@blamejs/exceptd-skills 0.13.122 → 0.13.123
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +4 -0
- package/data/_indexes/_meta.json +9 -9
- package/data/_indexes/activity-feed.json +2 -2
- package/data/_indexes/catalog-summaries.json +2 -2
- package/data/_indexes/chains.json +704 -0
- package/data/atlas-ttps.json +3 -1
- package/data/attack-techniques.json +10 -4
- package/data/cve-catalog.json +207 -0
- package/data/cwe-catalog.json +4 -2
- package/data/framework-control-gaps.json +27 -10
- package/data/zeroday-lessons.json +100 -0
- package/manifest.json +44 -44
- package/package.json +1 -1
- package/sbom.cdx.json +24 -24
|
@@ -75258,6 +75258,668 @@
|
|
|
75258
75258
|
]
|
|
75259
75259
|
}
|
|
75260
75260
|
},
|
|
75261
|
+
"CVE-2026-21858": {
|
|
75262
|
+
"name": "n8n Form-Based Unauthenticated Arbitrary File Access",
|
|
75263
|
+
"rwep": 31,
|
|
75264
|
+
"cvss": 10,
|
|
75265
|
+
"cisa_kev": false,
|
|
75266
|
+
"epss_score": 0.06939,
|
|
75267
|
+
"referencing_skills": [
|
|
75268
|
+
"ai-attack-surface",
|
|
75269
|
+
"compliance-theater",
|
|
75270
|
+
"rag-pipeline-security",
|
|
75271
|
+
"threat-modeling-methodology",
|
|
75272
|
+
"webapp-security",
|
|
75273
|
+
"api-security",
|
|
75274
|
+
"container-runtime-security"
|
|
75275
|
+
],
|
|
75276
|
+
"chain": {
|
|
75277
|
+
"cwes": [
|
|
75278
|
+
{
|
|
75279
|
+
"id": "CWE-1039",
|
|
75280
|
+
"name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
|
|
75281
|
+
"category": "AI/ML"
|
|
75282
|
+
},
|
|
75283
|
+
{
|
|
75284
|
+
"id": "CWE-1188",
|
|
75285
|
+
"name": "Initialization of a Resource with an Insecure Default",
|
|
75286
|
+
"category": "Configuration"
|
|
75287
|
+
},
|
|
75288
|
+
{
|
|
75289
|
+
"id": "CWE-1395",
|
|
75290
|
+
"name": "Dependency on Vulnerable Third-Party Component",
|
|
75291
|
+
"category": "Supply Chain"
|
|
75292
|
+
},
|
|
75293
|
+
{
|
|
75294
|
+
"id": "CWE-1426",
|
|
75295
|
+
"name": "Improper Validation of Generative AI Output",
|
|
75296
|
+
"category": "AI/ML"
|
|
75297
|
+
},
|
|
75298
|
+
{
|
|
75299
|
+
"id": "CWE-200",
|
|
75300
|
+
"name": "Exposure of Sensitive Information to an Unauthorized Actor",
|
|
75301
|
+
"category": "Information Exposure"
|
|
75302
|
+
},
|
|
75303
|
+
{
|
|
75304
|
+
"id": "CWE-22",
|
|
75305
|
+
"name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
|
|
75306
|
+
"category": "Path/Resource"
|
|
75307
|
+
},
|
|
75308
|
+
{
|
|
75309
|
+
"id": "CWE-269",
|
|
75310
|
+
"name": "Improper Privilege Management",
|
|
75311
|
+
"category": "Authorization"
|
|
75312
|
+
},
|
|
75313
|
+
{
|
|
75314
|
+
"id": "CWE-287",
|
|
75315
|
+
"name": "Improper Authentication",
|
|
75316
|
+
"category": "Authentication"
|
|
75317
|
+
},
|
|
75318
|
+
{
|
|
75319
|
+
"id": "CWE-352",
|
|
75320
|
+
"name": "Cross-Site Request Forgery (CSRF)",
|
|
75321
|
+
"category": "Session"
|
|
75322
|
+
},
|
|
75323
|
+
{
|
|
75324
|
+
"id": "CWE-434",
|
|
75325
|
+
"name": "Unrestricted Upload of File with Dangerous Type",
|
|
75326
|
+
"category": "File Handling"
|
|
75327
|
+
},
|
|
75328
|
+
{
|
|
75329
|
+
"id": "CWE-502",
|
|
75330
|
+
"name": "Deserialization of Untrusted Data",
|
|
75331
|
+
"category": "Serialization"
|
|
75332
|
+
},
|
|
75333
|
+
{
|
|
75334
|
+
"id": "CWE-732",
|
|
75335
|
+
"name": "Incorrect Permission Assignment for Critical Resource",
|
|
75336
|
+
"category": "Authorization"
|
|
75337
|
+
},
|
|
75338
|
+
{
|
|
75339
|
+
"id": "CWE-77",
|
|
75340
|
+
"name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
|
|
75341
|
+
"category": "Injection"
|
|
75342
|
+
},
|
|
75343
|
+
{
|
|
75344
|
+
"id": "CWE-78",
|
|
75345
|
+
"name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
|
|
75346
|
+
"category": "Injection"
|
|
75347
|
+
},
|
|
75348
|
+
{
|
|
75349
|
+
"id": "CWE-787",
|
|
75350
|
+
"name": "Out-of-bounds Write",
|
|
75351
|
+
"category": "Memory Safety"
|
|
75352
|
+
},
|
|
75353
|
+
{
|
|
75354
|
+
"id": "CWE-79",
|
|
75355
|
+
"name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
