@blamejs/exceptd-skills 0.13.119 → 0.13.120
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +4 -0
- package/data/_indexes/_meta.json +8 -8
- package/data/_indexes/activity-feed.json +2 -2
- package/data/_indexes/catalog-summaries.json +2 -2
- package/data/_indexes/chains.json +16 -0
- package/data/attack-techniques.json +4 -2
- package/data/cve-catalog.json +103 -0
- package/data/cwe-catalog.json +2 -1
- package/data/framework-control-gaps.json +10 -5
- package/data/zeroday-lessons.json +60 -0
- package/manifest.json +44 -44
- package/package.json +1 -1
- package/sbom.cdx.json +22 -22
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,9 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 0.13.120 — 2026-05-26
|
|
4
|
+
|
|
5
|
+
CVE catalog — LangChain JS serialization injection. Adds **CVE-2025-68665**, the JavaScript sibling of the already-catalogued Python-side CVE-2025-68664. LangChain JS's `toJSON()` (and `JSON.stringify` of LangChain objects) did not escape free-form data containing the internal `lc` marker key, so attacker-controlled data carrying that structure is rehydrated as a legitimate LangChain object on deserialization instead of staying plain data (CWE-502; GitHub CNA CVSS v3.1 8.6, scope-changed / NVD 9.1). Fixed in `@langchain/core` 0.3.80 / 1.1.8 and `langchain` 0.3.37 / 1.2.3. Reuses the LLM-output deserialization trust-zone control (NEW-CTRL-064) and AI-tool input-sanitization (NEW-CTRL-005). Scored conservatively below the Python sibling, which additionally carries suspected-exploitation and weaponization signals the JS variant lacks. CVE count 410 → 411.
|
|
6
|
+
|
|
3
7
|
## 0.13.119 — 2026-05-26
|
|
4
8
|
|
|
5
9
|
CVE catalog — Chainlit LLM-app framework. Adds two flaws in the `/project/element` update flow of Chainlit, a widely used open-source framework for conversational-AI / LLM apps. **CVE-2026-22218** (VulnCheck CNA CVSS v4.0 7.1; NVD v3.1 6.5) — a custom element with a caller-supplied `path` is copied into the requesting user's session without validation, so an authenticated client reads arbitrary files on the server host (CWE-22 path traversal); fixed in 2.9.4. Reuses the AI-runtime-API path-traversal validation control (NEW-CTRL-094) shared with the AnythingLLM upload traversal. **CVE-2026-22219** (VulnCheck CNA CVSS v4.0 8.3; NVD v3.1 7.7, scope-changed) — with the SQLAlchemy data-layer backend, a custom element's `url` is fetched server-side and the response stored, so an authenticated client reaches internal services or cloud metadata (CWE-918 SSRF); fixed in 2.9.4. Reuses the AI-data-pipeline import SSRF control (NEW-CTRL-105) shared with the Dify, RAGFlow, and Label Studio data-pipeline SSRFs. CVE count 408 → 410.
|
package/data/_indexes/_meta.json
CHANGED
|
@@ -1,21 +1,21 @@
|
|
|
1
1
|
{
|
|
2
2
|
"schema_version": "1.1.0",
|
|
3
|
-
"generated_at": "2026-05-
|
|
3
|
+
"generated_at": "2026-05-27T02:21:37.099Z",
|
|
4
4
|
"generator": "scripts/build-indexes.js",
|
|
5
5
|
"source_count": 54,
|
|
6
6
|
"source_hashes": {
|
|
7
|
-
"manifest.json": "
|
|
7
|
+
"manifest.json": "6ab635bfaef39a128a874fa2db7853e857c026112aaf030c997d4c1d7e3f3218",
|
|
8
8
|
"data/atlas-ttps.json": "8dca8b3a370632548b3d7f465686ac6b47a26920bf6f618db401e349af2a33e2",
|
|
9
|
-
"data/attack-techniques.json": "
|
|
10
|
-
"data/cve-catalog.json": "
|
|
11
|
-
"data/cwe-catalog.json": "
|
|
9
|
+
"data/attack-techniques.json": "4237fe46b0d8700a90c8a4dabd8753bf54b1752b744b368c4caf76cb960553c8",
|
|
10
|
+
"data/cve-catalog.json": "51ef99a37316f596fa2fcb950405cedd7bf0576302f8c0bcf41535a0e7541369",
|
|
11
|
+
"data/cwe-catalog.json": "686ba057cdca827a6fd4eb1b559cb82fc1c97310f5af63a6adf6f0ac6d87f738",
|
|
12
12
|
"data/d3fend-catalog.json": "9a54bccb9f24f84b32024216cc3f53819a053721ac8ab43c326859e68fc0ffaf",
|
|
13
13
|
"data/dlp-controls.json": "d2406c482dddd30e49203879999dc4b3a7fd4d0494d6a61d86b91ee76415df19",
|
|
14
14
|
"data/exploit-availability.json": "ec2656f0d9a893610e27b43eb6035fe9b18e057c9f6dfaac7e7d4959bbcbb795",
|
|
15
|
-
"data/framework-control-gaps.json": "
|
|
15
|
+
"data/framework-control-gaps.json": "79171be6be0bfcb1e2c7b62b4e142d290579ea593974d67a47796a92d7a2aebf",
|
|
16
16
|
"data/global-frameworks.json": "9ba563a85f7f8d6c3c957de64945e20925a89d0ed6ea6fc561cf093811acf558",
|
|
17
17
|
"data/rfc-references.json": "66ef2e1f444a2cf0c2700a754f0a66030bb8a91d9e68394b9537ea1fe8b904fe",
|
|
18
|
-
"data/zeroday-lessons.json": "
|
|
18
|
+
"data/zeroday-lessons.json": "a270416f6c20f17cd1cdf556622828d8efaf5073c3661c1fae4366949ed7fe27",
|
|
19
19
|
"skills/kernel-lpe-triage/skill.md": "08b3e9815ba481c57c80f5fc0ccbf5bb7cbb41f570c235ba6ff9596b8c07354d",
|
|
20
20
|
"skills/ai-attack-surface/skill.md": "c4c1eb22a38ca7a959b5725222bab8fbd4f4044a548a93f3e288e6f698334b72",
|
|
21
21
|
"skills/mcp-agent-trust/skill.md": "89ac89084391d2341b6513fefb1be2d36b93de1c130f057696219c1c59440f13",
|
|
@@ -72,7 +72,7 @@
|
|
|
72
72
|
"dlp_refs": 0
|
|
73
73
|
},
|
|
74
74
|
"trigger_table_entries": 538,
|
|
75
|
-
"chains_cve_entries":
|
|
75
|
+
"chains_cve_entries": 400,
|
|
76
76
|
"chains_cwe_entries": 172,
|
|
77
77
|
"jurisdictions_indexed": 29,
|
|
78
78
|
"handoff_dag_nodes": 42,
|
|
@@ -149,7 +149,7 @@
|
|
|
149
149
|
"artifact": "data/cve-catalog.json",
|
|
150
150
|
"path": "data/cve-catalog.json",
|
|
151
151
|
"schema_version": "1.0.0",
|
|
152
|
-
"entry_count":
|
|
152
|
+
"entry_count": 411
|
|
153
153
|
},
|
|
154
154
|
{
|
|
155
155
|
"date": "2026-05-18",
|
|
@@ -165,7 +165,7 @@
|
|
|
165
165
|
"artifact": "data/zeroday-lessons.json",
|
|
166
166
|
"path": "data/zeroday-lessons.json",
|
|
167
167
|
"schema_version": "1.1.0",
|
|
168
|
-
"entry_count":
|
|
168
|
+
"entry_count": 406
|
|
169
169
|
},
|
|
170
170
|
{
|
|
171
171
|
"date": "2026-05-17",
|
|
@@ -62,7 +62,7 @@
|
|
|
62
62
|
"rebuild_after_days": 365,
|
|
63
63
|
"note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
|
|
64
64
|
},
|
|
65
|
-
"entry_count":
|
|
65
|
+
"entry_count": 411,
|
|
66
66
|
"sample_keys": [
|
|
67
67
|
"CVE-2025-53773",
|
|
68
68
|
"CVE-2026-30615",
|
|
@@ -238,7 +238,7 @@
|
|
|
238
238
|
"rebuild_after_days": 365,
|
|
239
239
|
"note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
|
|
240
240
|
},
|
|
241
|
-
"entry_count":
|
|
241
|
+
"entry_count": 406,
|
|
242
242
|
"sample_keys": [
|
|
243
243
|
"CVE-2026-31431",
|
|
244
244
|
"CVE-2025-53773",
|
|
@@ -74182,6 +74182,22 @@
|
|
|
74182
74182
|
]
|
|
74183
74183
|
}
|
|
74184
74184
|
},
|
|
74185
|
+
"CVE-2025-68665": {
|
|
74186
|
+
"name": "LangChain JS toJSON() 'lc'-Key Serialization Injection",
|
|
74187
|
+
"rwep": 25,
|
|
74188
|
+
"cvss": 8.6,
|
|
74189
|
+
"cisa_kev": false,
|
|
74190
|
+
"epss_score": 0.00066,
|
|
74191
|
+
"referencing_skills": [],
|
|
74192
|
+
"chain": {
|
|
74193
|
+
"cwes": [],
|
|
74194
|
+
"atlas": [],
|
|
74195
|
+
"d3fend": [],
|
|
74196
|
+
"framework_gaps": [],
|
|
74197
|
+
"attack_refs": [],
|
|
74198
|
+
"rfc_refs": []
|
|
74199
|
+
}
|
|
74200
|
+
},
|
|
74185
74201
|
"CWE-20": {
|
|
74186
74202
|
"name": "Improper Input Validation",
|
|
74187
74203
|
"category": "Validation",
|
|
@@ -341,7 +341,8 @@
|
|
|
341
341
|
"CVE-2026-39987",
|
|
342
342
|
"CVE-2026-40933",
|
|
343
343
|
"CVE-2026-45829",
|
|
344
|
-
"CVE-2026-6973"
|
|
344
|
+
"CVE-2026-6973",
|
|
345
|
+
"CVE-2025-68665"
|
|
345
346
|
],
|
|
