@blamejs/exceptd-skills 0.13.118 → 0.13.119

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/data/_indexes/_meta.json +8 -8
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +561 -0
  6. package/data/attack-techniques.json +7 -3
  7. package/data/cve-catalog.json +205 -0
  8. package/data/cwe-catalog.json +4 -2
  9. package/data/framework-control-gaps.json +27 -10
  10. package/data/zeroday-lessons.json +100 -0
  11. package/manifest.json +44 -44
  12. package/package.json +1 -1
  13. package/sbom.cdx.json +22 -22
package/data/_indexes/chains.json CHANGED
@@ -73646,6 +73646,542 @@
73646
73646
  "rfc_refs": []
73647
73647
  }
73648
73648
  },
73649
+ "CVE-2026-22218": {
73650
+ "name": "Chainlit /project/element Arbitrary File Read",
73651
+ "rwep": 19,
73652
+ "cvss": 7.1,
73653
+ "cisa_kev": false,
73654
+ "epss_score": 0.00044,
73655
+ "referencing_skills": [
73656
+ "ai-attack-surface",
73657
+ "compliance-theater",
73658
+ "rag-pipeline-security",
73659
+ "threat-modeling-methodology",
73660
+ "webapp-security",
73661
+ "api-security",
73662
+ "container-runtime-security"
73663
+ ],
73664
+ "chain": {
73665
+ "cwes": [
73666
+ {
73667
+ "id": "CWE-1039",
73668
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
73669
+ "category": "AI/ML"
73670
+ },
73671
+ {
73672
+ "id": "CWE-1188",
73673
+ "name": "Initialization of a Resource with an Insecure Default",
73674
+ "category": "Configuration"
73675
+ },
73676
+ {
73677
+ "id": "CWE-1395",
73678
+ "name": "Dependency on Vulnerable Third-Party Component",
73679
+ "category": "Supply Chain"
73680
+ },
73681
+ {
73682
+ "id": "CWE-1426",
73683
+ "name": "Improper Validation of Generative AI Output",
73684
+ "category": "AI/ML"
73685
+ },
73686
+ {
73687
+ "id": "CWE-200",
73688
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
73689
+ "category": "Information Exposure"
73690
+ },
73691
+ {
73692
+ "id": "CWE-22",
73693
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
73694
+ "category": "Path/Resource"
73695
+ },
73696
+ {
73697
+ "id": "CWE-269",
73698
+ "name": "Improper Privilege Management",
73699
+ "category": "Authorization"
73700
+ },
73701
+ {
73702
+ "id": "CWE-287",
73703
+ "name": "Improper Authentication",
73704
+ "category": "Authentication"
73705
+ },
73706
+ {
73707
+ "id": "CWE-352",
73708
+ "name": "Cross-Site Request Forgery (CSRF)",
73709
+ "category": "Session"
73710
+ },
73711
+ {
73712
+ "id": "CWE-434",
73713
+ "name": "Unrestricted Upload of File with Dangerous Type",
73714
+ "category": "File Handling"
73715
+ },
73716
+ {
73717
+ "id": "CWE-502",
73718
+ "name": "Deserialization of Untrusted Data",
73719
+ "category": "Serialization"
73720
+ },
73721
+ {
73722
+ "id": "CWE-732",
73723
+ "name": "Incorrect Permission Assignment for Critical Resource",
73724
+ "category": "Authorization"
73725
+ },
73726
+ {
73727
+ "id": "CWE-77",
73728
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
73729
+ "category": "Injection"
73730
+ },
73731
+ {
