@blamejs/exceptd-skills 0.13.123 → 0.13.125

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +8 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +989 -0
  6. package/data/atlas-ttps.json +4 -1
  7. package/data/attack-techniques.json +7 -2
  8. package/data/cve-catalog.json +305 -0
  9. package/data/cwe-catalog.json +5 -2
  10. package/data/framework-control-gaps.json +35 -11
  11. package/data/zeroday-lessons.json +150 -0
  12. package/manifest.json +44 -44
  13. package/package.json +1 -1
  14. package/sbom.cdx.json +24 -24
package/data/_indexes/chains.json CHANGED
@@ -75920,6 +75920,954 @@
75920
75920
  ]
75921
75921
  }
75922
75922
  },
75923
+ "CVE-2024-31462": {
75924
+ "name": "stable-diffusion-webui Backup/Restore Limited File Write (Path Traversal)",
75925
+ "rwep": 17,
75926
+ "cvss": 6.3,
75927
+ "cisa_kev": false,
75928
+ "epss_score": 0.00245,
75929
+ "referencing_skills": [
75930
+ "ai-attack-surface",
75931
+ "compliance-theater",
75932
+ "rag-pipeline-security",
75933
+ "threat-modeling-methodology",
75934
+ "webapp-security",
75935
+ "api-security",
75936
+ "container-runtime-security"
75937
+ ],
75938
+ "chain": {
75939
+ "cwes": [
75940
+ {
75941
+ "id": "CWE-1039",
75942
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
75943
+ "category": "AI/ML"
75944
+ },
75945
+ {
75946
+ "id": "CWE-1188",
75947
+ "name": "Initialization of a Resource with an Insecure Default",
75948
+ "category": "Configuration"
75949
+ },
75950
+ {
75951
+ "id": "CWE-1395",
75952
+ "name": "Dependency on Vulnerable Third-Party Component",
75953
+ "category": "Supply Chain"
75954
+ },
75955
+ {
75956
+ "id": "CWE-1426",
75957
+ "name": "Improper Validation of Generative AI Output",
75958
+ "category": "AI/ML"
75959
+ },
75960
+ {
75961
+ "id": "CWE-200",
75962
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
75963
+ "category": "Information Exposure"
75964
+ },
75965
+ {
75966
+ "id": "CWE-22",
75967
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
75968
+ "category": "Path/Resource"
75969
+ },
75970
+ {
75971
+ "id": "CWE-269",
75972
+ "name": "Improper Privilege Management",
75973
+ "category": "Authorization"
75974
+ },
75975
+ {
75976
+ "id": "CWE-287",
75977
+ "name": "Improper Authentication",
75978
+ "category": "Authentication"
75979
+ },
75980
+ {
75981
+ "id": "CWE-352",
75982
+ "name": "Cross-Site Request Forgery (CSRF)",
75983
+ "category": "Session"
75984
+ },
75985
+ {
75986
+ "id": "CWE-434",
75987
+ "name": "Unrestricted Upload of File with Dangerous Type",
75988
+ "category": "File Handling"
75989
+ },
75990
+ {
75991
+ "id": "CWE-502",
75992
+ "name": "Deserialization of Untrusted Data",
75993
+ "category": "Serialization"
75994
+ },
75995
+ {
75996
+ "id": "CWE-732",
75997
+ "name": "Incorrect Permission Assignment for Critical Resource",
75998
+ "category": "Authorization"
75999
+ },
76000
+ {
76001
+ "id": "CWE-77",
76002
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
76003
+ "category": "Injection"
76004
+ },
76005
+ {
76006
+ "id": "CWE-78",
76007
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
76008
+ "category": "Injection"
76009
+ },
76010
+ {
76011
+ "id": "CWE-787",
76012
+ "name": "Out-of-bounds Write",
76013
+ "category": "Memory Safety"
76014
+ },
76015
+ {
76016
+ "id": "CWE-79",
76017
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
76018
+ "category": "Injection"
76019
+ },
76020
+ {
76021
+ "id": "CWE-862",
76022
+ "name": "Missing Authorization",
76023
+ "category": "Authorization"
76024
+ },
76025
+ {
76026
+ "id": "CWE-863",
76027
+ "name": "Incorrect Authorization",
76028
+ "category": "Authorization"
76029
+ },
76030
+ {
76031
+ "id": "CWE-89",
76032
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
76033
+ "category": "Injection"
76034
+ },
76035
+ {
76036
+ "id": "CWE-918",
76037
+ "name": "Server-Side Request Forgery (SSRF)",
76038
+ "category": "Network"
76039
+ },
76040
+ {
76041
+ "id": "CWE-94",
76042
+ "name": "Improper Control of Generation of Code (Code Injection)",
76043
+ "category": "Injection"
76044
+ }
76045
+ ],
76046
+ "atlas": [
76047
+ {
76048
+ "id": "AML.T0010",
76049
+ "name": "ML Supply Chain Compromise",
76050
+ "tactic": "Initial Access"
76051
+ },
76052
+ {
76053
+ "id": "AML.T0016",
76054
+ "name": "Obtain Capabilities: Develop Capabilities",
76055
+ "tactic": "Resource Development"
76056
+ },
76057
+ {
76058
+ "id": "AML.T0017",
