@blamejs/exceptd-skills 0.13.5 → 0.13.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/AGENTS.md +16 -0
  2. package/CHANGELOG.md +28 -0
  3. package/bin/exceptd.js +28 -8
  4. package/data/_indexes/_meta.json +8 -8
  5. package/data/_indexes/activity-feed.json +18 -18
  6. package/data/_indexes/catalog-summaries.json +6 -6
  7. package/data/_indexes/chains.json +3943 -0
  8. package/data/_indexes/frequency.json +3 -0
  9. package/data/atlas-ttps.json +74 -1
  10. package/data/attack-techniques.json +125 -8
  11. package/data/cve-catalog.json +1964 -2
  12. package/data/framework-control-gaps.json +47 -4
  13. package/data/zeroday-lessons.json +1749 -2
  14. package/manifest.json +44 -44
  15. package/orchestrator/index.js +11 -1
  16. package/package.json +1 -1
  17. package/sbom.cdx.json +18 -18
package/data/_indexes/chains.json CHANGED
@@ -7482,6 +7482,3731 @@
7482
7482
  ]
7483
7483
  }
7484
7484
  },
7485
+ "CVE-2025-10585": {
7486
+ "name": "Google Chrome V8 Type Confusion Zero-Day (TAG-disclosed)",
7487
+ "rwep": 75,
7488
+ "cvss": 8.8,
7489
+ "cisa_kev": true,
7490
+ "referencing_skills": [
7491
+ "kernel-lpe-triage",
7492
+ "attack-surface-pentest",
7493
+ "ot-ics-security",
7494
+ "coordinated-vuln-disclosure",
7495
+ "sector-energy"
7496
+ ],
7497
+ "chain": {
7498
+ "cwes": [
7499
+ {
7500
+ "id": "CWE-1037",
7501
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
7502
+ "category": "Hardware / Side Channel"
7503
+ },
7504
+ {
7505
+ "id": "CWE-125",
7506
+ "name": "Out-of-bounds Read",
7507
+ "category": "Memory Safety"
7508
+ },
7509
+ {
7510
+ "id": "CWE-1357",
7511
+ "name": "Reliance on Insufficiently Trustworthy Component",
7512
+ "category": "Supply Chain"
7513
+ },
7514
+ {
7515
+ "id": "CWE-1395",
7516
+ "name": "Dependency on Vulnerable Third-Party Component",
7517
+ "category": "Supply Chain"
7518
+ },
7519
+ {
7520
+ "id": "CWE-22",
7521
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
7522
+ "category": "Path/Resource"
7523
+ },
7524
+ {
7525
+ "id": "CWE-269",
7526
+ "name": "Improper Privilege Management",
7527
+ "category": "Authorization"
7528
+ },
7529
+ {
7530
+ "id": "CWE-287",
7531
+ "name": "Improper Authentication",
7532
+ "category": "Authentication"
7533
+ },
7534
+ {
7535
+ "id": "CWE-306",
7536
+ "name": "Missing Authentication for Critical Function",
7537
+ "category": "Authentication"
7538
+ },
7539
+ {
7540
+ "id": "CWE-352",
7541
+ "name": "Cross-Site Request Forgery (CSRF)",
7542
+ "category": "Session"
7543
+ },
7544
+ {
7545
+ "id": "CWE-362",
7546
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
7547
+ "category": "Concurrency"
7548
+ },
7549
+ {
7550
+ "id": "CWE-416",
7551
+ "name": "Use After Free",
7552
+ "category": "Memory Safety"
7553
+ },
7554
+ {
7555
+ "id": "CWE-434",
7556
+ "name": "Unrestricted Upload of File with Dangerous Type",
7557
+ "category": "File Handling"
7558
+ },
7559
+ {
7560
+ "id": "CWE-672",
7561
+ "name": "Operation on a Resource after Expiration or Release",
7562
+ "category": "Memory Safety"
7563
+ },
7564
+ {
7565
+ "id": "CWE-732",
7566
+ "name": "Incorrect Permission Assignment for Critical Resource",
7567
+ "category": "Authorization"
7568
+ },
7569
+ {
7570
+ "id": "CWE-78",
7571
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
7572
+ "category": "Injection"
7573
+ },
7574
+ {
7575
+ "id": "CWE-787",
7576
+ "name": "Out-of-bounds Write",
7577
+ "category": "Memory Safety"
7578
+ },
7579
+ {
7580
+ "id": "CWE-79",
7581
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
7582
+ "category": "Injection"
7583
+ },
7584
+ {
7585
+ "id": "CWE-798",
7586
+ "name": "Use of Hard-coded Credentials",
7587
+ "category": "Credentials"
7588
+ },
7589
+ {
7590
+ "id": "CWE-89",
7591
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
7592
+ "category": "Injection"
7593
+ },
7594
+ {
7595
+ "id": "CWE-918",
7596
+ "name": "Server-Side Request Forgery (SSRF)",
7597
+ "category": "Network"
7598
+ }
7599
+ ],
7600
+ "atlas": [
7601
+ {
7602
+ "id": "AML.T0010",
7603
+ "name": "ML Supply Chain Compromise",
7604
+ "tactic": "Initial Access"
7605
+ },
7606
+ {
7607
+ "id": "AML.T0043",
7608
+ "name": "Craft Adversarial Data",
7609
+ "tactic": "ML Attack Staging"
7610
+ },
7611
+ {
7612
+ "id": "AML.T0051",
7613
+ "name": "LLM Prompt Injection",
7614
+ "tactic": "Execution"
7615
+ }
7616
+ ],
7617
+ "d3fend": [
7618
+ {
7619
+ "id": "D3-ASLR",
7620
+ "name": "Address Space Layout Randomization",
7621
+ "tactic": "Harden"
7622
+ },
7623
+ {
7624
+ "id": "D3-CSPP",
7625
+ "name": "Client-server Payload Profiling",
7626
+ "tactic": "Detect"
7627
+ },
7628
+ {
7629
+ "id": "D3-EAL",
7630
+ "name": "Executable Allowlisting",
7631
+ "tactic": "Harden"
7632
+ },
7633
+ {
7634
+ "id": "D3-NTA",
7635
+ "name": "Network Traffic Analysis",
7636
+ "tactic": "Detect"
7637
+ },
7638
+ {
7639
+ "id": "D3-PHRA",
7640
+ "name": "Process Hardware Resource Access",
7641
+ "tactic": "Isolate"
7642
+ },
7643
+ {
7644
+ "id": "D3-PSEP",
7645
+ "name": "Process Segment Execution Prevention",
7646
+ "tactic": "Harden"
7647
+ }
7648
+ ],
7649
+ "framework_gaps": [
7650
+ {
7651
+ "id": "CIS-Controls-v8-Control7",
7652
+ "framework": "CIS Controls v8",
7653
+ "control_name": "Continuous Vulnerability Management"
7654
+ },
7655
+ {
7656
+ "id": "IEC-62443-3-3",
7657
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
7658
+ "control_name": "System security requirements and security levels"
7659
+ },
7660
+ {
7661
+ "id": "ISO-27001-2022-A.8.8",
7662
+ "framework": "ISO/IEC 27001:2022",
7663
+ "control_name": "Management of technical vulnerabilities"
7664
+ },
7665
+ {
7666
+ "id": "NERC-CIP-007-6-R4",
7667
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
7668
+ "control_name": "Security event monitoring"
7669
+ },
7670
+ {
7671
+ "id": "NIS2-Art21-patch-management",
7672
+ "framework": "EU NIS2 Directive",
7673
+ "control_name": "Vulnerability handling and disclosure"
7674
+ },
7675
+ {
7676
+ "id": "NIST-800-115",
7677
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
7678
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
7679
+ },
7680
+ {
7681
+ "id": "NIST-800-218-SSDF",
7682
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
7683
+ "control_name": "Secure Software Development Framework"
7684
+ },
7685
+ {
7686
+ "id": "NIST-800-53-SC-8",
7687
+ "framework": "NIST SP 800-53 Rev 5",
7688
+ "control_name": "Transmission Confidentiality and Integrity"
7689
+ },
7690
+ {
7691
+ "id": "NIST-800-53-SI-2",
7692
+ "framework": "NIST SP 800-53 Rev 5",
7693
+ "control_name": "Flaw Remediation"
7694
+ },
7695
+ {
7696
+ "id": "NIST-800-82r3",
7697
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
7698
+ "control_name": "Guide to Operational Technology (OT) Security"
7699
+ },
7700
+ {
7701
+ "id": "OWASP-Pen-Testing-Guide-v5",
7702
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
7703
+ "control_name": "Web application penetration testing methodology"
7704
+ },
7705
+ {
7706
+ "id": "PCI-DSS-4.0-6.3.3",
7707
+ "framework": "PCI DSS 4.0",
7708
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
7709
+ },
7710
+ {
7711
+ "id": "PTES-Pre-engagement",
7712
+ "framework": "Penetration Testing Execution Standard (PTES)",
7713
+ "control_name": "Pre-engagement Interactions"
7714
+ },
7715
+ {
7716
+ "id": "SOC2-CC9-vendor-management",
7717
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
7718
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
7719
+ }
7720
+ ],
7721
+ "attack_refs": [
7722
+ "T0855",
7723
+ "T0883",
7724
+ "T1059",
7725
+ "T1068",
7726
+ "T1078",
7727
+ "T1133",
7728
+ "T1190",
7729
+ "T1548.001"
7730
+ ],
7731
+ "rfc_refs": [
7732
+ "RFC-4301",
7733
+ "RFC-4303",
7734
+ "RFC-7296"
7735
+ ]
7736
+ }
7737
+ },
7738
+ "CVE-2025-14174": {
7739
+ "name": "Apple WebKit Memory Corruption Zero-Day (Targeted Spyware)",
7740
+ "rwep": 55,
7741
+ "cvss": 8.8,
7742
+ "cisa_kev": true,
7743
+ "referencing_skills": [
7744
+ "kernel-lpe-triage",
7745
+ "attack-surface-pentest",
7746
+ "ot-ics-security",
7747
+ "coordinated-vuln-disclosure",
7748
+ "sector-energy"
7749
+ ],
7750
+ "chain": {
7751
+ "cwes": [
7752
+ {
7753
+ "id": "CWE-1037",
7754
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
7755
+ "category": "Hardware / Side Channel"
7756
+ },
7757
+ {
7758
+ "id": "CWE-125",
7759
+ "name": "Out-of-bounds Read",
7760
+ "category": "Memory Safety"
7761
+ },
7762
+ {
7763
+ "id": "CWE-1357",
7764
+ "name": "Reliance on Insufficiently Trustworthy Component",
7765
+ "category": "Supply Chain"
7766
+ },
7767
+ {
7768
+ "id": "CWE-1395",
7769
+ "name": "Dependency on Vulnerable Third-Party Component",
7770
+ "category": "Supply Chain"
7771
+ },
7772
+ {
7773
+ "id": "CWE-22",
7774
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
7775
+ "category": "Path/Resource"
7776
+ },
7777
+ {
7778
+ "id": "CWE-269",
7779
+ "name": "Improper Privilege Management",
7780
+ "category": "Authorization"
7781
+ },
7782
+ {
7783
+ "id": "CWE-287",
7784
+ "name": "Improper Authentication",
7785
+ "category": "Authentication"
7786
+ },
7787
+ {
7788
+ "id": "CWE-306",
7789
+ "name": "Missing Authentication for Critical Function",
7790
+ "category": "Authentication"
7791
+ },
7792
+ {
7793
+ "id": "CWE-352",
7794
+ "name": "Cross-Site Request Forgery (CSRF)",
7795
+ "category": "Session"
7796
+ },
7797
+ {
7798
+ "id": "CWE-362",
7799
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
7800
+ "category": "Concurrency"
7801
+ },
7802
+ {
7803
+ "id": "CWE-416",
7804
+ "name": "Use After Free",
7805
+ "category": "Memory Safety"
7806
+ },
7807
+ {
7808
+ "id": "CWE-434",
7809
+ "name": "Unrestricted Upload of File with Dangerous Type",
7810
+ "category": "File Handling"
7811
+ },
7812
+ {
7813
+ "id": "CWE-672",
7814
+ "name": "Operation on a Resource after Expiration or Release",
7815
+ "category": "Memory Safety"
7816
+ },
7817
+ {
7818
+ "id": "CWE-732",
7819
+ "name": "Incorrect Permission Assignment for Critical Resource",
7820
+ "category": "Authorization"
7821
+ },
7822
+ {
7823
+ "id": "CWE-78",
7824
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
7825
+ "category": "Injection"
7826
+ },
7827
+ {
7828
+ "id": "CWE-787",
7829
+ "name": "Out-of-bounds Write",
7830
+ "category": "Memory Safety"
7831
+ },
7832
+ {
7833
+ "id": "CWE-79",
7834
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
7835
+ "category": "Injection"
7836
+ },
7837
+ {
7838
+ "id": "CWE-798",
7839
+ "name": "Use of Hard-coded Credentials",
7840
+ "category": "Credentials"
7841
+ },
7842
+ {
7843
+ "id": "CWE-89",
7844
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
7845
+ "category": "Injection"
7846
+ },
7847
+ {
7848
+ "id": "CWE-918",
7849
+ "name": "Server-Side Request Forgery (SSRF)",
7850
+ "category": "Network"
7851
+ }
7852
+ ],
7853
+ "atlas": [
7854
+ {
7855
+ "id": "AML.T0010",
7856
+ "name": "ML Supply Chain Compromise",
7857
+ "tactic": "Initial Access"
7858
+ },
7859
+ {
7860
+ "id": "AML.T0043",
7861
+ "name": "Craft Adversarial Data",
7862
+ "tactic": "ML Attack Staging"
7863
+ },
7864
+ {
7865
+ "id": "AML.T0051",
7866
+ "name": "LLM Prompt Injection",
7867
+ "tactic": "Execution"
7868
+ }
7869
+ ],
7870
+ "d3fend": [
7871
+ {
7872
+ "id": "D3-ASLR",
7873
+ "name": "Address Space Layout Randomization",
7874
+ "tactic": "Harden"
7875
+ },
7876
+ {
7877
+ "id": "D3-CSPP",
7878
+ "name": "Client-server Payload Profiling",
7879
+ "tactic": "Detect"
7880
+ },
7881
+ {
7882
+ "id": "D3-EAL",
7883
+ "name": "Executable Allowlisting",
7884
+ "tactic": "Harden"
7885
+ },
7886
+ {
7887
+ "id": "D3-NTA",
7888
+ "name": "Network Traffic Analysis",
7889
+ "tactic": "Detect"
7890
+ },
7891
+ {
7892
+ "id": "D3-PHRA",
7893
+ "name": "Process Hardware Resource Access",
7894
+ "tactic": "Isolate"
7895
+ },
7896
+ {
7897
+ "id": "D3-PSEP",
7898
+ "name": "Process Segment Execution Prevention",
7899
+ "tactic": "Harden"
7900
+ }
7901
+ ],
7902
+ "framework_gaps": [
7903
+ {
7904
+ "id": "CIS-Controls-v8-Control7",
7905
+ "framework": "CIS Controls v8",
7906
+ "control_name": "Continuous Vulnerability Management"
7907
+ },
7908
+ {
7909
+ "id": "IEC-62443-3-3",
7910
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
7911
+ "control_name": "System security requirements and security levels"
7912
+ },
7913
+ {
7914
+ "id": "ISO-27001-2022-A.8.8",
7915
+ "framework": "ISO/IEC 27001:2022",
7916
+ "control_name": "Management of technical vulnerabilities"
7917
+ },
7918
+ {
7919
+ "id": "NERC-CIP-007-6-R4",
7920
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
7921
+ "control_name": "Security event monitoring"
7922
+ },
7923
+ {
7924
+ "id": "NIS2-Art21-patch-management",
7925
+ "framework": "EU NIS2 Directive",
7926
+ "control_name": "Vulnerability handling and disclosure"
7927
+ },
7928
+ {
7929
+ "id": "NIST-800-115",
7930
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
7931
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
7932
+ },
7933
+ {
7934
+ "id": "NIST-800-218-SSDF",
7935
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
7936
+ "control_name": "Secure Software Development Framework"
7937
+ },
7938
+ {
7939
+ "id": "NIST-800-53-SC-8",
7940
+ "framework": "NIST SP 800-53 Rev 5",
7941
+ "control_name": "Transmission Confidentiality and Integrity"
7942
+ },
7943
+ {
7944
+ "id": "NIST-800-53-SI-2",
7945
+ "framework": "NIST SP 800-53 Rev 5",
7946
+ "control_name": "Flaw Remediation"
7947
+ },
7948
+ {
7949
+ "id": "NIST-800-82r3",
7950
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
7951
+ "control_name": "Guide to Operational Technology (OT) Security"
7952
+ },
7953
+ {
7954
+ "id": "OWASP-Pen-Testing-Guide-v5",
7955
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
7956
+ "control_name": "Web application penetration testing methodology"
7957
+ },
7958
+ {
7959
+ "id": "PCI-DSS-4.0-6.3.3",
7960
+ "framework": "PCI DSS 4.0",
7961
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
7962
+ },
7963
+ {
7964
+ "id": "PTES-Pre-engagement",
7965
+ "framework": "Penetration Testing Execution Standard (PTES)",
7966
+ "control_name": "Pre-engagement Interactions"
7967
+ },
7968
+ {
7969
+ "id": "SOC2-CC9-vendor-management",
7970
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
7971
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
7972
+ }
7973
+ ],
7974
+ "attack_refs": [
7975
+ "T0855",
7976
+ "T0883",
7977
+ "T1059",
7978
+ "T1068",
7979
+ "T1078",
7980
+ "T1133",
7981
+ "T1190",
7982
+ "T1548.001"
7983
+ ],
7984
+ "rfc_refs": [
7985
+ "RFC-4301",
7986
+ "RFC-4303",
7987
+ "RFC-7296"
7988
+ ]
7989
+ }
7990
+ },
7991
+ "CVE-2025-43529": {
7992
+ "name": "Apple WebKit Use-After-Free (DarkSword 1-click chain)",
7993
+ "rwep": 77,
7994
+ "cvss": 8.8,
7995
+ "cisa_kev": true,
7996
+ "referencing_skills": [
7997
+ "kernel-lpe-triage",
7998
+ "coordinated-vuln-disclosure"
7999
+ ],
8000
