@blamejs/exceptd-skills 0.13.123 → 0.13.125
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/data/_indexes/_meta.json +9 -9
- package/data/_indexes/activity-feed.json +2 -2
- package/data/_indexes/catalog-summaries.json +2 -2
- package/data/_indexes/chains.json +989 -0
- package/data/atlas-ttps.json +4 -1
- package/data/attack-techniques.json +7 -2
- package/data/cve-catalog.json +305 -0
- package/data/cwe-catalog.json +5 -2
- package/data/framework-control-gaps.json +35 -11
- package/data/zeroday-lessons.json +150 -0
- package/manifest.json +44 -44
- package/package.json +1 -1
- package/sbom.cdx.json +24 -24
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,13 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 0.13.125 — 2026-05-26
|
|
4
|
+
|
|
5
|
+
CVE catalog — SGLang unauthenticated IPC-deserialization RCE cluster. Adds two unauthenticated RCEs in SGLang (lmsys), the unauth siblings of the already-catalogued authenticated weight-update flaw. **CVE-2026-3059** (CNA CVSS v3.1 9.8) — the multimodal generation module's ZMQ broker deserializes untrusted serialized objects from unauthenticated peers (CWE-502). **CVE-2026-3060** (CNA CVSS v3.1 9.8) — the encoder-parallel disaggregation module does the same. Both yield unauthenticated remote code execution on the serving host and are fixed in 0.5.10 (PR #20904). Both reuse the AI-inference IPC deserialization-safety control (NEW-CTRL-086), shared with the vLLM ZeroMQ-transport and TensorRT-LLM deserialization class — the lesson being that inference-engine IPC channels must use a safe serializer + peer authentication and never deserialize untrusted objects. CVE count 417 → 419.
|
|
6
|
+
|
|
7
|
+
## 0.13.124 — 2026-05-26
|
|
8
|
+
|
|
9
|
+
CVE catalog — stable-diffusion-webui (AUTOMATIC1111). Adds **CVE-2024-31462** in the most widely deployed Stable Diffusion web UI. The Backup/Restore tab (`save_config_state` in `modules/ui_extensions.py`) builds a file path from an unvalidated user-supplied config-state name and opens it for writing, yielding a limited file write (JSON files to arbitrary locations) on Windows (CWE-22; GitHub CNA CVSS v3.1 6.3; GHSL-2024-010). The advisory tested 1.7.0, but the CVE/OSV record marks releases through 1.8.0 as affected — fixed by commit `d9708c92`, so upgrading 1.7.0 → 1.8.0 is **not** sufficient. Reuses the AI-runtime-API path-traversal validation control (NEW-CTRL-094). CVE count 416 → 417.
|
|
10
|
+
|
|
3
11
|
## 0.13.123 — 2026-05-26
|
|
4
12
|
|
|
5
13
|
CVE catalog — n8n AI-workflow / automation platform. Adds two flaws in n8n (joining the already-catalogued CVE-2025-68613 expression-injection RCE). **CVE-2026-21858** (GitHub CNA CVSS v3.1 10.0 CRITICAL) — versions 1.65.0 to before 1.121.0 let an unauthenticated attacker access files on the underlying server through form-based actions with no path confinement (CWE-20); fixed in 1.121.0. On locally deployed instances the public exploit chains the read into host RCE — read the DB/config, forge an admin session, then run host commands via the Execute Command node — so the entry maps command-execution and valid-accounts TTPs alongside the file read. Reuses the AI-runtime-API path-traversal validation control (NEW-CTRL-094). **CVE-2025-68668** (CVSS v3.1 9.9) — the Python Code Node's Pyodide sandbox is bypassable, so an authenticated workflow editor runs code with host privileges (CWE-693 protection-mechanism failure); fixed in 2.0.0. Reuses the AI-app-builder execution-endpoint auth-and-sandbox control (NEW-CTRL-103), shared with the Dify code-node escape and Langflow/Flowise RCEs. CVE count 414 → 416.