76059
+ "name": "Discover ML Model Ontology",
76060
+ "tactic": "Discovery"
76061
+ },
76062
+ {
76063
+ "id": "AML.T0018",
76064
+ "name": "Backdoor ML Model",
76065
+ "tactic": "Persistence"
76066
+ },
76067
+ {
76068
+ "id": "AML.T0020",
76069
+ "name": "Poison Training Data",
76070
+ "tactic": "ML Attack Staging"
76071
+ },
76072
+ {
76073
+ "id": "AML.T0043",
76074
+ "name": "Craft Adversarial Data",
76075
+ "tactic": "ML Attack Staging"
76076
+ },
76077
+ {
76078
+ "id": "AML.T0051",
76079
+ "name": "LLM Prompt Injection",
76080
+ "tactic": "Execution"
76081
+ },
76082
+ {
76083
+ "id": "AML.T0054",
76084
+ "name": "LLM Jailbreak",
76085
+ "tactic": "Defense Evasion"
76086
+ },
76087
+ {
76088
+ "id": "AML.T0096",
76089
+ "name": "AI API as Covert C2 Channel",
76090
+ "tactic": "Command and Control"
76091
+ }
76092
+ ],
76093
+ "d3fend": [
76094
+ {
76095
+ "id": "D3-CSPP",
76096
+ "name": "Client-server Payload Profiling",
76097
+ "tactic": "Detect"
76098
+ },
76099
+ {
76100
+ "id": "D3-IOPR",
76101
+ "name": "Input/Output Profiling Resource",
76102
+ "tactic": "Detect"
76103
+ },
76104
+ {
76105
+ "id": "D3-NTA",
76106
+ "name": "Network Traffic Analysis",
76107
+ "tactic": "Detect"
76108
+ }
76109
+ ],
76110
+ "framework_gaps": [
76111
+ {
76112
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
76113
+ "framework": "ALL",
76114
+ "control_name": "AI Pipeline Integrity"
76115
+ },
76116
+ {
76117
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
76118
+ "framework": "ALL",
76119
+ "control_name": "Prompt Injection as Access Control Failure"
76120
+ },
76121
+ {
76122
+ "id": "CMMC-2.0-Level-2",
76123
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
76124
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
76125
+ },
76126
+ {
76127
+ "id": "FedRAMP-Rev5-Moderate",
76128
+ "framework": "FedRAMP Rev 5 Moderate",
76129
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
76130
+ },
76131
+ {
76132
+ "id": "ISO-27001-2022-A.8.28",
76133
+ "framework": "ISO/IEC 27001:2022",
76134
+ "control_name": "Secure coding"
76135
+ },
76136
+ {
76137
+ "id": "ISO-IEC-23894-2023-clause-7",
76138
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
76139
+ "control_name": "AI risk management process"
76140
+ },
76141
+ {
76142
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
76143
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
76144
+ "control_name": "AI risk assessment"
76145
+ },
76146
+ {
76147
+ "id": "NIST-800-218-SSDF",
76148
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
76149
+ "control_name": "Secure Software Development Framework"
76150
+ },
76151
+ {
76152
+ "id": "NIST-800-53-AC-2",
76153
+ "framework": "NIST SP 800-53 Rev 5",
76154
+ "control_name": "Account Management"
76155
+ },
76156
+ {
76157
+ "id": "NIST-800-53-CM-7",
76158
+ "framework": "NIST SP 800-53 Rev 5",
76159
+ "control_name": "Least Functionality"
76160
+ },
76161
+ {
76162
+ "id": "NIST-800-53-SI-12",
76163
+ "framework": "NIST SP 800-53 Rev 5",
76164
+ "control_name": "Information Management and Retention"
76165
+ },
76166
+ {
76167
+ "id": "NIST-800-53-SI-3",
76168
+ "framework": "NIST SP 800-53 Rev 5",
76169
+ "control_name": "Malicious Code Protection"
76170
+ },
76171
+ {
76172
+ "id": "NIST-AI-RMF-MEASURE-2.5",
76173
+ "framework": "NIST AI RMF 1.0",
76174
+ "control_name": "AI system to human interaction evaluation"
76175
+ },
76176
+ {
76177
+ "id": "OWASP-ASVS-v5.0-V14",
76178
+ "framework": "OWASP ASVS v5.0",
76179
+ "control_name": "Configuration verification"
76180
+ },
76181
+ {
76182
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
76183
+ "framework": "OWASP Top 10 for LLM Applications 2025",
76184
+ "control_name": "Prompt Injection"
76185
+ },
76186
+ {
76187
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
76188
+ "framework": "OWASP Top 10 for LLM Applications 2025",
76189
+ "control_name": "Sensitive Information Disclosure"
76190
+ },
76191
+ {
76192
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
76193
+ "framework": "OWASP Top 10 for LLM Applications 2025",
76194
+ "control_name": "Vector and Embedding Weaknesses"
76195
+ },
76196
+ {
76197
+ "id": "SLSA-v1.0-Build-L3",
76198
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
76199
+ "control_name": "Hardened build platform with non-falsifiable provenance"
76200
+ },
76201
+ {
76202
+ "id": "SOC2-CC6-logical-access",