+ "chain": {
8001
+ "cwes": [
8002
+ {
8003
+ "id": "CWE-125",
8004
+ "name": "Out-of-bounds Read",
8005
+ "category": "Memory Safety"
8006
+ },
8007
+ {
8008
+ "id": "CWE-1357",
8009
+ "name": "Reliance on Insufficiently Trustworthy Component",
8010
+ "category": "Supply Chain"
8011
+ },
8012
+ {
8013
+ "id": "CWE-362",
8014
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
8015
+ "category": "Concurrency"
8016
+ },
8017
+ {
8018
+ "id": "CWE-416",
8019
+ "name": "Use After Free",
8020
+ "category": "Memory Safety"
8021
+ },
8022
+ {
8023
+ "id": "CWE-672",
8024
+ "name": "Operation on a Resource after Expiration or Release",
8025
+ "category": "Memory Safety"
8026
+ },
8027
+ {
8028
+ "id": "CWE-787",
8029
+ "name": "Out-of-bounds Write",
8030
+ "category": "Memory Safety"
8031
+ }
8032
+ ],
8033
+ "atlas": [],
8034
+ "d3fend": [
8035
+ {
8036
+ "id": "D3-ASLR",
8037
+ "name": "Address Space Layout Randomization",
8038
+ "tactic": "Harden"
8039
+ },
8040
+ {
8041
+ "id": "D3-EAL",
8042
+ "name": "Executable Allowlisting",
8043
+ "tactic": "Harden"
8044
+ },
8045
+ {
8046
+ "id": "D3-PHRA",
8047
+ "name": "Process Hardware Resource Access",
8048
+ "tactic": "Isolate"
8049
+ },
8050
+ {
8051
+ "id": "D3-PSEP",
8052
+ "name": "Process Segment Execution Prevention",
8053
+ "tactic": "Harden"
8054
+ }
8055
+ ],
8056
+ "framework_gaps": [
8057
+ {
8058
+ "id": "CIS-Controls-v8-Control7",
8059
+ "framework": "CIS Controls v8",
8060
+ "control_name": "Continuous Vulnerability Management"
8061
+ },
8062
+ {
8063
+ "id": "ISO-27001-2022-A.8.8",
8064
+ "framework": "ISO/IEC 27001:2022",
8065
+ "control_name": "Management of technical vulnerabilities"
8066
+ },
8067
+ {
8068
+ "id": "NIS2-Art21-patch-management",
8069
+ "framework": "EU NIS2 Directive",
8070
+ "control_name": "Vulnerability handling and disclosure"
8071
+ },
8072
+ {
8073
+ "id": "NIST-800-218-SSDF",
8074
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
8075
+ "control_name": "Secure Software Development Framework"
8076
+ },
8077
+ {
8078
+ "id": "NIST-800-53-SC-8",
8079
+ "framework": "NIST SP 800-53 Rev 5",
8080
+ "control_name": "Transmission Confidentiality and Integrity"
8081
+ },
8082
+ {
8083
+ "id": "NIST-800-53-SI-2",
8084
+ "framework": "NIST SP 800-53 Rev 5",
8085
+ "control_name": "Flaw Remediation"
8086
+ },
8087
+ {
8088
+ "id": "PCI-DSS-4.0-6.3.3",
8089
+ "framework": "PCI DSS 4.0",
8090
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
8091
+ },
8092
+ {
8093
+ "id": "SOC2-CC9-vendor-management",
8094
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
8095
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
8096
+ }
8097
+ ],
8098
+ "attack_refs": [
8099
+ "T1068",
8100
+ "T1548.001"
8101
+ ],
8102
+ "rfc_refs": [
8103
+ "RFC-4301",
8104
+ "RFC-4303",
8105
+ "RFC-7296"
8106
+ ]
8107
+ }
8108
+ },
8109
+ "CVE-2025-4919": {
8110
+ "name": "Firefox SpiderMonkey Type Confusion (Pwn2Own Berlin)",
8111
+ "rwep": 20,
8112
+ "cvss": 8.8,
8113
+ "cisa_kev": false,
8114
+ "referencing_skills": [
8115
+ "kernel-lpe-triage",
8116
+ "coordinated-vuln-disclosure"
8117
+ ],
8118
+ "chain": {
8119
+ "cwes": [
8120
+ {
8121
+ "id": "CWE-125",
8122
+ "name": "Out-of-bounds Read",
8123
+ "category": "Memory Safety"
8124
+ },
8125
+ {
8126
+ "id": "CWE-1357",
8127
+ "name": "Reliance on Insufficiently Trustworthy Component",
8128
+ "category": "Supply Chain"
8129
+ },
8130
+ {
8131
+ "id": "CWE-362",
8132
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
8133
+ "category": "Concurrency"
8134
+ },
8135
+ {
8136
+ "id": "CWE-416",
8137
+ "name": "Use After Free",
8138
+ "category": "Memory Safety"
8139
+ },
8140
+ {
8141
+ "id": "CWE-672",
8142
+ "name": "Operation on a Resource after Expiration or Release",
8143
+ "category": "Memory Safety"
8144
+ },
8145
+ {
8146
+ "id": "CWE-787",
8147
+ "name": "Out-of-bounds Write",
8148
+ "category": "Memory Safety"
8149
+ }
8150
+ ],
8151
+ "atlas": [],
8152
+ "d3fend": [
8153
+ {
8154
+ "id": "D3-ASLR",
8155
+ "name": "Address Space Layout Randomization",
8156
+ "tactic": "Harden"
8157
+ },
8158
+ {
8159
+ "id": "D3-EAL",
8160
+ "name": "Executable Allowlisting",
8161
+ "tactic": "Harden"
8162
+ },
8163
+ {
8164
+ "id": "D3-PHRA",
8165
+ "name": "Process Hardware Resource Access",
8166
+ "tactic": "Isolate"
8167
+ },
8168
+ {
8169
+ "id": "D3-PSEP",
8170
+ "name": "Process Segment Execution Prevention",
8171
+ "tactic": "Harden"
8172
+ }
8173
+ ],
8174
+ "framework_gaps": [
8175
+ {
8176
+ "id": "CIS-Controls-v8-Control7",
8177
+ "framework": "CIS Controls v8",
8178
+ "control_name": "Continuous Vulnerability Management"
8179
+ },
8180
+ {
8181
+ "id": "ISO-27001-2022-A.8.8",
8182
+ "framework": "ISO/IEC 27001:2022",
8183
+ "control_name": "Management of technical vulnerabilities"
8184
+ },
8185
+ {
8186
+ "id": "NIS2-Art21-patch-management",
8187
+ "framework": "EU NIS2 Directive",
8188
+ "control_name": "Vulnerability handling and disclosure"
8189
+ },
8190
+ {
8191
+ "id": "NIST-800-218-SSDF",
8192
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
8193
+ "control_name": "Secure Software Development Framework"
8194
+ },
8195
+ {
8196
+ "id": "NIST-800-53-SC-8",
8197
+ "framework": "NIST SP 800-53 Rev 5",
8198
+ "control_name": "Transmission Confidentiality and Integrity"
8199
+ },
8200
+ {
8201
+ "id": "NIST-800-53-SI-2",
8202
+ "framework": "NIST SP 800-53 Rev 5",
8203
+ "control_name": "Flaw Remediation"
8204
+ },
8205
+ {
8206
+ "id": "PCI-DSS-4.0-6.3.3",
8207
+ "framework": "PCI DSS 4.0",
8208
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
8209
+ },
8210
+ {
8211
+ "id": "SOC2-CC9-vendor-management",
8212
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
8213
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
8214
+ }
8215
+ ],
8216
+ "attack_refs": [
8217
+ "T1068",
8218
+ "T1548.001"
8219
+ ],
8220
+ "rfc_refs": [
8221
+ "RFC-4301",
8222
+ "RFC-4303",
8223
+ "RFC-7296"
8224
+ ]
8225
+ }
8226
+ },
8227
+ "CVE-2025-24201": {
8228
+ "name": "Apple WebKit Out-of-Bounds Write (Glass Cage chain, iOS sandbox escape)",
8229
+ "rwep": 80,
8230
+ "cvss": 8.8,
8231
+ "cisa_kev": true,
8232
+ "referencing_skills": [
8233
+ "kernel-lpe-triage",
8234
+ "coordinated-vuln-disclosure"
8235
+ ],
8236
+ "chain": {
8237
+ "cwes": [
8238
+ {
8239
+ "id": "CWE-125",
8240
+ "name": "Out-of-bounds Read",
8241
+ "category": "Memory Safety"
8242
+ },
8243
+ {
8244
+ "id": "CWE-1357",
8245
+ "name": "Reliance on Insufficiently Trustworthy Component",
8246
+ "category": "Supply Chain"
8247
+ },
8248
+ {
8249
+ "id": "CWE-362",
8250
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
8251
+ "category": "Concurrency"
8252
+ },
8253
+ {
8254
+ "id": "CWE-416",
8255
+ "name": "Use After Free",
8256
+ "category": "Memory Safety"
8257
+ },
8258
+ {
8259
+ "id": "CWE-672",
8260
+ "name": "Operation on a Resource after Expiration or Release",
8261
+ "category": "Memory Safety"
8262
+ },
8263
+ {
8264
+ "id": "CWE-787",
8265
+ "name": "Out-of-bounds Write",
8266
+ "category": "Memory Safety"
8267
+ }
8268
+ ],
8269
+ "atlas": [],
8270
+ "d3fend": [
8271
+ {
8272
+ "id": "D3-ASLR",
8273
+ "name": "Address Space Layout Randomization",
8274
+ "tactic": "Harden"
8275
+ },
8276
+ {
8277
+ "id": "D3-EAL",
8278
+ "name": "Executable Allowlisting",
8279
+ "tactic": "Harden"
8280
+ },
8281
+ {
8282
+ "id": "D3-PHRA",
8283
+ "name": "Process Hardware Resource Access",
8284
+ "tactic": "Isolate"
8285
+ },
8286
+ {
8287
+ "id": "D3-PSEP",
8288
+ "name": "Process Segment Execution Prevention",
8289
+ "tactic": "Harden"
8290
+ }
8291
+ ],
8292
+ "framework_gaps": [
8293
+ {
8294
+ "id": "CIS-Controls-v8-Control7",
8295
+ "framework": "CIS Controls v8",
8296
+ "control_name": "Continuous Vulnerability Management"
8297
+ },
8298
+ {
8299
+ "id": "ISO-27001-2022-A.8.8",
8300
+ "framework": "ISO/IEC 27001:2022",
8301
+ "control_name": "Management of technical vulnerabilities"
8302
+ },
8303
+ {
8304
+ "id": "NIS2-Art21-patch-management",
8305
+ "framework": "EU NIS2 Directive",
8306
+ "control_name": "Vulnerability handling and disclosure"
8307
+ },
8308
+ {
8309
+ "id": "NIST-800-218-SSDF",
8310
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
8311
+ "control_name": "Secure Software Development Framework"
8312
+ },
8313
+ {
8314
+ "id": "NIST-800-53-SC-8",
8315
+ "framework": "NIST SP 800-53 Rev 5",
8316
+ "control_name": "Transmission Confidentiality and Integrity"
8317
+ },
8318
+ {
8319
+ "id": "NIST-800-53-SI-2",
8320
+ "framework": "NIST SP 800-53 Rev 5",
8321
+ "control_name": "Flaw Remediation"
8322
+ },
8323
+ {
8324
+ "id": "PCI-DSS-4.0-6.3.3",
8325
+ "framework": "PCI DSS 4.0",
8326
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
8327
+ },
8328
+ {
8329
+ "id": "SOC2-CC9-vendor-management",
8330
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
8331
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
8332
+ }
8333
+ ],
8334
+ "attack_refs": [
8335
+ "T1068",
8336
+ "T1548.001"
8337
+ ],
8338
+ "rfc_refs": [
8339
+ "RFC-4301",
8340
+ "RFC-4303",
8341
+ "RFC-7296"
8342
+ ]
8343
+ }
8344
+ },
8345
+ "CVE-2025-43300": {
8346
+ "name": "Apple ImageIO Out-of-Bounds Write (DNG/JPEG-lossless, zero-click chain root)",
8347
+ "rwep": 80,
8348
+ "cvss": 8.8,
8349
+ "cisa_kev": true,
8350
+ "referencing_skills": [
8351
+ "kernel-lpe-triage",
8352
+ "attack-surface-pentest",
8353
+ "ot-ics-security",
8354
+ "coordinated-vuln-disclosure",
8355
+ "sector-energy"
8356
+ ],
8357
+ "chain": {
8358
+ "cwes": [
8359
+ {
8360
+ "id": "CWE-1037",
8361
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
8362
+ "category": "Hardware / Side Channel"
8363
+ },
8364
+ {
8365
+ "id": "CWE-125",
8366
+ "name": "Out-of-bounds Read",
8367
+ "category": "Memory Safety"
8368
+ },
8369
+ {
8370
+ "id": "CWE-1357",
8371
+ "name": "Reliance on Insufficiently Trustworthy Component",
8372
+ "category": "Supply Chain"
8373
+ },
8374
+ {
8375
+ "id": "CWE-1395",
8376
+ "name": "Dependency on Vulnerable Third-Party Component",
8377
+ "category": "Supply Chain"
8378
+ },
8379
+ {
8380
+ "id": "CWE-22",
8381
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
8382
+ "category": "Path/Resource"
8383
+ },
8384
+ {
8385
+ "id": "CWE-269",
8386
+ "name": "Improper Privilege Management",
8387
+ "category": "Authorization"
8388
+ },
8389
+ {
8390
+ "id": "CWE-287",
8391
+ "name": "Improper Authentication",
8392
+ "category": "Authentication"
8393
+ },
8394
+ {
8395
+ "id": "CWE-306",
8396
+ "name": "Missing Authentication for Critical Function",
8397
+ "category": "Authentication"
8398
+ },
8399
+ {
8400
+ "id": "CWE-352",
8401
+ "name": "Cross-Site Request Forgery (CSRF)",
8402
+ "category": "Session"
8403
+ },
8404
+ {
8405
+ "id": "CWE-362",
8406
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
8407
+ "category": "Concurrency"
8408
+ },
8409
+ {
8410
+ "id": "CWE-416",
8411
+ "name": "Use After Free",
8412
+ "category": "Memory Safety"
8413
+ },
8414
+ {
8415
+ "id": "CWE-434",
8416
+ "name": "Unrestricted Upload of File with Dangerous Type",
8417
+ "category": "File Handling"
8418
+ },
8419
+ {
8420
+ "id": "CWE-672",
8421
+ "name": "Operation on a Resource after Expiration or Release",
8422
+ "category": "Memory Safety"
8423
+ },
8424
+ {
8425
+ "id": "CWE-732",
8426
+ "name": "Incorrect Permission Assignment for Critical Resource",
8427
+ "category": "Authorization"
8428
+ },
8429
+ {
8430
+ "id": "CWE-78",
8431
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
8432
+ "category": "Injection"
8433
+ },
8434
+ {
8435
+ "id": "CWE-787",
8436
+ "name": "Out-of-bounds Write",
8437
+ "category": "Memory Safety"
8438
+ },
8439
+ {
8440
+ "id": "CWE-79",
8441
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
8442
+ "category": "Injection"
8443
+ },
8444
+ {
8445
+ "id": "CWE-798",
8446
+ "name": "Use of Hard-coded Credentials",
8447
+ "category": "Credentials"
8448
+ },
8449
+ {
8450
+ "id": "CWE-89",
8451
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
8452
+ "category": "Injection"
8453
+ },
8454
+ {
8455
+ "id": "CWE-918",
8456
+ "name": "Server-Side Request Forgery (SSRF)",
8457
+ "category": "Network"
8458
+ }
8459
+ ],
8460
+ "atlas": [
8461
+ {
8462
+ "id": "AML.T0010",
8463
+ "name": "ML Supply Chain Compromise",
8464
+ "tactic": "Initial Access"
8465
+ },
8466
+ {
8467
+ "id": "AML.T0043",
8468
+ "name": "Craft Adversarial Data",
8469
+ "tactic": "ML Attack Staging"
8470
+ },
8471
+ {
8472
+ "id": "AML.T0051",
8473
+ "name": "LLM Prompt Injection",
8474
+ "tactic": "Execution"
8475
+ }
8476
+ ],
8477
+ "d3fend": [
8478
+ {
8479
+ "id": "D3-ASLR",
8480
+ "name": "Address Space Layout Randomization",
8481
+ "tactic": "Harden"
8482
+ },
8483
+ {
8484
+ "id": "D3-CSPP",
8485
+ "name": "Client-server Payload Profiling",
8486
+ "tactic": "Detect"
8487
+ },
8488
+ {
8489
+ "id": "D3-EAL",
8490
+ "name": "Executable Allowlisting",
8491
+ "tactic": "Harden"
8492
+ },
8493
+ {
8494
+ "id": "D3-NTA",
8495
+ "name": "Network Traffic Analysis",
8496
+ "tactic": "Detect"
8497
+ },
8498
+ {
8499
+ "id": "D3-PHRA",
8500
+ "name": "Process Hardware Resource Access",
8501
+ "tactic": "Isolate"
8502
+ },
8503
+ {
8504
+ "id": "D3-PSEP",
8505
+ "name": "Process Segment Execution Prevention",
8506
+ "tactic": "Harden"
8507
+ }
8508
+ ],
8509
+ "framework_gaps": [
8510
+ {
8511
+ "id": "CIS-Controls-v8-Control7",
8512
+ "framework": "CIS Controls v8",
8513
+ "control_name": "Continuous Vulnerability Management"
8514
+ },
8515
+ {
8516
+ "id": "IEC-62443-3-3",
8517
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
8518
+ "control_name": "System security requirements and security levels"
8519
+ },
8520
+ {
8521
+ "id": "ISO-27001-2022-A.8.8",
8522
+ "framework": "ISO/IEC 27001:2022",
8523
+ "control_name": "Management of technical vulnerabilities"
8524
+ },
8525
+ {
8526
+ "id": "NERC-CIP-007-6-R4",
8527
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
8528
+ "control_name": "Security event monitoring"
8529
+ },
8530
+ {
8531
+ "id": "NIS2-Art21-patch-management",
8532
+ "framework": "EU NIS2 Directive",
8533
+ "control_name": "Vulnerability handling and disclosure"
8534
+ },
8535
+ {
8536
+ "id": "NIST-800-115",
8537
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
8538
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
8539
+ },
8540
+ {
8541
+ "id": "NIST-800-218-SSDF",
8542
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
8543
+ "control_name": "Secure Software Development Framework"
8544
+ },
8545
+ {
8546
+ "id": "NIST-800-53-SC-8",
8547
+ "framework": "NIST SP 800-53 Rev 5",
8548
+ "control_name": "Transmission Confidentiality and Integrity"
8549
+ },
8550
+ {
8551
+ "id": "NIST-800-53-SI-2",
8552
+ "framework": "NIST SP 800-53 Rev 5",
8553
+ "control_name": "Flaw Remediation"
8554
+ },
8555
+ {
8556
+ "id": "NIST-800-82r3",
8557
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
