@blamejs/exceptd-skills 0.13.124 → 0.13.125

package/data/_indexes/chains.json

@@ -76228,6 +76228,646 @@
       ]
     }
   },
+  "CVE-2026-3059": {
+    "name": "SGLang Multimodal-Generation ZMQ Broker Unauthenticated Deserialization RCE",
+    "rwep": 31,
+    "cvss": 9.8,
+    "cisa_kev": false,
+    "epss_score": 0.01945,
+    "referencing_skills": [
+      "kernel-lpe-triage",
+      "ai-attack-surface",
+      "compliance-theater",
+      "ai-c2-detection",
+      "dlp-gap-analysis",
+      "coordinated-vuln-disclosure"
+    ],
+    "chain": {
+      "cwes": [
+        {
+          "id": "CWE-1039",
+          "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
+          "category": "AI/ML"
+        },
+        {
+          "id": "CWE-125",
+          "name": "Out-of-bounds Read",
+          "category": "Memory Safety"
+        },
+        {
+          "id": "CWE-1357",
+          "name": "Reliance on Insufficiently Trustworthy Component",
+          "category": "Supply Chain"
+        },
+        {
+          "id": "CWE-1426",
+          "name": "Improper Validation of Generative AI Output",
+          "category": "AI/ML"
+        },
+        {
+          "id": "CWE-200",
+          "name": "Exposure of Sensitive Information to an Unauthorized Actor",
+          "category": "Information Exposure"
+        },
+        {
+          "id": "CWE-362",
+          "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
+          "category": "Concurrency"
+        },
+        {
+          "id": "CWE-416",
+          "name": "Use After Free",
+          "category": "Memory Safety"
+        },
+        {
+          "id": "CWE-672",
+          "name": "Operation on a Resource after Expiration or Release",
+          "category": "Memory Safety"
+        },
+        {
+          "id": "CWE-787",
+          "name": "Out-of-bounds Write",
+          "category": "Memory Safety"
+        },
+        {
+          "id": "CWE-94",
+          "name": "Improper Control of Generation of Code (Code Injection)",
+          "category": "Injection"
+        }
+      ],
+      "atlas": [
+        {
+          "id": "AML.T0016",
+          "name": "Obtain Capabilities: Develop Capabilities",
+          "tactic": "Resource Development"
+        },
+        {
+          "id": "AML.T0017",
+          "name": "Discover ML Model Ontology",
+          "tactic": "Discovery"
+        },
+        {
+          "id": "AML.T0018",
+          "name": "Backdoor ML Model",
+          "tactic": "Persistence"
+        },
+        {
+          "id": "AML.T0020",
+          "name": "Poison Training Data",
+          "tactic": "ML Attack Staging"
+        },
+        {
+          "id": "AML.T0043",
+          "name": "Craft Adversarial Data",
+          "tactic": "ML Attack Staging"
+        },
+        {
+          "id": "AML.T0051",
+          "name": "LLM Prompt Injection",
+          "tactic": "Execution"
+        },
+        {
+          "id": "AML.T0054",
+          "name": "LLM Jailbreak",
+          "tactic": "Defense Evasion"
+        },
+        {
+          "id": "AML.T0096",
+          "name": "AI API as Covert C2 Channel",
+          "tactic": "Command and Control"
+        }
+      ],
+      "d3fend": [
+        {
+          "id": "D3-ASLR",
+          "name": "Address Space Layout Randomization",
+          "tactic": "Harden"
+        },
+        {
+          "id": "D3-CA",
+          "name": "Certificate Analysis",
+          "tactic": "Detect"
+        },
+        {
+          "id": "D3-CSPP",
+          "name": "Client-server Payload Profiling",
+          "tactic": "Detect"
+        },
+        {
+          "id": "D3-DA",
+          "name": "Domain Analysis",
+          "tactic": "Detect"
+        },
+        {
+          "id": "D3-EAL",
+          "name": "Executable Allowlisting",
+          "tactic": "Harden"
+        },
+        {
+          "id": "D3-IOPR",
+          "name": "Input/Output Profiling Resource",
+          "tactic": "Detect"
+        },
+        {
+          "id": "D3-NI",
+          "name": "Network Isolation",
+          "tactic": "Isolate"
+        },
+        {
+          "id": "D3-NTA",
+          "name": "Network Traffic Analysis",
+          "tactic": "Detect"
+        },
+        {
+          "id": "D3-NTPM",