346
347
|
"description_full": "Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries. These interfaces and languages provide ways of interacting with computer systems and are a common feature across many different platforms. Most systems come with some built-in command-line interface and scripting capabilities, for example, macOS and Linux distributions include some flavor of [Unix Shell](https://attack.mitre.org/techniques/T1059/004) while Windows installations include the [Windows Command Shell](https://attack.mitre.org/techniques/T1059/003) and [PowerShell](https://attack.mitre.org/techniques/T1059/001). There are also cross-platform interpreters such as [Python](https://attack.mitre.org/techniques/T1059/006), as well as those commonly associated with client applications such as [JavaScript](https://attack.mitre.org/techniques/T1059/007) and [Visual Basic](https://attack.mitre.org/techniques/T1059/005). Adversaries may abuse these technologies in various ways as a means of executing arbitrary commands. Commands and scripts can be embedded in [Initial Access](https://attack.mitre.org/tactics/TA0001) payloads delivered to victims as lure documents or as secondary payloads downloaded from an existing C2. Adversaries may also execute commands through interactive terminals/shells, as well as utilize various [Remote Services](https://attack.mitre.org/techniques/T1021) in order to achieve remote Execution.(Citation: Powershell Remote Commands)(Citation: Cisco IOS Software Integrity Assurance - Command History)(Citation: Remote Shell Execution in Python)",
|
|
347
348
|
"platforms": [
|
|
@@ -1586,7 +1587,8 @@
|
|
|
1586
1587
|
"MAL-2025-PYPI-COLORAMA-SOLANA-STEALER",
|
|
1587
1588
|
"MAL-2026-RUBYGEMS-BUFFERZONECORP-SLEEPER",
|
|
1588
1589
|
"CVE-2024-12450",
|
|
1589
|
-
"CVE-2026-22219"
|
|
1590
|
+
"CVE-2026-22219",
|
|
1591
|
+
"CVE-2025-68665"
|
|
1590
1592
|
],
|
|
1591
1593
|
"description_full": "Adversaries may search compromised systems to find and obtain insecurely stored credentials. These credentials can be stored and/or misplaced in many locations on a system, including plaintext files (e.g. [Shell History](https://attack.mitre.org/techniques/T1552/003)), operating system or application-specific repositories (e.g. [Credentials in Registry](https://attack.mitre.org/techniques/T1552/002)), or other specialized files/artifacts (e.g. [Private Keys](https://attack.mitre.org/techniques/T1552/004)).(Citation: Brining MimiKatz to Unix)",
|
|
1592
1594
|
"platforms": [
|
package/data/cve-catalog.json
CHANGED
|
@@ -39541,5 +39541,108 @@
|
|
|
39541
39541
|
"_auto_imported": false,
|
|
39542
39542
|
"_intake_method": "manual-verified-curation",
|
|
39543
39543
|
"_kev_short_description": "Chainlit /project/element (SQLAlchemy backend) fetches a caller-supplied url server-side and stores the response, letting an authenticated client reach internal services (CWE-918 SSRF); fixed in 2.9.4."
|
|
39544
|
+
},
|
|
39545
|
+
"CVE-2025-68665": {
|
|
39546
|
+
"name": "LangChain JS toJSON() 'lc'-Key Serialization Injection",
|
|
39547
|
+
"type": "deserialization-injection",
|
|
39548
|
+
"cvss_score": 8.6,
|
|
39549
|
+
"cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
|
|
39550
|
+
"cvss_note": "GitHub (CNA, security-advisories@github.com) CVSS v3.1 base 8.6 (scope-changed, S:C); NVD v3.1 base 9.1. LangChain JS's toJSON() (and JSON.stringify of LangChain objects) did not escape free-form kwargs data containing the internal 'lc' marker key, so attacker-controlled data carrying that key structure is treated as a legitimate serialized LangChain object on deserialization rather than plain user data (CWE-502). This is the LangChain-JS sibling of the Python-side CVE-2025-68664 dumps()/dumpd() injection.",
|
|
39551
|
+
"cisa_kev": false,
|
|
39552
|
+
"poc_available": true,
|
|
39553
|
+
"poc_description": "Documented in the LangChain JS advisory: free-form data with an 'lc' key passed through toJSON()/JSON.stringify is rehydrated as a framework object on load.",
|
|
39554
|
+
"ai_discovered": false,
|
|
39555
|
+
"ai_discovery_source": "human_researcher",
|
|
39556
|
+
"ai_discovery_notes": "Disclosed via the LangChain JS GitHub Security Advisory and enriched by NVD. The abused surface is LangChain JS, a widely used framework for building LLM-powered applications.",
|
|
39557
|
+
"ai_assisted_weaponization": false,
|
|
39558
|
+
"ai_assisted_notes": "No AI-assisted weaponization evidence for the JS variant specifically; the flaw is unescaped framework-marker serialization in an LLM framework. (The Python sibling CVE-2025-68664 carries suspected-exploitation + weaponization signals; this JS entry is scored conservatively per the available evidence.)",
|
|
39559
|
+
"active_exploitation": "none",
|
|
39560
|
+
"active_exploitation_notes": "GitHub advisory disclosure with a coordinated fix; no confirmed in-the-wild exploitation reported for the JS variant as of curation, and the CVE is not in CISA KEV (verified against the live catalog).",
|
|
39561
|
+
"affected": "LangChain JS: @langchain/core before 0.3.80 and before 1.1.8; langchain before 0.3.37 and before 1.2.3.",
|
|
39562
|
+
"affected_versions": [
|
|
39563
|
+
"@langchain/core < 0.3.80",
|
|
39564
|
+
"@langchain/core < 1.1.8",
|
|
39565
|
+
"langchain < 0.3.37",
|
|
39566
|
+
"langchain < 1.2.3"
|
|
39567
|
+
],
|
|
39568
|
+
"vector": "LangChain JS's toJSON() method (and downstream JSON.stringify of LangChain objects) did not escape free-form kwargs data containing the 'lc' marker key that LangChain uses internally to mark serialized objects, so user-controlled data carrying that structure is rehydrated as a legitimate LangChain object during deserialization instead of being kept as plain data (CWE-502 deserialization of untrusted data).",
|
|
39569
|
+
"complexity": "low",
|
|
39570
|
+
"complexity_notes": "GitHub v3.1 AV:N / AC:L / PR:N / UI:N, scope-changed (S:C).",
|
|
39571
|
+
"patch_available": true,
|
|
39572
|
+
"patch_required_reboot": false,
|
|
39573
|
+
"live_patch_available": false,
|
|
39574
|
+
"live_patch_tools": [],
|
|
39575
|
+
"live_patch_notes": "Remediation is upgrading @langchain/core to 0.3.80 or 1.1.8+ and langchain to 0.3.37 or 1.2.3+; redeploy.",
|
|
39576
|
+
"vendor_update_paths": [
|
|
39577
|
+
"Upgrade @langchain/core to 0.3.80 / 1.1.8 (or later) and langchain to 0.3.37 / 1.2.3 (or later). Never round-trip untrusted free-form data through framework serializers that interpret internal marker keys; escape or reject the 'lc' marker in user-derived fields."
|
|
39578
|
+
],
|
|
39579
|
+
"framework_control_gaps": {
|
|
39580
|
+
"NIST-AI-RMF-MEASURE-2.7": "Serialization round-trip of untrusted free-form data through a framework marker is not in the published AI-risk taxonomy.",
|
|
39581
|
+
"EU-AI-Act-Art15": "Robustness control does not enumerate the serialization-deserialization chain in an LLM framework as an attack surface.",
|
|
39582
|
+
"ISO-IEC-42001-AIMS-A.6.2.5": "Lifecycle controls do not include trust-zone separation on LLM-framework (de)serialization.",
|
|
39583
|
+
"OWASP-LLM-Top-10-LLM01": "Prompt Injection class — untrusted content reaching the serializer is the upstream trigger.",
|
|
39584
|
+
"OWASP-LLM-Top-10-LLM02": "Insecure output handling — applies directly to rehydrating attacker data as a framework object."