8558
+ "control_name": "Guide to Operational Technology (OT) Security"
8559
+ },
8560
+ {
8561
+ "id": "OWASP-Pen-Testing-Guide-v5",
8562
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
8563
+ "control_name": "Web application penetration testing methodology"
8564
+ },
8565
+ {
8566
+ "id": "PCI-DSS-4.0-6.3.3",
8567
+ "framework": "PCI DSS 4.0",
8568
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
8569
+ },
8570
+ {
8571
+ "id": "PTES-Pre-engagement",
8572
+ "framework": "Penetration Testing Execution Standard (PTES)",
8573
+ "control_name": "Pre-engagement Interactions"
8574
+ },
8575
+ {
8576
+ "id": "SOC2-CC9-vendor-management",
8577
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
8578
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
8579
+ }
8580
+ ],
8581
+ "attack_refs": [
8582
+ "T0855",
8583
+ "T0883",
8584
+ "T1059",
8585
+ "T1068",
8586
+ "T1078",
8587
+ "T1133",
8588
+ "T1190",
8589
+ "T1548.001"
8590
+ ],
8591
+ "rfc_refs": [
8592
+ "RFC-4301",
8593
+ "RFC-4303",
8594
+ "RFC-7296"
8595
+ ]
8596
+ }
8597
+ },
8598
+ "CVE-2025-38352": {
8599
+ "name": "Android / Linux Kernel POSIX CPU Timer Race (sandbox-escape LPE)",
8600
+ "rwep": 73,
8601
+ "cvss": 7.4,
8602
+ "cisa_kev": true,
8603
+ "referencing_skills": [
8604
+ "kernel-lpe-triage",
8605
+ "attack-surface-pentest",
8606
+ "ot-ics-security",
8607
+ "coordinated-vuln-disclosure",
8608
+ "sector-energy"
8609
+ ],
8610
+ "chain": {
8611
+ "cwes": [
8612
+ {
8613
+ "id": "CWE-1037",
8614
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
8615
+ "category": "Hardware / Side Channel"
8616
+ },
8617
+ {
8618
+ "id": "CWE-125",
8619
+ "name": "Out-of-bounds Read",
8620
+ "category": "Memory Safety"
8621
+ },
8622
+ {
8623
+ "id": "CWE-1357",
8624
+ "name": "Reliance on Insufficiently Trustworthy Component",
8625
+ "category": "Supply Chain"
8626
+ },
8627
+ {
8628
+ "id": "CWE-1395",
8629
+ "name": "Dependency on Vulnerable Third-Party Component",
8630
+ "category": "Supply Chain"
8631
+ },
8632
+ {
8633
+ "id": "CWE-22",
8634
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
8635
+ "category": "Path/Resource"
8636
+ },
8637
+ {
8638
+ "id": "CWE-269",
8639
+ "name": "Improper Privilege Management",
8640
+ "category": "Authorization"
8641
+ },
8642
+ {
8643
+ "id": "CWE-287",
8644
+ "name": "Improper Authentication",
8645
+ "category": "Authentication"
8646
+ },
8647
+ {
8648
+ "id": "CWE-306",
8649
+ "name": "Missing Authentication for Critical Function",
8650
+ "category": "Authentication"
8651
+ },
8652
+ {
8653
+ "id": "CWE-352",
8654
+ "name": "Cross-Site Request Forgery (CSRF)",
8655
+ "category": "Session"
8656
+ },
8657
+ {
8658
+ "id": "CWE-362",
8659
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
8660
+ "category": "Concurrency"
8661
+ },
8662
+ {
8663
+ "id": "CWE-416",
8664
+ "name": "Use After Free",
8665
+ "category": "Memory Safety"
8666
+ },
8667
+ {
8668
+ "id": "CWE-434",
8669
+ "name": "Unrestricted Upload of File with Dangerous Type",
8670
+ "category": "File Handling"
8671
+ },
8672
+ {
8673
+ "id": "CWE-672",
8674
+ "name": "Operation on a Resource after Expiration or Release",
8675
+ "category": "Memory Safety"
8676
+ },
8677
+ {
8678
+ "id": "CWE-732",
8679
+ "name": "Incorrect Permission Assignment for Critical Resource",
8680
+ "category": "Authorization"
8681
+ },
8682
+ {
8683
+ "id": "CWE-78",
8684
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
8685
+ "category": "Injection"
8686
+ },
8687
+ {
8688
+ "id": "CWE-787",
8689
+ "name": "Out-of-bounds Write",
8690
+ "category": "Memory Safety"
8691
+ },
8692
+ {
8693
+ "id": "CWE-79",
8694
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
8695
+ "category": "Injection"
8696
+ },
8697
+ {
8698
+ "id": "CWE-798",
8699
+ "name": "Use of Hard-coded Credentials",
8700
+ "category": "Credentials"
8701
+ },
8702
+ {
8703
+ "id": "CWE-89",
8704
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
8705
+ "category": "Injection"
8706
+ },
8707
+ {
8708
+ "id": "CWE-918",
8709
+ "name": "Server-Side Request Forgery (SSRF)",
8710
+ "category": "Network"
8711
+ }
8712
+ ],
8713
+ "atlas": [
8714
+ {
8715
+ "id": "AML.T0010",
8716
+ "name": "ML Supply Chain Compromise",
8717
+ "tactic": "Initial Access"
8718
+ },
8719
+ {
8720
+ "id": "AML.T0043",
8721
+ "name": "Craft Adversarial Data",
8722
+ "tactic": "ML Attack Staging"
8723
+ },
8724
+ {
8725
+ "id": "AML.T0051",
8726
+ "name": "LLM Prompt Injection",
8727
+ "tactic": "Execution"
8728
+ }
8729
+ ],
8730
+ "d3fend": [
8731
+ {
8732
+ "id": "D3-ASLR",
8733
+ "name": "Address Space Layout Randomization",
8734
+ "tactic": "Harden"
8735
+ },
8736
+ {
8737
+ "id": "D3-CSPP",
8738
+ "name": "Client-server Payload Profiling",
8739
+ "tactic": "Detect"
8740
+ },
8741
+ {
8742
+ "id": "D3-EAL",
8743
+ "name": "Executable Allowlisting",
8744
+ "tactic": "Harden"
8745
+ },
8746
+ {
8747
+ "id": "D3-NTA",
8748
+ "name": "Network Traffic Analysis",
8749
+ "tactic": "Detect"
8750
+ },
8751
+ {
8752
+ "id": "D3-PHRA",
8753
+ "name": "Process Hardware Resource Access",
8754
+ "tactic": "Isolate"
8755
+ },
8756
+ {
8757
+ "id": "D3-PSEP",
8758
+ "name": "Process Segment Execution Prevention",
8759
+ "tactic": "Harden"
8760
+ }
8761
+ ],
8762
+ "framework_gaps": [
8763
+ {
8764
+ "id": "CIS-Controls-v8-Control7",
8765
+ "framework": "CIS Controls v8",
8766
+ "control_name": "Continuous Vulnerability Management"
8767
+ },
8768
+ {
8769
+ "id": "IEC-62443-3-3",
8770
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
8771
+ "control_name": "System security requirements and security levels"
8772
+ },
8773
+ {
8774
+ "id": "ISO-27001-2022-A.8.8",
8775
+ "framework": "ISO/IEC 27001:2022",
8776
+ "control_name": "Management of technical vulnerabilities"
8777
+ },
8778
+ {
8779
+ "id": "NERC-CIP-007-6-R4",
8780
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
8781
+ "control_name": "Security event monitoring"
8782
+ },
8783
+ {
8784
+ "id": "NIS2-Art21-patch-management",
8785
+ "framework": "EU NIS2 Directive",
8786
+ "control_name": "Vulnerability handling and disclosure"
8787
+ },
8788
+ {
8789
+ "id": "NIST-800-115",
8790
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
8791
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
8792
+ },
8793
+ {
8794
+ "id": "NIST-800-218-SSDF",
8795
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
8796
+ "control_name": "Secure Software Development Framework"
8797
+ },
8798
+ {
8799
+ "id": "NIST-800-53-SC-8",
8800
+ "framework": "NIST SP 800-53 Rev 5",
8801
+ "control_name": "Transmission Confidentiality and Integrity"
8802
+ },
8803
+ {
8804
+ "id": "NIST-800-53-SI-2",
8805
+ "framework": "NIST SP 800-53 Rev 5",
8806
+ "control_name": "Flaw Remediation"
8807
+ },
8808
+ {
8809
+ "id": "NIST-800-82r3",
8810
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
8811
+ "control_name": "Guide to Operational Technology (OT) Security"
8812
+ },
8813
+ {
8814
+ "id": "OWASP-Pen-Testing-Guide-v5",
8815
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
8816
+ "control_name": "Web application penetration testing methodology"
8817
+ },
8818
+ {
8819
+ "id": "PCI-DSS-4.0-6.3.3",
8820
+ "framework": "PCI DSS 4.0",
8821
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
8822
+ },
8823
+ {
8824
+ "id": "PTES-Pre-engagement",
8825
+ "framework": "Penetration Testing Execution Standard (PTES)",
8826
+ "control_name": "Pre-engagement Interactions"
8827
+ },
8828
+ {
8829
+ "id": "SOC2-CC9-vendor-management",
8830
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
8831
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
8832
+ }
8833
+ ],
8834
+ "attack_refs": [
8835
+ "T0855",
8836
+ "T0883",
8837
+ "T1059",
8838
+ "T1068",
8839
+ "T1078",
8840
+ "T1133",
8841
+ "T1190",
8842
+ "T1548.001"
8843
+ ],
8844
+ "rfc_refs": [
8845
+ "RFC-4301",
8846
+ "RFC-4303",
8847
+ "RFC-7296"
8848
+ ]
8849
+ }
8850
+ },
8851
+ "CVE-2025-55241": {
8852
+ "name": "Microsoft Entra ID Cross-Tenant Actor Token Impersonation",
8853
+ "rwep": 15,
8854
+ "cvss": 10,
8855
+ "cisa_kev": false,
8856
+ "referencing_skills": [],
8857
+ "chain": {
8858
+ "cwes": [],
8859
+ "atlas": [],
8860
+ "d3fend": [],
8861
+ "framework_gaps": [],
8862
+ "attack_refs": [],
8863
+ "rfc_refs": []
8864
+ }
8865
+ },
8866
+ "CVE-2025-21085": {
8867
+ "name": "Cisco Duo Authentication Proxy Credential Disclosure in Logs",
8868
+ "rwep": 20,
8869
+ "cvss": 5,
8870
+ "cisa_kev": false,
8871
+ "referencing_skills": [],
8872
+ "chain": {
8873
+ "cwes": [],
8874
+ "atlas": [],
8875
+ "d3fend": [],
8876
+ "framework_gaps": [],
8877
+ "attack_refs": [],
8878
+ "rfc_refs": []
8879
+ }
8880
+ },
8881
+ "CVE-2025-1094": {
8882
+ "name": "PostgreSQL psql SQL Injection via Invalid UTF-8 → ACE",
8883
+ "rwep": 77,
8884
+ "cvss": 8.1,
8885
+ "cisa_kev": true,
8886
+ "referencing_skills": [
8887
+ "kernel-lpe-triage",
8888
+ "ai-attack-surface",
8889
+ "rag-pipeline-security",
8890
+ "attack-surface-pentest",
8891
+ "ot-ics-security",
8892
+ "threat-modeling-methodology",
8893
+ "webapp-security",
8894
+ "sector-energy",
8895
+ "api-security",
8896
+ "container-runtime-security"
8897
+ ],
8898
+ "chain": {
8899
+ "cwes": [
8900
+ {
8901
+ "id": "CWE-1037",
8902
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
8903
+ "category": "Hardware / Side Channel"
8904
+ },
8905
+ {
8906
+ "id": "CWE-1039",
8907
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
8908
+ "category": "AI/ML"
8909
+ },
8910
+ {
8911
+ "id": "CWE-1188",
8912
+ "name": "Initialization of a Resource with an Insecure Default",
8913
+ "category": "Configuration"
8914
+ },
8915
+ {
8916
+ "id": "CWE-125",
8917
+ "name": "Out-of-bounds Read",
8918
+ "category": "Memory Safety"
8919
+ },
8920
+ {
8921
+ "id": "CWE-1395",
8922
+ "name": "Dependency on Vulnerable Third-Party Component",
8923
+ "category": "Supply Chain"
8924
+ },
8925
+ {
8926
+ "id": "CWE-1426",
8927
+ "name": "Improper Validation of Generative AI Output",
8928
+ "category": "AI/ML"
8929
+ },
8930
+ {
8931
+ "id": "CWE-200",
8932
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
8933
+ "category": "Information Exposure"
8934
+ },
8935
+ {
8936
+ "id": "CWE-22",
8937
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
8938
+ "category": "Path/Resource"
8939
+ },
8940
+ {
8941
+ "id": "CWE-269",
8942
+ "name": "Improper Privilege Management",
8943
+ "category": "Authorization"
8944
+ },
8945
+ {
8946
+ "id": "CWE-287",
8947
+ "name": "Improper Authentication",
8948
+ "category": "Authentication"
8949
+ },
8950
+ {
8951
+ "id": "CWE-306",
8952
+ "name": "Missing Authentication for Critical Function",
8953
+ "category": "Authentication"
8954
+ },
8955
+ {
8956
+ "id": "CWE-352",
8957
+ "name": "Cross-Site Request Forgery (CSRF)",
8958
+ "category": "Session"
8959
+ },
8960
+ {
8961
+ "id": "CWE-362",
8962
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
8963
+ "category": "Concurrency"
8964
+ },
8965
+ {
8966
+ "id": "CWE-416",
8967
+ "name": "Use After Free",
8968
+ "category": "Memory Safety"
8969
+ },
8970
+ {
8971
+ "id": "CWE-434",
8972
+ "name": "Unrestricted Upload of File with Dangerous Type",
8973
+ "category": "File Handling"
8974
+ },
8975
+ {
8976
+ "id": "CWE-502",
8977
+ "name": "Deserialization of Untrusted Data",
8978
+ "category": "Serialization"
8979
+ },
8980
+ {
8981
+ "id": "CWE-672",
8982
+ "name": "Operation on a Resource after Expiration or Release",
8983
+ "category": "Memory Safety"
8984
+ },
8985
+ {
8986
+ "id": "CWE-732",
8987
+ "name": "Incorrect Permission Assignment for Critical Resource",
8988
+ "category": "Authorization"
8989
+ },
8990
+ {
8991
+ "id": "CWE-77",
8992
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
8993
+ "category": "Injection"
8994
+ },
8995
+ {
8996
+ "id": "CWE-78",
8997
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
8998
+ "category": "Injection"
8999
+ },
9000
+ {
9001
+ "id": "CWE-787",
9002
+ "name": "Out-of-bounds Write",
9003
+ "category": "Memory Safety"
9004
+ },
9005
+ {
9006
+ "id": "CWE-79",
9007
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
9008
+ "category": "Injection"
9009
+ },
9010
+ {
9011
+ "id": "CWE-798",
9012
+ "name": "Use of Hard-coded Credentials",
9013
+ "category": "Credentials"
9014
+ },
9015
+ {
9016
+ "id": "CWE-862",
9017
+ "name": "Missing Authorization",
9018
+ "category": "Authorization"
9019
+ },
9020
+ {
9021
+ "id": "CWE-863",
9022
+ "name": "Incorrect Authorization",
9023
+ "category": "Authorization"
9024
+ },
9025
+ {
9026
+ "id": "CWE-89",
9027
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
9028
+ "category": "Injection"
9029
+ },
9030
+ {
9031
+ "id": "CWE-918",
9032
+ "name": "Server-Side Request Forgery (SSRF)",
9033
+ "category": "Network"
9034
+ },
9035
+ {
9036
+ "id": "CWE-94",
9037
+ "name": "Improper Control of Generation of Code (Code Injection)",
9038
+ "category": "Injection"
9039
+ }
9040
+ ],
9041
+ "atlas": [
9042
+ {
9043
+ "id": "AML.T0010",
9044
+ "name": "ML Supply Chain Compromise",
9045
+ "tactic": "Initial Access"
9046
+ },
9047
+ {
9048
+ "id": "AML.T0016",
9049
+ "name": "Obtain Capabilities: Develop Capabilities",
9050
+ "tactic": "Resource Development"
9051
+ },
9052
+ {
9053
+ "id": "AML.T0017",
9054
+ "name": "Discover ML Model Ontology",
9055
+ "tactic": "Discovery"
9056
+ },
9057
+ {
9058
+ "id": "AML.T0018",
9059
+ "name": "Backdoor ML Model",
9060
+ "tactic": "Persistence"
9061
+ },
9062
+ {
9063
+ "id": "AML.T0020",
9064
+ "name": "Poison Training Data",
9065
+ "tactic": "ML Attack Staging"
9066
+ },
9067
+ {
9068
+ "id": "AML.T0043",
9069
+ "name": "Craft Adversarial Data",
9070
+ "tactic": "ML Attack Staging"
9071
+ },
9072
+ {
9073
+ "id": "AML.T0051",
9074
+ "name": "LLM Prompt Injection",
9075
+ "tactic": "Execution"
9076
+ },
9077
+ {
9078
+ "id": "AML.T0054",
9079
+ "name": "LLM Jailbreak",
9080
+ "tactic": "Defense Evasion"
9081
+ },
9082
+ {
9083
+ "id": "AML.T0096",
9084
+ "name": "AI API as Covert C2 Channel",
9085
+ "tactic": "Command and Control"
9086
+ }
9087
+ ],
9088
+ "d3fend": [
9089
+ {
9090
+ "id": "D3-ASLR",
9091
+ "name": "Address Space Layout Randomization",
9092
+ "tactic": "Harden"
9093
+ },
9094
+ {
9095
+ "id": "D3-CSPP",
9096
+ "name": "Client-server Payload Profiling",
9097
+ "tactic": "Detect"
9098
+ },
9099
+ {
9100
+ "id": "D3-EAL",
9101
+ "name": "Executable Allowlisting",
9102
+ "tactic": "Harden"
9103
+ },
9104
+ {
9105
+ "id": "D3-IOPR",
9106
+ "name": "Input/Output Profiling Resource",
9107
+ "tactic": "Detect"
9108
+ },
9109
+ {
9110
+ "id": "D3-NTA",
9111
+ "name": "Network Traffic Analysis",
9112
+ "tactic": "Detect"
9113
+ },
9114
+ {
9115
+ "id": "D3-PHRA",
9116
+ "name": "Process Hardware Resource Access",
9117
+ "tactic": "Isolate"
9118
+ },
9119
+ {
9120
+ "id": "D3-PSEP",
9121
+ "name": "Process Segment Execution Prevention",
9122
+ "tactic": "Harden"
9123