|
|
75356
|
+
"category": "Injection"
|
|
75357
|
+
},
|
|
75358
|
+
{
|
|
75359
|
+
"id": "CWE-862",
|
|
75360
|
+
"name": "Missing Authorization",
|
|
75361
|
+
"category": "Authorization"
|
|
75362
|
+
},
|
|
75363
|
+
{
|
|
75364
|
+
"id": "CWE-863",
|
|
75365
|
+
"name": "Incorrect Authorization",
|
|
75366
|
+
"category": "Authorization"
|
|
75367
|
+
},
|
|
75368
|
+
{
|
|
75369
|
+
"id": "CWE-89",
|
|
75370
|
+
"name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
|
|
75371
|
+
"category": "Injection"
|
|
75372
|
+
},
|
|
75373
|
+
{
|
|
75374
|
+
"id": "CWE-918",
|
|
75375
|
+
"name": "Server-Side Request Forgery (SSRF)",
|
|
75376
|
+
"category": "Network"
|
|
75377
|
+
},
|
|
75378
|
+
{
|
|
75379
|
+
"id": "CWE-94",
|
|
75380
|
+
"name": "Improper Control of Generation of Code (Code Injection)",
|
|
75381
|
+
"category": "Injection"
|
|
75382
|
+
}
|
|
75383
|
+
],
|
|
75384
|
+
"atlas": [
|
|
75385
|
+
{
|
|
75386
|
+
"id": "AML.T0010",
|
|
75387
|
+
"name": "ML Supply Chain Compromise",
|
|
75388
|
+
"tactic": "Initial Access"
|
|
75389
|
+
},
|
|
75390
|
+
{
|
|
75391
|
+
"id": "AML.T0016",
|
|
75392
|
+
"name": "Obtain Capabilities: Develop Capabilities",
|
|
75393
|
+
"tactic": "Resource Development"
|
|
75394
|
+
},
|
|
75395
|
+
{
|
|
75396
|
+
"id": "AML.T0017",
|
|
75397
|
+
"name": "Discover ML Model Ontology",
|
|
75398
|
+
"tactic": "Discovery"
|
|
75399
|
+
},
|
|
75400
|
+
{
|
|
75401
|
+
"id": "AML.T0018",
|
|
75402
|
+
"name": "Backdoor ML Model",
|
|
75403
|
+
"tactic": "Persistence"
|
|
75404
|
+
},
|
|
75405
|
+
{
|
|
75406
|
+
"id": "AML.T0020",
|
|
75407
|
+
"name": "Poison Training Data",
|
|
75408
|
+
"tactic": "ML Attack Staging"
|
|
75409
|
+
},
|
|
75410
|
+
{
|
|
75411
|
+
"id": "AML.T0043",
|
|
75412
|
+
"name": "Craft Adversarial Data",
|
|
75413
|
+
"tactic": "ML Attack Staging"
|
|
75414
|
+
},
|
|
75415
|
+
{
|
|
75416
|
+
"id": "AML.T0051",
|
|
75417
|
+
"name": "LLM Prompt Injection",
|
|
75418
|
+
"tactic": "Execution"
|
|
75419
|
+
},
|
|
75420
|
+
{
|
|
75421
|
+
"id": "AML.T0054",
|
|
75422
|
+
"name": "LLM Jailbreak",
|
|
75423
|
+
"tactic": "Defense Evasion"
|
|
75424
|
+
},
|
|
75425
|
+
{
|
|
75426
|
+
"id": "AML.T0096",
|
|
75427
|
+
"name": "AI API as Covert C2 Channel",
|
|
75428
|
+
"tactic": "Command and Control"
|
|
75429
|
+
}
|
|
75430
|
+
],
|
|
75431
|
+
"d3fend": [
|
|
75432
|
+
{
|
|
75433
|
+
"id": "D3-CSPP",
|
|
75434
|
+
"name": "Client-server Payload Profiling",
|
|
75435
|
+
"tactic": "Detect"
|
|
75436
|
+
},
|
|
75437
|
+
{
|
|
75438
|
+
"id": "D3-IOPR",
|
|
75439
|
+
"name": "Input/Output Profiling Resource",
|
|
75440
|
+
"tactic": "Detect"
|
|
75441
|
+
},
|
|
75442
|
+
{
|
|
75443
|
+
"id": "D3-NTA",
|
|
75444
|
+
"name": "Network Traffic Analysis",
|
|
75445
|
+
"tactic": "Detect"
|
|
75446
|
+
}
|
|
75447
|
+
],
|
|
75448
|
+
"framework_gaps": [
|
|
75449
|
+
{
|
|
75450
|
+
"id": "ALL-AI-PIPELINE-INTEGRITY",
|
|
75451
|
+
"framework": "ALL",
|
|
75452
|
+
"control_name": "AI Pipeline Integrity"
|
|
75453
|
+
},
|
|
75454
|
+
{
|
|
75455
|
+
"id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
|
|
75456
|
+
"framework": "ALL",
|
|
75457
|
+
"control_name": "Prompt Injection as Access Control Failure"
|
|
75458
|
+
},
|
|
75459
|
+
{
|
|
75460
|
+
"id": "CMMC-2.0-Level-2",
|
|
75461
|
+
"framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
|
|
75462
|
+
"control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
|
|
75463
|
+
},
|
|
75464
|
+
{
|
|
75465
|
+
"id": "FedRAMP-Rev5-Moderate",
|
|
75466
|
+
"framework": "FedRAMP Rev 5 Moderate",
|
|
75467
|
+
"control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
|
|
75468
|
+
},
|
|
75469
|
+
{
|
|
75470
|
+
"id": "ISO-27001-2022-A.8.28",
|
|
75471
|
+
"framework": "ISO/IEC 27001:2022",
|
|
75472
|
+
"control_name": "Secure coding"
|
|
75473
|
+
},
|
|
75474
|
+
{
|
|
75475
|
+
"id": "ISO-IEC-23894-2023-clause-7",
|
|
75476
|
+
"framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
