-2025-1796** (CWE-338 / CWE-640, NVD CVSS 8.8 HIGH; huntr CNA 7.5) — reset codes are generated with a weak pseudo-random number generator (`random.randint`), so an attacker predicts the code and resets any account. **CVE-2024-12776** (CWE-287 / CWE-640, huntr CNA CVSS 8.1 HIGH; NVD classifies it CWE-305) — the `/forgot-password/resets` endpoint does not verify the reset code before allowing a reset. Neither has a fixed version published, so mitigation is generating reset tokens with a CSPRNG and verifying them server-side. Both introduce NEW-CTRL-108: an AI app's password-recovery flow must use cryptographically secure, single-use, short-lived reset tokens and verify them server-side before any reset. CVE count 402 → 404.
package/data/_indexes/_meta.json CHANGED
@@ -1,21 +1,21 @@
1
1
  {
2
2
  "schema_version": "1.1.0",
3
- "generated_at": "2026-05-26T16:55:23.938Z",
3
+ "generated_at": "2026-05-26T21:15:14.058Z",
4
4
  "generator": "scripts/build-indexes.js",
5
5
  "source_count": 54,
6
6
  "source_hashes": {
7
- "manifest.json": "d241dfd94764cfbd42fc25fc55dbb57e8bf98cae9494b09a3fc6b6d5c206bfd5",
8
- "data/atlas-ttps.json": "fbad886119efbb01d6ae80647cb84ef8d6335b819eebb7ec650ad9819c3f6afd",
9
- "data/attack-techniques.json": "b9d62387c336b73a7807d2a8bf3c8a13fa080a18b1b39fe7377db7adb1ba7546",
10
- "data/cve-catalog.json": "7ebe9b305a77bfc5634a5511cf550cc4d3b91f36dcc0187042200442142d6dbb",
11
- "data/cwe-catalog.json": "9a402095ba8994f0e97f11ddd94eb5b6b7ee2f370e4d82fb1d1a115271b16283",
7
+ "manifest.json": "29c003c17f482b43e69fe3c31572971f4d904745efe075f4d646e1ffebee0ebd",
8
+ "data/atlas-ttps.json": "8dca8b3a370632548b3d7f465686ac6b47a26920bf6f618db401e349af2a33e2",
9
+ "data/attack-techniques.json": "82c228e6a9a3a6220430225dd8721751c857fd3c901898533a8b8d3d0223ef09",
10
+ "data/cve-catalog.json": "a93e2b20c6d1fd47de1efbc31b977c5c04c0c7b17bf6d1a7abcc32abfb8b9078",
11
+ "data/cwe-catalog.json": "13b8dbb4d05dfb9b5f1c9162fdbadace9a49bb5892997a046b65d899bcfa1d49",
12
12
  "data/d3fend-catalog.json": "9a54bccb9f24f84b32024216cc3f53819a053721ac8ab43c326859e68fc0ffaf",
13
13
  "data/dlp-controls.json": "d2406c482dddd30e49203879999dc4b3a7fd4d0494d6a61d86b91ee76415df19",
14
14
  "data/exploit-availability.json": "ec2656f0d9a893610e27b43eb6035fe9b18e057c9f6dfaac7e7d4959bbcbb795",
15
- "data/framework-control-gaps.json": "afc00b1a651c4b880d9eb68ee73a0ae141551678cc6c2e20bd423294f961e630",
15
+ "data/framework-control-gaps.json": "542c4c7d1a36aa34c07ec34544ca85477244c5bb55c640e0ae45aaba4828713d",
16
16
  "data/global-frameworks.json": "9ba563a85f7f8d6c3c957de64945e20925a89d0ed6ea6fc561cf093811acf558",
17
17
  "data/rfc-references.json": "66ef2e1f444a2cf0c2700a754f0a66030bb8a91d9e68394b9537ea1fe8b904fe",
18
- "data/zeroday-lessons.json": "966516c060db19606255630d59868e9a8a64c0fc09dd94d0c4ddd8a7d0e2ba48",
18
+ "data/zeroday-lessons.json": "e324773cafcb779b1f1cf47f932acf9b54d307e013711a0412142eed9150a93a",
19
19