73732
+ "id": "CWE-78",
73733
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
73734
+ "category": "Injection"
73735
+ },
73736
+ {
73737
+ "id": "CWE-787",
73738
+ "name": "Out-of-bounds Write",
73739
+ "category": "Memory Safety"
73740
+ },
73741
+ {
73742
+ "id": "CWE-79",
73743
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
73744
+ "category": "Injection"
73745
+ },
73746
+ {
73747
+ "id": "CWE-862",
73748
+ "name": "Missing Authorization",
73749
+ "category": "Authorization"
73750
+ },
73751
+ {
73752
+ "id": "CWE-863",
73753
+ "name": "Incorrect Authorization",
73754
+ "category": "Authorization"
73755
+ },
73756
+ {
73757
+ "id": "CWE-89",
73758
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
73759
+ "category": "Injection"
73760
+ },
73761
+ {
73762
+ "id": "CWE-918",
73763
+ "name": "Server-Side Request Forgery (SSRF)",
73764
+ "category": "Network"
73765
+ },
73766
+ {
73767
+ "id": "CWE-94",
73768
+ "name": "Improper Control of Generation of Code (Code Injection)",
73769
+ "category": "Injection"
73770
+ }
73771
+ ],
73772
+ "atlas": [
73773
+ {
73774
+ "id": "AML.T0010",
73775
+ "name": "ML Supply Chain Compromise",
73776
+ "tactic": "Initial Access"
73777
+ },
73778
+ {
73779
+ "id": "AML.T0016",
73780
+ "name": "Obtain Capabilities: Develop Capabilities",
73781
+ "tactic": "Resource Development"
73782
+ },
73783
+ {
73784
+ "id": "AML.T0017",
73785
+ "name": "Discover ML Model Ontology",
73786
+ "tactic": "Discovery"
73787
+ },
73788
+ {
73789
+ "id": "AML.T0018",
73790
+ "name": "Backdoor ML Model",
73791
+ "tactic": "Persistence"
73792
+ },
73793
+ {
73794
+ "id": "AML.T0020",
73795
+ "name": "Poison Training Data",
73796
+ "tactic": "ML Attack Staging"
73797
+ },
73798
+ {
73799
+ "id": "AML.T0043",
73800
+ "name": "Craft Adversarial Data",
73801
+ "tactic": "ML Attack Staging"
73802
+ },
73803
+ {
73804
+ "id": "AML.T0051",
73805
+ "name": "LLM Prompt Injection",
73806
+ "tactic": "Execution"
73807
+ },
73808
+ {
73809
+ "id": "AML.T0054",
73810
+ "name": "LLM Jailbreak",
73811
+ "tactic": "Defense Evasion"
73812
+ },
73813
+ {
73814
+ "id": "AML.T0096",
73815
+ "name": "AI API as Covert C2 Channel",
73816
+ "tactic": "Command and Control"
73817
+ }
73818
+ ],
73819
+ "d3fend": [
73820
+ {
73821
+ "id": "D3-CSPP",
73822
+ "name": "Client-server Payload Profiling",
73823
+ "tactic": "Detect"
73824
+ },
73825
+ {
73826
+ "id": "D3-IOPR",
73827
+ "name": "Input/Output Profiling Resource",
73828
+ "tactic": "Detect"
73829
+ },
73830
+ {
73831
+ "id": "D3-NTA",
73832
+ "name": "Network Traffic Analysis",
73833
+ "tactic": "Detect"
73834
+ }
73835
+ ],
73836
+ "framework_gaps": [
73837
+ {
73838
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
73839
+ "framework": "ALL",
73840
+ "control_name": "AI Pipeline Integrity"
73841
+ },
73842
+ {
73843
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
73844
+ "framework": "ALL",
73845
+ "control_name": "Prompt Injection as Access Control Failure"
73846
+ },