76203
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
76204
+ "control_name": "Logical and Physical Access Controls"
76205
+ }
76206
+ ],
76207
+ "attack_refs": [
76208
+ "T1059",
76209
+ "T1068",
76210
+ "T1078",
76211
+ "T1190",
76212
+ "T1505",
76213
+ "T1565",
76214
+ "T1566",
76215
+ "T1567",
76216
+ "T1610",
76217
+ "T1611"
76218
+ ],
76219
+ "rfc_refs": [
76220
+ "RFC-6749",
76221
+ "RFC-7519",
76222
+ "RFC-8032",
76223
+ "RFC-8446",
76224
+ "RFC-8725",
76225
+ "RFC-9114",
76226
+ "RFC-9421",
76227
+ "RFC-9700"
76228
+ ]
76229
+ }
76230
+ },
76231
+ "CVE-2026-3059": {
76232
+ "name": "SGLang Multimodal-Generation ZMQ Broker Unauthenticated Deserialization RCE",
76233
+ "rwep": 31,
76234
+ "cvss": 9.8,
76235
+ "cisa_kev": false,
76236
+ "epss_score": 0.01945,
76237
+ "referencing_skills": [
76238
+ "kernel-lpe-triage",
76239
+ "ai-attack-surface",
76240
+ "compliance-theater",
76241
+ "ai-c2-detection",
76242
+ "dlp-gap-analysis",
76243
+ "coordinated-vuln-disclosure"
76244
+ ],
76245
+ "chain": {
76246
+ "cwes": [
76247
+ {
76248
+ "id": "CWE-1039",
76249
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
76250
+ "category": "AI/ML"
76251
+ },
76252
+ {
76253
+ "id": "CWE-125",
76254
+ "name": "Out-of-bounds Read",
76255
+ "category": "Memory Safety"
76256
+ },
76257
+ {
76258
+ "id": "CWE-1357",
76259
+ "name": "Reliance on Insufficiently Trustworthy Component",
76260
+ "category": "Supply Chain"
76261
+ },
76262
+ {
76263
+ "id": "CWE-1426",
76264
+ "name": "Improper Validation of Generative AI Output",
76265
+ "category": "AI/ML"
76266
+ },
76267
+ {
76268
+ "id": "CWE-200",
76269
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
76270
+ "category": "Information Exposure"
76271
+ },
76272
+ {
76273
+ "id": "CWE-362",
76274
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
76275
+ "category": "Concurrency"
76276
+ },
76277
+ {
76278
+ "id": "CWE-416",
76279
+ "name": "Use After Free",
76280
+ "category": "Memory Safety"
76281
+ },
76282
+ {
76283
+ "id": "CWE-672",
76284
+ "name": "Operation on a Resource after Expiration or Release",
76285
+ "category": "Memory Safety"
76286
+ },
76287
+ {
76288
+ "id": "CWE-787",
76289
+ "name": "Out-of-bounds Write",
76290
+ "category": "Memory Safety"
76291
+ },
76292
+ {
76293
+ "id": "CWE-94",
76294
+ "name": "Improper Control of Generation of Code (Code Injection)",
76295
+ "category": "Injection"
76296
+ }
76297
+ ],
76298
+ "atlas": [
76299
+ {
76300
+ "id": "AML.T0016",
76301
+ "name": "Obtain Capabilities: Develop Capabilities",
76302
+ "tactic": "Resource Development"
76303
+ },
76304
+ {
76305
+ "id": "AML.T0017",
76306
+ "name": "Discover ML Model Ontology",
76307
+ "tactic": "Discovery"
76308
+ },
76309
+ {
76310
+ "id": "AML.T0018",
76311
+ "name": "Backdoor ML Model",
76312
+ "tactic": "Persistence"
76313
+ },
76314
+ {
76315
+ "id": "AML.T0020",
76316
+ "name": "Poison Training Data",
76317
+ "tactic": "ML Attack Staging"
76318
+ },
76319
+ {
76320
+ "id": "AML.T0043",
76321
+ "name": "Craft Adversarial Data",
76322
+ "tactic": "ML Attack Staging"
76323
+ },
76324
+ {
76325
+ "id": "AML.T0051",
76326
+ "name": "LLM Prompt Injection",
76327
+ "tactic": "Execution"
76328
+ },
76329
+ {
76330
+ "id": "AML.T0054",
76331
+ "name": "LLM Jailbreak",
76332
+ "tactic": "Defense Evasion"
76333
+ },
76334
+ {
76335
+ "id": "AML.T0096",
76336
+ "name": "AI API as Covert C2 Channel",
76337
+ "tactic": "Command and Control"
76338
+ }
76339
+ ],
76340
+ "d3fend": [
76341
+ {
76342
+ "id": "D3-ASLR",
76343
+ "name": "Address Space Layout Randomization",
76344
+ "tactic": "Harden"
76345
+ },
76346
+ {
76347
+ "id": "D3-CA",
76348
+ "name": "Certificate Analysis",
76349
+ "tactic": "Detect"
76350
+ },
76351
+ {
76352
+ "id": "D3-CSPP",
76353
+ "name": "Client-server Payload Profiling",
76354
+ "tactic": "Detect"
76355
+ },
76356
+ {
76357
+ "id": "D3-DA",
76358
+ "name": "Domain Analysis",
76359
+ "tactic": "Detect"
76360
+ },
76361
+ {
76362
+ "id": "D3-EAL",
76363
+ "name": "Executable Allowlisting",
76364
+ "tactic": "Harden"
76365
+ },
76366
+ {
76367
+ "id": "D3-IOPR",
76368
+ "name": "Input/Output Profiling Resource",
76369
+ "tactic": "Detect"
76370
+ },
76371
+ {
76372
+ "id": "D3-NI",
76373
+ "name": "Network Isolation",
76374
+ "tactic": "Isolate"
76375
+ },
76376
+ {
76377
+ "id": "D3-NTA",
76378
+ "name": "Network Traffic Analysis",
76379
+ "tactic": "Detect"