  "skills/kernel-lpe-triage/skill.md": "08b3e9815ba481c57c80f5fc0ccbf5bb7cbb41f570c235ba6ff9596b8c07354d",
20
20
  "skills/ai-attack-surface/skill.md": "c4c1eb22a38ca7a959b5725222bab8fbd4f4044a548a93f3e288e6f698334b72",
21
21
  "skills/mcp-agent-trust/skill.md": "89ac89084391d2341b6513fefb1be2d36b93de1c130f057696219c1c59440f13",
@@ -72,7 +72,7 @@
72
72
  "dlp_refs": 0
73
73
  },
74
74
  "trigger_table_entries": 538,
75
- "chains_cve_entries": 393,
75
+ "chains_cve_entries": 395,
76
76
  "chains_cwe_entries": 171,
77
77
  "jurisdictions_indexed": 29,
78
78
  "handoff_dag_nodes": 42,
package/data/_indexes/activity-feed.json CHANGED
@@ -149,7 +149,7 @@
149
149
  "artifact": "data/cve-catalog.json",
150
150
  "path": "data/cve-catalog.json",
151
151
  "schema_version": "1.0.0",
152
- "entry_count": 404
152
+ "entry_count": 406
153
153
  },
154
154
  {
155
155
  "date": "2026-05-18",
@@ -165,7 +165,7 @@
165
165
  "artifact": "data/zeroday-lessons.json",
166
166
  "path": "data/zeroday-lessons.json",
167
167
  "schema_version": "1.1.0",
168
- "entry_count": 399
168
+ "entry_count": 401
169
169
  },
170
170
  {
171
171
  "date": "2026-05-17",
package/data/_indexes/catalog-summaries.json CHANGED
@@ -62,7 +62,7 @@
62
62
  "rebuild_after_days": 365,
63
63
  "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
64
64
  },
65
- "entry_count": 404,
65
+ "entry_count": 406,
66
66
  "sample_keys": [
67
67
  "CVE-2025-53773",
68
68
  "CVE-2026-30615",
@@ -238,7 +238,7 @@
238
238
  "rebuild_after_days": 365,
239
239
  "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
240
240
  },
241
- "entry_count": 399,
241
+ "entry_count": 401,
242
242
  "sample_keys": [
243
243
  "CVE-2026-31431",
244
244
  "CVE-2025-53773",
package/data/_indexes/chains.json CHANGED
@@ -46696,6 +46696,472 @@
46696
46696
  "rfc_refs": []
46697
46697
  }
46698
46698
  },
46699
+ "CVE-2026-41947": {
46700
+ "name": "Dify Trace-Config Cross-Tenant Authorization Bypass",
46701
+ "rwep": 27,
46702
+ "cvss": 9.1,
46703
+ "cisa_kev": false,
46704
+ "epss_score": null,
46705
+ "referencing_skills": [
46706
+ "ai-attack-surface",
46707
+ "compliance-theater",
46708
+ "pqc-first",
46709
+ "dlp-gap-analysis"
46710
+ ],
46711
+ "chain": {
46712
+ "cwes": [
46713
+ {
46714
+ "id": "CWE-1039",
46715
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
46716
+ "category": "AI/ML"
46717
+ },
46718
+ {
46719
+ "id": "CWE-1426",
46720
+ "name": "Improper Validation of Generative AI Output",
46721
+ "category": "AI/ML"
46722
+ },
46723
+ {
46724
+ "id": "CWE-200",
46725
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
46726
+ "category": "Information Exposure"
46727
+ },
46728
+ {
46729
+ "id": "CWE-327",
46730
+ "name": "Use of a Broken or Risky Cryptographic Algorithm",
46731
+ "category": "Cryptography"
46732
+ },
46733
+ {
46734
+ "id": "CWE-94",
46735
+ "name": "Improper Control of Generation of Code (Code Injection)",
46736
+ "category": "Injection"
46737
+ }
46738