+          "name": "Network Traffic Policy Mapping",
+          "tactic": "Model"
+        },
+        {
+          "id": "D3-PHRA",
+          "name": "Process Hardware Resource Access",
+          "tactic": "Isolate"
+        },
+        {
+          "id": "D3-PSEP",
+          "name": "Process Segment Execution Prevention",
+          "tactic": "Harden"
+        }
+      ],
+      "framework_gaps": [
+        {
+          "id": "ALL-AI-PIPELINE-INTEGRITY",
+          "framework": "ALL",
+          "control_name": "AI Pipeline Integrity"
+        },
+        {
+          "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
+          "framework": "ALL",
+          "control_name": "Prompt Injection as Access Control Failure"
+        },
+        {
+          "id": "CIS-Controls-v8-Control7",
+          "framework": "CIS Controls v8",
+          "control_name": "Continuous Vulnerability Management"
+        },
+        {
+          "id": "CMMC-2.0-Level-2",
+          "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
+          "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
+        },
+        {
+          "id": "FedRAMP-Rev5-Moderate",
+          "framework": "FedRAMP Rev 5 Moderate",
+          "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
+        },
+        {
+          "id": "HIPAA-Security-Rule-164.312(a)(1)",
+          "framework": "HIPAA Security Rule (45 CFR § 164.312)",
+          "control_name": "Access control standard (technical safeguards)"
+        },
+        {
+          "id": "ISO-27001-2022-A.8.16",
+          "framework": "ISO/IEC 27001:2022",
+          "control_name": "Monitoring activities"
+        },
+        {
+          "id": "ISO-27001-2022-A.8.28",
+          "framework": "ISO/IEC 27001:2022",
+          "control_name": "Secure coding"
+        },
+        {
+          "id": "ISO-27001-2022-A.8.8",
+          "framework": "ISO/IEC 27001:2022",
+          "control_name": "Management of technical vulnerabilities"
+        },
+        {
+          "id": "ISO-IEC-23894-2023-clause-7",
+          "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
+          "control_name": "AI risk management process"
+        },
+        {
+          "id": "ISO-IEC-42001-2023-clause-6.1.2",
+          "framework": "ISO/IEC 42001:2023 (AI Management System)",
+          "control_name": "AI risk assessment"
+        },
+        {
+          "id": "NIS2-Art21-patch-management",
+          "framework": "EU NIS2 Directive",
+          "control_name": "Vulnerability handling and disclosure"
+        },
+        {
+          "id": "NIST-800-218-SSDF",
+          "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
+          "control_name": "Secure Software Development Framework"
+        },
+        {
+          "id": "NIST-800-53-AC-2",
+          "framework": "NIST SP 800-53 Rev 5",
+          "control_name": "Account Management"
+        },
+        {
+          "id": "NIST-800-53-SC-28",
+          "framework": "NIST SP 800-53 Rev 5",
+          "control_name": "Protection of Information at Rest"
+        },
+        {
+          "id": "NIST-800-53-SC-7",
+          "framework": "NIST SP 800-53 Rev 5",
+          "control_name": "Boundary Protection"
+        },
+        {
+          "id": "NIST-800-53-SC-8",
+          "framework": "NIST SP 800-53 Rev 5",
+          "control_name": "Transmission Confidentiality and Integrity"
+        },
+        {
+          "id": "NIST-800-53-SI-2",
+          "framework": "NIST SP 800-53 Rev 5",
+          "control_name": "Flaw Remediation"
+        },
+        {
+          "id": "NIST-800-53-SI-3",
+          "framework": "NIST SP 800-53 Rev 5",
+          "control_name": "Malicious Code Protection"
+        },
+        {
+          "id": "OWASP-LLM-Top-10-2025-LLM01",
+          "framework": "OWASP Top 10 for LLM Applications 2025",
+          "control_name": "Prompt Injection"
+        },
+        {
+          "id": "OWASP-LLM-Top-10-2025-LLM02",
+          "framework": "OWASP Top 10 for LLM Applications 2025",
+          "control_name": "Sensitive Information Disclosure"
+        },
+        {
+          "id": "PCI-DSS-4.0-6.3.3",
+          "framework": "PCI DSS 4.0",
+          "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
+        },
+        {
+          "id": "SOC2-CC6-logical-access",