|
|
39585
|
+
},
|
|
39586
|
+
"atlas_refs": [
|
|
39587
|
+
"AML.T0051",
|
|
39588
|
+
"AML.T0040"
|
|
39589
|
+
],
|
|
39590
|
+
"attack_refs": [
|
|
39591
|
+
"T1059",
|
|
39592
|
+
"T1552"
|
|
39593
|
+
],
|
|
39594
|
+
"rwep_score": 25,
|
|
39595
|
+
"rwep_factors": {
|
|
39596
|
+
"cisa_kev": 0,
|
|
39597
|
+
"poc_available": 20,
|
|
39598
|
+
"ai_factor": 0,
|
|
39599
|
+
"active_exploitation": 0,
|
|
39600
|
+
"blast_radius": 20,
|
|
39601
|
+
"patch_available": -15,
|
|
39602
|
+
"live_patch_available": 0,
|
|
39603
|
+
"reboot_required": 0
|
|
39604
|
+
},
|
|
39605
|
+
"rwep_notes": "Moderate-high (RWEP 25, \"patch within 30 days\" band per lib/scoring.js). Not KEV (verified), no confirmed in-the-wild exploitation for the JS variant, patched (Hard Rule #3): poc_available=20 + blast_radius=20 (unauthenticated scope-changed deserialization injection in a widely used LLM framework), minus patch_available 15. Scored below its Python sibling CVE-2025-68664 (RWEP 52), which additionally carries suspected-exploitation + weaponization signals.",
|
|
39606
|
+
"epss_score": 0.00066,
|
|
39607
|
+
"epss_date": "2026-05-26",
|
|
39608
|
+
"epss_note": "FIRST EPSS 0.00066 (20th percentile) as of 2026-05-26.",
|
|
39609
|
+
"epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2025-68665",
|
|
39610
|
+
"cwe_refs": [
|
|
39611
|
+
"CWE-502"
|
|
39612
|
+
],
|
|
39613
|
+
"iocs": {
|
|
39614
|
+
"behavioral": [
|
|
39615
|
+
"LangChain JS applications round-tripping user-controlled free-form data through toJSON() / JSON.stringify where the data contains an 'lc' key.",
|
|
39616
|
+
"Deserialized LangChain objects instantiated from fields that should have been plain user data.",
|
|
39617
|
+
"@langchain/core < 0.3.80 / < 1.1.8 or langchain < 0.3.37 / < 1.2.3 handling untrusted serialized input — the exposed precondition."
|
|
39618
|
+
],
|
|
39619
|
+
"_ioc_source_note": "Behavioral signatures anchored to the LangChain JS GitHub Security Advisory and NVD CVE-2025-68665 (CWE-502)."
|
|
39620
|
+
},
|
|
39621
|
+
"source_verified": "2026-05-26",
|
|
39622
|
+
"verification_sources": [
|
|
39623
|
+
"https://nvd.nist.gov/vuln/detail/CVE-2025-68665",
|
|
39624
|
+
"https://github.com/langchain-ai/langchainjs/releases/tag/%40langchain%2Fcore%401.1.8"
|
|
39625
|
+
],
|
|
39626
|
+
"vendor_advisories": [
|
|
39627
|
+
{
|
|
39628
|
+
"vendor": "GitHub Security Advisory",
|
|
39629
|
+
"advisory_id": "CVE-2025-68665",
|
|
39630
|
+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68665",
|
|
39631
|
+
"severity": "high",
|
|
39632
|
+
"published_date": "2025-12-23"
|
|
39633
|
+
},
|
|
39634
|
+
{
|
|
39635
|
+
"vendor": "NVD",
|
|
39636
|
+
"advisory_id": "CVE-2025-68665",
|
|
39637
|
+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68665",
|
|
39638
|
+
"severity": "critical",
|
|
39639
|
+
"published_date": "2025-12-23"
|
|
39640
|
+
}
|
|
39641
|
+
],
|
|
39642
|
+
"last_updated": "2026-05-26",
|
|
39643
|
+
"discovery_attribution_note": "Manually curated from NVD CVE-2025-68665 (CWE-502) + the LangChain JS GitHub Security Advisory (CNA, CVSS v3.1 8.6). LangChain-JS toJSON() serialization injection — the JavaScript sibling of the Python-side CVE-2025-68664; reuses the LLM-output deserialization trust-zone control NEW-CTRL-064 + AI-tool input-sanitization NEW-CTRL-005.",
|
|
39644
|
+
"_auto_imported": false,
|
|
39645
|
+
"_intake_method": "manual-verified-curation",
|
|
39646
|
+
"_kev_short_description": "LangChain JS toJSON() did not escape the internal 'lc' marker in free-form data, so attacker data is rehydrated as a framework object on deserialization (CWE-502); fixed in @langchain/core 1.1.8 / langchain 1.2.3."
|
|
39544
39647
|
}
|
|
39545
39648
|
}
|
package/data/cwe-catalog.json
CHANGED
|
@@ -6284,7 +6284,8 @@
|
|
|
6284
6284
|
"CVE-2023-43472",
|
|
6285
6285
|
"CVE-2025-55319",
|
|
6286
6286
|
"CVE-2025-68664",
|
|
6287
|
-
"CVE-2026-30623"
|
|
6287
|
+
"CVE-2026-30623",
|
|
6288
|
+
"CVE-2025-68665"
|
|
6288
6289
|
],
|
|
6289
6290
|
"atlas_refs": [
|
|
6290
6291
|
"AML.T0010",
|
|
@@ -6591,7 +6592,8 @@
|
|
|
6591
6592
|
"CVE-2025-68664",
|
|
6592
6593
|
"CVE-2025-6965",
|
|
6593
6594
|
"CVE-2026-22778",
|
|
6594
|
-
"MAL-2025-AI-FOUND-FFMPEG-BIGSLEEP"
|
|
6595
|
+
"MAL-2025-AI-FOUND-FFMPEG-BIGSLEEP",
|
|
6596
|
+
"CVE-2025-68665"
|
|
6595
6597
|
],
|
|
6596
6598
|
"theater_test": {
|
|
6597
6599
|
"claim": "We are compliant with Art-15 (Accuracy, robustness, and cybersecurity of high-risk AI systems) because we follow the documented requirement: Article 15 — high-risk AI systems must be designed and developed so as to achieve an appropriate level of accuracy, robustness, and cybersecurity throughout their lifecycle. Anchored on the assumption",
|
|
@@ -7082,7 +7084,8 @@
|
|
|
7082
7084
|
"evidence_cves": [
|
|
7083
7085
|
"CVE-2025-10725",
|
|
7084
7086
|
"CVE-2025-55319",
|
|
7085
|
-
"CVE-2025-68664"
|
|
7087
|
+
"CVE-2025-68664",
|
|
7088
|
+
"CVE-2025-68665"
|
|
7086
7089
|
],
|
|
7087
7090
|
"theater_test": {
|
|
7088
7091
|
"claim": "We are compliant with Annex A.6.2.5 (AI system lifecycle — verification and validation) because we follow the documented requirement: Annex A.6.2.5 — verification and validation across the AI system lifecycle, ensuring intended behaviour is preserved across design, training, deployment, and operations. Anchored on lifecycle-stage ga",
|
|
@@ -7111,7 +7114,8 @@
|
|
|
7111
7114
|
"opened_at": "2026-05-18",
|
|
7112
7115
|
"evidence_cves": [
|
|
7113
7116
|
"CVE-2025-55319",
|
|
7114
|
-
"CVE-2025-68664"
|
|
7117
|
+
"CVE-2025-68664",
|
|
7118
|
+
"CVE-2025-68665"
|
|
7115
7119
|
],
|
|
7116
7120
|
"theater_test": {
|
|
7117
7121
|
"claim": "We are compliant with LLM01 (Prompt Injection (2023 edition)) because we follow the documented requirement: LLM01:2023 — preventing prompt injection where user-controlled input or third-party content overrides the developer's instructions to the LLM. Anchored on input-sanitisation, prompt-template hardening",
|
|
@@ -7139,7 +7143,8 @@
|
|
|
7139
7143
|
"status": "open",
|
|
7140
7144
|
"opened_at": "2026-05-18",
|
|
7141
7145
|
"evidence_cves": [
|
|
7142
|
-
"CVE-2025-68664"
|
|
7146
|
+
"CVE-2025-68664",
|
|
7147
|
+
"CVE-2025-68665"
|
|
7143
7148
|
],
|
|
7144
7149
|
"theater_test": {
|
|
7145
7150
|
"claim": "We are compliant with LLM02 (Insecure Output Handling (2023 edition)) because we follow the documented requirement: LLM02:2023 — preventing downstream systems from blindly trusting LLM output where it can produce XSS, SSRF, privilege escalation, or remote code execution. Anchored on treating LLM output as untrusted",
|
|
@@ -17236,5 +17236,65 @@
|
|
|
17236
17236
|
],
|
|
17237
17237
|
"_auto_imported": false,
|
|
17238
17238
|
"_intake_method": "manual-verified-curation"
|
|
17239
|
+
},
|
|
17240
|
+
"CVE-2025-68665": {
|
|
17241
|
+
"name": "LangChain JS toJSON() 'lc'-Key Serialization Injection",
|
|
17242
|
+
"lesson_date": "2026-05-26",
|
|
17243
|
+
"attack_vector": {
|
|
17244
|
+
"description": "LangChain JS's toJSON() did not escape free-form data carrying the internal 'lc' marker key, so attacker-controlled data is rehydrated as a legitimate framework object on deserialization.",
|
|
17245
|
+
"privileges_required": "none (untrusted serialized input)",
|
|
17246
|
+
"complexity": "low",
|
|
17247
|
+
"ai_factor": "The abused surface is LangChain JS, an LLM-application framework. The lesson: LLM frameworks must treat (de)serialization of untrusted free-form data as a trust boundary and refuse to rehydrate framework-internal object markers from user-derived fields."