+ ],
46739
+ "atlas": [
46740
+ {
46741
+ "id": "AML.T0016",
46742
+ "name": "Obtain Capabilities: Develop Capabilities",
46743
+ "tactic": "Resource Development"
46744
+ },
46745
+ {
46746
+ "id": "AML.T0017",
46747
+ "name": "Discover ML Model Ontology",
46748
+ "tactic": "Discovery"
46749
+ },
46750
+ {
46751
+ "id": "AML.T0018",
46752
+ "name": "Backdoor ML Model",
46753
+ "tactic": "Persistence"
46754
+ },
46755
+ {
46756
+ "id": "AML.T0020",
46757
+ "name": "Poison Training Data",
46758
+ "tactic": "ML Attack Staging"
46759
+ },
46760
+ {
46761
+ "id": "AML.T0043",
46762
+ "name": "Craft Adversarial Data",
46763
+ "tactic": "ML Attack Staging"
46764
+ },
46765
+ {
46766
+ "id": "AML.T0051",
46767
+ "name": "LLM Prompt Injection",
46768
+ "tactic": "Execution"
46769
+ },
46770
+ {
46771
+ "id": "AML.T0054",
46772
+ "name": "LLM Jailbreak",
46773
+ "tactic": "Defense Evasion"
46774
+ },
46775
+ {
46776
+ "id": "AML.T0096",
46777
+ "name": "AI API as Covert C2 Channel",
46778
+ "tactic": "Command and Control"
46779
+ }
46780
+ ],
46781
+ "d3fend": [
46782
+ {
46783
+ "id": "D3-CSPP",
46784
+ "name": "Client-server Payload Profiling",
46785
+ "tactic": "Detect"
46786
+ },
46787
+ {
46788
+ "id": "D3-EAL",
46789
+ "name": "Executable Allowlisting",
46790
+ "tactic": "Harden"
46791
+ },
46792
+ {
46793
+ "id": "D3-FE",
46794
+ "name": "File Encryption",
46795
+ "tactic": "Harden"
46796
+ },
46797
+ {
46798
+ "id": "D3-IOPR",
46799
+ "name": "Input/Output Profiling Resource",
46800
+ "tactic": "Detect"
46801
+ },
46802
+ {
46803
+ "id": "D3-MENCR",
46804
+ "name": "Message Encryption",
46805
+ "tactic": "Harden"
46806
+ },
46807
+ {
46808
+ "id": "D3-NTA",
46809
+ "name": "Network Traffic Analysis",
46810
+ "tactic": "Detect"
46811
+ },
46812
+ {
46813
+ "id": "D3-NTPM",
46814
+ "name": "Network Traffic Policy Mapping",
46815
+ "tactic": "Model"
46816
+ }
46817
+ ],
46818
+ "framework_gaps": [
46819
+ {
46820
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
46821
+ "framework": "ALL",
46822
+ "control_name": "AI Pipeline Integrity"
46823
+ },
46824
+ {
46825
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
46826
+ "framework": "ALL",
46827
+ "control_name": "Prompt Injection as Access Control Failure"
46828
+ },
46829
+ {
46830
+ "id": "CMMC-2.0-Level-2",
46831
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
46832
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
46833
+ },
46834
+ {
46835
+ "id": "FedRAMP-Rev5-Moderate",
46836
+ "framework": "FedRAMP Rev 5 Moderate",
46837
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
46838
+ },
46839
+ {
46840
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
46841
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
46842
+ "control_name": "Access control standard (technical safeguards)"
46843
+ },
46844
+ {
46845
+ "id": "ISO-27001-2022-A.8.16",
46846
+ "framework": "ISO/IEC 27001:2022",
46847
+ "control_name": "Monitoring activities"
46848