+ }
9124
+ ],
9125
+ "framework_gaps": [
9126
+ {
9127
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
9128
+ "framework": "ALL",
9129
+ "control_name": "AI Pipeline Integrity"
9130
+ },
9131
+ {
9132
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
9133
+ "framework": "ALL",
9134
+ "control_name": "Prompt Injection as Access Control Failure"
9135
+ },
9136
+ {
9137
+ "id": "CIS-Controls-v8-Control7",
9138
+ "framework": "CIS Controls v8",
9139
+ "control_name": "Continuous Vulnerability Management"
9140
+ },
9141
+ {
9142
+ "id": "IEC-62443-3-3",
9143
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
9144
+ "control_name": "System security requirements and security levels"
9145
+ },
9146
+ {
9147
+ "id": "ISO-27001-2022-A.8.28",
9148
+ "framework": "ISO/IEC 27001:2022",
9149
+ "control_name": "Secure coding"
9150
+ },
9151
+ {
9152
+ "id": "ISO-27001-2022-A.8.8",
9153
+ "framework": "ISO/IEC 27001:2022",
9154
+ "control_name": "Management of technical vulnerabilities"
9155
+ },
9156
+ {
9157
+ "id": "ISO-IEC-23894-2023-clause-7",
9158
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
9159
+ "control_name": "AI risk management process"
9160
+ },
9161
+ {
9162
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
9163
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
9164
+ "control_name": "AI risk assessment"
9165
+ },
9166
+ {
9167
+ "id": "NERC-CIP-007-6-R4",
9168
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
9169
+ "control_name": "Security event monitoring"
9170
+ },
9171
+ {
9172
+ "id": "NIS2-Art21-patch-management",
9173
+ "framework": "EU NIS2 Directive",
9174
+ "control_name": "Vulnerability handling and disclosure"
9175
+ },
9176
+ {
9177
+ "id": "NIST-800-115",
9178
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
9179
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
9180
+ },
9181
+ {
9182
+ "id": "NIST-800-218-SSDF",
9183
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
9184
+ "control_name": "Secure Software Development Framework"
9185
+ },
9186
+ {
9187
+ "id": "NIST-800-53-AC-2",
9188
+ "framework": "NIST SP 800-53 Rev 5",
9189
+ "control_name": "Account Management"
9190
+ },
9191
+ {
9192
+ "id": "NIST-800-53-CM-7",
9193
+ "framework": "NIST SP 800-53 Rev 5",
9194
+ "control_name": "Least Functionality"
9195
+ },
9196
+ {
9197
+ "id": "NIST-800-53-SC-8",
9198
+ "framework": "NIST SP 800-53 Rev 5",
9199
+ "control_name": "Transmission Confidentiality and Integrity"
9200
+ },
9201
+ {
9202
+ "id": "NIST-800-53-SI-12",
9203
+ "framework": "NIST SP 800-53 Rev 5",
9204
+ "control_name": "Information Management and Retention"
9205
+ },
9206
+ {
9207
+ "id": "NIST-800-53-SI-2",
9208
+ "framework": "NIST SP 800-53 Rev 5",
9209
+ "control_name": "Flaw Remediation"
9210
+ },
9211
+ {
9212
+ "id": "NIST-800-53-SI-3",
9213
+ "framework": "NIST SP 800-53 Rev 5",
9214
+ "control_name": "Malicious Code Protection"
9215
+ },
9216
+ {
9217
+ "id": "NIST-800-82r3",
9218
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
9219
+ "control_name": "Guide to Operational Technology (OT) Security"
9220
+ },
9221
+ {
9222
+ "id": "NIST-AI-RMF-MEASURE-2.5",
9223
+ "framework": "NIST AI RMF 1.0",
9224
+ "control_name": "AI system to human interaction evaluation"
9225
+ },
9226
+ {
9227
+ "id": "OWASP-ASVS-v5.0-V14",
9228
+ "framework": "OWASP ASVS v5.0",
9229
+ "control_name": "Configuration verification"
9230
+ },
9231
+ {
9232
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
9233
+ "framework": "OWASP Top 10 for LLM Applications 2025",
9234
+ "control_name": "Prompt Injection"
9235
+ },
9236
+ {
9237
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
9238
+ "framework": "OWASP Top 10 for LLM Applications 2025",
9239
+ "control_name": "Sensitive Information Disclosure"
9240
+ },
9241
+ {
9242
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
9243
+ "framework": "OWASP Top 10 for LLM Applications 2025",
9244
+ "control_name": "Vector and Embedding Weaknesses"
9245
+ },
9246
+ {
9247
+ "id": "OWASP-Pen-Testing-Guide-v5",
9248
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
9249
+ "control_name": "Web application penetration testing methodology"
9250
+ },
9251
+ {
9252
+ "id": "PCI-DSS-4.0-6.3.3",
9253
+ "framework": "PCI DSS 4.0",
9254
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
9255
+ },
9256
+ {
9257
+ "id": "PTES-Pre-engagement",
9258
+ "framework": "Penetration Testing Execution Standard (PTES)",
9259
+ "control_name": "Pre-engagement Interactions"
9260
+ },
9261
+ {
9262
+ "id": "SLSA-v1.0-Build-L3",
9263
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
9264
+ "control_name": "Hardened build platform with non-falsifiable provenance"
9265
+ },
9266
+ {
9267
+ "id": "SOC2-CC6-logical-access",
9268
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
9269
+ "control_name": "Logical and Physical Access Controls"
9270
+ }
9271
+ ],
9272
+ "attack_refs": [
9273
+ "T0855",
9274
+ "T0883",
9275
+ "T1059",
9276
+ "T1068",
9277
+ "T1078",
9278
+ "T1133",
9279
+ "T1190",
9280
+ "T1505",
9281
+ "T1548.001",
9282
+ "T1565",
9283
+ "T1566",
9284
+ "T1567",
9285
+ "T1610",
9286
+ "T1611"
9287
+ ],
9288
+ "rfc_refs": [
9289
+ "RFC-4301",
9290
+ "RFC-4303",
9291
+ "RFC-6749",
9292
+ "RFC-7296",
9293
+ "RFC-7519",
9294
+ "RFC-8032",
9295
+ "RFC-8446",
9296
+ "RFC-8725",
9297
+ "RFC-9114",
9298
+ "RFC-9421",
9299
+ "RFC-9700"
9300
+ ]
9301
+ }
9302
+ },
9303
+ "CVE-2025-49844": {
9304
+ "name": "Redis Lua Use-After-Free RCE ('RediShell')",
9305
+ "rwep": 43,
9306
+ "cvss": 10,
9307
+ "cisa_kev": false,
9308
+ "referencing_skills": [
9309
+ "kernel-lpe-triage",
9310
+ "mcp-agent-trust",
9311
+ "cloud-security",
9312
+ "container-runtime-security"
9313
+ ],
9314
+ "chain": {
9315
+ "cwes": [
9316
+ {
9317
+ "id": "CWE-1188",
9318
+ "name": "Initialization of a Resource with an Insecure Default",
9319
+ "category": "Configuration"
9320
+ },
9321
+ {
9322
+ "id": "CWE-125",
9323
+ "name": "Out-of-bounds Read",
9324
+ "category": "Memory Safety"
9325
+ },
9326
+ {
9327
+ "id": "CWE-1395",
9328
+ "name": "Dependency on Vulnerable Third-Party Component",
9329
+ "category": "Supply Chain"
9330
+ },
9331
+ {
9332
+ "id": "CWE-200",
9333
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
9334
+ "category": "Information Exposure"
9335
+ },
9336
+ {
9337
+ "id": "CWE-22",
9338
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
9339
+ "category": "Path/Resource"
9340
+ },
9341
+ {
9342
+ "id": "CWE-269",
9343
+ "name": "Improper Privilege Management",
9344
+ "category": "Authorization"
9345
+ },
9346
+ {
9347
+ "id": "CWE-287",
9348
+ "name": "Improper Authentication",
9349
+ "category": "Authentication"
9350
+ },
9351
+ {
9352
+ "id": "CWE-345",
9353
+ "name": "Insufficient Verification of Data Authenticity",
9354
+ "category": "Authenticity / Supply Chain"
9355
+ },
9356
+ {
9357
+ "id": "CWE-352",
9358
+ "name": "Cross-Site Request Forgery (CSRF)",
9359
+ "category": "Session"
9360
+ },
9361
+ {
9362
+ "id": "CWE-362",
9363
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
9364
+ "category": "Concurrency"
9365
+ },
9366
+ {
9367
+ "id": "CWE-416",
9368
+ "name": "Use After Free",
9369
+ "category": "Memory Safety"
9370
+ },
9371
+ {
9372
+ "id": "CWE-434",
9373
+ "name": "Unrestricted Upload of File with Dangerous Type",
9374
+ "category": "File Handling"
9375
+ },
9376
+ {
9377
+ "id": "CWE-494",
9378
+ "name": "Download of Code Without Integrity Check",
9379
+ "category": "Supply Chain"
9380
+ },
9381
+ {
9382
+ "id": "CWE-672",
9383
+ "name": "Operation on a Resource after Expiration or Release",
9384
+ "category": "Memory Safety"
9385
+ },
9386
+ {
9387
+ "id": "CWE-732",
9388
+ "name": "Incorrect Permission Assignment for Critical Resource",
9389
+ "category": "Authorization"
9390
+ },
9391
+ {
9392
+ "id": "CWE-77",
9393
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
9394
+ "category": "Injection"
9395
+ },
9396
+ {
9397
+ "id": "CWE-787",
9398
+ "name": "Out-of-bounds Write",
9399
+ "category": "Memory Safety"
9400
+ },
9401
+ {
9402
+ "id": "CWE-798",
9403
+ "name": "Use of Hard-coded Credentials",
9404
+ "category": "Credentials"
9405
+ },
9406
+ {
9407
+ "id": "CWE-862",
9408
+ "name": "Missing Authorization",
9409
+ "category": "Authorization"
9410
+ },
9411
+ {
9412
+ "id": "CWE-918",
9413
+ "name": "Server-Side Request Forgery (SSRF)",
9414
+ "category": "Network"
9415
+ },
9416
+ {
9417
+ "id": "CWE-94",
9418
+ "name": "Improper Control of Generation of Code (Code Injection)",
9419
+ "category": "Injection"
9420
+ }
9421
+ ],
9422
+ "atlas": [
9423
+ {
9424
+ "id": "AML.T0010",
9425
+ "name": "ML Supply Chain Compromise",
9426
+ "tactic": "Initial Access"
9427
+ },
9428
+ {
9429
+ "id": "AML.T0016",
9430
+ "name": "Obtain Capabilities: Develop Capabilities",
9431
+ "tactic": "Resource Development"
9432
+ },
9433
+ {
9434
+ "id": "AML.T0017",
9435
+ "name": "Discover ML Model Ontology",
9436
+ "tactic": "Discovery"
9437
+ },
9438
+ {
9439
+ "id": "AML.T0096",
9440
+ "name": "AI API as Covert C2 Channel",
9441
+ "tactic": "Command and Control"
9442
+ }
9443
+ ],
9444
+ "d3fend": [
9445
+ {
9446
+ "id": "D3-ASLR",
9447
+ "name": "Address Space Layout Randomization",
9448
+ "tactic": "Harden"
9449
+ },
9450
+ {
9451
+ "id": "D3-CBAN",
9452
+ "name": "Certificate-based Authentication",
9453
+ "tactic": "Harden"
9454
+ },
9455
+ {
9456
+ "id": "D3-CSPP",
9457
+ "name": "Client-server Payload Profiling",
9458
+ "tactic": "Detect"
9459
+ },
9460
+ {
9461
+ "id": "D3-EAL",
9462
+ "name": "Executable Allowlisting",
9463
+ "tactic": "Harden"
9464
+ },
9465
+ {
9466
+ "id": "D3-EHB",
9467
+ "name": "Executable Hashbased Allowlist",
9468
+ "tactic": "Harden"
9469
+ },
9470
+ {
9471
+ "id": "D3-MFA",
9472
+ "name": "Multi-factor Authentication",
9473
+ "tactic": "Harden"
9474
+ },
9475
+ {
9476
+ "id": "D3-PHRA",
9477
+ "name": "Process Hardware Resource Access",
9478
+ "tactic": "Isolate"
9479
+ },
9480
+ {
9481
+ "id": "D3-PSEP",
9482
+ "name": "Process Segment Execution Prevention",
9483
+ "tactic": "Harden"
9484
+ }
9485
+ ],
9486
+ "framework_gaps": [
9487
+ {
9488
+ "id": "ALL-MCP-TOOL-TRUST",
9489
+ "framework": "ALL",
9490
+ "control_name": "MCP/Agent Tool Trust Boundaries"
9491
+ },
9492
+ {
9493
+ "id": "CIS-Controls-v8-Control7",
9494
+ "framework": "CIS Controls v8",
9495
+ "control_name": "Continuous Vulnerability Management"
9496
+ },
9497
+ {
9498
+ "id": "FedRAMP-Rev5-Moderate",
9499
+ "framework": "FedRAMP Rev 5 Moderate",
9500
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
9501
+ },
9502
+ {
9503
+ "id": "ISO-27001-2022-A.8.28",
9504
+ "framework": "ISO/IEC 27001:2022",
9505
+ "control_name": "Secure coding"
9506
+ },
9507
+ {
9508
+ "id": "ISO-27001-2022-A.8.30",
9509
+ "framework": "ISO/IEC 27001:2022",
9510
+ "control_name": "Outsourced development"
9511
+ },
9512
+ {
9513
+ "id": "ISO-27001-2022-A.8.8",
9514
+ "framework": "ISO/IEC 27001:2022",
9515
+ "control_name": "Management of technical vulnerabilities"
9516
+ },
9517
+ {
9518
+ "id": "NIS2-Art21-patch-management",
9519
+ "framework": "EU NIS2 Directive",
9520
+ "control_name": "Vulnerability handling and disclosure"
9521
+ },
9522
+ {
9523
+ "id": "NIST-800-53-CM-7",
9524
+ "framework": "NIST SP 800-53 Rev 5",
9525
+ "control_name": "Least Functionality"
9526
+ },
9527
+ {
9528
+ "id": "NIST-800-53-SA-12",
9529
+ "framework": "NIST SP 800-53 Rev 5",
9530
+ "control_name": "Supply Chain Protection"
9531
+ },
9532
+ {
9533
+ "id": "NIST-800-53-SC-8",
9534
+ "framework": "NIST SP 800-53 Rev 5",
9535
+ "control_name": "Transmission Confidentiality and Integrity"
9536
+ },
9537
+ {
9538
+ "id": "NIST-800-53-SI-2",
9539
+ "framework": "NIST SP 800-53 Rev 5",
9540
+ "control_name": "Flaw Remediation"
9541
+ },
9542
+ {
9543
+ "id": "OWASP-LLM-Top-10-2025-LLM06",
9544
+ "framework": "OWASP Top 10 for LLM Applications 2025",
9545
+ "control_name": "Excessive Agency"
9546
+ },
9547
+ {
9548
+ "id": "PCI-DSS-4.0-6.3.3",
9549
+ "framework": "PCI DSS 4.0",
9550
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
9551
+ },
9552
+ {
9553
+ "id": "SLSA-v1.0-Build-L3",
9554
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
9555
+ "control_name": "Hardened build platform with non-falsifiable provenance"
9556
+ },
9557
+ {
9558
+ "id": "SOC2-CC9-vendor-management",
9559
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
9560
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
9561
+ },
9562
+ {
9563
+ "id": "SWIFT-CSCF-v2026-1.1",
9564
+ "framework": "SWIFT Customer Security Controls Framework v2026",
9565
+ "control_name": "SWIFT Environment Protection"
9566
+ }
9567
+ ],
9568
+ "attack_refs": [
9569
+ "T1059",
9570
+ "T1068",
9571
+ "T1078",
9572
+ "T1190",
9573
+ "T1195.001",
9574
+ "T1530",
9575
+ "T1548.001",
9576
+ "T1552",
9577
+ "T1610",
9578
+ "T1611"
9579
+ ],
9580
+ "rfc_refs": [
9581
+ "RFC-4301",
9582
+ "RFC-4303",
9583
+ "RFC-6749",
9584
+ "RFC-7296",
9585
+ "RFC-7519",
9586
+ "RFC-8032",
9587
+ "RFC-8446",
9588
+ "RFC-8725",
9589
+ "RFC-9114",
9590
+ "RFC-9180",
9591
+ "RFC-9421",
9592
+ "RFC-9700"
9593
+ ]
9594
+ }
9595
+ },
9596
+ "CVE-2025-14847": {
9597
+ "name": "MongoDB Server zlib Heap-Memory Disclosure ('MongoBleed')",
9598
+ "rwep": 47,
9599
+ "cvss": 7.5,
9600
+ "cisa_kev": false,
9601
+ "referencing_skills": [
9602
+ "pqc-first",
9603
+ "dlp-gap-analysis"
9604
+ ],
9605
+ "chain": {
9606
+ "cwes": [
9607
+ {
9608
+ "id": "CWE-1426",
9609
+ "name": "Improper Validation of Generative AI Output",
9610
+ "category": "AI/ML"
9611
+ },
9612
+ {
9613
+ "id": "CWE-200",
9614
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
9615
+ "category": "Information Exposure"
9616
+ },
9617
+ {
9618
+ "id": "CWE-327",
9619
+ "name": "Use of a Broken or Risky Cryptographic Algorithm",
9620
+ "category": "Cryptography"
9621
+ }
9622
+ ],
9623
+ "atlas": [
9624
+ {
9625
+ "id": "AML.T0017",
9626
+ "name": "Discover ML Model Ontology",
9627
+ "tactic": "Discovery"
9628
+ },
9629
+ {
9630
+ "id": "AML.T0051",
9631
+ "name": "LLM Prompt Injection",
9632
+ "tactic": "Execution"
9633
+ },
9634
+ {
9635
+ "id": "AML.T0096",
9636
+ "name": "AI API as Covert C2 Channel",
9637
+ "tactic": "Command and Control"
9638
+ }
9639
+ ],
9640
+ "d3fend": [
9641
+ {
9642
+ "id": "D3-CSPP",
9643
+ "name": "Client-server Payload Profiling",
9644
+ "tactic": "Detect"
9645
+ },
9646
+ {
9647
+ "id": "D3-EAL",
9648
+ "name": "Executable Allowlisting",
9649
+ "tactic": "Harden"
9650
+ },
9651
+ {
9652
+ "id": "D3-FE",
9653
+ "name": "File Encryption",
9654
+ "tactic": "Harden"
9655
+ },
9656
+ {
9657
+ "id": "D3-IOPR",
9658
+ "name": "Input/Output Profiling Resource",
9659
+ "tactic": "Detect"
9660
+ },
9661
+ {
9662
+ "id": "D3-MENCR",
9663
+ "name": "Message Encryption",
9664
+ "tactic": "Harden"
9665
+ },
9666
+ {
9667
+ "id": "D3-NTA",
9668