|
|
17248
|
+
},
|
|
17249
|
+
"framework_coverage": {
|
|
17250
|
+
"NIST-AI-RMF-MEASURE-2.7": {
|
|
17251
|
+
"covered": true,
|
|
17252
|
+
"adequate": false,
|
|
17253
|
+
"gap": "Serialization round-trip of untrusted data through a framework marker is not in the AI-risk taxonomy."
|
|
17254
|
+
},
|
|
17255
|
+
"OWASP-LLM-Top-10-LLM02": {
|
|
17256
|
+
"covered": true,
|
|
17257
|
+
"adequate": false,
|
|
17258
|
+
"gap": "Insecure output handling — rehydrating attacker data as a framework object."
|
|
17259
|
+
},
|
|
17260
|
+
"ALL-AI-PIPELINE-INTEGRITY": {
|
|
17261
|
+
"covered": false,
|
|
17262
|
+
"adequate": false,
|
|
17263
|
+
"gap": "No framework treats an LLM framework's (de)serialization of untrusted data as an integrity trust zone."
|
|
17264
|
+
}
|
|
17265
|
+
},
|
|
17266
|
+
"compliance_exposure_score": {
|
|
17267
|
+
"percent_audit_passing_orgs_still_exposed": 81,
|
|
17268
|
+
"basis": "LLM frameworks serialize free-form data through internal markers; trust-zone separation on (de)serialization is rarely audited.",
|
|
17269
|
+
"theater_pattern": "ai_supply_chain_trust"
|
|
17270
|
+
},
|
|
17271
|
+
"ai_discovered_zeroday": false,
|
|
17272
|
+
"ai_discovery_source": "human_researcher",
|
|
17273
|
+
"ai_assist_factor": "none",
|
|
17274
|
+
"new_control_requirements": [
|
|
17275
|
+
{
|
|
17276
|
+
"id": "NEW-CTRL-064",
|
|
17277
|
+
"name": "LLM-OUTPUT-DESERIALIZATION-TRUST-ZONE",
|
|
17278
|
+
"description": "LLM responses and untrusted free-form data must cross a serialisation trust boundary; frameworks must refuse to rehydrate framework-internal object markers (e.g. LangChain's 'lc' key) from user-derived fields.",
|
|
17279
|
+
"evidence": "CVE-2025-68665 — LangChain JS toJSON()/JSON.stringify did not escape the 'lc' marker in attacker-controlled free-form data.",
|
|
17280
|
+
"gap_closes": [
|
|
17281
|
+
"NIST-AI-RMF-MEASURE-2.7",
|
|
17282
|
+
"EU-AI-Act-Art15",
|
|
17283
|
+
"ISO-IEC-42001-AIMS-A.6.2.5",
|
|
17284
|
+
"OWASP-LLM-Top-10-LLM02"
|
|
17285
|
+
]
|
|
17286
|
+
},
|
|
17287
|
+
{
|
|
17288
|
+
"id": "NEW-CTRL-005",
|
|
17289
|
+
"name": "AI-TOOL-INPUT-SANITIZATION",
|
|
17290
|
+
"description": "External-source content reaching the LLM / framework serializer must be treated as adversarial; pairs with NEW-CTRL-064 on the output side.",
|
|
17291
|
+
"evidence": "CVE-2025-68665 — untrusted free-form data is the trigger; the (de)serialization trust zone is the closure.",
|
|
17292
|
+
"gap_closes": [
|
|
17293
|
+
"OWASP-LLM-Top-10-LLM01"
|
|
17294
|
+
]
|
|
17295
|
+
}
|
|
17296
|
+
],
|
|
17297
|
+
"_auto_imported": false,
|
|
17298
|
+
"_intake_method": "manual-verified-curation"
|
|
17239
17299
|
}
|
|
17240
17300
|
}
|
package/manifest.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "exceptd-security",
|
|
3
|
-
"version": "0.13.
|
|
3
|
+
"version": "0.13.120",
|
|
4
4
|
"description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation",
|
|
5
5
|
"homepage": "https://exceptd.com",
|
|
6
6
|
"license": "Apache-2.0",
|
|
@@ -53,7 +53,7 @@
|
|
|
53
53
|
],
|
|
54
54
|
"last_threat_review": "2026-05-15",
|
|
55
55
|
"signature": "lXhZgoIrrVloO3XaTvo/43AxZn4mwErstd7DR0O/oVhD3AOGODM4HqrageYEou9WKOdMEGP5mJNTjJsXdP5NDA==",
|
|
56
|
-
"signed_at": "2026-05-
|
|
56
|
+
"signed_at": "2026-05-27T02:18:52.702Z",
|
|
57
57
|
"cwe_refs": [
|
|
58
58
|
"CWE-125",
|
|
59
59
|
"CWE-362",
|
|
@@ -123,7 +123,7 @@
|
|
|
123
123
|
],
|
|
124
124
|
"last_threat_review": "2026-05-17",
|
|
125
125
|
"signature": "ztSKk/zFMFbT12qRcEeBKpydBn7fTT86KxMmor0DTCoKQWk5fJ0fSInfP1XMSB6rFk4/SuSjKVxQRMKVJ5a+Cg==",
|
|
126
|
-
"signed_at": "2026-05-
|
|
126
|
+
"signed_at": "2026-05-27T02:18:52.704Z",
|
|
127
127
|
"cwe_refs": [
|
|
128
128
|
"CWE-1039",
|
|
129
129
|
"CWE-1426",
|
|
@@ -196,7 +196,7 @@
|
|
|
196
196
|
],
|
|
197
197
|
"last_threat_review": "2026-05-17",
|
|
198
198
|
"signature": "K6QdPHNK5c4K5QFjrW0QsUhjp71D7SOisSoulwPNSvKRdi2rY+yg0kdckijBMkLMsVPyUvcC9giu93mKJ1OZDg==",
|
|
199
|
-
"signed_at": "2026-05-
|
|
199
|
+
"signed_at": "2026-05-27T02:18:52.705Z",
|
|
200
200
|
"cwe_refs": [
|
|
201
201
|
"CWE-22",
|
|
202
202
|
"CWE-345",
|
|
@@ -248,7 +248,7 @@
|
|
|
248
248
|
"framework_gaps": [],
|
|
249
249
|
"last_threat_review": "2026-05-22",
|
|
250
250
|
"signature": "Qd3SBWmUAaaT++e1Ry2wBIz/dCBmNBMl0+4Rb0etvJLES0fIBEAkU1mTbgNZnT5XOg9J5twdUpymWtmKnDDQCQ==",
|
|
251
|
-
"signed_at": "2026-05-
|
|
251
|
+
"signed_at": "2026-05-27T02:18:52.705Z"
|
|
252
252
|
},
|
|
253
253
|
{
|
|
254
254
|
"name": "compliance-theater",
|
|
@@ -279,7 +279,7 @@
|
|
|
279
279
|
],
|
|
280
280
|
"last_threat_review": "2026-05-22",
|
|
281
281
|
"signature": "F2Shxae0ua0gPtvwzTRVzzHaIgJcFDRT3/akLUAZ4aaMQhkleKkcTaTpkjp+pTVEdPfLeLGNCeAOMs+whVYOBg==",
|
|
282
|
-
"signed_at": "2026-05-
|
|
282
|
+
"signed_at": "2026-05-27T02:18:52.705Z"
|
|
283
283
|
},
|
|
284
284
|
{
|
|
285
285
|
"name": "exploit-scoring",
|
|
@@ -308,7 +308,7 @@
|
|
|
308
308
|
],
|
|
309
309
|
"last_threat_review": "2026-05-18",
|
|
310
310
|
"signature": "NA1hoQycvQhSUoG5rwlXX0mOVmGxoXRVezkELGEA2nZOdGis4gXkHT3O6Sfw7zxE4JuMrsCb65TEeOWk9WEPDg==",
|
|
311
|
-
"signed_at": "2026-05-
|
|
311
|
+
"signed_at": "2026-05-27T02:18:52.706Z"
|
|
312
312
|
},
|
|
313
313
|
{
|
|
314
314
|
"name": "rag-pipeline-security",
|
|
@@ -345,7 +345,7 @@
|
|
|
345
345
|
],
|
|
346
346
|
"last_threat_review": "2026-05-22",
|
|
347
347
|
"signature": "W3pS8lnaCP96TQzsJpG5d5yv5IwgaQyS4Z2Ctcz5BOJf6LbajSIgeDgTZ4f4Bhr5m4E7KsgWGjZS4x7Fwd33BQ==",
|
|
348
|
-
"signed_at": "2026-05-
|
|
348
|
+
"signed_at": "2026-05-27T02:18:52.707Z",
|
|
349
349
|
"cwe_refs": [
|
|
350
350
|
"CWE-1395",
|
|
351
351
|
"CWE-1426"
|
|
@@ -405,7 +405,7 @@
|
|
|
405
405
|
],
|
|
406
406
|
"last_threat_review": "2026-05-17",
|
|