73847
+ {
73848
+ "id": "CMMC-2.0-Level-2",
73849
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
73850
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
73851
+ },
73852
+ {
73853
+ "id": "FedRAMP-Rev5-Moderate",
73854
+ "framework": "FedRAMP Rev 5 Moderate",
73855
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
73856
+ },
73857
+ {
73858
+ "id": "ISO-27001-2022-A.8.28",
73859
+ "framework": "ISO/IEC 27001:2022",
73860
+ "control_name": "Secure coding"
73861
+ },
73862
+ {
73863
+ "id": "ISO-IEC-23894-2023-clause-7",
73864
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
73865
+ "control_name": "AI risk management process"
73866
+ },
73867
+ {
73868
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
73869
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
73870
+ "control_name": "AI risk assessment"
73871
+ },
73872
+ {
73873
+ "id": "NIST-800-218-SSDF",
73874
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
73875
+ "control_name": "Secure Software Development Framework"
73876
+ },
73877
+ {
73878
+ "id": "NIST-800-53-AC-2",
73879
+ "framework": "NIST SP 800-53 Rev 5",
73880
+ "control_name": "Account Management"
73881
+ },
73882
+ {
73883
+ "id": "NIST-800-53-CM-7",
73884
+ "framework": "NIST SP 800-53 Rev 5",
73885
+ "control_name": "Least Functionality"
73886
+ },
73887
+ {
73888
+ "id": "NIST-800-53-SI-12",
73889
+ "framework": "NIST SP 800-53 Rev 5",
73890
+ "control_name": "Information Management and Retention"
73891
+ },
73892
+ {
73893
+ "id": "NIST-800-53-SI-3",
73894
+ "framework": "NIST SP 800-53 Rev 5",
73895
+ "control_name": "Malicious Code Protection"
73896
+ },
73897
+ {
73898
+ "id": "NIST-AI-RMF-MEASURE-2.5",
73899
+ "framework": "NIST AI RMF 1.0",
73900
+ "control_name": "AI system to human interaction evaluation"
73901
+ },
73902
+ {
73903
+ "id": "OWASP-ASVS-v5.0-V14",
73904
+ "framework": "OWASP ASVS v5.0",
73905
+ "control_name": "Configuration verification"
73906
+ },
73907
+ {
73908
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
73909
+ "framework": "OWASP Top 10 for LLM Applications 2025",
73910
+ "control_name": "Prompt Injection"
73911
+ },
73912
+ {
73913
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
73914
+ "framework": "OWASP Top 10 for LLM Applications 2025",
73915
+ "control_name": "Sensitive Information Disclosure"
73916
+ },
73917
+ {
73918
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
73919
+ "framework": "OWASP Top 10 for LLM Applications 2025",
73920
+ "control_name": "Vector and Embedding Weaknesses"
73921
+ },
73922
+ {
73923
+ "id": "SLSA-v1.0-Build-L3",
73924
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
73925
+ "control_name": "Hardened build platform with non-falsifiable provenance"
73926
+ },
73927
+ {
73928
+ "id": "SOC2-CC6-logical-access",
73929
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
73930
+ "control_name": "Logical and Physical Access Controls"
73931
+ }
73932
+ ],
73933
+ "attack_refs": [
73934
+ "T1059",
73935