+ "name": "Network Traffic Analysis",
9669
+ "tactic": "Detect"
9670
+ },
9671
+ {
9672
+ "id": "D3-NTPM",
9673
+ "name": "Network Traffic Policy Mapping",
9674
+ "tactic": "Model"
9675
+ }
9676
+ ],
9677
+ "framework_gaps": [
9678
+ {
9679
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
9680
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
9681
+ "control_name": "Access control standard (technical safeguards)"
9682
+ },
9683
+ {
9684
+ "id": "ISO-27001-2022-A.8.16",
9685
+ "framework": "ISO/IEC 27001:2022",
9686
+ "control_name": "Monitoring activities"
9687
+ },
9688
+ {
9689
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
9690
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
9691
+ "control_name": "AI risk assessment"
9692
+ },
9693
+ {
9694
+ "id": "NIST-800-53-SC-28",
9695
+ "framework": "NIST SP 800-53 Rev 5",
9696
+ "control_name": "Protection of Information at Rest"
9697
+ },
9698
+ {
9699
+ "id": "NIST-800-53-SC-7",
9700
+ "framework": "NIST SP 800-53 Rev 5",
9701
+ "control_name": "Boundary Protection"
9702
+ },
9703
+ {
9704
+ "id": "NIST-800-53-SC-8",
9705
+ "framework": "NIST SP 800-53 Rev 5",
9706
+ "control_name": "Transmission Confidentiality and Integrity"
9707
+ },
9708
+ {
9709
+ "id": "SOC2-CC7-anomaly-detection",
9710
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
9711
+ "control_name": "System Operations — Threat and Vulnerability Management"
9712
+ }
9713
+ ],
9714
+ "attack_refs": [
9715
+ "T1041",
9716
+ "T1213",
9717
+ "T1530",
9718
+ "T1567"
9719
+ ],
9720
+ "rfc_refs": [
9721
+ "DRAFT-IETF-TLS-ECDHE-MLKEM",
9722
+ "DRAFT-IETF-TLS-HYBRID-DESIGN",
9723
+ "RFC-8032",
9724
+ "RFC-8446",
9725
+ "RFC-9106",
9726
+ "RFC-9180",
9727
+ "RFC-9420",
9728
+ "RFC-9458",
9729
+ "RFC-9794"
9730
+ ]
9731
+ }
9732
+ },
9733
+ "CVE-2025-8671": {
9734
+ "name": "HTTP/2 'MadeYouReset' DoS (Rapid Reset successor)",
9735
+ "rwep": 30,
9736
+ "cvss": 7.5,
9737
+ "cisa_kev": false,
9738
+ "referencing_skills": [],
9739
+ "chain": {
9740
+ "cwes": [],
9741
+ "atlas": [],
9742
+ "d3fend": [],
9743
+ "framework_gaps": [],
9744
+ "attack_refs": [],
9745
+ "rfc_refs": []
9746
+ }
9747
+ },
9748
+ "CVE-2025-6965": {
9749
+ "name": "SQLite Memory Corruption (Big Sleep AI pre-emptive discovery)",
9750
+ "rwep": 38,
9751
+ "cvss": 7.2,
9752
+ "cisa_kev": false,
9753
+ "referencing_skills": [
9754
+ "ai-attack-surface",
9755
+ "rag-pipeline-security",
9756
+ "threat-modeling-methodology",
9757
+ "webapp-security",
9758
+ "api-security",
9759
+ "container-runtime-security"
9760
+ ],
9761
+ "chain": {
9762
+ "cwes": [
9763
+ {
9764
+ "id": "CWE-1039",
9765
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
9766
+ "category": "AI/ML"
9767
+ },
9768
+ {
9769
+ "id": "CWE-1188",
9770
+ "name": "Initialization of a Resource with an Insecure Default",
9771
+ "category": "Configuration"
9772
+ },
9773
+ {
9774
+ "id": "CWE-1395",
9775
+ "name": "Dependency on Vulnerable Third-Party Component",
9776
+ "category": "Supply Chain"
9777
+ },
9778
+ {
9779
+ "id": "CWE-1426",
9780
+ "name": "Improper Validation of Generative AI Output",
9781
+ "category": "AI/ML"
9782
+ },
9783
+ {
9784
+ "id": "CWE-200",
9785
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
9786
+ "category": "Information Exposure"
9787
+ },
9788
+ {
9789
+ "id": "CWE-22",
9790
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
9791
+ "category": "Path/Resource"
9792
+ },
9793
+ {
9794
+ "id": "CWE-269",
9795
+ "name": "Improper Privilege Management",
9796
+ "category": "Authorization"
9797
+ },
9798
+ {
9799
+ "id": "CWE-287",
9800
+ "name": "Improper Authentication",
9801
+ "category": "Authentication"
9802
+ },
9803
+ {
9804
+ "id": "CWE-352",
9805
+ "name": "Cross-Site Request Forgery (CSRF)",
9806
+ "category": "Session"
9807
+ },
9808
+ {
9809
+ "id": "CWE-434",
9810
+ "name": "Unrestricted Upload of File with Dangerous Type",
9811
+ "category": "File Handling"
9812
+ },
9813
+ {
9814
+ "id": "CWE-502",
9815
+ "name": "Deserialization of Untrusted Data",
9816
+ "category": "Serialization"
9817
+ },
9818
+ {
9819
+ "id": "CWE-732",
9820
+ "name": "Incorrect Permission Assignment for Critical Resource",
9821
+ "category": "Authorization"
9822
+ },
9823
+ {
9824
+ "id": "CWE-77",
9825
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
9826
+ "category": "Injection"
9827
+ },
9828
+ {
9829
+ "id": "CWE-78",
9830
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
9831
+ "category": "Injection"
9832
+ },
9833
+ {
9834
+ "id": "CWE-787",
9835
+ "name": "Out-of-bounds Write",
9836
+ "category": "Memory Safety"
9837
+ },
9838
+ {
9839
+ "id": "CWE-79",
9840
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
9841
+ "category": "Injection"
9842
+ },
9843
+ {
9844
+ "id": "CWE-862",
9845
+ "name": "Missing Authorization",
9846
+ "category": "Authorization"
9847
+ },
9848
+ {
9849
+ "id": "CWE-863",
9850
+ "name": "Incorrect Authorization",
9851
+ "category": "Authorization"
9852
+ },
9853
+ {
9854
+ "id": "CWE-89",
9855
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
9856
+ "category": "Injection"
9857
+ },
9858
+ {
9859
+ "id": "CWE-918",
9860
+ "name": "Server-Side Request Forgery (SSRF)",
9861
+ "category": "Network"
9862
+ },
9863
+ {
9864
+ "id": "CWE-94",
9865
+ "name": "Improper Control of Generation of Code (Code Injection)",
9866
+ "category": "Injection"
9867
+ }
9868
+ ],
9869
+ "atlas": [
9870
+ {
9871
+ "id": "AML.T0010",
9872
+ "name": "ML Supply Chain Compromise",
9873
+ "tactic": "Initial Access"
9874
+ },
9875
+ {
9876
+ "id": "AML.T0016",
9877
+ "name": "Obtain Capabilities: Develop Capabilities",
9878
+ "tactic": "Resource Development"
9879
+ },
9880
+ {
9881
+ "id": "AML.T0017",
9882
+ "name": "Discover ML Model Ontology",
9883
+ "tactic": "Discovery"
9884
+ },
9885
+ {
9886
+ "id": "AML.T0018",
9887
+ "name": "Backdoor ML Model",
9888
+ "tactic": "Persistence"
9889
+ },
9890
+ {
9891
+ "id": "AML.T0020",
9892
+ "name": "Poison Training Data",
9893
+ "tactic": "ML Attack Staging"
9894
+ },
9895
+ {
9896
+ "id": "AML.T0043",
9897
+ "name": "Craft Adversarial Data",
9898
+ "tactic": "ML Attack Staging"
9899
+ },
9900
+ {
9901
+ "id": "AML.T0051",
9902
+ "name": "LLM Prompt Injection",
9903
+ "tactic": "Execution"
9904
+ },
9905
+ {
9906
+ "id": "AML.T0054",
9907
+ "name": "LLM Jailbreak",
9908
+ "tactic": "Defense Evasion"
9909
+ },
9910
+ {
9911
+ "id": "AML.T0096",
9912
+ "name": "AI API as Covert C2 Channel",
9913
+ "tactic": "Command and Control"
9914
+ }
9915
+ ],
9916
+ "d3fend": [
9917
+ {
9918
+ "id": "D3-CSPP",
9919
+ "name": "Client-server Payload Profiling",
9920
+ "tactic": "Detect"
9921
+ },
9922
+ {
9923
+ "id": "D3-IOPR",
9924
+ "name": "Input/Output Profiling Resource",
9925
+ "tactic": "Detect"
9926
+ },
9927
+ {
9928
+ "id": "D3-NTA",
9929
+ "name": "Network Traffic Analysis",
9930
+ "tactic": "Detect"
9931
+ }
9932
+ ],
9933
+ "framework_gaps": [
9934
+ {
9935
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
9936
+ "framework": "ALL",
9937
+ "control_name": "AI Pipeline Integrity"
9938
+ },
9939
+ {
9940
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
9941
+ "framework": "ALL",
9942
+ "control_name": "Prompt Injection as Access Control Failure"
9943
+ },
9944
+ {
9945
+ "id": "ISO-27001-2022-A.8.28",
9946
+ "framework": "ISO/IEC 27001:2022",
9947
+ "control_name": "Secure coding"
9948
+ },
9949
+ {
9950
+ "id": "ISO-IEC-23894-2023-clause-7",
9951
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
9952
+ "control_name": "AI risk management process"
9953
+ },
9954
+ {
9955
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
9956
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
9957
+ "control_name": "AI risk assessment"
9958
+ },
9959
+ {
9960
+ "id": "NIST-800-218-SSDF",
9961
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
9962
+ "control_name": "Secure Software Development Framework"
9963
+ },
9964
+ {
9965
+ "id": "NIST-800-53-AC-2",
9966
+ "framework": "NIST SP 800-53 Rev 5",
9967
+ "control_name": "Account Management"
9968
+ },
9969
+ {
9970
+ "id": "NIST-800-53-CM-7",
9971
+ "framework": "NIST SP 800-53 Rev 5",
9972
+ "control_name": "Least Functionality"
9973
+ },
9974
+ {
9975
+ "id": "NIST-800-53-SI-12",
9976
+ "framework": "NIST SP 800-53 Rev 5",
9977
+ "control_name": "Information Management and Retention"
9978
+ },
9979
+ {
9980
+ "id": "NIST-800-53-SI-3",
9981
+ "framework": "NIST SP 800-53 Rev 5",
9982
+ "control_name": "Malicious Code Protection"
9983
+ },
9984
+ {
9985
+ "id": "NIST-AI-RMF-MEASURE-2.5",
9986
+ "framework": "NIST AI RMF 1.0",
9987
+ "control_name": "AI system to human interaction evaluation"
9988
+ },
9989
+ {
9990
+ "id": "OWASP-ASVS-v5.0-V14",
9991
+ "framework": "OWASP ASVS v5.0",
9992
+ "control_name": "Configuration verification"
9993
+ },
9994
+ {
9995
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
9996
+ "framework": "OWASP Top 10 for LLM Applications 2025",
9997
+ "control_name": "Prompt Injection"
9998
+ },
9999
+ {
10000
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
10001
+ "framework": "OWASP Top 10 for LLM Applications 2025",
10002
+ "control_name": "Sensitive Information Disclosure"
10003
+ },
10004
+ {
10005
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
10006
+ "framework": "OWASP Top 10 for LLM Applications 2025",
10007
+ "control_name": "Vector and Embedding Weaknesses"
10008
+ },
10009
+ {
10010
+ "id": "SLSA-v1.0-Build-L3",
10011
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
10012
+ "control_name": "Hardened build platform with non-falsifiable provenance"
10013
+ },
10014
+ {
10015
+ "id": "SOC2-CC6-logical-access",
10016
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
10017
+ "control_name": "Logical and Physical Access Controls"
10018
+ }
10019
+ ],
10020
+ "attack_refs": [
10021
+ "T1059",
10022
+ "T1068",
10023
+ "T1078",
10024
+ "T1190",
10025
+ "T1505",
10026
+ "T1565",
10027
+ "T1566",
10028
+ "T1567",
10029
+ "T1610",
10030
+ "T1611"
10031
+ ],
10032
+ "rfc_refs": [
10033
+ "RFC-6749",
10034
+ "RFC-7519",
10035
+ "RFC-8032",
10036
+ "RFC-8446",
10037
+ "RFC-8725",
10038
+ "RFC-9114",
10039
+ "RFC-9421",
10040
+ "RFC-9700"
10041
+ ]
10042
+ }
10043
+ },
10044
+ "CVE-2026-22778": {
10045
+ "name": "vLLM Multimodal Heap Overflow RCE via JPEG2000 / FFmpeg / OpenCV",
10046
+ "rwep": 40,
10047
+ "cvss": 9.8,
10048
+ "cisa_kev": false,
10049
+ "referencing_skills": [
10050
+ "ai-attack-surface",
10051
+ "ai-c2-detection",
10052
+ "email-security-anti-phishing"
10053
+ ],
10054
+ "chain": {
10055
+ "cwes": [
10056
+ {
10057
+ "id": "CWE-1039",
10058
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
10059
+ "category": "AI/ML"
10060
+ },
10061
+ {
10062
+ "id": "CWE-1426",
10063
+ "name": "Improper Validation of Generative AI Output",
10064
+ "category": "AI/ML"
10065
+ },
10066
+ {
10067
+ "id": "CWE-94",
10068
+ "name": "Improper Control of Generation of Code (Code Injection)",
10069
+ "category": "Injection"
10070
+ }
10071
+ ],
10072
+ "atlas": [
10073
+ {
10074
+ "id": "AML.T0016",
10075
+ "name": "Obtain Capabilities: Develop Capabilities",
10076
+ "tactic": "Resource Development"
10077
+ },
10078
+ {
10079
+ "id": "AML.T0017",
10080
+ "name": "Discover ML Model Ontology",
10081
+ "tactic": "Discovery"
10082
+ },
10083
+ {
10084
+ "id": "AML.T0018",
10085
+ "name": "Backdoor ML Model",
10086
+ "tactic": "Persistence"
10087
+ },
10088
+ {
10089
+ "id": "AML.T0020",
10090
+ "name": "Poison Training Data",
10091
+ "tactic": "ML Attack Staging"
10092
+ },
10093
+ {
10094
+ "id": "AML.T0043",
10095
+ "name": "Craft Adversarial Data",
10096
+ "tactic": "ML Attack Staging"
10097
+ },
10098
+ {
10099
+ "id": "AML.T0051",
10100
+ "name": "LLM Prompt Injection",
10101
+ "tactic": "Execution"
10102
+ },
10103
+ {
10104
+ "id": "AML.T0054",
10105
+ "name": "LLM Jailbreak",
10106
+ "tactic": "Defense Evasion"
10107
+ },
10108
+ {
10109
+ "id": "AML.T0096",
10110
+ "name": "AI API as Covert C2 Channel",
10111
+ "tactic": "Command and Control"
10112
+ }
10113
+ ],
10114
+ "d3fend": [
10115
+ {
10116
+ "id": "D3-CA",
10117
+ "name": "Certificate Analysis",
10118
+ "tactic": "Detect"
10119
+ },
10120
+ {
10121
+ "id": "D3-CSPP",
10122
+ "name": "Client-server Payload Profiling",
10123
+ "tactic": "Detect"
10124
+ },
10125
+ {
10126
+ "id": "D3-DA",
10127
+ "name": "Domain Analysis",
10128
+ "tactic": "Detect"
10129
+ },
10130
+ {
10131
+ "id": "D3-IOPR",
10132
+ "name": "Input/Output Profiling Resource",
10133
+ "tactic": "Detect"
10134
+ },
10135
+ {
10136
+ "id": "D3-NI",
10137
+ "name": "Network Isolation",
10138
+ "tactic": "Isolate"
10139
+ },
10140
+ {
10141
+ "id": "D3-NTA",
10142
+ "name": "Network Traffic Analysis",
10143
+ "tactic": "Detect"
10144
+ },
10145
+ {
10146
+ "id": "D3-NTPM",
10147
+ "name": "Network Traffic Policy Mapping",
10148
+ "tactic": "Model"
10149
+ }
10150
+ ],
10151
+ "framework_gaps": [
10152
+ {
10153
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
10154
+ "framework": "ALL",
10155
+ "control_name": "AI Pipeline Integrity"
10156
+ },
10157
+ {
10158
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
10159
+ "framework": "ALL",
10160
+ "control_name": "Prompt Injection as Access Control Failure"
10161
+ },
10162
+ {
10163
+ "id": "ISO-27001-2022-A.8.16",
10164
+ "framework": "ISO/IEC 27001:2022",
10165
+ "control_name": "Monitoring activities"
10166
+ },
10167
+ {
10168
+ "id": "ISO-27001-2022-A.8.28",
10169
+ "framework": "ISO/IEC 27001:2022",
10170
+ "control_name": "Secure coding"
10171
+ },
10172
+ {
10173
+ "id": "ISO-IEC-23894-2023-clause-7",
10174
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
10175
+ "control_name": "AI risk management process"
10176
+ },
10177
+ {
10178
+ "id": "NIST-800-53-AC-2",
10179
+ "framework": "NIST SP 800-53 Rev 5",
10180
+ "control_name": "Account Management"
10181
+ },
10182
+ {
10183
+ "id": "NIST-800-53-SC-7",
10184
+ "framework": "NIST SP 800-53 Rev 5",
10185
+ "control_name": "Boundary Protection"
10186
+ },
10187
+ {
10188
+ "id": "NIST-800-53-SI-3",
10189
+ "framework": "NIST SP 800-53 Rev 5",
10190
+ "control_name": "Malicious Code Protection"
10191
+ },
10192
+ {
10193
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
10194
+ "framework": "OWASP Top 10 for LLM Applications 2025",
10195
+ "control_name": "Prompt Injection"
10196
+ },
10197
+ {
10198
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
10199
+ "framework": "OWASP Top 10 for LLM Applications 2025",
10200
+ "control_name": "Sensitive Information Disclosure"
10201
+ },
10202
+ {
10203
+ "id": "SOC2-CC6-logical-access",
10204
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
10205
+ "control_name": "Logical and Physical Access Controls"
10206
+ },
10207
+ {
10208
+ "id": "SOC2-CC7-anomaly-detection",
10209
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
10210