|
|
75477
|
+
"control_name": "AI risk management process"
|
|
75478
|
+
},
|
|
75479
|
+
{
|
|
75480
|
+
"id": "ISO-IEC-42001-2023-clause-6.1.2",
|
|
75481
|
+
"framework": "ISO/IEC 42001:2023 (AI Management System)",
|
|
75482
|
+
"control_name": "AI risk assessment"
|
|
75483
|
+
},
|
|
75484
|
+
{
|
|
75485
|
+
"id": "NIST-800-218-SSDF",
|
|
75486
|
+
"framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
|
|
75487
|
+
"control_name": "Secure Software Development Framework"
|
|
75488
|
+
},
|
|
75489
|
+
{
|
|
75490
|
+
"id": "NIST-800-53-AC-2",
|
|
75491
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
75492
|
+
"control_name": "Account Management"
|
|
75493
|
+
},
|
|
75494
|
+
{
|
|
75495
|
+
"id": "NIST-800-53-CM-7",
|
|
75496
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
75497
|
+
"control_name": "Least Functionality"
|
|
75498
|
+
},
|
|
75499
|
+
{
|
|
75500
|
+
"id": "NIST-800-53-SI-12",
|
|
75501
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
75502
|
+
"control_name": "Information Management and Retention"
|
|
75503
|
+
},
|
|
75504
|
+
{
|
|
75505
|
+
"id": "NIST-800-53-SI-3",
|
|
75506
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
75507
|
+
"control_name": "Malicious Code Protection"
|
|
75508
|
+
},
|
|
75509
|
+
{
|
|
75510
|
+
"id": "NIST-AI-RMF-MEASURE-2.5",
|
|
75511
|
+
"framework": "NIST AI RMF 1.0",
|
|
75512
|
+
"control_name": "AI system to human interaction evaluation"
|
|
75513
|
+
},
|
|
75514
|
+
{
|
|
75515
|
+
"id": "OWASP-ASVS-v5.0-V14",
|
|
75516
|
+
"framework": "OWASP ASVS v5.0",
|
|
75517
|
+
"control_name": "Configuration verification"
|
|
75518
|
+
},
|
|
75519
|
+
{
|
|
75520
|
+
"id": "OWASP-LLM-Top-10-2025-LLM01",
|
|
75521
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
75522
|
+
"control_name": "Prompt Injection"
|
|
75523
|
+
},
|
|
75524
|
+
{
|
|
75525
|
+
"id": "OWASP-LLM-Top-10-2025-LLM02",
|
|
75526
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
75527
|
+
"control_name": "Sensitive Information Disclosure"
|
|
75528
|
+
},
|
|
75529
|
+
{
|
|
75530
|
+
"id": "OWASP-LLM-Top-10-2025-LLM08",
|
|
75531
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
75532
|
+
"control_name": "Vector and Embedding Weaknesses"
|
|
75533
|
+
},
|
|
75534
|
+
{
|
|
75535
|
+
"id": "SLSA-v1.0-Build-L3",
|
|
75536
|
+
"framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
|
|
75537
|
+
"control_name": "Hardened build platform with non-falsifiable provenance"
|
|
75538
|
+
},
|
|
75539
|
+
{
|
|
75540
|
+
"id": "SOC2-CC6-logical-access",
|
|
75541
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
75542
|
+
"control_name": "Logical and Physical Access Controls"
|
|
75543
|
+
}
|
|
75544
|
+
],
|
|
75545
|
+
"attack_refs": [
|
|
75546
|
+
"T1059",
|
|
75547
|
+
"T1068",
|
|
75548
|
+
"T1078",
|
|
75549
|
+
"T1190",
|
|
75550
|
+
"T1505",
|
|
75551
|
+
"T1565",
|
|
75552
|
+
"T1566",
|
|
75553
|
+
"T1567",
|
|
75554
|
+
"T1610",
|
|
75555
|
+
"T1611"
|
|
75556
|
+
],
|
|
75557
|
+
"rfc_refs": [
|
|
75558
|
+
"RFC-6749",
|
|
75559
|
+
"RFC-7519",
|
|
75560
|
+
"RFC-8032",
|
|
75561
|
+
"RFC-8446",
|
|
75562
|
+
"RFC-8725",
|
|
75563
|
+
"RFC-9114",
|
|
75564
|
+
"RFC-9421",
|
|
75565
|
+
"RFC-9700"
|
|
75566
|
+
]
|
|
75567
|
+
}
|
|
75568
|
+
},
|
|
75569
|
+
"CVE-2025-68668": {
|
|
75570
|
+
"name": "n8n Python Code Node Pyodide Sandbox Bypass RCE",
|
|
75571
|
+
"rwep": 27,
|
|
75572
|
+
"cvss": 9.9,
|
|
75573
|
+
"cisa_kev": false,
|
|
75574
|
+
"epss_score": 0.00035,
|
|
75575
|
+
"referencing_skills": [
|
|
75576
|
+
"ai-attack-surface",
|
|
75577
|
+
"compliance-theater",
|
|
75578
|
+
"rag-pipeline-security",
|
|
75579
|
+
"ai-c2-detection",
|
|
75580
|
+
"threat-modeling-methodology",
|
|
75581
|
+
"webapp-security",
|
|
75582
|
+
"api-security",
|
|
75583
|
+
"container-runtime-security",
|
|
75584
|
+
"email-security-anti-phishing"
|
|
75585
|
+
],
|
|
75586
|
+
"chain": {
|
|
75587
|
+
"cwes": [
|
|
75588
|
+
{
|
|
75589
|
+