+ },
46849
+ {
46850
+ "id": "ISO-27001-2022-A.8.28",
46851
+ "framework": "ISO/IEC 27001:2022",
46852
+ "control_name": "Secure coding"
46853
+ },
46854
+ {
46855
+ "id": "ISO-IEC-23894-2023-clause-7",
46856
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
46857
+ "control_name": "AI risk management process"
46858
+ },
46859
+ {
46860
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
46861
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
46862
+ "control_name": "AI risk assessment"
46863
+ },
46864
+ {
46865
+ "id": "NIST-800-53-AC-2",
46866
+ "framework": "NIST SP 800-53 Rev 5",
46867
+ "control_name": "Account Management"
46868
+ },
46869
+ {
46870
+ "id": "NIST-800-53-SC-28",
46871
+ "framework": "NIST SP 800-53 Rev 5",
46872
+ "control_name": "Protection of Information at Rest"
46873
+ },
46874
+ {
46875
+ "id": "NIST-800-53-SC-7",
46876
+ "framework": "NIST SP 800-53 Rev 5",
46877
+ "control_name": "Boundary Protection"
46878
+ },
46879
+ {
46880
+ "id": "NIST-800-53-SC-8",
46881
+ "framework": "NIST SP 800-53 Rev 5",
46882
+ "control_name": "Transmission Confidentiality and Integrity"
46883
+ },
46884
+ {
46885
+ "id": "NIST-800-53-SI-3",
46886
+ "framework": "NIST SP 800-53 Rev 5",
46887
+ "control_name": "Malicious Code Protection"
46888
+ },
46889
+ {
46890
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
46891
+ "framework": "OWASP Top 10 for LLM Applications 2025",
46892
+ "control_name": "Prompt Injection"
46893
+ },
46894
+ {
46895
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
46896
+ "framework": "OWASP Top 10 for LLM Applications 2025",
46897
+ "control_name": "Sensitive Information Disclosure"
46898
+ },
46899
+ {
46900
+ "id": "SOC2-CC6-logical-access",
46901
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
46902
+ "control_name": "Logical and Physical Access Controls"
46903
+ },
46904
+ {
46905
+ "id": "SOC2-CC7-anomaly-detection",
46906
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
46907
+ "control_name": "System Operations — Threat and Vulnerability Management"
46908
+ }
46909
+ ],
46910
+ "attack_refs": [
46911
+ "T1041",
46912
+ "T1059",
46913
+ "T1190",
46914
+ "T1213",
46915
+ "T1530",
46916
+ "T1566",
46917
+ "T1567"
46918
+ ],
46919
+ "rfc_refs": [
46920
+ "DRAFT-IETF-TLS-ECDHE-MLKEM",
46921
+ "DRAFT-IETF-TLS-HYBRID-DESIGN",
46922
+ "RFC-8032",
46923
+ "RFC-8446",
46924
+ "RFC-9106",
46925
+ "RFC-9180",
46926
+ "RFC-9420",
46927
+ "RFC-9458",
46928
+ "RFC-9794"
46929
+ ]
46930
+ }
46931
+ },
46932
+ "CVE-2026-41950": {
46933
+ "name": "Dify Chat-Messages Arbitrary File-UUID Cross-User File Read",
46934
+ "rwep": 21,
46935
+ "cvss": 6.5,
46936
+ "cisa_kev": false,
46937
+ "epss_score": null,
46938
+ "referencing_skills": [
46939
+ "ai-attack-surface",
46940
+ "compliance-theater",
46941
+ "pqc-first",
46942
+ "dlp-gap-analysis"
46943
+ ],
46944
+ "chain": {
46945
+ "cwes": [
46946
+ {
46947
+ "id": "CWE-1039",
46948