+ "T1068",
73936
+ "T1078",
73937
+ "T1190",
73938
+ "T1505",
73939
+ "T1565",
73940
+ "T1566",
73941
+ "T1567",
73942
+ "T1610",
73943
+ "T1611"
73944
+ ],
73945
+ "rfc_refs": [
73946
+ "RFC-6749",
73947
+ "RFC-7519",
73948
+ "RFC-8032",
73949
+ "RFC-8446",
73950
+ "RFC-8725",
73951
+ "RFC-9114",
73952
+ "RFC-9421",
73953
+ "RFC-9700"
73954
+ ]
73955
+ }
73956
+ },
73957
+ "CVE-2026-22219": {
73958
+ "name": "Chainlit /project/element SQLAlchemy-Backend Server-Side Request Forgery",
73959
+ "rwep": 23,
73960
+ "cvss": 8.3,
73961
+ "cisa_kev": false,
73962
+ "epss_score": 0.00052,
73963
+ "referencing_skills": [
73964
+ "ai-attack-surface",
73965
+ "compliance-theater",
73966
+ "ai-c2-detection",
73967
+ "dlp-gap-analysis"
73968
+ ],
73969
+ "chain": {
73970
+ "cwes": [
73971
+ {
73972
+ "id": "CWE-1039",
73973
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
73974
+ "category": "AI/ML"
73975
+ },
73976
+ {
73977
+ "id": "CWE-1426",
73978
+ "name": "Improper Validation of Generative AI Output",
73979
+ "category": "AI/ML"
73980
+ },
73981
+ {
73982
+ "id": "CWE-200",
73983
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
73984
+ "category": "Information Exposure"
73985
+ },
73986
+ {
73987
+ "id": "CWE-94",
73988
+ "name": "Improper Control of Generation of Code (Code Injection)",
73989
+ "category": "Injection"
73990
+ }
73991
+ ],
73992
+ "atlas": [
73993
+ {
73994
+ "id": "AML.T0016",
73995
+ "name": "Obtain Capabilities: Develop Capabilities",
73996
+ "tactic": "Resource Development"
73997
+ },
73998
+ {
73999
+ "id": "AML.T0017",
74000
+ "name": "Discover ML Model Ontology",
74001
+ "tactic": "Discovery"
74002
+ },
74003
+ {
74004
+ "id": "AML.T0018",
74005
+ "name": "Backdoor ML Model",
74006
+ "tactic": "Persistence"
74007
+ },
74008
+ {
74009
+ "id": "AML.T0020",
74010
+ "name": "Poison Training Data",
74011
+ "tactic": "ML Attack Staging"
74012
+ },
74013
+ {
74014
+ "id": "AML.T0043",
74015
+ "name": "Craft Adversarial Data",
74016
+ "tactic": "ML Attack Staging"
74017
+ },
74018
+ {
74019
+ "id": "AML.T0051",
74020
+ "name": "LLM Prompt Injection",
74021
+ "tactic": "Execution"
74022
+ },
74023
+ {
74024
+ "id": "AML.T0054",
74025
+ "name": "LLM Jailbreak",
74026
+ "tactic": "Defense Evasion"
74027
+ },
74028
+ {
74029
+ "id": "AML.T0096",
74030
+ "name": "AI API as Covert C2 Channel",
74031
+ "tactic": "Command and Control"
74032
+ }
74033
+ ],
74034
+ "d3fend": [
74035
+ {
74036
+ "id": "D3-CA",
74037
+ "name": "Certificate Analysis",
74038
+ "tactic": "Detect"
74039
+ },
74040
+ {
74041
+ "id": "D3-CSPP",
74042
+ "name": "Client-server Payload Profiling",
74043
+ "tactic": "Detect"
74044
+ },
74045
+ {
74046
+ "id": "D3-DA",
74047
+ "name": "Domain Analysis",
74048
+ "tactic": "Detect"
74049
+ },
74050
+ {
74051
+ "id": "D3-EAL",
74052
+ "name": "Executable Allowlisting",
74053
+ "tactic": "Harden"
74054
+ },
74055
+ {
74056
+ "id": "D3-IOPR",
74057
+ "name": "Input/Output Profiling Resource",
74058
+ "tactic": "Detect"