+          "framework": "SOC 2 (AICPA Trust Services Criteria)",
+          "control_name": "Logical and Physical Access Controls"
+        },
+        {
+          "id": "SOC2-CC7-anomaly-detection",
+          "framework": "SOC 2 (AICPA Trust Services Criteria)",
+          "control_name": "System Operations — Threat and Vulnerability Management"
+        },
+        {
+          "id": "SOC2-CC9-vendor-management",
+          "framework": "SOC 2 (AICPA Trust Services Criteria)",
+          "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
+        }
+      ],
+      "attack_refs": [
+        "T1041",
+        "T1059",
+        "T1068",
+        "T1071",
+        "T1102",
+        "T1190",
+        "T1213",
+        "T1530",
+        "T1548.001",
+        "T1566",
+        "T1567",
+        "T1568"
+      ],
+      "rfc_refs": [
+        "RFC-4301",
+        "RFC-4303",
+        "RFC-7296",
+        "RFC-8446",
+        "RFC-9000",
+        "RFC-9114",
+        "RFC-9180",
+        "RFC-9421",
+        "RFC-9458"
+      ]
+    }
+  },
+  "CVE-2026-3060": {
+    "name": "SGLang Encoder-Parallel Disaggregation Unauthenticated Deserialization RCE",
+    "rwep": 31,
+    "cvss": 9.8,
+    "cisa_kev": false,
+    "epss_score": 0.01945,
+    "referencing_skills": [
+      "kernel-lpe-triage",
+      "ai-attack-surface",
+      "compliance-theater",
+      "ai-c2-detection",
+      "dlp-gap-analysis",
+      "coordinated-vuln-disclosure"
+    ],
+    "chain": {
+      "cwes": [
+        {
+          "id": "CWE-1039",
+          "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
+          "category": "AI/ML"
+        },
+        {
+          "id": "CWE-125",
+          "name": "Out-of-bounds Read",
+          "category": "Memory Safety"
+        },
+        {
+          "id": "CWE-1357",
+          "name": "Reliance on Insufficiently Trustworthy Component",
+          "category": "Supply Chain"
+        },
+        {
+          "id": "CWE-1426",
+          "name": "Improper Validation of Generative AI Output",
+          "category": "AI/ML"
+        },
+        {
+          "id": "CWE-200",
+          "name": "Exposure of Sensitive Information to an Unauthorized Actor",
+          "category": "Information Exposure"
+        },
+        {
+          "id": "CWE-362",
+          "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
+          "category": "Concurrency"
+        },
+        {
+          "id": "CWE-416",
+          "name": "Use After Free",
+          "category": "Memory Safety"
+        },
+        {
+          "id": "CWE-672",
+          "name": "Operation on a Resource after Expiration or Release",
+          "category": "Memory Safety"
+        },
+        {
+          "id": "CWE-787",
+          "name": "Out-of-bounds Write",
+          "category": "Memory Safety"
+        },
+        {
+          "id": "CWE-94",
+          "name": "Improper Control of Generation of Code (Code Injection)",
+          "category": "Injection"
+        }
+      ],
+      "atlas": [
+        {
+          "id": "AML.T0016",
+          "name": "Obtain Capabilities: Develop Capabilities",
+          "tactic": "Resource Development"
+        },
+        {
+          "id": "AML.T0017",
+          "name": "Discover ML Model Ontology",
+          "tactic": "Discovery"
+        },
+        {
+          "id": "AML.T0018",
+          "name": "Backdoor ML Model",
+          "tactic": "Persistence"
+        },
+        {
+          "id": "AML.T0020",
+          "name": "Poison Training Data",
+          "tactic": "ML Attack Staging"
+        },
+        {
+          "id": "AML.T0043",
+          "name": "Craft Adversarial Data",
+          "tactic": "ML Attack Staging"
+        },
+        {
+          "id": "AML.T0051",
+          "name": "LLM Prompt Injection",
+          "tactic": "Execution"
+        },
+        {
+          "id": "AML.T0054",
+          "name": "LLM Jailbreak",
+          "tactic": "Defense Evasion"
+        },
+        {
+          "id": "AML.T0096",
+          "name": "AI API as Covert C2 Channel",
+          "tactic": "Command and Control"
+        }
+      ],
+      "d3fend": [
+        {
+          "id": "D3-ASLR",
+          "name": "Address Space Layout Randomization",
+          "tactic": "Harden"
+        },