407
407
|
"signature": "/WDGygh1Ck4yWlBWDGtEUVCqKB8d+UaJXoAoBXujtt+GAl8JbMNpaN1TvI0WkEltQ9dTxaAzSn20/eVDqv8iDQ==",
|
|
408
|
-
"signed_at": "2026-05-
|
|
408
|
+
"signed_at": "2026-05-27T02:18:52.707Z",
|
|
409
409
|
"d3fend_refs": [
|
|
410
410
|
"D3-CA",
|
|
411
411
|
"D3-CSPP",
|
|
@@ -440,7 +440,7 @@
|
|
|
440
440
|
"framework_gaps": [],
|
|
441
441
|
"last_threat_review": "2026-05-22",
|
|
442
442
|
"signature": "za1NKBpy9LC91F/ESO/qhUfmvVr8GNItQOjR5OJLeHm+2dQ9HHiFWQK2eo53V/n/0uhubuggURA3yS6kJuWwBg==",
|
|
443
|
-
"signed_at": "2026-05-
|
|
443
|
+
"signed_at": "2026-05-27T02:18:52.707Z",
|
|
444
444
|
"cwe_refs": [
|
|
445
445
|
"CWE-1188"
|
|
446
446
|
],
|
|
@@ -474,7 +474,7 @@
|
|
|
474
474
|
"framework_gaps": [],
|
|
475
475
|
"last_threat_review": "2026-05-18",
|
|
476
476
|
"signature": "xiHAhhdufm9hCKU8PLiPE0MX65ej2F4OZwtlWLGLCiie9/km+Kiqbt192LcMvr94v83C98pb9wIaqFsFWft6AQ==",
|
|
477
|
-
"signed_at": "2026-05-
|
|
477
|
+
"signed_at": "2026-05-27T02:18:52.708Z",
|
|
478
478
|
"forward_watch": [
|
|
479
479
|
"New AI attack classes as ATLAS v6 publishes",
|
|
480
480
|
"Post-quantum adversary capability timeline",
|
|
@@ -513,7 +513,7 @@
|
|
|
513
513
|
"framework_gaps": [],
|
|
514
514
|
"last_threat_review": "2026-05-01",
|
|
515
515
|
"signature": "oYsSk35N2Uzq7MRofACykylcVwkgPhI4luWZ14vmQT+gUKLyZiKVOUJbe1+7lGl6BYPRN0sUDQ0f7S5Eu5w2Ag==",
|
|
516
|
-
"signed_at": "2026-05-
|
|
516
|
+
"signed_at": "2026-05-27T02:18:52.708Z"
|
|
517
517
|
},
|
|
518
518
|
{
|
|
519
519
|
"name": "zeroday-gap-learn",
|
|
@@ -540,7 +540,7 @@
|
|
|
540
540
|
"framework_gaps": [],
|
|
541
541
|
"last_threat_review": "2026-05-18",
|
|
542
542
|
"signature": "igRqYyU1unRFH40BsPyAR62SPrk8QZv8dPGb8S9O9EvLCNOZAzm3t+HdT/NKqzWHwrpomOzkkkyLfYI/0qTUDA==",
|
|
543
|
-
"signed_at": "2026-05-
|
|
543
|
+
"signed_at": "2026-05-27T02:18:52.708Z",
|
|
544
544
|
"forward_watch": [
|
|
545
545
|
"New CISA KEV entries",
|
|
546
546
|
"New ATLAS TTP additions in each ATLAS release",
|
|
@@ -604,7 +604,7 @@
|
|
|
604
604
|
],
|
|
605
605
|
"last_threat_review": "2026-05-22",
|
|
606
606
|
"signature": "i/17u4kJiSpcZAz7LnTyRePFugQOstQ1P4kVoe0oGf4E2/j8oIN9U9DccjUn/YHZhKWIJ2AILG/DMhvMrr3bBg==",
|
|
607
|
-
"signed_at": "2026-05-
|
|
607
|
+
"signed_at": "2026-05-27T02:18:52.709Z",
|
|
608
608
|
"cwe_refs": [
|
|
609
609
|
"CWE-327"
|
|
610
610
|
],
|
|
@@ -652,7 +652,7 @@
|
|
|
652
652
|
],
|
|
653
653
|
"last_threat_review": "2026-05-22",
|
|
654
654
|
"signature": "QuOVaQ4E2Sl39TClbhZ7HA9XrYAyRrDL44HY3RTE7aWLue0hV2cxaBt40ALGmHS++631QGFDlZTLZI77Tr6nAA==",
|
|
655
|
-
"signed_at": "2026-05-
|
|
655
|
+
"signed_at": "2026-05-27T02:18:52.709Z"
|
|
656
656
|
},
|
|
657
657
|
{
|
|
658
658
|
"name": "security-maturity-tiers",
|
|
@@ -689,7 +689,7 @@
|
|
|
689
689
|
],
|
|
690
690
|
"last_threat_review": "2026-05-01",
|
|
691
691
|
"signature": "8Px1s2lDj10/Q6erwEQlXgUHM1+OTruUR8qAHPX7Oo3k/l69N6P9sm0PsafS9wDFtj9l5C/OiLiFgzMlMt6vBw==",
|
|
692
|
-
"signed_at": "2026-05-
|
|
692
|
+
"signed_at": "2026-05-27T02:18:52.709Z",
|
|
693
693
|
"cwe_refs": [
|
|
694
694
|
"CWE-1188"
|
|
695
695
|
]
|
|
@@ -724,7 +724,7 @@
|
|
|
724
724
|
"framework_gaps": [],
|
|
725
725
|
"last_threat_review": "2026-05-11",
|
|
726
726
|
"signature": "urRcataVWg6/utyEkSiOWoNxTL8sABRjPR7ShyDfZGnAozFph/yDktSoaPVxQDXwu9EfJE+qhUW5OYR/yJECBQ==",
|
|
727
|
-
"signed_at": "2026-05-
|
|
727
|
+
"signed_at": "2026-05-27T02:18:52.710Z"
|
|
728
728
|
},
|
|
729
729
|
{
|
|
730
730
|
"name": "attack-surface-pentest",
|
|
@@ -796,7 +796,7 @@
|
|
|
796
796
|
"Pwn2Own Berlin 2026 (disclosed 2026-05-14, embargo ends 2026-08-12) — Microsoft Edge 4-bug sandbox escape by Orange Tsai (DEVCORE); forward-watch only (browser sandbox, out of current playbook scope); track Microsoft Edge security advisory and KEV add"
|
|
797
797
|
],
|
|
798
798
|
"signature": "C7lv65/Ecm8JJgSKxrX5lxx0YFzKWtrIQSKp+vy50I5e8945s1JmifGUUrnQwRQhq/Pkv7EmfiH5XSO8h75bDg==",
|
|
799
|
-
"signed_at": "2026-05-
|
|
799
|
+
"signed_at": "2026-05-27T02:18:52.710Z"
|
|
800
800
|
},
|
|
801
801
|
{
|
|
802
802
|
"name": "fuzz-testing-strategy",
|
|
@@ -856,7 +856,7 @@
|
|
|
856
856
|
"OSS-Fuzz-Gen / AI-assisted harness generation becoming the default expectation for OSS maintainers"
|
|
857
857
|
],
|
|
858
858
|
"signature": "Z7ypCUnXx8JpLtgxxB6RHNi39w74AmrGY1N4ofAGCXhkuM2EaFVm1AU0dvl9UQ1bVLfHKEDGqMO/TwlIY7RABg==",
|
|
859
|
-
"signed_at": "2026-05-
|
|
859
|
+
"signed_at": "2026-05-27T02:18:52.710Z"
|
|
860
860
|
},
|
|
861
861
|
{
|
|
862
862
|
"name": "dlp-gap-analysis",
|
|
@@ -931,7 +931,7 @@
|
|
|
931
931
|
"Quebec Law 25, India DPDPA, KSA PDPL enforcement actions naming AI-tool prompt data as in-scope personal information"
|
|
932
932
|
],
|
|
933
933
|
"signature": "IgEnpHOhCftAyfUNdKsjbrd169T9pJkk/rRM2ZEna+H18y7p5x48+1kME2sJMZjJuyAdQFBJi8PJXZFwLGI+DQ==",
|
|
934
|
-
"signed_at": "2026-05-
|
|
934
|
+
"signed_at": "2026-05-27T02:18:52.711Z"
|
|
935
935
|
},
|
|
936
936
|
{
|
|
937
937
|
"name": "supply-chain-integrity",
|
|
@@ -1010,7 +1010,7 @@
|
|
|
1010
1010
|
"Pwn2Own Berlin 2026 (disclosed 2026-05-14, embargo ends 2026-08-12) — NVIDIA Megatron Bridge path traversal by haehae; AI training-stack file-system trust boundary; track patch and SBOM-attestation impact"
|
|
1011
1011
|
],
|
|
1012
1012
|
"signature": "pcLrM98A3vUSZRjwNAk0aZ9umvOwB41XCLLsCOy/IebB2F/06oIrGUKkMHtHwm4pTVPShMMcKdZQQ3jz30FnCg==",
|
|
1013
|
-
"signed_at": "2026-05-
|
|
1013
|
+
"signed_at": "2026-05-27T02:18:52.711Z"
|
|
1014
1014
|
},
|
|
1015
1015
|
{
|
|
1016
1016
|
"name": "defensive-countermeasure-mapping",
|
|
@@ -1067,7 +1067,7 @@
|
|
|
1067
1067
|
],
|
|
1068
1068
|
"last_threat_review": "2026-05-11",
|
|
1069
1069
|
"signature": "G5q5elh7Q7eu2xcwTVQJGDTGfvZR0OGQaLSLJPb2wjzCHFF8PWuZfCHZdjjqisiRzRWPyLlzgfHeMJqOdy7cBw==",