76380
+ },
76381
+ {
76382
+ "id": "D3-NTPM",
76383
+ "name": "Network Traffic Policy Mapping",
76384
+ "tactic": "Model"
76385
+ },
76386
+ {
76387
+ "id": "D3-PHRA",
76388
+ "name": "Process Hardware Resource Access",
76389
+ "tactic": "Isolate"
76390
+ },
76391
+ {
76392
+ "id": "D3-PSEP",
76393
+ "name": "Process Segment Execution Prevention",
76394
+ "tactic": "Harden"
76395
+ }
76396
+ ],
76397
+ "framework_gaps": [
76398
+ {
76399
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
76400
+ "framework": "ALL",
76401
+ "control_name": "AI Pipeline Integrity"
76402
+ },
76403
+ {
76404
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
76405
+ "framework": "ALL",
76406
+ "control_name": "Prompt Injection as Access Control Failure"
76407
+ },
76408
+ {
76409
+ "id": "CIS-Controls-v8-Control7",
76410
+ "framework": "CIS Controls v8",
76411
+ "control_name": "Continuous Vulnerability Management"
76412
+ },
76413
+ {
76414
+ "id": "CMMC-2.0-Level-2",
76415
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
76416
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
76417
+ },
76418
+ {
76419
+ "id": "FedRAMP-Rev5-Moderate",
76420
+ "framework": "FedRAMP Rev 5 Moderate",
76421
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
76422
+ },
76423
+ {
76424
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
76425
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
76426
+ "control_name": "Access control standard (technical safeguards)"
76427
+ },
76428
+ {
76429
+ "id": "ISO-27001-2022-A.8.16",
76430
+ "framework": "ISO/IEC 27001:2022",
76431
+ "control_name": "Monitoring activities"
76432
+ },
76433
+ {
76434
+ "id": "ISO-27001-2022-A.8.28",
76435
+ "framework": "ISO/IEC 27001:2022",
76436
+ "control_name": "Secure coding"
76437
+ },
76438
+ {
76439
+ "id": "ISO-27001-2022-A.8.8",
76440
+ "framework": "ISO/IEC 27001:2022",
76441
+ "control_name": "Management of technical vulnerabilities"
76442
+ },
76443
+ {
76444
+ "id": "ISO-IEC-23894-2023-clause-7",
76445
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
76446
+ "control_name": "AI risk management process"
76447
+ },
76448
+ {
76449
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
76450
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
76451
+ "control_name": "AI risk assessment"
76452
+ },
76453
+ {
76454
+ "id": "NIS2-Art21-patch-management",
76455
+ "framework": "EU NIS2 Directive",
76456
+ "control_name": "Vulnerability handling and disclosure"
76457
+ },
76458
+ {
76459
+ "id": "NIST-800-218-SSDF",
76460
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
76461
+ "control_name": "Secure Software Development Framework"
76462
+ },
76463
+ {
76464
+ "id": "NIST-800-53-AC-2",
76465
+ "framework": "NIST SP 800-53 Rev 5",
76466
+ "control_name": "Account Management"
76467
+ },
76468
+ {
76469
+ "id": "NIST-800-53-SC-28",
76470
+ "framework": "NIST SP 800-53 Rev 5",
76471
+ "control_name": "Protection of Information at Rest"
76472
+ },
76473
+ {
76474
+ "id": "NIST-800-53-SC-7",
76475
+ "framework": "NIST SP 800-53 Rev 5",
76476
+ "control_name": "Boundary Protection"
76477
+ },
76478
+ {
76479
+ "id": "NIST-800-53-SC-8",
76480
+ "framework": "NIST SP 800-53 Rev 5",
76481
+ "control_name": "Transmission Confidentiality and Integrity"
76482
+ },
76483
+ {
76484
+ "id": "NIST-800-53-SI-2",
76485
+ "framework": "NIST SP 800-53 Rev 5",
76486
+ "control_name": "Flaw Remediation"
76487
+ },
76488
+ {
76489
+ "id": "NIST-800-53-SI-3",
76490
+ "framework": "NIST SP 800-53 Rev 5",
76491
+ "control_name": "Malicious Code Protection"
76492
+ },
76493
+ {
76494
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
76495
+ "framework": "OWASP Top 10 for LLM Applications 2025",
76496
+ "control_name": "Prompt Injection"
76497
+ },
76498
+ {
76499
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
76500
+ "framework": "OWASP Top 10 for LLM Applications 2025",
76501
+ "control_name": "Sensitive Information Disclosure"
76502
+ },
76503
+ {
76504
+ "id": "PCI-DSS-4.0-6.3.3",
76505
+ "framework": "PCI DSS 4.0",
76506
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
76507
+ },
76508
+ {
76509
+ "id": "SOC2-CC6-logical-access",
76510
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
76511
+ "control_name": "Logical and Physical Access Controls"
76512
+ },
76513
+ {
76514
+ "id": "SOC2-CC7-anomaly-detection",
76515
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