74059
+ },
74060
+ {
74061
+ "id": "D3-NI",
74062
+ "name": "Network Isolation",
74063
+ "tactic": "Isolate"
74064
+ },
74065
+ {
74066
+ "id": "D3-NTA",
74067
+ "name": "Network Traffic Analysis",
74068
+ "tactic": "Detect"
74069
+ },
74070
+ {
74071
+ "id": "D3-NTPM",
74072
+ "name": "Network Traffic Policy Mapping",
74073
+ "tactic": "Model"
74074
+ }
74075
+ ],
74076
+ "framework_gaps": [
74077
+ {
74078
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
74079
+ "framework": "ALL",
74080
+ "control_name": "AI Pipeline Integrity"
74081
+ },
74082
+ {
74083
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
74084
+ "framework": "ALL",
74085
+ "control_name": "Prompt Injection as Access Control Failure"
74086
+ },
74087
+ {
74088
+ "id": "CMMC-2.0-Level-2",
74089
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
74090
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
74091
+ },
74092
+ {
74093
+ "id": "FedRAMP-Rev5-Moderate",
74094
+ "framework": "FedRAMP Rev 5 Moderate",
74095
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
74096
+ },
74097
+ {
74098
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
74099
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
74100
+ "control_name": "Access control standard (technical safeguards)"
74101
+ },
74102
+ {
74103
+ "id": "ISO-27001-2022-A.8.16",
74104
+ "framework": "ISO/IEC 27001:2022",
74105
+ "control_name": "Monitoring activities"
74106
+ },
74107
+ {
74108
+ "id": "ISO-27001-2022-A.8.28",
74109
+ "framework": "ISO/IEC 27001:2022",
74110
+ "control_name": "Secure coding"
74111
+ },
74112
+ {
74113
+ "id": "ISO-IEC-23894-2023-clause-7",
74114
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
74115
+ "control_name": "AI risk management process"
74116
+ },
74117
+ {
74118
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
74119
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
74120
+ "control_name": "AI risk assessment"
74121
+ },
74122
+ {
74123
+ "id": "NIST-800-53-AC-2",
74124
+ "framework": "NIST SP 800-53 Rev 5",
74125
+ "control_name": "Account Management"
74126
+ },
74127
+ {
74128
+ "id": "NIST-800-53-SC-28",
74129
+ "framework": "NIST SP 800-53 Rev 5",
74130
+ "control_name": "Protection of Information at Rest"
74131
+ },
74132
+ {
74133
+ "id": "NIST-800-53-SC-7",
74134
+ "framework": "NIST SP 800-53 Rev 5",
74135
+ "control_name": "Boundary Protection"
74136
+ },
74137
+ {
74138
+ "id": "NIST-800-53-SI-3",
74139
+ "framework": "NIST SP 800-53 Rev 5",
74140
+ "control_name": "Malicious Code Protection"
74141
+ },
74142
+ {
74143
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
74144
+ "framework": "OWASP Top 10 for LLM Applications 2025",
74145
+ "control_name": "Prompt Injection"
74146
+ },
74147
+ {
74148
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
74149
+ "framework": "OWASP Top 10 for LLM Applications 2025",
74150
+ "control_name": "Sensitive Information Disclosure"
74151
+ },
74152
+ {
74153
+ "id": "SOC2-CC6-logical-access",