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
46949
+ "category": "AI/ML"
46950
+ },
46951
+ {
46952
+ "id": "CWE-1426",
46953
+ "name": "Improper Validation of Generative AI Output",
46954
+ "category": "AI/ML"
46955
+ },
46956
+ {
46957
+ "id": "CWE-200",
46958
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
46959
+ "category": "Information Exposure"
46960
+ },
46961
+ {
46962
+ "id": "CWE-327",
46963
+ "name": "Use of a Broken or Risky Cryptographic Algorithm",
46964
+ "category": "Cryptography"
46965
+ },
46966
+ {
46967
+ "id": "CWE-94",
46968
+ "name": "Improper Control of Generation of Code (Code Injection)",
46969
+ "category": "Injection"
46970
+ }
46971
+ ],
46972
+ "atlas": [
46973
+ {
46974
+ "id": "AML.T0016",
46975
+ "name": "Obtain Capabilities: Develop Capabilities",
46976
+ "tactic": "Resource Development"
46977
+ },
46978
+ {
46979
+ "id": "AML.T0017",
46980
+ "name": "Discover ML Model Ontology",
46981
+ "tactic": "Discovery"
46982
+ },
46983
+ {
46984
+ "id": "AML.T0018",
46985
+ "name": "Backdoor ML Model",
46986
+ "tactic": "Persistence"
46987
+ },
46988
+ {
46989
+ "id": "AML.T0020",
46990
+ "name": "Poison Training Data",
46991
+ "tactic": "ML Attack Staging"
46992
+ },
46993
+ {
46994
+ "id": "AML.T0043",
46995
+ "name": "Craft Adversarial Data",
46996
+ "tactic": "ML Attack Staging"
46997
+ },
46998
+ {
46999
+ "id": "AML.T0051",
47000
+ "name": "LLM Prompt Injection",
47001
+ "tactic": "Execution"
47002
+ },
47003
+ {
47004
+ "id": "AML.T0054",
47005
+ "name": "LLM Jailbreak",
47006
+ "tactic": "Defense Evasion"
47007
+ },
47008
+ {
47009
+ "id": "AML.T0096",
47010
+ "name": "AI API as Covert C2 Channel",
47011
+ "tactic": "Command and Control"
47012
+ }
47013
+ ],
47014
+ "d3fend": [
47015
+ {
47016
+ "id": "D3-CSPP",
47017
+ "name": "Client-server Payload Profiling",
47018
+ "tactic": "Detect"
47019
+ },
47020
+ {
47021
+ "id": "D3-EAL",
47022
+ "name": "Executable Allowlisting",
47023
+ "tactic": "Harden"
47024
+ },
47025
+ {
47026
+ "id": "D3-FE",
47027
+ "name": "File Encryption",
47028
+ "tactic": "Harden"
47029
+ },
47030
+ {
47031
+ "id": "D3-IOPR",
47032
+ "name": "Input/Output Profiling Resource",
47033
+ "tactic": "Detect"
47034
+ },
47035
+ {
47036
+ "id": "D3-MENCR",
47037
+ "name": "Message Encryption",
47038
+ "tactic": "Harden"
47039
+ },
47040
+ {
47041
+ "id": "D3-NTA",
47042
+ "name": "Network Traffic Analysis",
47043
+ "tactic": "Detect"
47044
+ },
47045
+ {
47046
+ "id": "D3-NTPM",
47047
+ "name": "Network Traffic Policy Mapping",
47048
+ "tactic": "Model"
47049
+ }
47050
+ ],
47051
+ "framework_gaps": [
47052
+ {
47053
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
47054
+ "framework": "ALL",
47055
+ "control_name": "AI Pipeline Integrity"
47056
+ },
47057
+ {
47058
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
47059
+ "framework": "ALL",
47060
+ "control_name": "Prompt Injection as Access Control Failure"
47061
+ },
47062
+ {
47063
+ "id": "CMMC-2.0-Level-2",