"id": "CWE-1039",
|
|
75590
|
+
"name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
|
|
75591
|
+
"category": "AI/ML"
|
|
75592
|
+
},
|
|
75593
|
+
{
|
|
75594
|
+
"id": "CWE-1188",
|
|
75595
|
+
"name": "Initialization of a Resource with an Insecure Default",
|
|
75596
|
+
"category": "Configuration"
|
|
75597
|
+
},
|
|
75598
|
+
{
|
|
75599
|
+
"id": "CWE-1395",
|
|
75600
|
+
"name": "Dependency on Vulnerable Third-Party Component",
|
|
75601
|
+
"category": "Supply Chain"
|
|
75602
|
+
},
|
|
75603
|
+
{
|
|
75604
|
+
"id": "CWE-1426",
|
|
75605
|
+
"name": "Improper Validation of Generative AI Output",
|
|
75606
|
+
"category": "AI/ML"
|
|
75607
|
+
},
|
|
75608
|
+
{
|
|
75609
|
+
"id": "CWE-200",
|
|
75610
|
+
"name": "Exposure of Sensitive Information to an Unauthorized Actor",
|
|
75611
|
+
"category": "Information Exposure"
|
|
75612
|
+
},
|
|
75613
|
+
{
|
|
75614
|
+
"id": "CWE-22",
|
|
75615
|
+
"name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
|
|
75616
|
+
"category": "Path/Resource"
|
|
75617
|
+
},
|
|
75618
|
+
{
|
|
75619
|
+
"id": "CWE-269",
|
|
75620
|
+
"name": "Improper Privilege Management",
|
|
75621
|
+
"category": "Authorization"
|
|
75622
|
+
},
|
|
75623
|
+
{
|
|
75624
|
+
"id": "CWE-287",
|
|
75625
|
+
"name": "Improper Authentication",
|
|
75626
|
+
"category": "Authentication"
|
|
75627
|
+
},
|
|
75628
|
+
{
|
|
75629
|
+
"id": "CWE-352",
|
|
75630
|
+
"name": "Cross-Site Request Forgery (CSRF)",
|
|
75631
|
+
"category": "Session"
|
|
75632
|
+
},
|
|
75633
|
+
{
|
|
75634
|
+
"id": "CWE-434",
|
|
75635
|
+
"name": "Unrestricted Upload of File with Dangerous Type",
|
|
75636
|
+
"category": "File Handling"
|
|
75637
|
+
},
|
|
75638
|
+
{
|
|
75639
|
+
"id": "CWE-502",
|
|
75640
|
+
"name": "Deserialization of Untrusted Data",
|
|
75641
|
+
"category": "Serialization"
|
|
75642
|
+
},
|
|
75643
|
+
{
|
|
75644
|
+
"id": "CWE-732",
|
|
75645
|
+
"name": "Incorrect Permission Assignment for Critical Resource",
|
|
75646
|
+
"category": "Authorization"
|
|
75647
|
+
},
|
|
75648
|
+
{
|
|
75649
|
+
"id": "CWE-77",
|
|
75650
|
+
"name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
|
|
75651
|
+
"category": "Injection"
|
|
75652
|
+
},
|
|
75653
|
+
{
|
|
75654
|
+
"id": "CWE-78",
|
|
75655
|
+
"name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
|
|
75656
|
+
"category": "Injection"
|
|
75657
|
+
},
|
|
75658
|
+
{
|
|
75659
|
+
"id": "CWE-787",
|
|
75660
|
+
"name": "Out-of-bounds Write",
|
|
75661
|
+
"category": "Memory Safety"
|
|
75662
|
+
},
|
|
75663
|
+
{
|
|
75664
|
+
"id": "CWE-79",
|
|
75665
|
+
"name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
|
|
75666
|
+
"category": "Injection"
|
|
75667
|
+
},
|
|
75668
|
+
{
|
|
75669
|
+
"id": "CWE-862",
|
|
75670
|
+
"name": "Missing Authorization",
|
|
75671
|
+
"category": "Authorization"
|
|
75672
|
+
},
|
|
75673
|
+
{
|
|
75674
|
+
"id": "CWE-863",
|
|
75675
|
+
"name": "Incorrect Authorization",
|
|
75676
|
+
"category": "Authorization"
|
|
75677
|
+
},
|
|
75678
|
+
{
|
|
75679
|
+
"id": "CWE-89",
|
|
75680
|
+
"name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
|
|
75681
|
+
"category": "Injection"
|
|
75682
|
+
},
|
|
75683
|
+
{
|
|
75684
|
+
"id": "CWE-918",
|
|
75685
|
+
"name": "Server-Side Request Forgery (SSRF)",
|
|
75686
|
+
"category": "Network"
|
|
75687
|
+
},
|
|
75688
|
+
{
|
|
75689
|
+
"id": "CWE-94",
|
|
75690
|
+
"name": "Improper Control of Generation of Code (Code Injection)",
|
|
75691
|
+
"category": "Injection"
|
|
75692
|
+
}
|
|
75693
|
+
],
|
|
75694
|
+
"atlas": [
|
|
75695
|
+
{
|
|
75696
|
+
"id": "AML.T0010",
|
|
75697
|
+
"name": "ML Supply Chain Compromise",
|
|
75698
|
+
"tactic": "Initial Access"
|
|
75699
|
+
},
|
|
75700
|
+
{
|
|
75701
|
+
"id": "AML.T0016",
|
|
75702
|
+
"name": "Obtain Capabilities: Develop Capabilities",
|
|
75703
|
+
"tactic": "Resource Development"
|
|
75704
|
+
},
|
|
75705
|
+
{
|
|
75706
|
+
"id": "AML.T0017",
|
|
75707
|
+