+ "control_name": "System Operations — Threat and Vulnerability Management"
10211
+ }
10212
+ ],
10213
+ "attack_refs": [
10214
+ "T1059",
10215
+ "T1071",
10216
+ "T1078",
10217
+ "T1102",
10218
+ "T1190",
10219
+ "T1566",
10220
+ "T1566.001",
10221
+ "T1566.002",
10222
+ "T1566.003",
10223
+ "T1568"
10224
+ ],
10225
+ "rfc_refs": [
10226
+ "RFC-8446",
10227
+ "RFC-9000",
10228
+ "RFC-9114",
10229
+ "RFC-9180",
10230
+ "RFC-9421",
10231
+ "RFC-9458"
10232
+ ]
10233
+ }
10234
+ },
10235
+ "CVE-2026-7482": {
10236
+ "name": "Ollama 'Bleeding Llama' Heap Memory Disclosure",
10237
+ "rwep": 23,
10238
+ "cvss": 7.5,
10239
+ "cisa_kev": false,
10240
+ "referencing_skills": [],
10241
+ "chain": {
10242
+ "cwes": [],
10243
+ "atlas": [],
10244
+ "d3fend": [],
10245
+ "framework_gaps": [],
10246
+ "attack_refs": [],
10247
+ "rfc_refs": []
10248
+ }
10249
+ },
10250
+ "CVE-2025-68664": {
10251
+ "name": "LangChain Core 'LangGrinch' Serialization Injection (Secret Extraction)",
10252
+ "rwep": 52,
10253
+ "cvss": 9.3,
10254
+ "cisa_kev": false,
10255
+ "referencing_skills": [],
10256
+ "chain": {
10257
+ "cwes": [],
10258
+ "atlas": [],
10259
+ "d3fend": [],
10260
+ "framework_gaps": [],
10261
+ "attack_refs": [],
10262
+ "rfc_refs": []
10263
+ }
10264
+ },
10265
+ "CVE-2025-22224": {
10266
+ "name": "VMware ESXi/Workstation VMCI TOCTOU → VMX Host Code Execution",
10267
+ "rwep": 85,
10268
+ "cvss": 9.3,
10269
+ "cisa_kev": true,
10270
+ "referencing_skills": [],
10271
+ "chain": {
10272
+ "cwes": [],
10273
+ "atlas": [],
10274
+ "d3fend": [],
10275
+ "framework_gaps": [],
10276
+ "attack_refs": [],
10277
+ "rfc_refs": []
10278
+ }
10279
+ },
10280
+ "CVE-2025-22225": {
10281
+ "name": "VMware ESXi Arbitrary Kernel Write (VM-escape chain, ransomware-active)",
10282
+ "rwep": 85,
10283
+ "cvss": 8.2,
10284
+ "cisa_kev": true,
10285
+ "referencing_skills": [],
10286
+ "chain": {
10287
+ "cwes": [],
10288
+ "atlas": [],
10289
+ "d3fend": [],
10290
+ "framework_gaps": [],
10291
+ "attack_refs": [],
10292
+ "rfc_refs": []
10293
+ }
10294
+ },
10295
+ "CVE-2025-22226": {
10296
+ "name": "VMware ESXi HGFS Memory Leak (VM-escape chain helper)",
10297
+ "rwep": 80,
10298
+ "cvss": 7.1,
10299
+ "cisa_kev": true,
10300
+ "referencing_skills": [
10301
+ "pqc-first",
10302
+ "dlp-gap-analysis"
10303
+ ],
10304
+ "chain": {
10305
+ "cwes": [
10306
+ {
10307
+ "id": "CWE-1426",
10308
+ "name": "Improper Validation of Generative AI Output",
10309
+ "category": "AI/ML"
10310
+ },
10311
+ {
10312
+ "id": "CWE-200",
10313
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
10314
+ "category": "Information Exposure"
10315
+ },
10316
+ {
10317
+ "id": "CWE-327",
10318
+ "name": "Use of a Broken or Risky Cryptographic Algorithm",
10319
+ "category": "Cryptography"
10320
+ }
10321
+ ],
10322
+ "atlas": [
10323
+ {
10324
+ "id": "AML.T0017",
10325
+ "name": "Discover ML Model Ontology",
10326
+ "tactic": "Discovery"
10327
+ },
10328
+ {
10329
+ "id": "AML.T0051",
10330
+ "name": "LLM Prompt Injection",
10331
+ "tactic": "Execution"
10332
+ },
10333
+ {
10334
+ "id": "AML.T0096",
10335
+ "name": "AI API as Covert C2 Channel",
10336
+ "tactic": "Command and Control"
10337
+ }
10338
+ ],
10339
+ "d3fend": [
10340
+ {
10341
+ "id": "D3-CSPP",
10342
+ "name": "Client-server Payload Profiling",
10343
+ "tactic": "Detect"
10344
+ },
10345
+ {
10346
+ "id": "D3-EAL",
10347
+ "name": "Executable Allowlisting",
10348
+ "tactic": "Harden"
10349
+ },
10350
+ {
10351
+ "id": "D3-FE",
10352
+ "name": "File Encryption",
10353
+ "tactic": "Harden"
10354
+ },
10355
+ {
10356
+ "id": "D3-IOPR",
10357
+ "name": "Input/Output Profiling Resource",
10358
+ "tactic": "Detect"
10359
+ },
10360
+ {
10361
+ "id": "D3-MENCR",
10362
+ "name": "Message Encryption",
10363
+ "tactic": "Harden"
10364
+ },
10365
+ {
10366
+ "id": "D3-NTA",
10367
+ "name": "Network Traffic Analysis",
10368
+ "tactic": "Detect"
10369
+ },
10370
+ {
10371
+ "id": "D3-NTPM",
10372
+ "name": "Network Traffic Policy Mapping",
10373
+ "tactic": "Model"
10374
+ }
10375
+ ],
10376
+ "framework_gaps": [
10377
+ {
10378
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
10379
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
10380
+ "control_name": "Access control standard (technical safeguards)"
10381
+ },
10382
+ {
10383
+ "id": "ISO-27001-2022-A.8.16",
10384
+ "framework": "ISO/IEC 27001:2022",
10385
+ "control_name": "Monitoring activities"
10386
+ },
10387
+ {
10388
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
10389
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
10390
+ "control_name": "AI risk assessment"
10391
+ },
10392
+ {
10393
+ "id": "NIST-800-53-SC-28",
10394
+ "framework": "NIST SP 800-53 Rev 5",
10395
+ "control_name": "Protection of Information at Rest"
10396
+ },
10397
+ {
10398
+ "id": "NIST-800-53-SC-7",
10399
+ "framework": "NIST SP 800-53 Rev 5",
10400
+ "control_name": "Boundary Protection"
10401
+ },
10402
+ {
10403
+ "id": "NIST-800-53-SC-8",
10404
+ "framework": "NIST SP 800-53 Rev 5",
10405
+ "control_name": "Transmission Confidentiality and Integrity"
10406
+ },
10407
+ {
10408
+ "id": "SOC2-CC7-anomaly-detection",
10409
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
10410
+ "control_name": "System Operations — Threat and Vulnerability Management"
10411
+ }
10412
+ ],
10413
+ "attack_refs": [
10414
+ "T1041",
10415
+ "T1213",
10416
+ "T1530",
10417
+ "T1567"
10418
+ ],
10419
+ "rfc_refs": [
10420
+ "DRAFT-IETF-TLS-ECDHE-MLKEM",
10421
+ "DRAFT-IETF-TLS-HYBRID-DESIGN",
10422
+ "RFC-8032",
10423
+ "RFC-8446",
10424
+ "RFC-9106",
10425
+ "RFC-9180",
10426
+ "RFC-9420",
10427
+ "RFC-9458",
10428
+ "RFC-9794"
10429
+ ]
10430
+ }
10431
+ },
10432
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG": {
10433
+ "name": "ultralytics PyPI Compromise → XMRig Cryptominer (60M-download AI library)",
10434
+ "rwep": 53,
10435
+ "cvss": 8.6,
10436
+ "cisa_kev": false,
10437
+ "referencing_skills": [
10438
+ "mcp-agent-trust",
10439
+ "identity-assurance",
10440
+ "sector-healthcare",
10441
+ "cloud-security",
10442
+ "age-gates-child-safety"
10443
+ ],
10444
+ "chain": {
10445
+ "cwes": [
10446
+ {
10447
+ "id": "CWE-1188",
10448
+ "name": "Initialization of a Resource with an Insecure Default",
10449
+ "category": "Configuration"
10450
+ },
10451
+ {
10452
+ "id": "CWE-1426",
10453
+ "name": "Improper Validation of Generative AI Output",
10454
+ "category": "AI/ML"
10455
+ },
10456
+ {
10457
+ "id": "CWE-200",
10458
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
10459
+ "category": "Information Exposure"
10460
+ },
10461
+ {
10462
+ "id": "CWE-22",
10463
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
10464
+ "category": "Path/Resource"
10465
+ },
10466
+ {
10467
+ "id": "CWE-269",
10468
+ "name": "Improper Privilege Management",
10469
+ "category": "Authorization"
10470
+ },
10471
+ {
10472
+ "id": "CWE-287",
10473
+ "name": "Improper Authentication",
10474
+ "category": "Authentication"
10475
+ },
10476
+ {
10477
+ "id": "CWE-306",
10478
+ "name": "Missing Authentication for Critical Function",
10479
+ "category": "Authentication"
10480
+ },
10481
+ {
10482
+ "id": "CWE-345",
10483
+ "name": "Insufficient Verification of Data Authenticity",
10484
+ "category": "Authenticity / Supply Chain"
10485
+ },
10486
+ {
10487
+ "id": "CWE-352",
10488
+ "name": "Cross-Site Request Forgery (CSRF)",
10489
+ "category": "Session"
10490
+ },
10491
+ {
10492
+ "id": "CWE-434",
10493
+ "name": "Unrestricted Upload of File with Dangerous Type",
10494
+ "category": "File Handling"
10495
+ },
10496
+ {
10497
+ "id": "CWE-494",
10498
+ "name": "Download of Code Without Integrity Check",
10499
+ "category": "Supply Chain"
10500
+ },
10501
+ {
10502
+ "id": "CWE-732",
10503
+ "name": "Incorrect Permission Assignment for Critical Resource",
10504
+ "category": "Authorization"
10505
+ },
10506
+ {
10507
+ "id": "CWE-77",
10508
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
10509
+ "category": "Injection"
10510
+ },
10511
+ {
10512
+ "id": "CWE-798",
10513
+ "name": "Use of Hard-coded Credentials",
10514
+ "category": "Credentials"
10515
+ },
10516
+ {
10517
+ "id": "CWE-862",
10518
+ "name": "Missing Authorization",
10519
+ "category": "Authorization"
10520
+ },
10521
+ {
10522
+ "id": "CWE-863",
10523
+ "name": "Incorrect Authorization",
10524
+ "category": "Authorization"
10525
+ },
10526
+ {
10527
+ "id": "CWE-918",
10528
+ "name": "Server-Side Request Forgery (SSRF)",
10529
+ "category": "Network"
10530
+ },
10531
+ {
10532
+ "id": "CWE-94",
10533
+ "name": "Improper Control of Generation of Code (Code Injection)",
10534
+ "category": "Injection"
10535
+ }
10536
+ ],
10537
+ "atlas": [
10538
+ {
10539
+ "id": "AML.T0010",
10540
+ "name": "ML Supply Chain Compromise",
10541
+ "tactic": "Initial Access"
10542
+ },
10543
+ {
10544
+ "id": "AML.T0016",
10545
+ "name": "Obtain Capabilities: Develop Capabilities",
10546
+ "tactic": "Resource Development"
10547
+ },
10548
+ {
10549
+ "id": "AML.T0017",
10550
+ "name": "Discover ML Model Ontology",
10551
+ "tactic": "Discovery"
10552
+ },
10553
+ {
10554
+ "id": "AML.T0051",
10555
+ "name": "LLM Prompt Injection",
10556
+ "tactic": "Execution"
10557
+ },
10558
+ {
10559
+ "id": "AML.T0096",
10560
+ "name": "AI API as Covert C2 Channel",
10561
+ "tactic": "Command and Control"
10562
+ }
10563
+ ],
10564
+ "d3fend": [
10565
+ {
10566
+ "id": "D3-CBAN",
10567
+ "name": "Certificate-based Authentication",
10568
+ "tactic": "Harden"
10569
+ },
10570
+ {
10571
+ "id": "D3-CSPP",
10572
+ "name": "Client-server Payload Profiling",
10573
+ "tactic": "Detect"
10574
+ },
10575
+ {
10576
+ "id": "D3-EAL",
10577
+ "name": "Executable Allowlisting",
10578
+ "tactic": "Harden"
10579
+ },
10580
+ {
10581
+ "id": "D3-EHB",
10582
+ "name": "Executable Hashbased Allowlist",
10583
+ "tactic": "Harden"
10584
+ },
10585
+ {
10586
+ "id": "D3-MFA",
10587
+ "name": "Multi-factor Authentication",
10588
+ "tactic": "Harden"
10589
+ }
10590
+ ],
10591
+ "framework_gaps": [
10592
+ {
10593
+ "id": "ALL-MCP-TOOL-TRUST",
10594
+ "framework": "ALL",
10595
+ "control_name": "MCP/Agent Tool Trust Boundaries"
10596
+ },
10597
+ {
10598
+ "id": "FedRAMP-Rev5-Moderate",
10599
+ "framework": "FedRAMP Rev 5 Moderate",
10600
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
10601
+ },
10602
+ {
10603
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
10604
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
10605
+ "control_name": "Access control standard (technical safeguards)"
10606
+ },
10607
+ {
10608
+ "id": "HITRUST-CSF-v11.4-09.l",
10609
+ "framework": "HITRUST CSF v11.4",
10610
+ "control_name": "Outsourced services management"
10611
+ },
10612
+ {
10613
+ "id": "ISO-27001-2022-A.8.30",
10614
+ "framework": "ISO/IEC 27001:2022",
10615
+ "control_name": "Outsourced development"
10616
+ },
10617
+ {
10618
+ "id": "NIST-800-53-AC-2",
10619
+ "framework": "NIST SP 800-53 Rev 5",
10620
+ "control_name": "Account Management"
10621
+ },
10622
+ {
10623
+ "id": "NIST-800-53-CM-7",
10624
+ "framework": "NIST SP 800-53 Rev 5",
10625
+ "control_name": "Least Functionality"
10626
+ },
10627
+ {
10628
+ "id": "NIST-800-53-SA-12",
10629
+ "framework": "NIST SP 800-53 Rev 5",
10630
+ "control_name": "Supply Chain Protection"
10631
+ },
10632
+ {
10633
+ "id": "NIST-800-63B-rev4",
10634
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
10635
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
10636
+ },
10637
+ {
10638
+ "id": "OWASP-LLM-Top-10-2025-LLM06",
10639
+ "framework": "OWASP Top 10 for LLM Applications 2025",
10640
+ "control_name": "Excessive Agency"
10641
+ },
10642
+ {
10643
+ "id": "PSD2-RTS-SCA",
10644
+ "framework": "EU PSD2 Regulatory Technical Standards on Strong Customer Authentication (Commission Delegated Regulation (EU) 2018/389)",
10645
+ "control_name": "Strong Customer Authentication and Common and Secure Communication"
10646
+ },
10647
+ {
10648
+ "id": "SOC2-CC6-logical-access",
10649
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
10650
+ "control_name": "Logical and Physical Access Controls"
10651
+ },
10652
+ {
10653
+ "id": "SOC2-CC9-vendor-management",
10654
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
10655
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
10656
+ },
10657
+ {
10658
+ "id": "SWIFT-CSCF-v2026-1.1",
10659
+ "framework": "SWIFT Customer Security Controls Framework v2026",
10660
+ "control_name": "SWIFT Environment Protection"
10661
+ }
10662
+ ],
10663
+ "attack_refs": [
10664
+ "T1059",
10665
+ "T1078",
10666
+ "T1110",
10667
+ "T1190",
10668
+ "T1195.001",
10669
+ "T1530",
10670
+ "T1552",
10671
+ "T1556",
10672
+ "T1567"
10673
+ ],
10674
+ "rfc_refs": [
10675
+ "RFC-6749",
10676
+ "RFC-7519",
10677
+ "RFC-8032",
10678
+ "RFC-8446",
10679
+ "RFC-8725",
10680
+ "RFC-9114",
10681
+ "RFC-9180",
10682
+ "RFC-9421",
10683
+ "RFC-9700"
10684
+ ]
10685
+ }
10686
+ },
10687
+ "MAL-2026-RUBYGEMS-BUFFERZONECORP-SLEEPER": {
10688
+ "name": "BufferZoneCorp RubyGems + Go Module Sleeper-to-Payload Credential Theft Campaign",
10689
+ "rwep": 50,
10690
+ "cvss": 9.1,
10691
+ "cisa_kev": false,
10692
+ "referencing_skills": [],
10693
+ "chain": {
10694
+ "cwes": [],
10695
+ "atlas": [],
10696
+ "d3fend": [],
10697
+ "framework_gaps": [],
10698
+ "attack_refs": [],
10699
+ "rfc_refs": []
10700
+ }
10701
+ },
10702
+ "MAL-2025-PYPI-COLORAMA-SOLANA-STEALER": {
10703
+ "name": "PyPI Colorama Typosquat Campaign → Solana Credential / Crypto Stealer",
10704
+ "rwep": 45,
10705
+ "cvss": 8.6,
10706
+ "cisa_kev": false,
10707
+ "referencing_skills": [],
10708
+ "chain": {
10709
+ "cwes": [],
10710
+ "atlas": [],
10711
+ "d3fend": [],
10712
+ "framework_gaps": [],
10713
+ "attack_refs": [],
10714
+ "rfc_refs": []
10715
+ }
10716
+ },
10717
+ "CVE-2025-0133": {
10718
+ "name": "Palo Alto Networks GlobalProtect Reflected XSS (XBOW AI-discovered)",
10719
+ "rwep": 38,
10720
+ "cvss": 5.1,
10721
+ "cisa_kev": false,
10722
+ "referencing_skills": [
10723
+ "ai-attack-surface",
10724
+ "rag-pipeline-security",
10725
+ "threat-modeling-methodology",
10726
+ "webapp-security",
10727
+ "api-security",
10728
+ "container-runtime-security"
10729
+ ],
10730
+ "chain": {
10731
+ "cwes": [
10732
+ {
10733
+ "id": "CWE-1039",
10734
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
10735
+ "category": "AI/ML"
10736
+ },
10737
+ {
10738
+ "id": "CWE-1188",
10739
+ "name": "Initialization of a Resource with an Insecure Default",
10740
+ "category": "Configuration"
10741
+ },
10742
+ {
10743
+ "id": "CWE-1395",
10744
+ "name": "Dependency on Vulnerable Third-Party Component",
10745
+ "category": "Supply Chain"
10746
+ },
10747
+ {
10748
+ "id": "CWE-1426",
10749
+ "name": "Improper Validation of Generative AI Output",
10750
+ "category": "AI/ML"
10751
+ },
10752
+ {
10753
+ "id": "CWE-200",
10754