47064
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
47065
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
47066
+ },
47067
+ {
47068
+ "id": "FedRAMP-Rev5-Moderate",
47069
+ "framework": "FedRAMP Rev 5 Moderate",
47070
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
47071
+ },
47072
+ {
47073
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
47074
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
47075
+ "control_name": "Access control standard (technical safeguards)"
47076
+ },
47077
+ {
47078
+ "id": "ISO-27001-2022-A.8.16",
47079
+ "framework": "ISO/IEC 27001:2022",
47080
+ "control_name": "Monitoring activities"
47081
+ },
47082
+ {
47083
+ "id": "ISO-27001-2022-A.8.28",
47084
+ "framework": "ISO/IEC 27001:2022",
47085
+ "control_name": "Secure coding"
47086
+ },
47087
+ {
47088
+ "id": "ISO-IEC-23894-2023-clause-7",
47089
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
47090
+ "control_name": "AI risk management process"
47091
+ },
47092
+ {
47093
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
47094
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
47095
+ "control_name": "AI risk assessment"
47096
+ },
47097
+ {
47098
+ "id": "NIST-800-53-AC-2",
47099
+ "framework": "NIST SP 800-53 Rev 5",
47100
+ "control_name": "Account Management"
47101
+ },
47102
+ {
47103
+ "id": "NIST-800-53-SC-28",
47104
+ "framework": "NIST SP 800-53 Rev 5",
47105
+ "control_name": "Protection of Information at Rest"
47106
+ },
47107
+ {
47108
+ "id": "NIST-800-53-SC-7",
47109
+ "framework": "NIST SP 800-53 Rev 5",
47110
+ "control_name": "Boundary Protection"
47111
+ },
47112
+ {
47113
+ "id": "NIST-800-53-SC-8",
47114
+ "framework": "NIST SP 800-53 Rev 5",
47115
+ "control_name": "Transmission Confidentiality and Integrity"
47116
+ },
47117
+ {
47118
+ "id": "NIST-800-53-SI-3",
47119
+ "framework": "NIST SP 800-53 Rev 5",
47120
+ "control_name": "Malicious Code Protection"
47121
+ },
47122
+ {
47123
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
47124
+ "framework": "OWASP Top 10 for LLM Applications 2025",
47125
+ "control_name": "Prompt Injection"
47126
+ },
47127
+ {
47128
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
47129
+ "framework": "OWASP Top 10 for LLM Applications 2025",
47130
+ "control_name": "Sensitive Information Disclosure"
47131
+ },
47132
+ {
47133
+ "id": "SOC2-CC6-logical-access",
47134
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
47135
+ "control_name": "Logical and Physical Access Controls"
47136
+ },
47137
+ {
47138
+ "id": "SOC2-CC7-anomaly-detection",
47139
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
47140
+ "control_name": "System Operations — Threat and Vulnerability Management"
47141
+ }
47142
+ ],
47143
+ "attack_refs": [
47144
+ "T1041",
47145
+ "T1059",
47146
+ "T1190",
47147
+ "T1213",
47148
+ "T1530",
47149
+ "T1566",
47150
+ "T1567"
47151
+ ],
47152
+ "rfc_refs": [
47153
+ "DRAFT-IETF-TLS-ECDHE-MLKEM",
47154