"name": "Discover ML Model Ontology",
|
|
75708
|
+
"tactic": "Discovery"
|
|
75709
|
+
},
|
|
75710
|
+
{
|
|
75711
|
+
"id": "AML.T0018",
|
|
75712
|
+
"name": "Backdoor ML Model",
|
|
75713
|
+
"tactic": "Persistence"
|
|
75714
|
+
},
|
|
75715
|
+
{
|
|
75716
|
+
"id": "AML.T0020",
|
|
75717
|
+
"name": "Poison Training Data",
|
|
75718
|
+
"tactic": "ML Attack Staging"
|
|
75719
|
+
},
|
|
75720
|
+
{
|
|
75721
|
+
"id": "AML.T0043",
|
|
75722
|
+
"name": "Craft Adversarial Data",
|
|
75723
|
+
"tactic": "ML Attack Staging"
|
|
75724
|
+
},
|
|
75725
|
+
{
|
|
75726
|
+
"id": "AML.T0051",
|
|
75727
|
+
"name": "LLM Prompt Injection",
|
|
75728
|
+
"tactic": "Execution"
|
|
75729
|
+
},
|
|
75730
|
+
{
|
|
75731
|
+
"id": "AML.T0054",
|
|
75732
|
+
"name": "LLM Jailbreak",
|
|
75733
|
+
"tactic": "Defense Evasion"
|
|
75734
|
+
},
|
|
75735
|
+
{
|
|
75736
|
+
"id": "AML.T0096",
|
|
75737
|
+
"name": "AI API as Covert C2 Channel",
|
|
75738
|
+
"tactic": "Command and Control"
|
|
75739
|
+
}
|
|
75740
|
+
],
|
|
75741
|
+
"d3fend": [
|
|
75742
|
+
{
|
|
75743
|
+
"id": "D3-CA",
|
|
75744
|
+
"name": "Certificate Analysis",
|
|
75745
|
+
"tactic": "Detect"
|
|
75746
|
+
},
|
|
75747
|
+
{
|
|
75748
|
+
"id": "D3-CSPP",
|
|
75749
|
+
"name": "Client-server Payload Profiling",
|
|
75750
|
+
"tactic": "Detect"
|
|
75751
|
+
},
|
|
75752
|
+
{
|
|
75753
|
+
"id": "D3-DA",
|
|
75754
|
+
"name": "Domain Analysis",
|
|
75755
|
+
"tactic": "Detect"
|
|
75756
|
+
},
|
|
75757
|
+
{
|
|
75758
|
+
"id": "D3-IOPR",
|
|
75759
|
+
"name": "Input/Output Profiling Resource",
|
|
75760
|
+
"tactic": "Detect"
|
|
75761
|
+
},
|
|
75762
|
+
{
|
|
75763
|
+
"id": "D3-NI",
|
|
75764
|
+
"name": "Network Isolation",
|
|
75765
|
+
"tactic": "Isolate"
|
|
75766
|
+
},
|
|
75767
|
+
{
|
|
75768
|
+
"id": "D3-NTA",
|
|
75769
|
+
"name": "Network Traffic Analysis",
|
|
75770
|
+
"tactic": "Detect"
|
|
75771
|
+
},
|
|
75772
|
+
{
|
|
75773
|
+
"id": "D3-NTPM",
|
|
75774
|
+
"name": "Network Traffic Policy Mapping",
|
|
75775
|
+
"tactic": "Model"
|
|
75776
|
+
}
|
|
75777
|
+
],
|
|
75778
|
+
"framework_gaps": [
|
|
75779
|
+
{
|
|
75780
|
+
"id": "ALL-AI-PIPELINE-INTEGRITY",
|
|
75781
|
+
"framework": "ALL",
|
|
75782
|
+
"control_name": "AI Pipeline Integrity"
|
|
75783
|
+
},
|
|
75784
|
+
{
|
|
75785
|
+
"id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
|
|
75786
|
+
"framework": "ALL",
|
|
75787
|
+
"control_name": "Prompt Injection as Access Control Failure"
|
|
75788
|
+
},
|
|
75789
|
+
{
|
|
75790
|
+
"id": "CMMC-2.0-Level-2",
|
|
75791
|
+
"framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
|
|
75792
|
+
"control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
|
|
75793
|
+
},
|
|
75794
|
+
{
|
|
75795
|
+
"id": "FedRAMP-Rev5-Moderate",
|
|
75796
|
+
"framework": "FedRAMP Rev 5 Moderate",
|
|
75797
|
+
"control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
|
|
75798
|
+
},
|
|
75799
|
+
{
|
|
75800
|
+
"id": "ISO-27001-2022-A.8.16",
|
|
75801
|
+
"framework": "ISO/IEC 27001:2022",
|
|
75802
|
+
"control_name": "Monitoring activities"
|
|
75803
|
+
},
|
|
75804
|
+
{
|
|
75805
|
+
"id": "ISO-27001-2022-A.8.28",
|
|
75806
|
+
"framework": "ISO/IEC 27001:2022",
|
|
75807
|
+
"control_name": "Secure coding"
|
|
75808
|
+
},
|
|
75809
|
+
{
|
|
75810
|
+
"id": "ISO-IEC-23894-2023-clause-7",
|
|
75811
|
+
"framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
|
|
75812
|
+
"control_name": "AI risk management process"
|
|
75813
|
+
},
|
|
75814
|
+
{
|
|
75815
|
+
"id": "ISO-IEC-42001-2023-clause-6.1.2",
|
|
75816
|
+
"framework": "ISO/IEC 42001:2023 (AI Management System)",
|
|
75817
|
+
"control_name": "AI risk assessment"
|
|
75818
|
+
},
|
|
75819
|
+
{
|
|
75820
|
+
"id": "NIST-800-218-SSDF",
|
|
75821
|
+
"framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
|
|
75822
|
+
"control_name": "Secure Software Development Framework"
|
|
75823
|
+
},
|
|
75824
|
+
{
|
|
75825
|
+
"id": "NIST-800-53-AC-2",
|
|
75826