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
10755
+ "category": "Information Exposure"
10756
+ },
10757
+ {
10758
+ "id": "CWE-22",
10759
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
10760
+ "category": "Path/Resource"
10761
+ },
10762
+ {
10763
+ "id": "CWE-269",
10764
+ "name": "Improper Privilege Management",
10765
+ "category": "Authorization"
10766
+ },
10767
+ {
10768
+ "id": "CWE-287",
10769
+ "name": "Improper Authentication",
10770
+ "category": "Authentication"
10771
+ },
10772
+ {
10773
+ "id": "CWE-352",
10774
+ "name": "Cross-Site Request Forgery (CSRF)",
10775
+ "category": "Session"
10776
+ },
10777
+ {
10778
+ "id": "CWE-434",
10779
+ "name": "Unrestricted Upload of File with Dangerous Type",
10780
+ "category": "File Handling"
10781
+ },
10782
+ {
10783
+ "id": "CWE-502",
10784
+ "name": "Deserialization of Untrusted Data",
10785
+ "category": "Serialization"
10786
+ },
10787
+ {
10788
+ "id": "CWE-732",
10789
+ "name": "Incorrect Permission Assignment for Critical Resource",
10790
+ "category": "Authorization"
10791
+ },
10792
+ {
10793
+ "id": "CWE-77",
10794
+ "name": "Improper Neutralization of Special Elements used in a Command (Command Injection)",
10795
+ "category": "Injection"
10796
+ },
10797
+ {
10798
+ "id": "CWE-78",
10799
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
10800
+ "category": "Injection"
10801
+ },
10802
+ {
10803
+ "id": "CWE-787",
10804
+ "name": "Out-of-bounds Write",
10805
+ "category": "Memory Safety"
10806
+ },
10807
+ {
10808
+ "id": "CWE-79",
10809
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
10810
+ "category": "Injection"
10811
+ },
10812
+ {
10813
+ "id": "CWE-862",
10814
+ "name": "Missing Authorization",
10815
+ "category": "Authorization"
10816
+ },
10817
+ {
10818
+ "id": "CWE-863",
10819
+ "name": "Incorrect Authorization",
10820
+ "category": "Authorization"
10821
+ },
10822
+ {
10823
+ "id": "CWE-89",
10824
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
10825
+ "category": "Injection"
10826
+ },
10827
+ {
10828
+ "id": "CWE-918",
10829
+ "name": "Server-Side Request Forgery (SSRF)",
10830
+ "category": "Network"
10831
+ },
10832
+ {
10833
+ "id": "CWE-94",
10834
+ "name": "Improper Control of Generation of Code (Code Injection)",
10835
+ "category": "Injection"
10836
+ }
10837
+ ],
10838
+ "atlas": [
10839
+ {
10840
+ "id": "AML.T0010",
10841
+ "name": "ML Supply Chain Compromise",
10842
+ "tactic": "Initial Access"
10843
+ },
10844
+ {
10845
+ "id": "AML.T0016",
10846
+ "name": "Obtain Capabilities: Develop Capabilities",
10847
+ "tactic": "Resource Development"
10848
+ },
10849
+ {
10850
+ "id": "AML.T0017",
10851
+ "name": "Discover ML Model Ontology",
10852
+ "tactic": "Discovery"
10853
+ },
10854
+ {
10855
+ "id": "AML.T0018",
10856
+ "name": "Backdoor ML Model",
10857
+ "tactic": "Persistence"
10858
+ },
10859
+ {
10860
+ "id": "AML.T0020",
10861
+ "name": "Poison Training Data",
10862
+ "tactic": "ML Attack Staging"
10863
+ },
10864
+ {
10865
+ "id": "AML.T0043",
10866
+ "name": "Craft Adversarial Data",
10867
+ "tactic": "ML Attack Staging"
10868
+ },
10869
+ {
10870
+ "id": "AML.T0051",
10871
+ "name": "LLM Prompt Injection",
10872
+ "tactic": "Execution"
10873
+ },
10874
+ {
10875
+ "id": "AML.T0054",
10876
+ "name": "LLM Jailbreak",
10877
+ "tactic": "Defense Evasion"
10878
+ },
10879
+ {
10880
+ "id": "AML.T0096",
10881
+ "name": "AI API as Covert C2 Channel",
10882
+ "tactic": "Command and Control"
10883
+ }
10884
+ ],
10885
+ "d3fend": [
10886
+ {
10887
+ "id": "D3-CSPP",
10888
+ "name": "Client-server Payload Profiling",
10889
+ "tactic": "Detect"
10890
+ },
10891
+ {
10892
+ "id": "D3-IOPR",
10893
+ "name": "Input/Output Profiling Resource",
10894
+ "tactic": "Detect"
10895
+ },
10896
+ {
10897
+ "id": "D3-NTA",
10898
+ "name": "Network Traffic Analysis",
10899
+ "tactic": "Detect"
10900
+ }
10901
+ ],
10902
+ "framework_gaps": [
10903
+ {
10904
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
10905
+ "framework": "ALL",
10906
+ "control_name": "AI Pipeline Integrity"
10907
+ },
10908
+ {
10909
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
10910
+ "framework": "ALL",
10911
+ "control_name": "Prompt Injection as Access Control Failure"
10912
+ },
10913
+ {
10914
+ "id": "ISO-27001-2022-A.8.28",
10915
+ "framework": "ISO/IEC 27001:2022",
10916
+ "control_name": "Secure coding"
10917
+ },
10918
+ {
10919
+ "id": "ISO-IEC-23894-2023-clause-7",
10920
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
10921
+ "control_name": "AI risk management process"
10922
+ },
10923
+ {
10924
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
10925
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
10926
+ "control_name": "AI risk assessment"
10927
+ },
10928
+ {
10929
+ "id": "NIST-800-218-SSDF",
10930
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
10931
+ "control_name": "Secure Software Development Framework"
10932
+ },
10933
+ {
10934
+ "id": "NIST-800-53-AC-2",
10935
+ "framework": "NIST SP 800-53 Rev 5",
10936
+ "control_name": "Account Management"
10937
+ },
10938
+ {
10939
+ "id": "NIST-800-53-CM-7",
10940
+ "framework": "NIST SP 800-53 Rev 5",
10941
+ "control_name": "Least Functionality"
10942
+ },
10943
+ {
10944
+ "id": "NIST-800-53-SI-12",
10945
+ "framework": "NIST SP 800-53 Rev 5",
10946
+ "control_name": "Information Management and Retention"
10947
+ },
10948
+ {
10949
+ "id": "NIST-800-53-SI-3",
10950
+ "framework": "NIST SP 800-53 Rev 5",
10951
+ "control_name": "Malicious Code Protection"
10952
+ },
10953
+ {
10954
+ "id": "NIST-AI-RMF-MEASURE-2.5",
10955
+ "framework": "NIST AI RMF 1.0",
10956
+ "control_name": "AI system to human interaction evaluation"
10957
+ },
10958
+ {
10959
+ "id": "OWASP-ASVS-v5.0-V14",
10960
+ "framework": "OWASP ASVS v5.0",
10961
+ "control_name": "Configuration verification"
10962
+ },
10963
+ {
10964
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
10965
+ "framework": "OWASP Top 10 for LLM Applications 2025",
10966
+ "control_name": "Prompt Injection"
10967
+ },
10968
+ {
10969
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
10970
+ "framework": "OWASP Top 10 for LLM Applications 2025",
10971
+ "control_name": "Sensitive Information Disclosure"
10972
+ },
10973
+ {
10974
+ "id": "OWASP-LLM-Top-10-2025-LLM08",
10975
+ "framework": "OWASP Top 10 for LLM Applications 2025",
10976
+ "control_name": "Vector and Embedding Weaknesses"
10977
+ },
10978
+ {
10979
+ "id": "SLSA-v1.0-Build-L3",
10980
+ "framework": "SLSA v1.0 (Supply-chain Levels for Software Artifacts) — Build Track",
10981
+ "control_name": "Hardened build platform with non-falsifiable provenance"
10982
+ },
10983
+ {
10984
+ "id": "SOC2-CC6-logical-access",
10985
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
10986
+ "control_name": "Logical and Physical Access Controls"
10987
+ }
10988
+ ],
10989
+ "attack_refs": [
10990
+ "T1059",
10991
+ "T1068",
10992
+ "T1078",
10993
+ "T1190",
10994
+ "T1505",
10995
+ "T1565",
10996
+ "T1566",
10997
+ "T1567",
10998
+ "T1610",
10999
+ "T1611"
11000
+ ],
11001
+ "rfc_refs": [
11002
+ "RFC-6749",
11003
+ "RFC-7519",
11004
+ "RFC-8032",
11005
+ "RFC-8446",
11006
+ "RFC-8725",
11007
+ "RFC-9114",
11008
+ "RFC-9421",
11009
+ "RFC-9700"
11010
+ ]
11011
+ }
11012
+ },
11013
+ "CVE-2025-59529": {
11014
+ "name": "Avahi Simple Protocol Server Connection-Limit DoS (ZeroPath AI-discovered)",
11015
+ "rwep": 35,
11016
+ "cvss": 6.5,
11017
+ "cisa_kev": false,
11018
+ "referencing_skills": [],
11019
+ "chain": {
11020
+ "cwes": [],
11021
+ "atlas": [],
11022
+ "d3fend": [],
11023
+ "framework_gaps": [],
11024
+ "attack_refs": [],
11025
+ "rfc_refs": []
11026
+ }
11027
+ },
11028
+ "CVE-2025-55319": {
11029
+ "name": "Visual Studio Code Agentic-AI Command Injection (ZeroPath AI-discovered)",
11030
+ "rwep": 40,
11031
+ "cvss": 7.4,
11032
+ "cisa_kev": false,
11033
+ "referencing_skills": [],
11034
+ "chain": {
11035
+ "cwes": [],
11036
+ "atlas": [],
11037
+ "d3fend": [],
11038
+ "framework_gaps": [],
11039
+ "attack_refs": [],
11040
+ "rfc_refs": []
11041
+ }
11042
+ },
11043
+ "CVE-2025-53767": {
11044
+ "name": "Azure OpenAI SSRF Privilege Escalation (ZeroPath AI-discovered)",
11045
+ "rwep": 22,
11046
+ "cvss": 8.7,
11047
+ "cisa_kev": false,
11048
+ "referencing_skills": [
11049
+ "ai-c2-detection",
11050
+ "dlp-gap-analysis"
11051
+ ],
11052
+ "chain": {
11053
+ "cwes": [
11054
+ {
11055
+ "id": "CWE-1426",
11056
+ "name": "Improper Validation of Generative AI Output",
11057
+ "category": "AI/ML"
11058
+ },
11059
+ {
11060
+ "id": "CWE-200",
11061
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
11062
+ "category": "Information Exposure"
11063
+ }
11064
+ ],
11065
+ "atlas": [
11066
+ {
11067
+ "id": "AML.T0017",
11068
+ "name": "Discover ML Model Ontology",
11069
+ "tactic": "Discovery"
11070
+ },
11071
+ {
11072
+ "id": "AML.T0051",
11073
+ "name": "LLM Prompt Injection",
11074
+ "tactic": "Execution"
11075
+ },
11076
+ {
11077
+ "id": "AML.T0096",
11078
+ "name": "AI API as Covert C2 Channel",
11079
+ "tactic": "Command and Control"
11080
+ }
11081
+ ],
11082
+ "d3fend": [
11083
+ {
11084
+ "id": "D3-CA",
11085
+ "name": "Certificate Analysis",
11086
+ "tactic": "Detect"
11087
+ },
11088
+ {
11089
+ "id": "D3-CSPP",
11090
+ "name": "Client-server Payload Profiling",
11091
+ "tactic": "Detect"
11092
+ },
11093
+ {
11094
+ "id": "D3-DA",
11095
+ "name": "Domain Analysis",
11096
+ "tactic": "Detect"
11097
+ },
11098
+ {
11099
+ "id": "D3-EAL",
11100
+ "name": "Executable Allowlisting",
11101
+ "tactic": "Harden"
11102
+ },
11103
+ {
11104
+ "id": "D3-IOPR",
11105
+ "name": "Input/Output Profiling Resource",
11106
+ "tactic": "Detect"
11107
+ },
11108
+ {
11109
+ "id": "D3-NI",
11110
+ "name": "Network Isolation",
11111
+ "tactic": "Isolate"
11112
+ },
11113
+ {
11114
+ "id": "D3-NTA",
11115
+ "name": "Network Traffic Analysis",
11116
+ "tactic": "Detect"
11117
+ },
11118
+ {
11119
+ "id": "D3-NTPM",
11120
+ "name": "Network Traffic Policy Mapping",
11121
+ "tactic": "Model"
11122
+ }
11123
+ ],
11124
+ "framework_gaps": [
11125
+ {
11126
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
11127
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
11128
+ "control_name": "Access control standard (technical safeguards)"
11129
+ },
11130
+ {
11131
+ "id": "ISO-27001-2022-A.8.16",
11132
+ "framework": "ISO/IEC 27001:2022",
11133
+ "control_name": "Monitoring activities"
11134
+ },
11135
+ {
11136
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
11137
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
11138
+ "control_name": "AI risk assessment"
11139
+ },
11140
+ {
11141
+ "id": "NIST-800-53-SC-28",
11142
+ "framework": "NIST SP 800-53 Rev 5",
11143
+ "control_name": "Protection of Information at Rest"
11144
+ },
11145
+ {
11146
+ "id": "NIST-800-53-SC-7",
11147
+ "framework": "NIST SP 800-53 Rev 5",
11148
+ "control_name": "Boundary Protection"
11149
+ },
11150
+ {
11151
+ "id": "NIST-800-53-SI-3",
11152
+ "framework": "NIST SP 800-53 Rev 5",
11153
+ "control_name": "Malicious Code Protection"
11154
+ },
11155
+ {
11156
+ "id": "SOC2-CC7-anomaly-detection",
11157
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
11158
+ "control_name": "System Operations — Threat and Vulnerability Management"
11159
+ }
11160
+ ],
11161
+ "attack_refs": [
11162
+ "T1041",
11163
+ "T1071",
11164
+ "T1102",
11165
+ "T1213",
11166
+ "T1530",
11167
+ "T1567",
11168
+ "T1568"
11169
+ ],
11170
+ "rfc_refs": [
11171
+ "RFC-8446",
11172
+ "RFC-9000",
11173
+ "RFC-9114",
11174
+ "RFC-9180",
11175
+ "RFC-9421",
11176
+ "RFC-9458"
11177
+ ]
11178
+ }
11179
+ },
11180
+ "CVE-2025-10725": {
11181
+ "name": "Red Hat OpenShift AI Privilege Escalation (ZeroPath AI-discovered)",
11182
+ "rwep": 20,
11183
+ "cvss": 8.1,
11184
+ "cisa_kev": false,
11185
+ "referencing_skills": [],
11186
+ "chain": {
11187
+ "cwes": [],
11188
+ "atlas": [],
11189
+ "d3fend": [],
11190
+ "framework_gaps": [],
11191
+ "attack_refs": [],
11192
+ "rfc_refs": []
11193
+ }
11194
+ },
11195
+ "MAL-2025-AI-FOUND-FFMPEG-BIGSLEEP": {
11196
+ "name": "Big Sleep AI Open-Source 20-Vulnerability Disclosure Tranche (FFmpeg + ImageMagick + others)",
11197
+ "rwep": 20,
11198
+ "cvss": 7.5,
11199
+ "cisa_kev": false,
11200
+ "referencing_skills": [],
11201
+ "chain": {
11202
+ "cwes": [],
11203
+ "atlas": [],
11204
+ "d3fend": [],
11205
+ "framework_gaps": [],
11206
+ "attack_refs": [],
11207
+ "rfc_refs": []
11208
+ }
11209
+ },
7485
11210
  "CWE-20": {
7486
11211
  "name": "Improper Input Validation",
7487
11212
  "category": "Validation",
@@ -7750,7 +11475,15 @@
7750
11475
  "CVE-2023-43472",
7751
11476
  "CVE-2024-3094",
7752
11477
  "CVE-2024-3154",
11478
+ "CVE-2025-0133",
11479
+ "CVE-2025-10585",
11480
+ "CVE-2025-1094",
11481
+ "CVE-2025-14174",
11482
+ "CVE-2025-38352",
11483
+ "CVE-2025-43300",
11484
+ "CVE-2025-49844",
7753
11485
  "CVE-2025-53773",
11486
+ "CVE-2025-6965",
7754
11487
  "CVE-2026-30615",
7755
11488
  "CVE-2026-30623",
7756
11489
  "CVE-2026-31431",
@@ -7759,6 +11492,7 @@
7759
11492
  "CVE-2026-45321",
7760
11493
  "CVE-2026-46300",
7761
11494
  "CVE-2026-46333",
11495
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
7762
11496
  "MAL-2026-3083",
7763
11497
  "MAL-2026-NODE-IPC-STEALER"
7764
11498
  ]
@@ -7939,12 +11673,17 @@
7939
11673
  "CVE-2023-43472",
7940
11674
  "CVE-2024-3094",
7941
11675
  "CVE-2024-3154",
11676
+ "CVE-2025-0133",
11677
+ "CVE-2025-1094",
11678
+ "CVE-2025-49844",
7942
11679
  "CVE-2025-53773",
11680
+ "CVE-2025-6965",
7943
11681
  "CVE-2026-30615",
7944
11682
  "CVE-2026-30623",
7945
11683
  "CVE-2026-39884",
7946
11684
  "CVE-2026-42208",
7947
11685
  "CVE-2026-45321",
11686
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
7948
11687
  "MAL-2026-3083",
7949
11688
  "MAL-2026-NODE-IPC-STEALER"
7950
11689
  ]
@@ -8077,6 +11816,13 @@
8077
11816
  },
8078
11817
  "related_cves": [
8079
11818
  "CVE-2023-43472",
11819
+ "CVE-2025-0133",
11820
+ "CVE-2025-10585",
11821
+ "CVE-2025-1094",
11822
+ "CVE-2025-14174",
11823
+ "CVE-2025-38352",
11824
+ "CVE-2025-43300",
11825
+ "CVE-2025-6965",
8080
11826
  "CVE-2026-30623",
8081
11827
  "CVE-2026-31431",
8082
11828
  "CVE-2026-39884",
@@ -8205,6 +11951,13 @@
8205
11951
  },
8206
11952
  "related_cves": [
8207
11953
  "CVE-2023-43472",
11954
+ "CVE-2025-0133",
11955
+ "CVE-2025-10585",
11956
+ "CVE-2025-1094",
11957
+ "CVE-2025-14174",
11958
+ "CVE-2025-38352",
11959
+ "CVE-2025-43300",
11960
+ "CVE-2025-6965",
8208
11961
  "CVE-2026-30623",
8209
11962
  "CVE-2026-31431",
8210
11963
  "CVE-2026-39884",
@@ -8347,6 +12100,13 @@
8347
12100
  },
8348
12101
  "related_cves": [
8349
12102
  "CVE-2023-43472",
12103
+ "CVE-2025-0133",
12104
+ "CVE-2025-10585",
12105
+ "CVE-2025-1094",
12106
+ "CVE-2025-14174",
12107
+ "CVE-2025-38352",
12108
+ "CVE-2025-43300",
12109