+ "DRAFT-IETF-TLS-HYBRID-DESIGN",
47155
+ "RFC-8032",
47156
+ "RFC-8446",
47157
+ "RFC-9106",
47158
+ "RFC-9180",
47159
+ "RFC-9420",
47160
+ "RFC-9458",
47161
+ "RFC-9794"
47162
+ ]
47163
+ }
47164
+ },
46699
47165
  "CVE-2026-41091": {
46700
47166
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
46701
47167
  "rwep": 45,
@@ -74386,6 +74852,8 @@
74386
74852
  "CVE-2026-34159",
74387
74853
  "CVE-2026-39884",
74388
74854
  "CVE-2026-40933",
74855
+ "CVE-2026-41947",
74856
+ "CVE-2026-41950",
74389
74857
  "CVE-2026-42208",
74390
74858
  "CVE-2026-45321",
74391
74859
  "CVE-2026-45829",
@@ -75130,6 +75598,8 @@
75130
75598
  "CVE-2026-33017",
75131
75599
  "CVE-2026-34159",
75132
75600
  "CVE-2026-39884",
75601
+ "CVE-2026-41947",
75602
+ "CVE-2026-41950",
75133
75603
  "CVE-2026-42208",
75134
75604
  "CVE-2026-42897",
75135
75605
  "CVE-2026-43284",
@@ -76624,6 +77094,8 @@
76624
77094
  "CVE-2023-47117",
76625
77095
  "CVE-2025-14847",
76626
77096
  "CVE-2025-22226",
77097
+ "CVE-2026-41947",
77098
+ "CVE-2026-41950",
76627
77099
  "CVE-2026-43284"
76628
77100
  ]
76629
77101
  },
@@ -82250,6 +82722,8 @@
82250
82722
  "CVE-2026-34159",
82251
82723
  "CVE-2026-39884",
82252
82724
  "CVE-2026-40933",
82725
+ "CVE-2026-41947",
82726
+ "CVE-2026-41950",
82253
82727
  "CVE-2026-42208",
82254
82728
  "CVE-2026-45829"
82255
82729
  ]
@@ -83577,6 +84051,8 @@
83577
84051
  "CVE-2026-34159",
83578
84052
  "CVE-2026-39884",
83579
84053
  "CVE-2026-40933",
84054
+ "CVE-2026-41947",
84055
+ "CVE-2026-41950",
83580
84056
  "CVE-2026-42208",
83581
84057
  "CVE-2026-42897",
83582
84058
  "CVE-2026-43284",
package/data/atlas-ttps.json CHANGED
@@ -1782,6 +1782,8 @@
1782
1782
  "CVE-2026-31230",
1783
1783
  "CVE-2026-33017",
1784
1784
  "CVE-2026-34159",
1785
+ "CVE-2026-41947",
1786
+ "CVE-2026-41950",
1785
1787
  "CVE-2026-45829"
1786
1788
  ]
1787
1789
  },
package/data/attack-techniques.json CHANGED
@@ -551,6 +551,8 @@
551
551
  "CVE-2026-33825",
552
552
  "CVE-2026-39884",
553
553
  "CVE-2026-41940",
554
+ "CVE-2026-41947",
555
+ "CVE-2026-41950",
554
556
  "CVE-2026-42897",
555
557
  "CVE-2026-6973",
556
558
  "MAL-2026-NODE-IPC-STEALER",
@@ -1086,6 +1088,8 @@
1086
1088
  "CVE-2026-3910",
1087
1089
  "CVE-2026-39987",
1088
1090
  "CVE-2026-40933",
1091
+ "CVE-2026-41947",
1092
+ "CVE-2026-41950",
1089
1093
  "CVE-2026-42208",
1090
1094
  "CVE-2026-42897",
1091
1095
  "CVE-2026-42945",
@@ -1312,6 +1316,9 @@
1312
1316
  "description": "Adversaries may leverage information repositories to mine valuable information.",
1313
1317
  "tactic": [
1314
1318
  "Collection"
1319
+ ],
1320
+ "cve_refs": [
1321
+ "CVE-2026-41950"
1315
1322
  ]
1316
1323
  },
1317
1324
  "T1485": {
@@ -1456,6 +1463,9 @@
1456
1463
  "description": "Adversaries may access data from cloud storage.",
1457
1464
  "tactic": [
1458
1465
  "Collection"
1466
+ ],
1467
+ "cve_refs": [
1468
+ "CVE-2026-41947"
1459
1469
  ]
1460
1470
  },
1461
1471
  "T1543": {