76516
+ "control_name": "System Operations — Threat and Vulnerability Management"
76517
+ },
76518
+ {
76519
+ "id": "SOC2-CC9-vendor-management",
76520
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
76521
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
76522
+ }
76523
+ ],
76524
+ "attack_refs": [
76525
+ "T1041",
76526
+ "T1059",
76527
+ "T1068",
76528
+ "T1071",
76529
+ "T1102",
76530
+ "T1190",
76531
+ "T1213",
76532
+ "T1530",
76533
+ "T1548.001",
76534
+ "T1566",
76535
+ "T1567",
76536
+ "T1568"
76537
+ ],
76538
+ "rfc_refs": [
76539
+ "RFC-4301",
76540
+ "RFC-4303",
76541
+ "RFC-7296",
76542
+ "RFC-8446",
76543
+ "RFC-9000",
76544
+ "RFC-9114",
76545
+ "RFC-9180",
76546
+ "RFC-9421",
76547
+ "RFC-9458"
76548
+ ]
76549
+ }
76550
+ },
76551
+ "CVE-2026-3060": {
76552
+ "name": "SGLang Encoder-Parallel Disaggregation Unauthenticated Deserialization RCE",
76553
+ "rwep": 31,
76554
+ "cvss": 9.8,
76555
+ "cisa_kev": false,
76556
+ "epss_score": 0.01945,
76557
+ "referencing_skills": [
76558
+ "kernel-lpe-triage",
76559
+ "ai-attack-surface",
76560
+ "compliance-theater",
76561
+ "ai-c2-detection",
76562
+ "dlp-gap-analysis",
76563
+ "coordinated-vuln-disclosure"
76564
+ ],
76565
+ "chain": {
76566
+ "cwes": [
76567
+ {
76568
+ "id": "CWE-1039",
76569
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
76570
+ "category": "AI/ML"
76571
+ },
76572
+ {
76573
+ "id": "CWE-125",
76574
+ "name": "Out-of-bounds Read",
76575
+ "category": "Memory Safety"
76576
+ },
76577
+ {
76578
+ "id": "CWE-1357",
76579
+ "name": "Reliance on Insufficiently Trustworthy Component",
76580
+ "category": "Supply Chain"
76581
+ },
76582
+ {
76583
+ "id": "CWE-1426",
76584
+ "name": "Improper Validation of Generative AI Output",
76585
+ "category": "AI/ML"
76586
+ },
76587
+ {
76588
+ "id": "CWE-200",
76589
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
76590
+ "category": "Information Exposure"
76591
+ },
76592
+ {
76593
+ "id": "CWE-362",
76594
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
76595
+ "category": "Concurrency"
76596
+ },
76597
+ {
76598
+ "id": "CWE-416",
76599
+ "name": "Use After Free",
76600
+ "category": "Memory Safety"
76601
+ },
76602
+ {
76603
+ "id": "CWE-672",
76604
+ "name": "Operation on a Resource after Expiration or Release",
76605
+ "category": "Memory Safety"
76606
+ },
76607
+ {
76608
+ "id": "CWE-787",
76609
+ "name": "Out-of-bounds Write",
76610
+ "category": "Memory Safety"
76611
+ },
76612
+ {
76613
+ "id": "CWE-94",
76614
+ "name": "Improper Control of Generation of Code (Code Injection)",
76615
+ "category": "Injection"
76616
+ }
76617
+ ],
76618
+ "atlas": [
76619
+ {
76620
+ "id": "AML.T0016",
76621
+ "name": "Obtain Capabilities: Develop Capabilities",
76622
+ "tactic": "Resource Development"
76623
+ },
76624
+ {
76625
+ "id": "AML.T0017",
76626
+ "name": "Discover ML Model Ontology",
76627
+ "tactic": "Discovery"
76628
+ },
76629
+ {
76630
+ "id": "AML.T0018",
76631
+ "name": "Backdoor ML Model",
76632
+ "tactic": "Persistence"
76633
+ },
76634
+ {
76635
+ "id": "AML.T0020",
76636
+ "name": "Poison Training Data",
76637
+ "tactic": "ML Attack Staging"
76638
+ },
76639
+ {
76640
+ "id": "AML.T0043",
76641
+ "name": "Craft Adversarial Data",
76642
+ "tactic": "ML Attack Staging"
76643
+ },
76644
+ {
76645
+ "id": "AML.T0051",
76646
+ "name": "LLM Prompt Injection",
76647
+ "tactic": "Execution"
76648
+ },
76649
+ {
76650
+ "id": "AML.T0054",
76651
+ "name": "LLM Jailbreak",
76652
+ "tactic": "Defense Evasion"
76653
+ },
76654
+ {
76655
+ "id": "AML.T0096",
76656
+ "name": "AI API as Covert C2 Channel",
76657
+ "tactic": "Command and Control"
76658
+ }
76659
+ ],
76660
+ "d3fend": [
76661
+ {
76662
+ "id": "D3-ASLR",
76663
+ "name": "Address Space Layout Randomization",
76664
+ "tactic": "Harden"
76665
+ },
76666
+ {
76667
+ "id": "D3-CA",
76668
+ "name": "Certificate Analysis",
76669
+ "tactic": "Detect"
76670
+ },
76671
+ {
76672
+ "id": "D3-CSPP",
76673
+ "name": "Client-server Payload Profiling",
76674
+ "tactic": "Detect"
76675
+ },
76676
+ {
76677
+ "id": "D3-DA",
76678
+ "name": "Domain Analysis",
76679
+ "tactic": "Detect"
76680
+ },
76681
+ {
76682
+ "id": "D3-EAL",
76683
+ "name": "Executable Allowlisting",
76684
+ "tactic": "Harden"
76685
+ },
76686
+ {
76687
+ "id": "D3-IOPR",
76688
+ "name": "Input/Output Profiling Resource",
76689
+ "tactic": "Detect"