+        {
+          "id": "D3-CA",
+          "name": "Certificate Analysis",
+          "tactic": "Detect"
+        },
+        {
+          "id": "D3-CSPP",
+          "name": "Client-server Payload Profiling",
+          "tactic": "Detect"
+        },
+        {
+          "id": "D3-DA",
+          "name": "Domain Analysis",
+          "tactic": "Detect"
+        },
+        {
+          "id": "D3-EAL",
+          "name": "Executable Allowlisting",
+          "tactic": "Harden"
+        },
+        {
+          "id": "D3-IOPR",
+          "name": "Input/Output Profiling Resource",
+          "tactic": "Detect"
+        },
+        {
+          "id": "D3-NI",
+          "name": "Network Isolation",
+          "tactic": "Isolate"
+        },
+        {
+          "id": "D3-NTA",
+          "name": "Network Traffic Analysis",
+          "tactic": "Detect"
+        },
+        {
+          "id": "D3-NTPM",
+          "name": "Network Traffic Policy Mapping",
+          "tactic": "Model"
+        },
+        {
+          "id": "D3-PHRA",
+          "name": "Process Hardware Resource Access",
+          "tactic": "Isolate"
+        },
+        {
+          "id": "D3-PSEP",
+          "name": "Process Segment Execution Prevention",
+          "tactic": "Harden"
+        }
+      ],
+      "framework_gaps": [
+        {
+          "id": "ALL-AI-PIPELINE-INTEGRITY",
+          "framework": "ALL",
+          "control_name": "AI Pipeline Integrity"
+        },
+        {
+          "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
+          "framework": "ALL",
+          "control_name": "Prompt Injection as Access Control Failure"
+        },
+        {
+          "id": "CIS-Controls-v8-Control7",
+          "framework": "CIS Controls v8",
+          "control_name": "Continuous Vulnerability Management"
+        },
+        {
+          "id": "CMMC-2.0-Level-2",
+          "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
+          "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
+        },
+        {
+          "id": "FedRAMP-Rev5-Moderate",
+          "framework": "FedRAMP Rev 5 Moderate",
+          "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
+        },
+        {
+          "id": "HIPAA-Security-Rule-164.312(a)(1)",
+          "framework": "HIPAA Security Rule (45 CFR § 164.312)",
+          "control_name": "Access control standard (technical safeguards)"
+        },
+        {
+          "id": "ISO-27001-2022-A.8.16",
+          "framework": "ISO/IEC 27001:2022",
+          "control_name": "Monitoring activities"
+        },
+        {
+          "id": "ISO-27001-2022-A.8.28",
+          "framework": "ISO/IEC 27001:2022",
+          "control_name": "Secure coding"
+        },
+        {
+          "id": "ISO-27001-2022-A.8.8",
+          "framework": "ISO/IEC 27001:2022",
+          "control_name": "Management of technical vulnerabilities"
+        },
+        {
+          "id": "ISO-IEC-23894-2023-clause-7",
+          "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
+          "control_name": "AI risk management process"
+        },
+        {
+          "id": "ISO-IEC-42001-2023-clause-6.1.2",
+          "framework": "ISO/IEC 42001:2023 (AI Management System)",
+          "control_name": "AI risk assessment"
+        },
+        {
+          "id": "NIS2-Art21-patch-management",
+          "framework": "EU NIS2 Directive",
+          "control_name": "Vulnerability handling and disclosure"
+        },
+        {
+          "id": "NIST-800-218-SSDF",
+          "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
+          "control_name": "Secure Software Development Framework"
+        },
+        {
+          "id": "NIST-800-53-AC-2",
+          "framework": "NIST SP 800-53 Rev 5",
+          "control_name": "Account Management"
+        },
+        {
+          "id": "NIST-800-53-SC-28",
+          "framework": "NIST SP 800-53 Rev 5",
+          "control_name": "Protection of Information at Rest"
+        },
+        {
+          "id": "NIST-800-53-SC-7",
+          "framework": "NIST SP 800-53 Rev 5",
+          "control_name": "Boundary Protection"
+        },
+        {
+          "id": "NIST-800-53-SC-8",
+          "framework": "NIST SP 800-53 Rev 5",
+          "control_name": "Transmission Confidentiality and Integrity"