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
75827
|
+
"control_name": "Account Management"
|
|
75828
|
+
},
|
|
75829
|
+
{
|
|
75830
|
+
"id": "NIST-800-53-CM-7",
|
|
75831
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
75832
|
+
"control_name": "Least Functionality"
|
|
75833
|
+
},
|
|
75834
|
+
{
|
|
75835
|
+
"id": "NIST-800-53-SC-7",
|
|
75836
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
75837
|
+
"control_name": "Boundary Protection"
|
|
75838
|
+
},
|
|
75839
|
+
{
|
|
75840
|
+
"id": "NIST-800-53-SI-12",
|
|
75841
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
75842
|
+
"control_name": "Information Management and Retention"
|
|
75843
|
+
},
|
|
75844
|
+
{
|
|
75845
|
+
"id": "NIST-800-53-SI-3",
|
|
75846
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
75847
|
+
"control_name": "Malicious Code Protection"
|
|
75848
|
+
},
|
|
75849
|
+
{
|
|
75850
|
+
"id": "NIST-AI-RMF-MEASURE-2.5",
|
|
75851
|
+
"framework": "NIST AI RMF 1.0",
|
|
75852
|
+
"control_name": "AI system to human interaction evaluation"
|
|
75853
|
+
},
|
|
75854
|
+
{
|
|
75855
|
+
"id": "OWASP-ASVS-v5.0-V14",
|
|
75856
|
+
"framework": "OWASP ASVS v5.0",
|
|
75857
|
+
"control_name": "Configuration verification"
|
|
75858
|
+
},
|
|
75859
|
+
{
|
|
75860
|
+
"id": "OWASP-LLM-Top-10-2025-LLM01",
|
|
75861
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
75862
|
+
"control_name": "Prompt Injection"
|
|
75863
|
+
},
|
|
75864
|
+
{
|
|
75865
|
+
"id": "OWASP-LLM-Top-10-2025-LLM02",
|
|
75866
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
75867
|
+
"control_name": "Sensitive Information Disclosure"
|
|
75868
|
+
},
|
|
75869
|
+
{
|
|
75870
|
+
"id": "OWASP-LLM-Top-10-2025-LLM08",
|
|
75871
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
75872
|
+
"control_name": "Vector and Embedding Weaknesses"
|
|
75873
|
+
},
|
|
75874
|
+
{
|
|
75875
|
+
"id": "SLSA-v1.0-Build-L3",
|
|
75876
|
+
"framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
|
|
75877
|
+
"control_name": "Hardened build platform with non-falsifiable provenance"
|
|
75878
|
+
},
|
|
75879
|
+
{
|
|
75880
|
+
"id": "SOC2-CC6-logical-access",
|
|
75881
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
75882
|
+
"control_name": "Logical and Physical Access Controls"
|
|
75883
|
+
},
|
|
75884
|
+
{
|
|
75885
|
+
"id": "SOC2-CC7-anomaly-detection",
|
|
75886
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
75887
|
+
"control_name": "System Operations — Threat and Vulnerability Management"
|
|
75888
|
+
}
|
|
75889
|
+
],
|
|
75890
|
+
"attack_refs": [
|
|
75891
|
+
"T1059",
|
|
75892
|
+
"T1068",
|
|
75893
|
+
"T1071",
|
|
75894
|
+
"T1078",
|
|
75895
|
+
"T1102",
|
|
75896
|
+
"T1190",
|
|
75897
|
+
"T1505",
|
|
75898
|
+
"T1565",
|
|
75899
|
+
"T1566",
|
|
75900
|
+
"T1566.001",
|
|
75901
|
+
"T1566.002",
|
|
75902
|
+
"T1566.003",
|
|
75903
|
+
"T1567",
|
|
75904
|
+
"T1568",
|
|
75905
|
+
"T1610",
|
|
75906
|
+
"T1611"
|
|
75907
|
+
],
|
|
75908
|
+
"rfc_refs": [
|
|
75909
|
+
"RFC-6749",
|
|
75910
|
+
"RFC-7519",
|
|
75911
|
+
"RFC-8032",
|
|
75912
|
+
"RFC-8446",
|
|
75913
|
+
"RFC-8725",
|
|
75914
|
+
"RFC-9000",
|
|
75915
|
+
"RFC-9114",
|
|
75916
|
+
"RFC-9180",
|
|
75917
|
+
"RFC-9421",
|
|
75918
|
+
"RFC-9458",
|
|
75919
|
+
"RFC-9700"
|
|
75920
|
+
]
|
|
75921
|
+
}
|
|
75922
|
+
},
|
|
75261
75923
|
"CWE-20": {
|
|
75262
75924
|
"name": "Improper Input Validation",
|
|
75263
75925
|
"category": "Validation",
|
|
@@ -75591,9 +76253,11 @@
|
|
|
75591
76253
|
"CVE-2025-64496",
|
|
75592
76254
|
"CVE-2025-64513",
|
|
75593
76255
|
"CVE-2025-67818",
|
|
76256
|
+
"CVE-2025-68668",
|
|
75594
76257
|
"CVE-2025-6965",
|
|
75595
76258
|
"CVE-2025-8747",
|
|
75596
76259
|
"CVE-2026-0766",
|
|
76260
|
+
"CVE-2026-21858",
|
|
75597
76261
|
"CVE-2026-22218",
|
|
75598
76262
|
"CVE-2026-22252",
|
|
75599
76263
|
"CVE-2026-22688",
|
|
@@ -75829,7 +76493,9 @@
|
|
|
75829
76493
|
"CVE-2025-49844",
|
|
75830
76494
|
"CVE-2025-51480",
|
|
75831
76495
|