76690
+ },
76691
+ {
76692
+ "id": "D3-NI",
76693
+ "name": "Network Isolation",
76694
+ "tactic": "Isolate"
76695
+ },
76696
+ {
76697
+ "id": "D3-NTA",
76698
+ "name": "Network Traffic Analysis",
76699
+ "tactic": "Detect"
76700
+ },
76701
+ {
76702
+ "id": "D3-NTPM",
76703
+ "name": "Network Traffic Policy Mapping",
76704
+ "tactic": "Model"
76705
+ },
76706
+ {
76707
+ "id": "D3-PHRA",
76708
+ "name": "Process Hardware Resource Access",
76709
+ "tactic": "Isolate"
76710
+ },
76711
+ {
76712
+ "id": "D3-PSEP",
76713
+ "name": "Process Segment Execution Prevention",
76714
+ "tactic": "Harden"
76715
+ }
76716
+ ],
76717
+ "framework_gaps": [
76718
+ {
76719
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
76720
+ "framework": "ALL",
76721
+ "control_name": "AI Pipeline Integrity"
76722
+ },
76723
+ {
76724
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
76725
+ "framework": "ALL",
76726
+ "control_name": "Prompt Injection as Access Control Failure"
76727
+ },
76728
+ {
76729
+ "id": "CIS-Controls-v8-Control7",
76730
+ "framework": "CIS Controls v8",
76731
+ "control_name": "Continuous Vulnerability Management"
76732
+ },
76733
+ {
76734
+ "id": "CMMC-2.0-Level-2",
76735
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
76736
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
76737
+ },
76738
+ {
76739
+ "id": "FedRAMP-Rev5-Moderate",
76740
+ "framework": "FedRAMP Rev 5 Moderate",
76741
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
76742
+ },
76743
+ {
76744
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
76745
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
76746
+ "control_name": "Access control standard (technical safeguards)"
76747
+ },
76748
+ {
76749
+ "id": "ISO-27001-2022-A.8.16",
76750
+ "framework": "ISO/IEC 27001:2022",
76751
+ "control_name": "Monitoring activities"
76752
+ },
76753
+ {
76754
+ "id": "ISO-27001-2022-A.8.28",
76755
+ "framework": "ISO/IEC 27001:2022",
76756
+ "control_name": "Secure coding"
76757
+ },
76758
+ {
76759
+ "id": "ISO-27001-2022-A.8.8",
76760
+ "framework": "ISO/IEC 27001:2022",
76761
+ "control_name": "Management of technical vulnerabilities"
76762
+ },
76763
+ {
76764
+ "id": "ISO-IEC-23894-2023-clause-7",
76765
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
76766
+ "control_name": "AI risk management process"
76767
+ },
76768
+ {
76769
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
76770
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
76771
+ "control_name": "AI risk assessment"
76772
+ },
76773
+ {
76774
+ "id": "NIS2-Art21-patch-management",
76775
+ "framework": "EU NIS2 Directive",
76776
+ "control_name": "Vulnerability handling and disclosure"
76777
+ },
76778
+ {
76779
+ "id": "NIST-800-218-SSDF",
76780
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
76781
+ "control_name": "Secure Software Development Framework"
76782
+ },
76783
+ {
76784
+ "id": "NIST-800-53-AC-2",
76785
+ "framework": "NIST SP 800-53 Rev 5",
76786
+ "control_name": "Account Management"
76787
+ },
76788
+ {
76789
+ "id": "NIST-800-53-SC-28",
76790
+ "framework": "NIST SP 800-53 Rev 5",
76791
+ "control_name": "Protection of Information at Rest"
76792
+ },
76793
+ {
76794
+ "id": "NIST-800-53-SC-7",
76795
+ "framework": "NIST SP 800-53 Rev 5",
76796
+ "control_name": "Boundary Protection"
76797
+ },
76798
+ {
76799
+ "id": "NIST-800-53-SC-8",
76800
+ "framework": "NIST SP 800-53 Rev 5",
76801
+ "control_name": "Transmission Confidentiality and Integrity"
76802
+ },
76803
+ {
76804
+ "id": "NIST-800-53-SI-2",
76805
+ "framework": "NIST SP 800-53 Rev 5",
76806
+ "control_name": "Flaw Remediation"
76807
+ },
76808
+ {
76809
+ "id": "NIST-800-53-SI-3",
76810
+ "framework": "NIST SP 800-53 Rev 5",
76811
+ "control_name": "Malicious Code Protection"
76812
+ },
76813
+ {
76814
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
76815
+ "framework": "OWASP Top 10 for LLM Applications 2025",
76816
+ "control_name": "Prompt Injection"
76817
+ },
76818
+ {
76819
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
76820
+ "framework": "OWASP Top 10 for LLM Applications 2025",
76821
+ "control_name": "Sensitive Information Disclosure"
76822
+ },
76823
+ {
76824
+ "id": "PCI-DSS-4.0-6.3.3",
76825
+ "framework": "PCI DSS 4.0",
76826
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
76827
+ },
76828
+ {
76829
+ "id": "SOC2-CC6-logical-access",