|
|
1070
|
-
"signed_at": "2026-05-
|
|
1070
|
+
"signed_at": "2026-05-27T02:18:52.711Z"
|
|
1071
1071
|
},
|
|
1072
1072
|
{
|
|
1073
1073
|
"name": "identity-assurance",
|
|
@@ -1134,7 +1134,7 @@
|
|
|
1134
1134
|
"d3fend_refs": [],
|
|
1135
1135
|
"last_threat_review": "2026-05-11",
|
|
1136
1136
|
"signature": "Wv5hGMeHjlaQK1zwicVCA7AvdKgJBgvcjdpGM9Ywahh9tagAKhbkOjybowDQZzu7OZ3bDkbh6pBYc1Sdwr6NAA==",
|
|
1137
|
-
"signed_at": "2026-05-
|
|
1137
|
+
"signed_at": "2026-05-27T02:18:52.712Z"
|
|
1138
1138
|
},
|
|
1139
1139
|
{
|
|
1140
1140
|
"name": "ot-ics-security",
|
|
@@ -1190,7 +1190,7 @@
|
|
|
1190
1190
|
"d3fend_refs": [],
|
|
1191
1191
|
"last_threat_review": "2026-05-11",
|
|
1192
1192
|
"signature": "8t5qKHd3yWi57dvG36YQkLN/X9bQWqtEiYjay4IfSmqhJpM/xXPaQVKNGz3wscrO8OLKUZ0OaX7Mj5kzpgBKBQ==",
|
|
1193
|
-
"signed_at": "2026-05-
|
|
1193
|
+
"signed_at": "2026-05-27T02:18:52.712Z"
|
|
1194
1194
|
},
|
|
1195
1195
|
{
|
|
1196
1196
|
"name": "coordinated-vuln-disclosure",
|
|
@@ -1242,7 +1242,7 @@
|
|
|
1242
1242
|
"NYDFS 23 NYCRR 500 amendments potentially adding explicit CVD program requirements"
|
|
1243
1243
|
],
|
|
1244
1244
|
"signature": "GDGt4UPqBa04PjlpSmpyihGzd3OgfBN7jaAK5tfwp+LRSs3ygKOdbeivUCCHNagTY1hE6hG2Ou40ADfBFuXeAg==",
|
|
1245
|
-
"signed_at": "2026-05-
|
|
1245
|
+
"signed_at": "2026-05-27T02:18:52.713Z"
|
|
1246
1246
|
},
|
|
1247
1247
|
{
|
|
1248
1248
|
"name": "threat-modeling-methodology",
|
|
@@ -1292,7 +1292,7 @@
|
|
|
1292
1292
|
"PASTA v2 updates incorporating AI/ML application threats"
|
|
1293
1293
|
],
|
|
1294
1294
|
"signature": "rFBpOQEJUPpl+v88Lw/WqVJRhTl80vy0VbPAbzQj3Q0suJRRrJg368I9uKu5LXIBKFDvKxnGIcIzbGg9NUtaCA==",
|
|
1295
|
-
"signed_at": "2026-05-
|
|
1295
|
+
"signed_at": "2026-05-27T02:18:52.713Z"
|
|
1296
1296
|
},
|
|
1297
1297
|
{
|
|
1298
1298
|
"name": "webapp-security",
|
|
@@ -1366,7 +1366,7 @@
|
|
|
1366
1366
|
"d3fend_refs": [],
|
|
1367
1367
|
"last_threat_review": "2026-05-11",
|
|
1368
1368
|
"signature": "ux85YI4t2mVHOyt744Yin1HHy+z11JIFygjKfFfQOBBl5QVV3A267jeIy7utix85irMcpZm/T3yx/ooqiK2tBA==",
|
|
1369
|
-
"signed_at": "2026-05-
|
|
1369
|
+
"signed_at": "2026-05-27T02:18:52.713Z",
|
|
1370
1370
|
"forward_watch": [
|
|
1371
1371
|
"NGINX Rift CVE-2026-42945 (disclosed 2026-05-13, source depthfirst) — KEV-watch predicted CISA KEV listing by 2026-05-29; AI-assisted discovery angle; track for active-exploitation confirmation and patch advisory affecting front-door web app deployments"
|
|
1372
1372
|
]
|
|
@@ -1419,7 +1419,7 @@
|
|
|
1419
1419
|
"d3fend_refs": [],
|
|
1420
1420
|
"last_threat_review": "2026-05-15",
|
|
1421
1421
|
"signature": "IIXnkZ5ZNqFwOto5KfytADTLLZLoyXNZACD1ORZ40P1HUAQxe6u2uyXFzzsfuob4Uy06jNkRGr2FFgCphUH1Cw==",
|
|
1422
|
-
"signed_at": "2026-05-
|
|
1422
|
+
"signed_at": "2026-05-27T02:18:52.714Z"
|
|
1423
1423
|
},
|
|
1424
1424
|
{
|
|
1425
1425
|
"name": "sector-healthcare",
|
|
@@ -1479,7 +1479,7 @@
|
|
|
1479
1479
|
"d3fend_refs": [],
|
|
1480
1480
|
"last_threat_review": "2026-05-11",
|
|
1481
1481
|
"signature": "AhF9KF8ZBlDteciV+F8IBSmFVYCvQOn44GmD4rZjgLoPxfIv/QE1/vSkK32zyqDKtHWkLSXExbkkPkxA/V6dDw==",
|
|
1482
|
-
"signed_at": "2026-05-
|
|
1482
|
+
"signed_at": "2026-05-27T02:18:52.714Z"
|
|
1483
1483
|
},
|
|
1484
1484
|
{
|
|
1485
1485
|
"name": "sector-financial",
|
|
@@ -1560,7 +1560,7 @@
|
|
|
1560
1560
|
"TIBER-EU framework v2.0 alignment with DORA TLPT RTS (JC 2024/40); cross-recognition with CBEST and iCAST"
|
|
1561
1561
|
],
|
|
1562
1562
|
"signature": "HQgZvb4ReziEz5rNFr8i/O8/rJEZR+iHRROT7m/D2QUqhrcNISPkYXENsUZlG8xapzy/Ik92ehkseyj4hdmhCQ==",
|
|
1563
|
-
"signed_at": "2026-05-
|
|
1563
|
+
"signed_at": "2026-05-27T02:18:52.715Z"
|
|
1564
1564
|
},
|
|
1565
1565
|
{
|
|
1566
1566
|
"name": "sector-federal-government",
|
|
@@ -1629,7 +1629,7 @@
|
|
|
1629
1629
|
"Australia PSPF 2024 revision and ISM quarterly updates — track for Essential Eight Maturity Level requirements for federal entities"
|
|
1630
1630
|
],
|
|
1631
1631
|
"signature": "linxmsXZiOYtcs71sSWgGCrvb8xQfmxmtTY5PRvZJ0/8FgJulo0tQtejzexYG775s7XhjAmGsDP238BQTQ8ADA==",
|
|
1632
|
-
"signed_at": "2026-05-
|
|
1632
|
+
"signed_at": "2026-05-27T02:18:52.715Z"
|
|
1633
1633
|
},
|
|
1634
1634
|
{
|
|
1635
1635
|
"name": "sector-energy",
|
|
@@ -1694,7 +1694,7 @@
|
|
|
1694
1694
|
"ICS-CERT advisory feed (https://www.cisa.gov/news-events/cybersecurity-advisories/ics-advisories) for vendor CVEs in Siemens, Rockwell, Schneider Electric, ABB, GE Vernova, Hitachi Energy, AVEVA / OSIsoft PI"
|
|
1695
1695
|
],
|
|
1696
1696
|
"signature": "JjBfc0ovta560Clk0x3QGRM5osFJDwcvpy3rT7QEGdCIL827jzE8QCow1C8deXq+4JhY2sA/d7/8IsxikdlkCg==",
|
|
1697
|
-
"signed_at": "2026-05-
|
|
1697
|
+
"signed_at": "2026-05-27T02:18:52.716Z"
|
|
1698
1698
|
},
|
|
1699
1699
|
{
|
|
1700
1700
|
"name": "sector-telecom",
|
|
@@ -1780,7 +1780,7 @@
|
|
|
1780
1780
|
"O-RAN SFG / WG11 security specifications"
|
|
1781
1781
|
],
|
|
1782
1782
|
"signature": "JWVxKFoKrbX4d+Tko1d4OBdwyg25MfFFKn4CT6E/CzH+YwnU3T6Y76uBQIKg3+gIGTvPduqyvQwQQ5FxKDuPBw==",
|
|
1783
|
-
"signed_at": "2026-05-
|
|
1783
|
+
"signed_at": "2026-05-27T02:18:52.716Z"
|
|
1784
1784
|
},
|
|
1785
1785
|
{
|
|
1786
1786
|
"name": "api-security",
|
|
@@ -1849,7 +1849,7 @@
|
|
|
1849
1849
|
"d3fend_refs": [],
|
|
1850
1850
|
"last_threat_review": "2026-05-18",
|
|
1851
1851
|
"signature": "BmCRCestWqr55+fCynEhtAl5NWLT+xLTkpwS0Icp3SaoZOw/ce3Y6TtqjHRSKn4CBJq7YDiLRWxmhO3MStvOAA==",
|
|
1852
|
-
"signed_at": "2026-05-
|
|
1852
|
+
"signed_at": "2026-05-27T02:18:52.716Z",
|
|
1853
1853
|
"forward_watch": [
|
|
1854
1854
|
"NGINX Rift CVE-2026-42945 (disclosed 2026-05-13, source depthfirst) — KEV-watch predicted CISA KEV listing by 2026-05-29; track for active-exploitation confirmation and patch advisory affecting API gateway / reverse-proxy deployments",