"CVE-2025-53773",
|
|
76496
|
+
"CVE-2025-68668",
|
|
75832
76497
|
"CVE-2025-6965",
|
|
76498
|
+
"CVE-2026-21858",
|
|
75833
76499
|
"CVE-2026-22218",
|
|
75834
76500
|
"CVE-2026-30615",
|
|
75835
76501
|
"CVE-2026-30623",
|
|
@@ -76035,9 +76701,11 @@
|
|
|
76035
76701
|
"CVE-2025-64496",
|
|
76036
76702
|
"CVE-2025-64513",
|
|
76037
76703
|
"CVE-2025-67818",
|
|
76704
|
+
"CVE-2025-68668",
|
|
76038
76705
|
"CVE-2025-6965",
|
|
76039
76706
|
"CVE-2025-8747",
|
|
76040
76707
|
"CVE-2026-0766",
|
|
76708
|
+
"CVE-2026-21858",
|
|
76041
76709
|
"CVE-2026-22218",
|
|
76042
76710
|
"CVE-2026-22252",
|
|
76043
76711
|
"CVE-2026-22688",
|
|
@@ -76254,9 +76922,11 @@
|
|
|
76254
76922
|
"CVE-2025-64496",
|
|
76255
76923
|
"CVE-2025-64513",
|
|
76256
76924
|
"CVE-2025-67818",
|
|
76925
|
+
"CVE-2025-68668",
|
|
76257
76926
|
"CVE-2025-6965",
|
|
76258
76927
|
"CVE-2025-8747",
|
|
76259
76928
|
"CVE-2026-0766",
|
|
76929
|
+
"CVE-2026-21858",
|
|
76260
76930
|
"CVE-2026-22218",
|
|
76261
76931
|
"CVE-2026-22252",
|
|
76262
76932
|
"CVE-2026-22688",
|
|
@@ -76487,9 +77157,11 @@
|
|
|
76487
77157
|
"CVE-2025-64496",
|
|
76488
77158
|
"CVE-2025-64513",
|
|
76489
77159
|
"CVE-2025-67818",
|
|
77160
|
+
"CVE-2025-68668",
|
|
76490
77161
|
"CVE-2025-6965",
|
|
76491
77162
|
"CVE-2025-8747",
|
|
76492
77163
|
"CVE-2026-0766",
|
|
77164
|
+
"CVE-2026-21858",
|
|
76493
77165
|
"CVE-2026-22218",
|
|
76494
77166
|
"CVE-2026-22252",
|
|
76495
77167
|
"CVE-2026-22688",
|
|
@@ -76834,10 +77506,12 @@
|
|
|
76834
77506
|
"CVE-2025-64496",
|
|
76835
77507
|
"CVE-2025-64513",
|
|
76836
77508
|
"CVE-2025-67818",
|
|
77509
|
+
"CVE-2025-68668",
|
|
76837
77510
|
"CVE-2025-69286",
|
|
76838
77511
|
"CVE-2025-6965",
|
|
76839
77512
|
"CVE-2025-8747",
|
|
76840
77513
|
"CVE-2026-0766",
|
|
77514
|
+
"CVE-2026-21858",
|
|
76841
77515
|
"CVE-2026-22218",
|
|
76842
77516
|
"CVE-2026-22219",
|
|
76843
77517
|
"CVE-2026-22252",
|
|
@@ -77608,7 +78282,9 @@
|
|
|
77608
78282
|
"CVE-2025-53767",
|
|
77609
78283
|
"CVE-2025-53773",
|
|
77610
78284
|
"CVE-2025-56520",
|
|
78285
|
+
"CVE-2025-68668",
|
|
77611
78286
|
"CVE-2025-6965",
|
|
78287
|
+
"CVE-2026-21858",
|
|
77612
78288
|
"CVE-2026-22218",
|
|
77613
78289
|
"CVE-2026-22219",
|
|
77614
78290
|
"CVE-2026-30615",
|
|
@@ -78029,9 +78705,11 @@
|
|
|
78029
78705
|
"CVE-2025-64496",
|
|
78030
78706
|
"CVE-2025-64513",
|
|
78031
78707
|
"CVE-2025-67818",
|
|
78708
|
+
"CVE-2025-68668",
|
|
78032
78709
|
"CVE-2025-6965",
|
|
78033
78710
|
"CVE-2025-8747",
|
|
78034
78711
|
"CVE-2026-0766",
|
|
78712
|
+
"CVE-2026-21858",
|
|
78035
78713
|
"CVE-2026-22218",
|
|
78036
78714
|
"CVE-2026-22252",
|
|
78037
78715
|
"CVE-2026-22688",
|
|
@@ -78687,9 +79365,11 @@
|
|
|
78687
79365
|
"CVE-2025-64496",
|
|
78688
79366
|
"CVE-2025-64513",
|
|
78689
79367
|
"CVE-2025-67818",
|
|
79368
|
+
"CVE-2025-68668",
|
|
78690
79369
|
"CVE-2025-6965",
|
|
78691
79370
|
"CVE-2025-8747",
|
|
78692
79371
|
"CVE-2026-0766",
|
|
79372
|
+
"CVE-2026-21858",
|
|
78693
79373
|
"CVE-2026-22218",
|
|
78694
79374
|
"CVE-2026-22252",
|
|
78695
79375
|
"CVE-2026-22688",
|
|
@@ -79701,9 +80381,11 @@
|
|
|
79701
80381
|
"CVE-2025-64496",
|
|
79702
80382
|
"CVE-2025-64513",
|
|
79703
80383
|
"CVE-2025-67818",
|
|
80384
|
+
"CVE-2025-68668",
|
|
79704
80385
|
"CVE-2025-6965",
|
|
79705
80386
|
"CVE-2025-8747",
|
|
79706
80387
|
"CVE-2026-0766",
|
|
80388
|
+
"CVE-2026-21858",
|
|
79707
80389
|
"CVE-2026-22218",
|
|
79708
80390
|
"CVE-2026-22252",
|
|
79709
80391
|
"CVE-2026-22688",
|
|
@@ -80958,9 +81640,11 @@
|
|
|
80958
81640
|
"CVE-2025-64496",
|
|
80959
81641
|
"CVE-2025-64513",
|
|
80960
81642
|
"CVE-2025-67818",
|
|
81643
|
+
"CVE-2025-68668",
|
|
80961
81644
|
"CVE-2025-6965",
|
|
80962
81645
|
"CVE-2025-8747",
|
|
80963
81646
|
"CVE-2026-0766",
|
|
81647
|
+
"CVE-2026-21858",
|
|
80964
81648
|
"CVE-2026-22218",
|
|
80965
81649
|
"CVE-2026-22252",
|
|
80966
81650
|
"CVE-2026-22688",
|
|
@@ -81409,7 +82093,9 @@
|
|
|
81409
82093
|
"CVE-2025-3248",
|
|
81410
82094