76830
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
76831
+ "control_name": "Logical and Physical Access Controls"
76832
+ },
76833
+ {
76834
+ "id": "SOC2-CC7-anomaly-detection",
76835
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
76836
+ "control_name": "System Operations — Threat and Vulnerability Management"
76837
+ },
76838
+ {
76839
+ "id": "SOC2-CC9-vendor-management",
76840
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
76841
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
76842
+ }
76843
+ ],
76844
+ "attack_refs": [
76845
+ "T1041",
76846
+ "T1059",
76847
+ "T1068",
76848
+ "T1071",
76849
+ "T1102",
76850
+ "T1190",
76851
+ "T1213",
76852
+ "T1530",
76853
+ "T1548.001",
76854
+ "T1566",
76855
+ "T1567",
76856
+ "T1568"
76857
+ ],
76858
+ "rfc_refs": [
76859
+ "RFC-4301",
76860
+ "RFC-4303",
76861
+ "RFC-7296",
76862
+ "RFC-8446",
76863
+ "RFC-9000",
76864
+ "RFC-9114",
76865
+ "RFC-9180",
76866
+ "RFC-9421",
76867
+ "RFC-9458"
76868
+ ]
76869
+ }
76870
+ },
75923
76871
  "CWE-20": {
75924
76872
  "name": "Improper Input Validation",
75925
76873
  "category": "Validation",
@@ -76212,6 +77160,7 @@
76212
77160
  "CVE-2024-27132",
76213
77161
  "CVE-2024-2912",
76214
77162
  "CVE-2024-3094",
77163
+ "CVE-2024-31462",
76215
77164
  "CVE-2024-3154",
76216
77165
  "CVE-2024-37032",
76217
77166
  "CVE-2024-37052",
@@ -76479,6 +77428,7 @@
76479
77428
  "CVE-2024-24591",
76480
77429
  "CVE-2024-2912",
76481
77430
  "CVE-2024-3094",
77431
+ "CVE-2024-31462",
76482
77432
  "CVE-2024-3154",
76483
77433
  "CVE-2024-37052",
76484
77434
  "CVE-2024-37060",
@@ -76663,6 +77613,7 @@
76663
77613
  "CVE-2024-24591",
76664
77614
  "CVE-2024-27132",
76665
77615
  "CVE-2024-2912",
77616
+ "CVE-2024-31462",
76666
77617
  "CVE-2024-37032",
76667
77618
  "CVE-2024-37052",
76668
77619
  "CVE-2024-37060",
@@ -76884,6 +77835,7 @@
76884
77835
  "CVE-2024-24591",
76885
77836
  "CVE-2024-27132",
76886
77837
  "CVE-2024-2912",
77838
+ "CVE-2024-31462",
76887
77839
  "CVE-2024-37032",
76888
77840
  "CVE-2024-37052",
76889
77841
  "CVE-2024-37060",
@@ -77119,6 +78071,7 @@
77119
78071
  "CVE-2024-24591",
77120
78072
  "CVE-2024-27132",
77121
78073
  "CVE-2024-2912",
78074
+ "CVE-2024-31462",
77122
78075
  "CVE-2024-37032",
77123
78076
  "CVE-2024-37052",
77124
78077
  "CVE-2024-37060",
@@ -77465,6 +78418,7 @@
77465
78418
  "CVE-2024-27132",
77466
78419
  "CVE-2024-2912",
77467
78420
  "CVE-2024-3094",
78421
+ "CVE-2024-31462",
77468
78422
  "CVE-2024-3154",
77469
78423
  "CVE-2024-37032",
77470
78424
  "CVE-2024-37052",
@@ -77525,6 +78479,8 @@
77525
78479
  "CVE-2026-25592",
77526
78480
  "CVE-2026-26015",
77527
78481
  "CVE-2026-26190",
78482
+ "CVE-2026-3059",
78483
+ "CVE-2026-3060",
77528
78484
  "CVE-2026-30615",
77529
78485
  "CVE-2026-30616",
77530
78486
  "CVE-2026-30617",
@@ -77987,6 +78943,8 @@
77987
78943
  "CVE-2026-26015",
77988
78944
  "CVE-2026-26190",
77989
78945
  "CVE-2026-3055",
78946
+ "CVE-2026-3059",
78947
+ "CVE-2026-3060",
77990
78948
  "CVE-2026-30616",
77991
78949
  "CVE-2026-30617",
77992
78950
  "CVE-2026-30624",
@@ -78257,6 +79215,7 @@
78257
79215
  "CVE-2024-24591",
78258
79216
  "CVE-2024-2912",
78259
79217
  "CVE-2024-3094",
79218
+ "CVE-2024-31462",
78260
79219
  "CVE-2024-3154",
78261
79220
  "CVE-2024-37052",
78262
79221
  "CVE-2024-37060",
@@ -78287,6 +79246,8 @@
78287
79246
  "CVE-2026-21858",
78288
79247
  "CVE-2026-22218",
78289
79248
  "CVE-2026-22219",
79249
+ "CVE-2026-3059",
79250
+ "CVE-2026-3060",
78290
79251
  "CVE-2026-30615",
78291
79252
  "CVE-2026-30623",
78292
79253
  "CVE-2026-31229",
@@ -78664,6 +79625,7 @@
78664
79625
  "CVE-2024-27132",
78665
79626
  "CVE-2024-2912",
78666
79627
  "CVE-2024-3094",
79628
+ "CVE-2024-31462",
78667
79629
  "CVE-2024-3154",
78668
79630
  "CVE-2024-37032",
78669
79631
  "CVE-2024-37052",
@@ -79324,6 +80286,7 @@
79324
80286
  "CVE-2024-27132",
79325
80287
  "CVE-2024-2912",
79326
80288
  "CVE-2024-3094",
80289
+ "CVE-2024-31462",
79327
80290
  "CVE-2024-3154",
79328
80291
  "CVE-2024-37032",
79329
80292
  "CVE-2024-37052",
@@ -80340,6 +81303,7 @@
80340
81303
  "CVE-2024-27132",
80341
81304
  "CVE-2024-2912",
80342
81305
  "CVE-2024-3094",
81306
+ "CVE-2024-31462",
80343
81307
  "CVE-2024-3154",
80344
81308
  "CVE-2024-37032",
80345
81309
  "CVE-2024-37052",
@@ -80862,6 +81826,8 @@
80862
81826
  "CVE-2026-26015",
80863
81827
  "CVE-2026-26190",