|
|
1855
1855
|
"Pwn2Own Berlin 2026 (disclosed 2026-05-14, embargo ends 2026-08-12) — LiteLLM 3-bug SSRF + Code Injection chain by k3vg3n; LLM-proxy API surface; track upstream patch and CVE assignments",
|
|
@@ -1935,7 +1935,7 @@
|
|
|
1935
1935
|
"CISA KEV additions for cloud-control-plane CVEs (IMDSv1 abuses, federation token mishandling, cross-tenant boundary failures); CISA Cybersecurity Advisories for cross-cloud advisories"
|
|
1936
1936
|
],
|
|
1937
1937
|
"signature": "/DV3pmZwrRySrk1OCbyI+0BQESacjupJfUX3eC2NGtXuYOBro0vndIP+z27heFxumnjU3a9sfla7/U9X+pqnDw==",
|
|
1938
|
-
"signed_at": "2026-05-
|
|
1938
|
+
"signed_at": "2026-05-27T02:18:52.717Z"
|
|
1939
1939
|
},
|
|
1940
1940
|
{
|
|
1941
1941
|
"name": "container-runtime-security",
|
|
@@ -1997,7 +1997,7 @@
|
|
|
1997
1997
|
"d3fend_refs": [],
|
|
1998
1998
|
"last_threat_review": "2026-05-15",
|
|
1999
1999
|
"signature": "E2UGSf9ATyYgzBr8uM/0ubOUmDqo1jVA7f9mVxv6LHfWGCNuQNXDyuNou9VAmUCeeXEeUYIi3AFjXkJqpOkxDA==",
|
|
2000
|
-
"signed_at": "2026-05-
|
|
2000
|
+
"signed_at": "2026-05-27T02:18:52.717Z",
|
|
2001
2001
|
"forward_watch": [
|
|
2002
2002
|
"Pwn2Own Berlin 2026 (disclosed 2026-05-14, embargo ends 2026-08-12) — NVIDIA Container Toolkit container escape ($50K award) by chompie / IBM X-Force XOR; high-severity container/hypervisor boundary break; track patch and KEV add post-embargo"
|
|
2003
2003
|
]
|
|
@@ -2071,7 +2071,7 @@
|
|
|
2071
2071
|
"MITRE ATLAS v5.6.0 (released May 2026) shipped the AML.T0010 sub-technique expansion this forecast tracked plus new techniques (\"Publish Poisoned AI Agent Tool\", \"Escape to Host\"); inventory now 16 tactics, 84 techniques, 56 sub-techniques. Forward watch: subsequent ATLAS minor and major releases — track next-cadence updates to agentic-AI TTPs and MLOps-pipeline-specific techniques"
|
|
2072
2072
|
],
|
|
2073
2073
|
"signature": "IL+DlRCDJN/p08iiJCFkasKcoyjcB0uWrJ6ORLjQcS1HrUa5Xt62QxVjYPHzaevlm5y36ZdmfESqsZJmzK3lCg==",
|
|
2074
|
-
"signed_at": "2026-05-
|
|
2074
|
+
"signed_at": "2026-05-27T02:18:52.717Z"
|
|
2075
2075
|
},
|
|
2076
2076
|
{
|
|
2077
2077
|
"name": "incident-response-playbook",
|
|
@@ -2133,7 +2133,7 @@
|
|
|
2133
2133
|
"NYDFS 23 NYCRR 500.17 amendments tightening ransom-payment 24h disclosure operationalization"
|
|
2134
2134
|
],
|
|
2135
2135
|
"signature": "MmjLjlmOMLjhJJ4ZfR8MYlHam+ZB+eSqfh6Nv+DecaG4O5zeo9DBP/iL3cbyDVZxmhnhivgJild2ccYeWTeZAg==",
|
|
2136
|
-
"signed_at": "2026-05-
|
|
2136
|
+
"signed_at": "2026-05-27T02:18:52.718Z"
|
|
2137
2137
|
},
|
|
2138
2138
|
{
|
|
2139
2139
|
"name": "ransomware-response",
|
|
@@ -2213,7 +2213,7 @@
|
|
|
2213
2213
|
],
|
|
2214
2214
|
"last_threat_review": "2026-05-22",
|
|
2215
2215
|
"signature": "ssueL03g9fWlhXpTe+IiY5l7RqQkunN4DTN5QETKE+VOX+qggdjAR8PONxk77ol4xWYmHrM/VcH8CNtXUEvgBA==",
|
|
2216
|
-
"signed_at": "2026-05-
|
|
2216
|
+
"signed_at": "2026-05-27T02:18:52.718Z"
|
|
2217
2217
|
},
|
|
2218
2218
|
{
|
|
2219
2219
|
"name": "email-security-anti-phishing",
|
|
@@ -2266,7 +2266,7 @@
|
|
|
2266
2266
|
"d3fend_refs": [],
|
|
2267
2267
|
"last_threat_review": "2026-05-18",
|
|
2268
2268
|
"signature": "rK+WnuS+9tqEABmwc0jO/PEmxcLjG1/tmUb897HsClQeKzf+TQOlwBE+OsbtuKxpjYNwur62Xxs3TxObkwm8Cw==",
|
|
2269
|
-
"signed_at": "2026-05-
|
|
2269
|
+
"signed_at": "2026-05-27T02:18:52.719Z"
|
|
2270
2270
|
},
|
|
2271
2271
|
{
|
|
2272
2272
|
"name": "age-gates-child-safety",
|
|
@@ -2334,7 +2334,7 @@
|
|
|
2334
2334
|
"US state adult-site age-verification laws — 19+ states by mid-2026 (TX HB 18 upheld by SCOTUS June 2025 in Free Speech Coalition v. Paxton); track ongoing challenges in remaining states"
|
|
2335
2335
|
],
|
|
2336
2336
|
"signature": "Rgho5TOFUL1txOzcVR0kASCNdovSU4yt99JlGilJlJRyg0A+BdeeQYrZrhPF6Vx2reUAVG0BeHfcZtSbi+cwCg==",
|
|
2337
|
-
"signed_at": "2026-05-
|
|
2337
|
+
"signed_at": "2026-05-27T02:18:52.719Z"
|
|
2338
2338
|
},
|
|
2339
2339
|
{
|
|
2340
2340
|
"name": "cloud-iam-incident",
|
|
@@ -2414,7 +2414,7 @@
|
|
|
2414
2414
|
],
|
|
2415
2415
|
"last_threat_review": "2026-05-15",
|
|
2416
2416
|
"signature": "e/kij7GtKaytROyIj7V5RH+FC9WtmVFzrmG2kIlNDNn29ep/CRNlIQKwXLpzo/81AIf634pmdr1qy/+vwIuUDA==",
|
|
2417
|
-
"signed_at": "2026-05-
|
|
2417
|
+
"signed_at": "2026-05-27T02:18:52.719Z",
|
|
2418
2418
|
"forward_watch": [
|
|
2419
2419
|
"AWS IAM Identity Center session-policy refresh and step-up-on-admin enforcement (anticipated 2026-H2 release)",
|
|
2420
2420
|
"GCP Workload Identity Federation principal-set attribute mapping tightening (post-2026 Q3 Federation hardening guide)",
|
|
@@ -2508,7 +2508,7 @@
|
|
|
2508
2508
|
],
|
|
2509
2509
|
"last_threat_review": "2026-05-15",
|
|
2510
2510
|
"signature": "ew9Kglc9fAZzbn0ZIfGP7WSK/j4eV2VhSvpy+s5bEfNEVYIMa2kZjnGBapgUsyGDLes9H9K2ovjQyX17+GKiBw==",
|
|
2511
|
-
"signed_at": "2026-05-
|
|
2511
|
+
"signed_at": "2026-05-27T02:18:52.720Z",
|
|
2512
2512
|
"forward_watch": [
|
|
2513
2513
|
"Entra ID conditional access evolution post-Midnight Blizzard — Microsoft's 2025-2026 commitments on legacy-tenant MFA enforcement and OAuth-app consent gating",
|
|
2514
2514
|
"Okta IPSIE (Interoperability Profile for Secure Identity in the Enterprise) OpenID Foundation working-group output and adoption timeline",
|
|
@@ -2526,6 +2526,6 @@
|
|
|
2526
2526
|
],
|
|
2527
2527
|
"manifest_signature": {
|
|
2528
2528
|
"algorithm": "Ed25519",
|
|
2529
|
-
"signature_base64": "
|
|
2529
|
+
"signature_base64": "8xQVpedWmMARNEegrwnz2W4OPK3DNwx8NVLOsszgTX6a98TPjomeeqSjvgwZMTwp8ww9lGo9OeOBKDHEh6PRAQ=="
|
|
2530
2530
|
}
|
|
2531
2531
|
}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@blamejs/exceptd-skills",
|
|
3
|
-
"version": "0.13.