|
package/data/_indexes/_meta.json
CHANGED
|
@@ -1,21 +1,21 @@
|
|
|
1
1
|
{
|
|
2
2
|
"schema_version": "1.1.0",
|
|
3
|
-
"generated_at": "2026-05-
|
|
3
|
+
"generated_at": "2026-05-27T04:15:58.535Z",
|
|
4
4
|
"generator": "scripts/build-indexes.js",
|
|
5
5
|
"source_count": 54,
|
|
6
6
|
"source_hashes": {
|
|
7
|
-
"manifest.json": "
|
|
8
|
-
"data/atlas-ttps.json": "
|
|
9
|
-
"data/attack-techniques.json": "
|
|
10
|
-
"data/cve-catalog.json": "
|
|
11
|
-
"data/cwe-catalog.json": "
|
|
7
|
+
"manifest.json": "a8415701ba891fb5e1b56c524904e9b89802a59780c50e4c5801ad1e4db2342e",
|
|
8
|
+
"data/atlas-ttps.json": "c4b9d4b255487178e2d59ed6d810ce96f209d5d0ea4ae1058a1294a44a1bab2c",
|
|
9
|
+
"data/attack-techniques.json": "1a222638d3d891f351f13828d0c40ef6dcdfdd519a62f6d84b30ad0746b43c8e",
|
|
10
|
+
"data/cve-catalog.json": "6a034fdbeba5c02addd45146a15f0ef873aaf29527fe35281d080377c862d17e",
|
|
11
|
+
"data/cwe-catalog.json": "485da92f07bad66ddd102411d18207428239953e76d01a1d1747b56ac61111e3",
|
|
12
12
|
"data/d3fend-catalog.json": "9a54bccb9f24f84b32024216cc3f53819a053721ac8ab43c326859e68fc0ffaf",
|
|
13
13
|
"data/dlp-controls.json": "d2406c482dddd30e49203879999dc4b3a7fd4d0494d6a61d86b91ee76415df19",
|
|
14
14
|
"data/exploit-availability.json": "ec2656f0d9a893610e27b43eb6035fe9b18e057c9f6dfaac7e7d4959bbcbb795",
|
|
15
|
-
"data/framework-control-gaps.json": "
|
|
15
|
+
"data/framework-control-gaps.json": "200699db68ae9a380a88795a8388c579fb6eb4d3a5fbcd5012486031efe764c4",
|
|
16
16
|
"data/global-frameworks.json": "9ba563a85f7f8d6c3c957de64945e20925a89d0ed6ea6fc561cf093811acf558",
|
|
17
17
|
"data/rfc-references.json": "66ef2e1f444a2cf0c2700a754f0a66030bb8a91d9e68394b9537ea1fe8b904fe",
|
|
18
|
-
"data/zeroday-lessons.json": "
|
|
18
|
+
"data/zeroday-lessons.json": "c33e68f1f4a67ac67ebe3acd1bf7bc584cf241f3627df1a90ad99315fbbeb2b0",
|
|
19
19
|
"skills/kernel-lpe-triage/skill.md": "08b3e9815ba481c57c80f5fc0ccbf5bb7cbb41f570c235ba6ff9596b8c07354d",
|
|
20
20
|
"skills/ai-attack-surface/skill.md": "c4c1eb22a38ca7a959b5725222bab8fbd4f4044a548a93f3e288e6f698334b72",
|
|
21
21
|
"skills/mcp-agent-trust/skill.md": "89ac89084391d2341b6513fefb1be2d36b93de1c130f057696219c1c59440f13",
|
|
@@ -72,7 +72,7 @@
|
|
|
72
72
|
"dlp_refs": 0
|
|
73
73
|
},
|
|
74
74
|
"trigger_table_entries": 538,
|
|
75
|
-
"chains_cve_entries":
|
|
75
|
+
"chains_cve_entries": 408,
|
|
76
76
|
"chains_cwe_entries": 172,
|
|
77
77
|
"jurisdictions_indexed": 29,
|
|
78
78
|
"handoff_dag_nodes": 42,
|
|
@@ -149,7 +149,7 @@
|
|
|
149
149
|
"artifact": "data/cve-catalog.json",
|
|
150
150
|
"path": "data/cve-catalog.json",
|
|
151
151
|
"schema_version": "1.0.0",
|
|
152
|
-
"entry_count":
|
|
152
|
+
"entry_count": 419
|
|
153
153
|
},
|
|
154
154
|
{
|
|
155
155
|
"date": "2026-05-18",
|
|
@@ -165,7 +165,7 @@
|
|
|
165
165
|
"artifact": "data/zeroday-lessons.json",
|
|
166
166
|
"path": "data/zeroday-lessons.json",
|
|
167
167
|
"schema_version": "1.1.0",
|
|
168
|
-
"entry_count":
|
|
168
|
+
"entry_count": 414
|
|
169
169
|
},
|
|
170
170
|
{
|
|
171
171
|
"date": "2026-05-17",
|
|
@@ -62,7 +62,7 @@
|
|
|
62
62
|
"rebuild_after_days": 365,
|
|
63
63
|
"note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
|
|
64
64
|
},
|
|
65
|
-
"entry_count":
|
|
65
|
+
"entry_count": 419,
|
|
66
66
|
"sample_keys": [
|
|
67
67
|
"CVE-2025-53773",
|
|
68
68
|
"CVE-2026-30615",
|
|
@@ -238,7 +238,7 @@
|
|
|
238
238
|
"rebuild_after_days": 365,
|
|
239
239
|
"note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
|
|
240
240
|
},
|
|
241
|
-
"entry_count":
|
|
241
|
+
"entry_count": 414,
|
|
242
242
|
"sample_keys": [
|
|
243
243
|
"CVE-2026-31431",
|
|
244
244
|
"CVE-2025-53773",
|