+        },
+        {
+          "id": "NIST-800-53-SI-2",
+          "framework": "NIST SP 800-53 Rev 5",
+          "control_name": "Flaw Remediation"
+        },
+        {
+          "id": "NIST-800-53-SI-3",
+          "framework": "NIST SP 800-53 Rev 5",
+          "control_name": "Malicious Code Protection"
+        },
+        {
+          "id": "OWASP-LLM-Top-10-2025-LLM01",
+          "framework": "OWASP Top 10 for LLM Applications 2025",
+          "control_name": "Prompt Injection"
+        },
+        {
+          "id": "OWASP-LLM-Top-10-2025-LLM02",
+          "framework": "OWASP Top 10 for LLM Applications 2025",
+          "control_name": "Sensitive Information Disclosure"
+        },
+        {
+          "id": "PCI-DSS-4.0-6.3.3",
+          "framework": "PCI DSS 4.0",
+          "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
+        },
+        {
+          "id": "SOC2-CC6-logical-access",
+          "framework": "SOC 2 (AICPA Trust Services Criteria)",
+          "control_name": "Logical and Physical Access Controls"
+        },
+        {
+          "id": "SOC2-CC7-anomaly-detection",
+          "framework": "SOC 2 (AICPA Trust Services Criteria)",
+          "control_name": "System Operations — Threat and Vulnerability Management"
+        },
+        {
+          "id": "SOC2-CC9-vendor-management",
+          "framework": "SOC 2 (AICPA Trust Services Criteria)",
+          "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
+        }
+      ],
+      "attack_refs": [
+        "T1041",
+        "T1059",
+        "T1068",
+        "T1071",
+        "T1102",
+        "T1190",
+        "T1213",
+        "T1530",
+        "T1548.001",
+        "T1566",
+        "T1567",
+        "T1568"
+      ],
+      "rfc_refs": [
+        "RFC-4301",
+        "RFC-4303",
+        "RFC-7296",
+        "RFC-8446",
+        "RFC-9000",
+        "RFC-9114",
+        "RFC-9180",
+        "RFC-9421",
+        "RFC-9458"
+      ]
+    }
+  },
   "CWE-20": {
     "name": "Improper Input Validation",
     "category": "Validation",
@@ -77839,6 +78479,8 @@
       "CVE-2026-25592",
       "CVE-2026-26015",
       "CVE-2026-26190",
+      "CVE-2026-3059",
+      "CVE-2026-3060",
       "CVE-2026-30615",
       "CVE-2026-30616",
       "CVE-2026-30617",
@@ -78301,6 +78943,8 @@
       "CVE-2026-26015",
       "CVE-2026-26190",
       "CVE-2026-3055",
+      "CVE-2026-3059",
+      "CVE-2026-3060",
       "CVE-2026-30616",
       "CVE-2026-30617",
       "CVE-2026-30624",
@@ -78602,6 +79246,8 @@
       "CVE-2026-21858",
       "CVE-2026-22218",
       "CVE-2026-22219",
+      "CVE-2026-3059",
+      "CVE-2026-3060",
       "CVE-2026-30615",
       "CVE-2026-30623",
       "CVE-2026-31229",
@@ -81180,6 +81826,8 @@
       "CVE-2026-26015",
       "CVE-2026-26190",
       "CVE-2026-3055",
+      "CVE-2026-3059",
+      "CVE-2026-3060",
       "CVE-2026-30616",
       "CVE-2026-30617",
       "CVE-2026-30624",
@@ -81643,6 +82291,8 @@
       "CVE-2026-26015",
       "CVE-2026-26190",
       "CVE-2026-3055",
+      "CVE-2026-3059",
+      "CVE-2026-3060",
       "CVE-2026-30616",
       "CVE-2026-30617",
       "CVE-2026-30624",
@@ -83027,6 +83677,8 @@
       "CVE-2026-26015",
       "CVE-2026-26190",
       "CVE-2026-3055",
+      "CVE-2026-3059",
+      "CVE-2026-3060",
       "CVE-2026-30616",
       "CVE-2026-30617",
       "CVE-2026-30624",
@@ -83987,6 +84639,8 @@
       "CVE-2026-26015",
       "CVE-2026-26190",
       "CVE-2026-3055",
+      "CVE-2026-3059",
+      "CVE-2026-3060",
       "CVE-2026-30615",
       "CVE-2026-30616",
       "CVE-2026-30617",
@@ -85803,6 +86457,8 @@
       "CVE-2026-25592",
       "CVE-2026-26015",
       "CVE-2026-26190",
+      "CVE-2026-3059",
+      "CVE-2026-3060",
       "CVE-2026-30616",
       "CVE-2026-30617",
       "CVE-2026-30623",
@@ -86462,6 +87118,8 @@
       "CVE-2026-26015",
       "CVE-2026-26190",
       "CVE-2026-3055",
+      "CVE-2026-3059",
+      "CVE-2026-3060",
       "CVE-2026-30615",
       "CVE-2026-30616",
       "CVE-2026-30617",
@@ -87155,6 +87813,8 @@
       "CVE-2026-25592",
       "CVE-2026-26015",
       "CVE-2026-26190",
+      "CVE-2026-3059",
+      "CVE-2026-3060",
       "CVE-2026-30615",
       "CVE-2026-30616",
       "CVE-2026-30617",