|
|
3
|
+
"version": "0.13.120",
|
|
4
4
|
"description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 42 skills, 11 catalogs (406 CVEs / 171 CWEs / 805 ATT&CK + ICS / 170 ATLAS / 468 D3FEND / 7476 RFCs), 35 jurisdictions, 10-class catalog gap detector + budget gate, real XML parser + canonical-form diff + content-pattern regression detection, Ed25519-signed.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"ai-security",
|
package/sbom.cdx.json
CHANGED
|
@@ -1,22 +1,22 @@
|
|
|
1
1
|
{
|
|
2
2
|
"bomFormat": "CycloneDX",
|
|
3
3
|
"specVersion": "1.6",
|
|
4
|
-
"serialNumber": "urn:uuid:
|
|
4
|
+
"serialNumber": "urn:uuid:29df9bcc-77fa-4968-985c-b275cc54bde1",
|
|
5
5
|
"version": 1,
|
|
6
6
|
"metadata": {
|
|
7
|
-
"timestamp": "2048-
|
|
7
|
+
"timestamp": "2048-04-06T00:31:08.000Z",
|
|
8
8
|
"tools": [
|
|
9
9
|
{
|
|
10
10
|
"vendor": "blamejs",
|
|
11
11
|
"name": "scripts/refresh-sbom.js",
|
|
12
|
-
"version": "0.13.
|
|
12
|
+
"version": "0.13.120"
|
|
13
13
|
}
|
|
14
14
|
],
|
|
15
15
|
"component": {
|
|
16
|
-
"bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.13.
|
|
16
|
+
"bom-ref": "pkg:npm/@blamejs/exceptd-skills@0.13.120",
|
|
17
17
|
"type": "application",
|
|
18
18
|
"name": "@blamejs/exceptd-skills",
|
|
19
|
-
"version": "0.13.
|
|
19
|
+
"version": "0.13.120",
|
|
20
20
|
"description": "AI security skills grounded in mid-2026 threat reality, not stale framework documentation. 42 skills, 11 catalogs (406 CVEs / 171 CWEs / 805 ATT&CK + ICS / 170 ATLAS / 468 D3FEND / 7476 RFCs), 35 jurisdictions, 10-class catalog gap detector + budget gate, real XML parser + canonical-form diff + content-pattern regression detection, Ed25519-signed.",
|
|
21
21
|
"licenses": [
|
|
22
22
|
{
|
|
@@ -25,17 +25,17 @@
|
|
|
25
25
|
}
|
|
26
26
|
}
|
|
27
27
|
],
|
|
28
|
-
"purl": "pkg:npm/%40blamejs/exceptd-skills@0.13.
|
|
28
|
+
"purl": "pkg:npm/%40blamejs/exceptd-skills@0.13.120",
|
|
29
29
|
"hashes": [
|
|
30
30
|
{
|
|
31
31
|
"alg": "SHA-256",
|
|
32
|
-
"content": "
|
|
32
|
+
"content": "85474d881c21336691974c55eb33a109fd65d71d7d087a32a9651e3ebcf54d43"
|
|
33
33
|
}
|
|
34
34
|
],
|
|
35
35
|
"externalReferences": [
|
|
36
36
|
{
|
|
37
37
|
"type": "distribution",
|
|
38
|
-
"url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.13.
|
|
38
|
+
"url": "https://www.npmjs.com/package/@blamejs/exceptd-skills/v/0.13.120"
|
|
39
39
|
},
|
|
40
40
|
{
|
|
41
41
|
"type": "vcs",
|
|
@@ -116,11 +116,11 @@
|
|
|
116
116
|
"hashes": [
|
|
117
117
|
{
|
|
118
118
|
"alg": "SHA-256",
|
|
119
|
-
"content": "
|
|
119
|
+
"content": "f5eed28e6e30d0b24ddc1adc311d81fccc9dd2192dfe3cf5de8dbfb86211f32d"
|
|
120
120
|
},
|
|
121
121
|
{
|
|
122
122
|
"alg": "SHA3-512",
|
|
123
|
-
"content": "
|
|
123
|
+
"content": "122532f516cc275e6a3fa0a820e6050f7abe873aebec74cfc9970af403e7bd981c3764b11fe3cb39684f4518067514aa5f9dc9efb1daf10ecb7c83285757b6cf"
|
|
124
124
|
}
|
|
125
125
|
]
|
|
126
126
|
},
|
|
@@ -311,11 +311,11 @@
|
|
|
311
311
|
"hashes": [
|
|
312
312
|
{
|
|
313
313
|
"alg": "SHA-256",
|
|
314
|
-
"content": "
|
|
314
|
+
"content": "4237fe46b0d8700a90c8a4dabd8753bf54b1752b744b368c4caf76cb960553c8"
|
|
315
315
|
},
|
|
316
316
|
{
|
|
317
317
|
"alg": "SHA3-512",
|
|
318
|
-
"content": "
|
|
318
|
+
"content": "d451f534fe061ab9ddb3233a11bdaf78bcc5356828fa7b8599d68bf88bcc266855cb6c326c0d56b280c08cef307c4e3b3a9e7dedd7987c3ab88c1ee5d2d5cc98"
|
|
319
319
|
}
|
|
320
320
|
]
|
|
321
321
|
},
|
|
@@ -326,11 +326,11 @@
|
|
|
326
326
|
"hashes": [
|
|
327
327
|
{
|
|
328
328
|
"alg": "SHA-256",
|
|
329
|
-
"content": "
|
|
329
|
+
"content": "51ef99a37316f596fa2fcb950405cedd7bf0576302f8c0bcf41535a0e7541369"
|
|
330
330
|
},
|
|
331
331
|
{
|
|
332
332
|
"alg": "SHA3-512",
|
|
333
|
-
"content": "
|
|
333
|
+
"content": "8bfd1ce80d40102b7bbaf5fae5696b48a739335d5ae29496edae00352a0799a625aa757e51e3853335886866a3975c06cf59bd670eccdc713e43c6e99f7731e2"
|
|
334
334
|
}
|
|
335
335
|
]
|
|
336
336
|
},
|
|
@@ -341,11 +341,11 @@
|
|
|
341
341
|
"hashes": [
|
|
342
342
|
{
|
|
343
343
|
"alg": "SHA-256",
|
|
344
|
-
"content": "
|
|
344
|
+
"content": "686ba057cdca827a6fd4eb1b559cb82fc1c97310f5af63a6adf6f0ac6d87f738"
|
|
345
345
|
},
|
|
346
346
|
{
|
|
347
347
|
"alg": "SHA3-512",
|
|
348
|
-
"content": "
|
|
348
|
+
"content": "61863f79b3c5ce2be595a3ab469c8dfc8624b81aec6327e673a2197c784662b3cbd67826913875dcd4fdd226a9daf6ac09270ee903d4407e423f1b6a83c0f153"
|
|
349
349
|
}
|
|
350
350
|
]
|
|
351
351
|
},
|
|
@@ -401,11 +401,11 @@
|
|
|
401
401
|
"hashes": [
|
|
402
402
|
{
|
|
403
403
|
"alg": "SHA-256",
|
|
404
|
-
"content": "
|
|
404
|
+
"content": "79171be6be0bfcb1e2c7b62b4e142d290579ea593974d67a47796a92d7a2aebf"
|
|
405
405
|
},
|
|
406
406
|
{
|
|
407
407
|
"alg": "SHA3-512",
|
|
408
|
-
"content": "
|
|
408
|
+
"content": "2b806bf4f33ab7880c478ad8eeff3235ba5eb8a35abca789ffed19e78affe63d546e410ed807026af5a2d8bb58d8fab0d41fe11152683703eaddb833850cc71f"
|
|
409
409
|
}
|
|
410
410
|
]
|
|
411
411
|
},
|
|
@@ -791,11 +791,11 @@
|
|
|
791
791
|
"hashes": [
|
|
792
792
|
{
|
|
793
793
|
"alg": "SHA-256",
|
|
794
|
-
"content": "
|
|
794
|
+
"content": "a270416f6c20f17cd1cdf556622828d8efaf5073c3661c1fae4366949ed7fe27"
|
|
795
795
|
},
|
|
796
796
|
{
|
|
797
797
|
"alg": "SHA3-512",
|
|
798
|
-
"content": "
|
|
798
|
+
"content": "9813e70a63aaa6d2bdbe661a31afb9b12204e456285c233ae0a53e91f3076a71216075d01d0856df314c9a859943f741b8855a6fc32ff2c7efb310887565a1bc"
|
|
799
799
|
}
|
|
800
800
|
]
|
|
801
801
|
},
|
|
@@ -1661,11 +1661,11 @@
|
|
|
1661
1661
|
"hashes": [
|
|
1662
1662
|
{
|
|
1663
1663
|
"alg": "SHA-256",
|
|
1664
|
-
"content": "
|
|
1664
|
+
"content": "6ab635bfaef39a128a874fa2db7853e857c026112aaf030c997d4c1d7e3f3218"
|
|
1665
1665
|
},
|
|
1666
1666
|
{
|
|
1667
1667
|
"alg": "SHA3-512",
|
|
1668
|
-
"content": "
|
|
1668
|
+
"content": "11ece73568c79b50fd45f88b79fe5b7b71e111ac356b39becebc1eb1a3a7b9e10a14de0664b145c6c4a7c5d9c71acf22d6d263cd28a9ea4d8c3d1f5b73d83df4"
|
|
1669
1669
|
}
|
|
1670
1670
|
]
|
|
1671
1671
|
},
|