80864
81828
  "CVE-2026-3055",
81829
+ "CVE-2026-3059",
81830
+ "CVE-2026-3060",
80865
81831
  "CVE-2026-30616",
80866
81832
  "CVE-2026-30617",
80867
81833
  "CVE-2026-30624",
@@ -81325,6 +82291,8 @@
81325
82291
  "CVE-2026-26015",
81326
82292
  "CVE-2026-26190",
81327
82293
  "CVE-2026-3055",
82294
+ "CVE-2026-3059",
82295
+ "CVE-2026-3060",
81328
82296
  "CVE-2026-30616",
81329
82297
  "CVE-2026-30617",
81330
82298
  "CVE-2026-30624",
@@ -81599,6 +82567,7 @@
81599
82567
  "CVE-2024-27132",
81600
82568
  "CVE-2024-2912",
81601
82569
  "CVE-2024-3094",
82570
+ "CVE-2024-31462",
81602
82571
  "CVE-2024-3154",
81603
82572
  "CVE-2024-37032",
81604
82573
  "CVE-2024-37052",
@@ -82082,6 +83051,7 @@
82082
83051
  "CVE-2024-24591",
82083
83052
  "CVE-2024-2912",
82084
83053
  "CVE-2024-3094",
83054
+ "CVE-2024-31462",
82085
83055
  "CVE-2024-37052",
82086
83056
  "CVE-2024-37060",
82087
83057
  "CVE-2024-5565",
@@ -82707,6 +83677,8 @@
82707
83677
  "CVE-2026-26015",
82708
83678
  "CVE-2026-26190",
82709
83679
  "CVE-2026-3055",
83680
+ "CVE-2026-3059",
83681
+ "CVE-2026-3060",
82710
83682
  "CVE-2026-30616",
82711
83683
  "CVE-2026-30617",
82712
83684
  "CVE-2026-30624",
@@ -83045,6 +84017,7 @@
83045
84017
  "CVE-2024-27132",
83046
84018
  "CVE-2024-2912",
83047
84019
  "CVE-2024-3094",
84020
+ "CVE-2024-31462",
83048
84021
  "CVE-2024-3154",
83049
84022
  "CVE-2024-37032",
83050
84023
  "CVE-2024-37052",
@@ -83432,6 +84405,7 @@
83432
84405
  "CVE-2024-27443",
83433
84406
  "CVE-2024-2912",
83434
84407
  "CVE-2024-3094",
84408
+ "CVE-2024-31462",
83435
84409
  "CVE-2024-3154",
83436
84410
  "CVE-2024-37032",
83437
84411
  "CVE-2024-37052",
@@ -83665,6 +84639,8 @@
83665
84639
  "CVE-2026-26015",
83666
84640
  "CVE-2026-26190",
83667
84641
  "CVE-2026-3055",
84642
+ "CVE-2026-3059",
84643
+ "CVE-2026-3060",
83668
84644
  "CVE-2026-30615",
83669
84645
  "CVE-2026-30616",
83670
84646
  "CVE-2026-30617",
@@ -84391,6 +85367,7 @@
84391
85367
  "CVE-2024-24591",
84392
85368
  "CVE-2024-2912",
84393
85369
  "CVE-2024-3094",
85370
+ "CVE-2024-31462",
84394
85371
  "CVE-2024-3154",
84395
85372
  "CVE-2024-37052",
84396
85373
  "CVE-2024-37060",
@@ -84697,6 +85674,7 @@
84697
85674
  "CVE-2024-24591",
84698
85675
  "CVE-2024-2912",
84699
85676
  "CVE-2024-3094",
85677
+ "CVE-2024-31462",
84700
85678
  "CVE-2024-37052",
84701
85679
  "CVE-2024-37060",
84702
85680
  "CVE-2024-5565",
@@ -85048,6 +86026,7 @@
85048
86026
  "CVE-2024-27132",
85049
86027
  "CVE-2024-2912",
85050
86028
  "CVE-2024-3094",
86029
+ "CVE-2024-31462",
85051
86030
  "CVE-2024-3154",
85052
86031
  "CVE-2024-37032",
85053
86032
  "CVE-2024-37052",
@@ -85419,6 +86398,7 @@
85419
86398
  "CVE-2024-24591",
85420
86399
  "CVE-2024-27132",
85421
86400
  "CVE-2024-2912",
86401
+ "CVE-2024-31462",
85422
86402
  "CVE-2024-37032",
85423
86403
  "CVE-2024-37052",
85424
86404
  "CVE-2024-37060",
@@ -85477,6 +86457,8 @@
85477
86457
  "CVE-2026-25592",
85478
86458
  "CVE-2026-26015",
85479
86459
  "CVE-2026-26190",
86460
+ "CVE-2026-3059",
86461
+ "CVE-2026-3060",
85480
86462
  "CVE-2026-30616",
85481
86463
  "CVE-2026-30617",
85482
86464
  "CVE-2026-30623",
@@ -85655,6 +86637,7 @@
85655
86637
  "CVE-2024-24591",
85656
86638
  "CVE-2024-2912",
85657
86639
  "CVE-2024-3094",
86640
+ "CVE-2024-31462",
85658
86641
  "CVE-2024-3154",
85659
86642
  "CVE-2024-37052",
85660
86643
  "CVE-2024-37060",
@@ -86135,6 +87118,8 @@
86135
87118
  "CVE-2026-26015",
86136
87119
  "CVE-2026-26190",
86137
87120
  "CVE-2026-3055",
87121
+ "CVE-2026-3059",
87122
+ "CVE-2026-3060",
86138
87123
  "CVE-2026-30615",
86139
87124
  "CVE-2026-30616",
86140
87125
  "CVE-2026-30617",
@@ -86406,6 +87391,7 @@
86406
87391
  "CVE-2024-27132",
86407
87392
  "CVE-2024-2912",
86408
87393
  "CVE-2024-3094",
87394
+ "CVE-2024-31462",
86409
87395
  "CVE-2024-3154",
86410
87396
  "CVE-2024-37032",
86411
87397
  "CVE-2024-37052",
@@ -86764,6 +87750,7 @@
86764
87750
  "CVE-2024-27132",
86765
87751
  "CVE-2024-2912",
86766
87752
  "CVE-2024-3094",
87753
+ "CVE-2024-31462",
86767
87754
  "CVE-2024-37032",
86768
87755
  "CVE-2024-37052",
86769
87756
  "CVE-2024-37060",
@@ -86826,6 +87813,8 @@
86826
87813
  "CVE-2026-25592",
86827
87814
  "CVE-2026-26015",
86828
87815
  "CVE-2026-26190",
87816
+ "CVE-2026-3059",
87817
+ "CVE-2026-3060",
86829
87818
  "CVE-2026-30615",
86830
87819
  "CVE-2026-30616",
86831
87820
  "CVE-2026-30617",