+ "CVE-2025-6965",
8350
12110
  "CVE-2026-30623",
8351
12111
  "CVE-2026-31431",
8352
12112
  "CVE-2026-39884",
@@ -8593,8 +12353,13 @@
8593
12353
  "CVE-2023-43472",
8594
12354
  "CVE-2024-3094",
8595
12355
  "CVE-2024-3154",
12356
+ "CVE-2025-0133",
12357
+ "CVE-2025-1094",
8596
12358
  "CVE-2025-11837",
12359
+ "CVE-2025-49844",
8597
12360
  "CVE-2025-53773",
12361
+ "CVE-2025-6965",
12362
+ "CVE-2026-22778",
8598
12363
  "CVE-2026-30615",
8599
12364
  "CVE-2026-30623",
8600
12365
  "CVE-2026-32202",
@@ -8602,6 +12367,7 @@
8602
12367
  "CVE-2026-39884",
8603
12368
  "CVE-2026-42208",
8604
12369
  "CVE-2026-45321",
12370
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
8605
12371
  "MAL-2026-3083",
8606
12372
  "MAL-2026-NODE-IPC-STEALER"
8607
12373
  ]
@@ -8736,7 +12502,16 @@
8736
12502
  "related_cves": [
8737
12503
  "CVE-2023-3519",
8738
12504
  "CVE-2024-21762",
12505
+ "CVE-2025-10585",
12506
+ "CVE-2025-1094",
8739
12507
  "CVE-2025-12686",
12508
+ "CVE-2025-14174",
12509
+ "CVE-2025-24201",
12510
+ "CVE-2025-38352",
12511
+ "CVE-2025-43300",
12512
+ "CVE-2025-43529",
12513
+ "CVE-2025-4919",
12514
+ "CVE-2025-49844",
8740
12515
  "CVE-2025-59389",
8741
12516
  "CVE-2025-62847",
8742
12517
  "CVE-2025-62848",
@@ -8971,7 +12746,14 @@
8971
12746
  "CVE-2024-3094",
8972
12747
  "CVE-2024-3154",
8973
12748
  "CVE-2024-40635",
12749
+ "CVE-2025-0133",
12750
+ "CVE-2025-1094",
12751
+ "CVE-2025-14847",
12752
+ "CVE-2025-22226",
12753
+ "CVE-2025-49844",
12754
+ "CVE-2025-53767",
8974
12755
  "CVE-2025-53773",
12756
+ "CVE-2025-6965",
8975
12757
  "CVE-2026-30615",
8976
12758
  "CVE-2026-30623",
8977
12759
  "CVE-2026-39884",
@@ -8979,6 +12761,7 @@
8979
12761
  "CVE-2026-42897",
8980
12762
  "CVE-2026-43284",
8981
12763
  "CVE-2026-45321",
12764
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
8982
12765
  "MAL-2026-3083",
8983
12766
  "MAL-2026-NODE-IPC-STEALER"
8984
12767
  ]
@@ -9317,7 +13100,15 @@
9317
13100
  "CVE-2023-43472",
9318
13101
  "CVE-2024-3094",
9319
13102
  "CVE-2024-3154",
13103
+ "CVE-2025-0133",
13104
+ "CVE-2025-10585",
13105
+ "CVE-2025-1094",
13106
+ "CVE-2025-14174",
13107
+ "CVE-2025-38352",
13108
+ "CVE-2025-43300",
13109
+ "CVE-2025-49844",
9320
13110
  "CVE-2025-53773",
13111
+ "CVE-2025-6965",
9321
13112
  "CVE-2026-30615",
9322
13113
  "CVE-2026-30623",
9323
13114
  "CVE-2026-31431",
@@ -9326,6 +13117,7 @@
9326
13117
  "CVE-2026-45321",
9327
13118
  "CVE-2026-46300",
9328
13119
  "CVE-2026-46333",
13120
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
9329
13121
  "MAL-2026-3083",
9330
13122
  "MAL-2026-NODE-IPC-STEALER",
9331
13123
  "MAL-2026-SHAI-HULUD-OSS"
@@ -9881,7 +13673,15 @@
9881
13673
  "CVE-2023-43472",
9882
13674
  "CVE-2024-3094",
9883
13675
  "CVE-2024-3154",
13676
+ "CVE-2025-0133",
13677
+ "CVE-2025-10585",
13678
+ "CVE-2025-1094",
13679
+ "CVE-2025-14174",
13680
+ "CVE-2025-38352",
13681
+ "CVE-2025-43300",
13682
+ "CVE-2025-49844",
9884
13683
  "CVE-2025-53773",
13684
+ "CVE-2025-6965",
9885
13685
  "CVE-2026-30615",
9886
13686
  "CVE-2026-30623",
9887
13687
  "CVE-2026-31431",
@@ -9890,6 +13690,7 @@
9890
13690
  "CVE-2026-45321",
9891
13691
  "CVE-2026-46300",
9892
13692
  "CVE-2026-46333",
13693
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
9893
13694
  "MAL-2026-3083",
9894
13695
  "MAL-2026-NODE-IPC-STEALER"
9895
13696
  ]
@@ -10083,6 +13884,11 @@
10083
13884
  },
10084
13885
  "related_cves": [
10085
13886
  "CVE-2024-3094",
13887
+ "CVE-2025-10585",
13888
+ "CVE-2025-1094",
13889
+ "CVE-2025-14174",
13890
+ "CVE-2025-38352",
13891
+ "CVE-2025-43300",
10086
13892
  "CVE-2025-53773",
10087
13893
  "CVE-2026-30615",
10088
13894
  "CVE-2026-31431",
@@ -10090,6 +13896,7 @@
10090
13896
  "CVE-2026-45321",
10091
13897
  "CVE-2026-46300",
10092
13898
  "CVE-2026-46333",
13899
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
10093
13900
  "MAL-2026-3083"
10094
13901
  ]
10095
13902
  },
@@ -10213,6 +14020,8 @@
10213
14020
  ]
10214
14021
  },
10215
14022
  "related_cves": [
14023
+ "CVE-2025-14847",
14024
+ "CVE-2025-22226",
10216
14025
  "CVE-2026-43284"
10217
14026
  ]
10218
14027
  },
@@ -10482,9 +14291,11 @@
10482
14291
  "related_cves": [
10483
14292
  "CVE-2024-3094",
10484
14293
  "CVE-2024-3154",
14294
+ "CVE-2025-49844",
10485
14295
  "CVE-2025-53773",
10486
14296
  "CVE-2026-30615",
10487
14297
  "CVE-2026-45321",
14298
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
10488
14299
  "MAL-2026-3083",
10489
14300
  "MAL-2026-NODE-IPC-STEALER"
10490
14301
  ]
@@ -10709,7 +14520,15 @@
10709
14520
  "CVE-2023-43472",
10710
14521
  "CVE-2024-3094",
10711
14522
  "CVE-2024-3154",
14523
+ "CVE-2025-0133",
14524
+ "CVE-2025-10585",
14525
+ "CVE-2025-1094",
14526
+ "CVE-2025-14174",
14527
+ "CVE-2025-38352",
14528
+ "CVE-2025-43300",
14529
+ "CVE-2025-49844",
10712
14530
  "CVE-2025-53773",
14531
+ "CVE-2025-6965",
10713
14532
  "CVE-2026-30615",
10714
14533
  "CVE-2026-30623",
10715
14534
  "CVE-2026-31431",
@@ -10718,6 +14537,7 @@
10718
14537
  "CVE-2026-45321",
10719
14538
  "CVE-2026-46300",
10720
14539
  "CVE-2026-46333",
14540
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
10721
14541
  "MAL-2026-3083",
10722
14542
  "MAL-2026-NODE-IPC-STEALER"
10723
14543
  ]
@@ -10852,7 +14672,16 @@
10852
14672
  "related_cves": [
10853
14673
  "CVE-2023-3519",
10854
14674
  "CVE-2024-21762",
14675
+ "CVE-2025-10585",
14676
+ "CVE-2025-1094",
10855
14677
  "CVE-2025-12686",
14678
+ "CVE-2025-14174",
14679
+ "CVE-2025-24201",
14680
+ "CVE-2025-38352",
14681
+ "CVE-2025-43300",
14682
+ "CVE-2025-43529",
14683
+ "CVE-2025-4919",
14684
+ "CVE-2025-49844",
10856
14685
  "CVE-2025-59389",
10857
14686
  "CVE-2025-62847",
10858
14687
  "CVE-2025-62848",
@@ -10990,7 +14819,16 @@
10990
14819
  "related_cves": [
10991
14820
  "CVE-2023-3519",
10992
14821
  "CVE-2024-21762",
14822
+ "CVE-2025-10585",
14823
+ "CVE-2025-1094",
10993
14824
  "CVE-2025-12686",
14825
+ "CVE-2025-14174",
14826
+ "CVE-2025-24201",
14827
+ "CVE-2025-38352",
14828
+ "CVE-2025-43300",
14829
+ "CVE-2025-43529",
14830
+ "CVE-2025-4919",
14831
+ "CVE-2025-49844",
10994
14832
  "CVE-2025-59389",
10995
14833
  "CVE-2025-62847",
10996
14834
  "CVE-2025-62848",
@@ -11222,7 +15060,15 @@
11222
15060
  "CVE-2023-43472",
11223
15061
  "CVE-2024-3094",
11224
15062
  "CVE-2024-3154",
15063
+ "CVE-2025-0133",
15064
+ "CVE-2025-10585",
15065
+ "CVE-2025-1094",
15066
+ "CVE-2025-14174",
15067
+ "CVE-2025-38352",
15068
+ "CVE-2025-43300",
15069
+ "CVE-2025-49844",
11225
15070
  "CVE-2025-53773",
15071
+ "CVE-2025-6965",
11226
15072
  "CVE-2026-30615",
11227
15073
  "CVE-2026-30623",
11228
15074
  "CVE-2026-31431",
@@ -11231,6 +15077,7 @@
11231
15077
  "CVE-2026-45321",
11232
15078
  "CVE-2026-46300",
11233
15079
  "CVE-2026-46333",
15080
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
11234
15081
  "MAL-2026-3083",
11235
15082
  "MAL-2026-NODE-IPC-STEALER"
11236
15083
  ]
@@ -11423,9 +15270,11 @@
11423
15270
  "related_cves": [
11424
15271
  "CVE-2024-3094",
11425
15272
  "CVE-2024-3154",
15273
+ "CVE-2025-49844",
11426
15274
  "CVE-2025-53773",
11427
15275
  "CVE-2026-30615",
11428
15276
  "CVE-2026-45321",
15277
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
11429
15278
  "MAL-2026-3083",
11430
15279
  "MAL-2026-NODE-IPC-STEALER",
11431
15280
  "MAL-2026-SHAI-HULUD-OSS"
@@ -11612,6 +15461,9 @@
11612
15461
  "related_cves": [
11613
15462
  "CVE-2023-43472",
11614
15463
  "CVE-2024-3094",
15464
+ "CVE-2025-0133",
15465
+ "CVE-2025-1094",
15466
+ "CVE-2025-6965",
11615
15467
  "CVE-2026-30615",
11616
15468
  "CVE-2026-30623",
11617
15469
  "CVE-2026-39884",
@@ -11911,7 +15763,16 @@
11911
15763
  "related_cves": [
11912
15764
  "CVE-2023-3519",
11913
15765
  "CVE-2024-21762",
15766
+ "CVE-2025-10585",
15767
+ "CVE-2025-1094",
11914
15768
  "CVE-2025-12686",
15769
+ "CVE-2025-14174",
15770
+ "CVE-2025-24201",
15771
+ "CVE-2025-38352",
15772
+ "CVE-2025-43300",
15773
+ "CVE-2025-43529",
15774
+ "CVE-2025-4919",
15775
+ "CVE-2025-49844",
11915
15776
  "CVE-2025-59389",
11916
15777
  "CVE-2025-62847",
11917
15778
  "CVE-2025-62848",
@@ -12207,7 +16068,15 @@
12207
16068
  "CVE-2023-43472",
12208
16069
  "CVE-2024-3094",
12209
16070
  "CVE-2024-3154",
16071
+ "CVE-2025-0133",
16072
+ "CVE-2025-10585",
16073
+ "CVE-2025-1094",
16074
+ "CVE-2025-14174",
16075
+ "CVE-2025-38352",
16076
+ "CVE-2025-43300",
16077
+ "CVE-2025-49844",
12210
16078
  "CVE-2025-53773",
16079
+ "CVE-2025-6965",
12211
16080
  "CVE-2026-30615",
12212
16081
  "CVE-2026-30623",
12213
16082
  "CVE-2026-31431",
@@ -12216,6 +16085,7 @@
12216
16085
  "CVE-2026-45321",
12217
16086
  "CVE-2026-46300",
12218
16087
  "CVE-2026-46333",
16088
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
12219
16089
  "MAL-2026-3083",
12220
16090
  "MAL-2026-NODE-IPC-STEALER",
12221
16091
  "MAL-2026-SHAI-HULUD-OSS"
@@ -12430,12 +16300,23 @@
12430
16300
  "CVE-2024-21762",
12431
16301
  "CVE-2024-3094",
12432
16302
  "CVE-2024-3154",
16303
+ "CVE-2025-0133",
16304
+ "CVE-2025-10585",
16305
+ "CVE-2025-1094",
12433
16306
  "CVE-2025-12686",
16307
+ "CVE-2025-14174",
16308
+ "CVE-2025-24201",
16309
+ "CVE-2025-38352",
16310
+ "CVE-2025-43300",
16311
+ "CVE-2025-43529",
16312
+ "CVE-2025-4919",
16313
+ "CVE-2025-49844",
12434
16314
  "CVE-2025-53773",
12435
16315
  "CVE-2025-59389",
12436
16316
  "CVE-2025-62847",
12437
16317
  "CVE-2025-62848",
12438
16318
  "CVE-2025-62849",
16319
+ "CVE-2025-6965",
12439
16320
  "CVE-2026-0300",
12440
16321
  "CVE-2026-30615",
12441
16322
  "CVE-2026-30623",
@@ -12741,6 +16622,12 @@
12741
16622
  "related_cves": [
12742
16623
  "CVE-2024-3094",
12743
16624
  "CVE-2024-3154",
16625
+ "CVE-2025-10585",
16626
+ "CVE-2025-1094",
16627
+ "CVE-2025-14174",
16628
+ "CVE-2025-38352",
16629
+ "CVE-2025-43300",
16630
+ "CVE-2025-49844",
12744
16631
  "CVE-2025-53773",
12745
16632
  "CVE-2026-30615",
12746
16633
  "CVE-2026-31431",
@@ -12748,6 +16635,7 @@
12748
16635
  "CVE-2026-45321",
12749
16636
  "CVE-2026-46300",
12750
16637
  "CVE-2026-46333",
16638
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
12751
16639
  "MAL-2026-3083"
12752
16640
  ]
12753
16641
  },
@@ -13047,12 +16935,17 @@
13047
16935
  "CVE-2023-43472",
13048
16936
  "CVE-2024-3094",
13049
16937
  "CVE-2024-3154",
16938
+ "CVE-2025-0133",
16939
+ "CVE-2025-1094",
16940
+ "CVE-2025-49844",
13050
16941
  "CVE-2025-53773",
16942
+ "CVE-2025-6965",
13051
16943
  "CVE-2026-30615",
13052
16944
  "CVE-2026-30623",
13053
16945
  "CVE-2026-39884",
13054
16946
  "CVE-2026-42208",
13055
16947
  "CVE-2026-45321",
16948
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
13056
16949
  "MAL-2026-3083",
13057
16950
  "MAL-2026-NODE-IPC-STEALER"
13058
16951
  ]
@@ -13325,12 +17218,16 @@
13325
17218
  "related_cves": [
13326
17219
  "CVE-2023-43472",
13327
17220
  "CVE-2024-3094",
17221
+ "CVE-2025-0133",
17222
+ "CVE-2025-1094",
13328
17223
  "CVE-2025-53773",
17224
+ "CVE-2025-6965",
13329
17225
  "CVE-2026-30615",
13330
17226
  "CVE-2026-30623",
13331
17227
  "CVE-2026-39884",
13332
17228
  "CVE-2026-42208",
13333
17229
  "CVE-2026-45321",
17230
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
13334
17231
  "MAL-2026-3083",
13335
17232
  "MAL-2026-NODE-IPC-STEALER"
13336
17233
  ]
@@ -13632,7 +17529,15 @@
13632
17529
  "CVE-2023-43472",
13633
17530
  "CVE-2024-3094",
13634
17531
  "CVE-2024-3154",
17532
+ "CVE-2025-0133",
17533
+ "CVE-2025-10585",
17534
+ "CVE-2025-1094",
17535
+ "CVE-2025-14174",
17536
+ "CVE-2025-38352",
17537
+ "CVE-2025-43300",
17538
+ "CVE-2025-49844",
13635
17539
  "CVE-2025-53773",
17540
+ "CVE-2025-6965",
13636
17541
  "CVE-2026-30615",
13637
17542
  "CVE-2026-30623",
13638
17543
  "CVE-2026-31431",
@@ -13641,6 +17546,7 @@
13641
17546
  "CVE-2026-45321",
13642
17547
  "CVE-2026-46300",
13643
17548
  "CVE-2026-46333",
17549
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
13644
17550
  "MAL-2026-3083",
13645
17551
  "MAL-2026-NODE-IPC-STEALER"
13646
17552
  ]
@@ -13694,6 +17600,11 @@
13694
17600
  "rfc_refs": []
13695
17601
  },
13696
17602
  "related_cves": [
17603
+ "CVE-2025-10585",
17604
+ "CVE-2025-1094",
17605
+ "CVE-2025-14174",
17606
+ "CVE-2025-38352",
17607
+ "CVE-2025-43300",
13697
17608
  "CVE-2026-31431",
13698
17609
  "CVE-2026-39884",
13699
17610
  "CVE-2026-45321",
@@ -13831,8 +17742,12 @@
13831
17742
  },
13832
17743
  "related_cves": [
13833
17744
  "CVE-2023-43472",
17745
+ "CVE-2025-0133",
17746
+ "CVE-2025-1094",
13834
17747
  "CVE-2025-11837",
13835
17748
  "CVE-2025-53773",
17749
+ "CVE-2025-6965",
17750
+ "CVE-2026-22778",
13836
17751
  "CVE-2026-30623",
13837
17752
  "CVE-2026-32202",
13838
17753
  "CVE-2026-33825",
@@ -13992,12 +17907,17 @@
13992
17907
  "CVE-2023-43472",
13993
17908
  "CVE-2024-3094",
13994
17909
  "CVE-2024-3154",
17910
+ "CVE-2025-0133",
17911
+ "CVE-2025-1094",
17912
+ "CVE-2025-49844",
13995
17913
  "CVE-2025-53773",
17914
+ "CVE-2025-6965",
13996
17915
  "CVE-2026-30615",
13997
17916
  "CVE-2026-30623",
13998
17917
  "CVE-2026-39884",
13999
17918
  "CVE-2026-42208",
14000
17919
  "CVE-2026-45321",
17920
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
14001
17921
  "MAL-2026-3083",
14002
17922
  "MAL-2026-NODE-IPC-STEALER",
14003
17923
  "MAL-2026-SHAI-HULUD-OSS"
@@ -14158,6 +18078,13 @@
14158
18078
  "related_cves": [
14159
18079
  "CVE-2024-21762",
14160
18080
  "CVE-2024-3094",
18081
+ "CVE-2025-10585",
18082
+ "CVE-2025-14174",
18083
+ "CVE-2025-24201",
18084
+ "CVE-2025-38352",
18085
+ "CVE-2025-43300",
18086
+ "CVE-2025-43529",
18087
+ "CVE-2025-4919",
14161
18088
  "CVE-2026-0300",
14162
18089
  "CVE-2026-30615",
14163
18090
  "CVE-2026-31431",
@@ -14384,7 +18311,15 @@
14384
18311
  "CVE-2023-43472",
14385
18312
  "CVE-2024-3094",
14386
18313
  "CVE-2024-3154",
18314
+ "CVE-2025-0133",
18315
+ "CVE-2025-10585",
18316
+ "CVE-2025-1094",
18317
+ "CVE-2025-14174",
18318
+ "CVE-2025-38352",
18319
+ "CVE-2025-43300",
18320
+ "CVE-2025-49844",
14387
18321
  "CVE-2025-53773",
18322
+ "CVE-2025-6965",
14388
18323
  "CVE-2026-30615",
14389
18324
  "CVE-2026-30623",
14390
18325
  "CVE-2026-31431",
@@ -14640,8 +18575,15 @@
14640
18575
  "CVE-2023-43472",
14641
18576
  "CVE-2024-3094",
14642
18577
  "CVE-2024-40635",
18578
+ "CVE-2025-0133",
18579
+ "CVE-2025-1094",
14643
18580
  "CVE-2025-11837",
18581
+ "CVE-2025-14847",
18582
+ "CVE-2025-22226",
18583
+ "CVE-2025-53767",
14644
18584
  "CVE-2025-53773",
18585
+ "CVE-2025-6965",
18586
+ "CVE-2026-22778",
14645
18587
  "CVE-2026-30615",
14646
18588
  "CVE-2026-30623",
14647
18589
  "CVE-2026-32202",
@@ -14651,6 +18593,7 @@
14651
18593
  "CVE-2026-42897",
14652
18594
  "CVE-2026-43284",
14653
18595
  "CVE-2026-45321",
18596
+ "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
14654
18597
  "MAL-2026-3083",
14655
18598
  "MAL-2026-NODE-IPC-STEALER",
14656
18599
  "MAL-2026-SHAI-HULUD-OSS"