74154
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
74155
+ "control_name": "Logical and Physical Access Controls"
74156
+ },
74157
+ {
74158
+ "id": "SOC2-CC7-anomaly-detection",
74159
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
74160
+ "control_name": "System Operations — Threat and Vulnerability Management"
74161
+ }
74162
+ ],
74163
+ "attack_refs": [
74164
+ "T1041",
74165
+ "T1059",
74166
+ "T1071",
74167
+ "T1102",
74168
+ "T1190",
74169
+ "T1213",
74170
+ "T1530",
74171
+ "T1566",
74172
+ "T1567",
74173
+ "T1568"
74174
+ ],
74175
+ "rfc_refs": [
74176
+ "RFC-8446",
74177
+ "RFC-9000",
74178
+ "RFC-9114",
74179
+ "RFC-9180",
74180
+ "RFC-9421",
74181
+ "RFC-9458"
74182
+ ]
74183
+ }
74184
+ },
73649
74185
  "CWE-20": {
73650
74186
  "name": "Improper Input Validation",
73651
74187
  "category": "Validation",
@@ -73980,6 +74516,7 @@
73980
74516
  "CVE-2025-6965",
73981
74517
  "CVE-2025-8747",
73982
74518
  "CVE-2026-0766",
74519
+ "CVE-2026-22218",
73983
74520
  "CVE-2026-22252",
73984
74521
  "CVE-2026-22688",
73985
74522
  "CVE-2026-24206",
@@ -74212,6 +74749,7 @@
74212
74749
  "CVE-2025-49844",
74213
74750
  "CVE-2025-53773",
74214
74751
  "CVE-2025-6965",
74752
+ "CVE-2026-22218",
74215
74753
  "CVE-2026-30615",
74216
74754
  "CVE-2026-30623",
74217
74755
  "CVE-2026-31229",
@@ -74416,6 +74954,7 @@
74416
74954
  "CVE-2025-6965",
74417
74955
  "CVE-2025-8747",
74418
74956
  "CVE-2026-0766",
74957
+ "CVE-2026-22218",
74419
74958
  "CVE-2026-22252",
74420
74959
  "CVE-2026-22688",
74421
74960
  "CVE-2026-24206",
@@ -74631,6 +75170,7 @@
74631
75170
  "CVE-2025-6965",
74632
75171
  "CVE-2025-8747",
74633
75172
  "CVE-2026-0766",
75173
+ "CVE-2026-22218",
74634
75174
  "CVE-2026-22252",
74635
75175
  "CVE-2026-22688",
74636
75176
  "CVE-2026-24206",
@@ -74860,6 +75400,7 @@
74860
75400
  "CVE-2025-6965",
74861
75401
  "CVE-2025-8747",
74862
75402
  "CVE-2026-0766",
75403
+ "CVE-2026-22218",
74863
75404
  "CVE-2026-22252",
74864
75405
  "CVE-2026-22688",
74865
75406
  "CVE-2026-24206",
@@ -75204,6 +75745,8 @@
75204
75745
  "CVE-2025-6965",
75205
75746
  "CVE-2025-8747",
75206
75747
  "CVE-2026-0766",
75748
+ "CVE-2026-22218",
75749
+ "CVE-2026-22219",
75207
75750
  "CVE-2026-22252",
75208
75751
  "CVE-2026-22688",
75209
75752
  "CVE-2026-22778",
@@ -75969,6 +76512,8 @@
75969
76512
  "CVE-2025-53773",
75970
76513
  "CVE-2025-56520",
75971
76514
  "CVE-2025-6965",
76515
+ "CVE-2026-22218",
76516
+ "CVE-2026-22219",
75972
76517
  "CVE-2026-30615",
75973
76518
  "CVE-2026-30623",
75974
76519
  "CVE-2026-31229",
@@ -76387,6 +76932,7 @@
76387
76932
  "CVE-2025-6965",
76388
76933
  "CVE-2025-8747",
76389
76934
  "CVE-2026-0766",
76935
+ "CVE-2026-22218",
76390
76936
  "CVE-2026-22252",
76391
76937
  "CVE-2026-22688",
76392
76938
  "CVE-2026-24206",
@@ -77041,6 +77587,7 @@
77041
77587
  "CVE-2025-6965",
77042
77588
  "CVE-2025-8747",
77043
77589
  "CVE-2026-0766",
77590
+ "CVE-2026-22218",
77044
77591
  "CVE-2026-22252",