|
"CVE-2025-3466",
|
|
81411
82095
|
"CVE-2025-51480",
|
|
82096
|
+
"CVE-2025-68668",
|
|
81412
82097
|
"CVE-2025-6965",
|
|
82098
|
+
"CVE-2026-21858",
|
|
81413
82099
|
"CVE-2026-22218",
|
|
81414
82100
|
"CVE-2026-30615",
|
|
81415
82101
|
"CVE-2026-30623",
|
|
@@ -82400,9 +83086,11 @@
|
|
|
82400
83086
|
"CVE-2025-64496",
|
|
82401
83087
|
"CVE-2025-64513",
|
|
82402
83088
|
"CVE-2025-67818",
|
|
83089
|
+
"CVE-2025-68668",
|
|
82403
83090
|
"CVE-2025-6965",
|
|
82404
83091
|
"CVE-2025-8747",
|
|
82405
83092
|
"CVE-2026-0766",
|
|
83093
|
+
"CVE-2026-21858",
|
|
82406
83094
|
"CVE-2026-22218",
|
|
82407
83095
|
"CVE-2026-22252",
|
|
82408
83096
|
"CVE-2026-22688",
|
|
@@ -82922,6 +83610,7 @@
|
|
|
82922
83610
|
"CVE-2025-68461",
|
|
82923
83611
|
"CVE-2025-68613",
|
|
82924
83612
|
"CVE-2025-68645",
|
|
83613
|
+
"CVE-2025-68668",
|
|
82925
83614
|
"CVE-2025-6965",
|
|
82926
83615
|
"CVE-2025-7775",
|
|
82927
83616
|
"CVE-2025-8088",
|
|
@@ -82955,6 +83644,7 @@
|
|
|
82955
83644
|
"CVE-2026-21525",
|
|
82956
83645
|
"CVE-2026-21533",
|
|
82957
83646
|
"CVE-2026-21643",
|
|
83647
|
+
"CVE-2026-21858",
|
|
82958
83648
|
"CVE-2026-22218",
|
|
82959
83649
|
"CVE-2026-22252",
|
|
82960
83650
|
"CVE-2026-22688",
|
|
@@ -83715,7 +84405,9 @@
|
|
|
83715
84405
|
"CVE-2025-49844",
|
|
83716
84406
|
"CVE-2025-51480",
|
|
83717
84407
|
"CVE-2025-53773",
|
|
84408
|
+
"CVE-2025-68668",
|
|
83718
84409
|
"CVE-2025-6965",
|
|
84410
|
+
"CVE-2026-21858",
|
|
83719
84411
|
"CVE-2026-22218",
|
|
83720
84412
|
"CVE-2026-30615",
|
|
83721
84413
|
"CVE-2026-30623",
|
|
@@ -84017,7 +84709,9 @@
|
|
|
84017
84709
|
"CVE-2025-3466",
|
|
84018
84710
|
"CVE-2025-51480",
|
|
84019
84711
|
"CVE-2025-53773",
|
|
84712
|
+
"CVE-2025-68668",
|
|
84020
84713
|
"CVE-2025-6965",
|
|
84714
|
+
"CVE-2026-21858",
|
|
84021
84715
|
"CVE-2026-22218",
|
|
84022
84716
|
"CVE-2026-30615",
|
|
84023
84717
|
"CVE-2026-30623",
|
|
@@ -84395,9 +85089,11 @@
|
|
|
84395
85089
|
"CVE-2025-64496",
|
|
84396
85090
|
"CVE-2025-64513",
|
|
84397
85091
|
"CVE-2025-67818",
|
|
85092
|
+
"CVE-2025-68668",
|
|
84398
85093
|
"CVE-2025-6965",
|
|
84399
85094
|
"CVE-2025-8747",
|
|
84400
85095
|
"CVE-2026-0766",
|
|
85096
|
+
"CVE-2026-21858",
|
|
84401
85097
|
"CVE-2026-22218",
|
|
84402
85098
|
"CVE-2026-22252",
|
|
84403
85099
|
"CVE-2026-22688",
|
|
@@ -84762,10 +85458,12 @@
|
|
|
84762
85458
|
"CVE-2025-64496",
|
|
84763
85459
|
"CVE-2025-64513",
|
|
84764
85460
|
"CVE-2025-67818",
|
|
85461
|
+
"CVE-2025-68668",
|
|
84765
85462
|
"CVE-2025-69286",
|
|
84766
85463
|
"CVE-2025-6965",
|
|
84767
85464
|
"CVE-2025-8747",
|
|
84768
85465
|
"CVE-2026-0766",
|
|
85466
|
+
"CVE-2026-21858",
|
|
84769
85467
|
"CVE-2026-22218",
|
|
84770
85468
|
"CVE-2026-22219",
|
|
84771
85469
|
"CVE-2026-22252",
|
|
@@ -84971,7 +85669,9 @@
|
|
|
84971
85669
|
"CVE-2025-49844",
|
|
84972
85670
|
"CVE-2025-51480",
|
|
84973
85671
|
"CVE-2025-53773",
|
|
85672
|
+
"CVE-2025-68668",
|
|
84974
85673
|
"CVE-2025-6965",
|
|
85674
|
+
"CVE-2026-21858",
|
|
84975
85675
|
"CVE-2026-22218",
|
|
84976
85676
|
"CVE-2026-30615",
|
|
84977
85677
|
"CVE-2026-30623",
|
|
@@ -85747,9 +86447,11 @@
|
|
|
85747
86447
|
"CVE-2025-64496",
|
|
85748
86448
|
"CVE-2025-64513",
|
|
85749
86449
|
"CVE-2025-67818",
|
|
86450
|
+
"CVE-2025-68668",
|
|
85750
86451
|
"CVE-2025-6965",
|
|
85751
86452
|
"CVE-2025-8747",
|
|
85752
86453
|
"CVE-2026-0766",
|
|
86454
|
+
"CVE-2026-21858",
|
|
85753
86455
|
"CVE-2026-22218",
|
|
85754
86456
|
"CVE-2026-22252",
|
|
85755
86457
|
"CVE-2026-22688",
|
|
@@ -86105,10 +86807,12 @@
|
|
|
86105
86807
|
"CVE-2025-64496",
|
|
86106
86808
|
"CVE-2025-64513",
|
|
86107
86809
|
"CVE-2025-67818",
|
|
86810
|
+
"CVE-2025-68668",
|
|
86108
86811
|
"CVE-2025-69286",
|
|
86109
86812
|
"CVE-2025-6965",
|
|
86110
86813
|
"CVE-2025-8747",
|
|
86111
86814
|
"CVE-2026-0766",
|
|
86815
|
+
"CVE-2026-21858",
|
|
86112
86816
|
"CVE-2026-22218",
|
|
86113
86817
|
"CVE-2026-22219",
|
|
86114
86818
|
"CVE-2026-22252",
|