77045
77592
  "CVE-2026-22688",
77046
77593
  "CVE-2026-24206",
@@ -78051,6 +78598,7 @@
78051
78598
  "CVE-2025-6965",
78052
78599
  "CVE-2025-8747",
78053
78600
  "CVE-2026-0766",
78601
+ "CVE-2026-22218",
78054
78602
  "CVE-2026-22252",
78055
78603
  "CVE-2026-22688",
78056
78604
  "CVE-2026-24206",
@@ -79302,6 +79850,7 @@
79302
79850
  "CVE-2025-6965",
79303
79851
  "CVE-2025-8747",
79304
79852
  "CVE-2026-0766",
79853
+ "CVE-2026-22218",
79305
79854
  "CVE-2026-22252",
79306
79855
  "CVE-2026-22688",
79307
79856
  "CVE-2026-24206",
@@ -79747,6 +80296,7 @@
79747
80296
  "CVE-2025-3248",
79748
80297
  "CVE-2025-3466",
79749
80298
  "CVE-2025-6965",
80299
+ "CVE-2026-22218",
79750
80300
  "CVE-2026-30615",
79751
80301
  "CVE-2026-30623",
79752
80302
  "CVE-2026-31229",
@@ -80735,6 +81285,7 @@
80735
81285
  "CVE-2025-6965",
80736
81286
  "CVE-2025-8747",
80737
81287
  "CVE-2026-0766",
81288
+ "CVE-2026-22218",
80738
81289
  "CVE-2026-22252",
80739
81290
  "CVE-2026-22688",
80740
81291
  "CVE-2026-24206",
@@ -81283,6 +81834,7 @@
81283
81834
  "CVE-2026-21525",
81284
81835
  "CVE-2026-21533",
81285
81836
  "CVE-2026-21643",
81837
+ "CVE-2026-22218",
81286
81838
  "CVE-2026-22252",
81287
81839
  "CVE-2026-22688",
81288
81840
  "CVE-2026-22719",
@@ -82040,6 +82592,7 @@
82040
82592
  "CVE-2025-49844",
82041
82593
  "CVE-2025-53773",
82042
82594
  "CVE-2025-6965",
82595
+ "CVE-2026-22218",
82043
82596
  "CVE-2026-30615",
82044
82597
  "CVE-2026-30623",
82045
82598
  "CVE-2026-31229",
@@ -82338,6 +82891,7 @@
82338
82891
  "CVE-2025-3466",
82339
82892
  "CVE-2025-53773",
82340
82893
  "CVE-2025-6965",
82894
+ "CVE-2026-22218",
82341
82895
  "CVE-2026-30615",
82342
82896
  "CVE-2026-30623",
82343
82897
  "CVE-2026-31229",
@@ -82714,6 +83268,7 @@
82714
83268
  "CVE-2025-6965",
82715
83269
  "CVE-2025-8747",
82716
83270
  "CVE-2026-0766",
83271
+ "CVE-2026-22218",
82717
83272
  "CVE-2026-22252",
82718
83273
  "CVE-2026-22688",
82719
83274
  "CVE-2026-24206",
@@ -83078,6 +83633,8 @@
83078
83633
  "CVE-2025-6965",
83079
83634
  "CVE-2025-8747",
83080
83635
  "CVE-2026-0766",
83636
+ "CVE-2026-22218",
83637
+ "CVE-2026-22219",
83081
83638
  "CVE-2026-22252",
83082
83639
  "CVE-2026-22688",
83083
83640
  "CVE-2026-22778",
@@ -83279,6 +83836,7 @@
83279
83836
  "CVE-2025-49844",
83280
83837
  "CVE-2025-53773",
83281
83838
  "CVE-2025-6965",
83839
+ "CVE-2026-22218",
83282
83840
  "CVE-2026-30615",
83283
83841
  "CVE-2026-30623",
83284
83842
  "CVE-2026-31229",
@@ -84053,6 +84611,7 @@
84053
84611
  "CVE-2025-6965",
84054
84612
  "CVE-2025-8747",
84055
84613
  "CVE-2026-0766",
84614
+ "CVE-2026-22218",
84056
84615
  "CVE-2026-22252",
84057
84616
  "CVE-2026-22688",
84058
84617
  "CVE-2026-24206",
@@ -84408,6 +84967,8 @@
84408
84967
  "CVE-2025-6965",
84409
84968
  "CVE-2025-8747",
84410
84969
  "CVE-2026-0766",
84970
+ "CVE-2026-22218",
84971
+ "CVE-2026-22219",
84411
84972
  "CVE-2026-22252",
84412
84973
  "CVE-2026-22688",
84413
84974
  "CVE-2026-22778",