@blamejs/exceptd-skills 0.13.67 → 0.13.69

package/data/attack-techniques.json

@@ -402,6 +402,7 @@
       "CVE-2026-31431",
       "CVE-2026-31635",
       "CVE-2026-33825",
+      "CVE-2026-41091",
       "CVE-2026-43284",
       "CVE-2026-43500",
       "CVE-2026-46300",
@@ -3345,7 +3346,10 @@
       "Windows"
     ],
     "stix_id": "attack-pattern--92a78814-b191-47ca-909c-1ccfe3777414",
-    "is_subtechnique": false
+    "is_subtechnique": false,
+    "cve_refs": [
+      "CVE-2026-34926"
+    ]
   },
   "T1074": {
     "id": "T1074",
@@ -3438,7 +3442,10 @@
       "Windows"
     ],
     "stix_id": "attack-pattern--7bc57495-ea59-4380-be31-a64af124ef18",
-    "is_subtechnique": false
+    "is_subtechnique": false,
+    "cve_refs": [
+      "CVE-2026-34926"
+    ]
   },
   "T1087": {
     "id": "T1087",

package/data/cve-catalog.json

@@ -9475,6 +9475,229 @@
     "_intake_method": "manual-verified-curation",
     "_kev_short_description": "Langflow contains an origin validation error vulnerability that could allow account takeover and remote code execution."
   },
+  "CVE-2026-41091": {
+    "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
+    "type": "LPE",
+    "cvss_score": 7.8,
+    "cvss_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "NVD CVSS v3.1 base 7.8 (HIGH). Local, low-complexity, low-privilege elevation: the Malware Protection Engine runs as SYSTEM, so a link-following primitive in it is a clean LPE-to-SYSTEM.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-05-20",
+    "cisa_kev_due_date": "2026-06-03",
+    "cisa_kev_due_date_note": "CISA KEV (FCEB) remediation deadline for the 2026-05-20 listing; verified against the live KEV catalog.",
+    "poc_available": false,
+    "poc_description": "CISA KEV-listed with Microsoft 'Exploitation Detected'. No public proof-of-concept repository verified at curation time; exploitation is confirmed regardless of public PoC status.",
+    "ai_discovered": false,
+    "ai_discovery_source": "vendor_research",
+    "ai_discovery_notes": "Reported through Microsoft's MSRC process; no AI-discovery attribution surfaced.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization reported.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "Microsoft flagged 'Exploitation Detected'; CISA added the CVE to the KEV catalog on 2026-05-20 alongside CVE-2026-45498 (Defender DoS). Help Net Security and The Hacker News reported active exploitation 2026-05-21.",
+    "affected": "Microsoft Malware Protection Engine (Microsoft Defender) versions 1.1.26030.3008 through 1.1.26040.8, excluding the fixed build 1.1.26040.8.",
+    "affected_versions": [
+      "Microsoft Malware Protection Engine >= 1.1.26030.3008, < 1.1.26040.8"
+    ],
+    "vector": "The Malware Protection Engine improperly resolves links before accessing files (link following, CWE-59). A local low-privileged attacker plants a link (symlink / junction / hardlink) so that an engine file operation running as SYSTEM follows it to a target the attacker could not otherwise write, yielding elevation to SYSTEM. The security agent itself is the privileged confused deputy.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:L / AC:L / PR:L. Requires local low-privileged code execution; the engine auto-runs as SYSTEM so no further pivot is needed.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": true,
+    "live_patch_tools": [
+      "Microsoft Defender antimalware-platform auto-update (Malware Protection Engine updates apply without reboot)"
+    ],
+    "live_patch_notes": "Defender's antimalware platform / engine auto-updates; the fixed engine build is 1.1.26040.8 and applies without reboot. The exposed population is managed environments that pin or delay engine updates — verify the deployed engine version is >= 1.1.26040.8.",
+    "vendor_update_paths": [
+      "Confirm the Microsoft Malware Protection Engine is updated to 1.1.26040.8 or later (auto-update is the default; ensure it is not blocked by a managed-update policy)."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SI-2": "30-day flaw-remediation SLA is inadequate for a KEV-listed, in-the-wild-exploited LPE; the CISA KEV due date (2026-06-03) is the binding clock.",
+      "ISO-27001-2022-A.8.8": "Vulnerability-management clause does not differentiate routinely-disclosed CVEs from KEV-listed actively-exploited ones, and does not specifically require verifying that the security agent's own engine build is current.",
+      "NIS2-Art21-patch-management": "Article 21 measures mandate timely patching but assume the EDR/AV agent is part of the defense, not itself the LPE vector; engine-version currency is rarely a tracked control.",
+      "DORA-Art-9": "ICT protection measures presume the endpoint-protection tool is trustworthy; a privileged confused-deputy in that tool is outside the typical control narrative.",
+      "UK-CAF-B4": "System Security objective expects vulnerability remediation but does not call out keeping the security agent's engine build patched as a distinct, audited control.",
+      "AU-ISM-1546": "Patch-application timeframe control is product-agnostic and does not single out the AV/EDR engine, whose SYSTEM privilege makes its flaws maximally severe."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1068"
+    ],
+    "rwep_score": 45,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 25,
+      "patch_available": -15,
+      "live_patch_available": -10,
+      "reboot_required": 0
+    },
+    "rwep_notes": "P2 (RWEP 45 per lib/scoring.js). KEV-listed with confirmed exploitation; blast_radius=25 — Microsoft Defender is present on virtually every Windows endpoint. No verified public PoC (poc_available=0); auto-update / no-reboot remediation reduces urgency (patch_available -15, live_patch_available -10). The notable risk is that the AV/EDR engine itself is the LPE-to-SYSTEM primitive.",
+    "epss_score": null,
+    "epss_date": "2026-05-24",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2026-41091",
+    "cwe_refs": [
+      "CWE-59",
+      "CWE-269"
+    ],
+    "iocs": {
+      "behavioral": [
+        "Creation of symbolic links, NTFS junctions, or hardlinks by a non-SYSTEM process inside paths the Malware Protection Engine reads/writes (scan staging, quarantine, signature-update, or platform-update directories under ProgramData\\Microsoft\\Windows Defender).",
+        "Malware Protection Engine (MsMpEng / engine worker) performing a file write or move as SYSTEM that resolves through an attacker-plantable link to a target outside its expected directory tree.",
+        "Deployed Defender engine version below 1.1.26040.8 on hosts that otherwise receive auto-updates — the exposed precondition."
+      ],
+      "_ioc_source_note": "Behavioral signatures derived from the NVD CVE-2026-41091 mechanism (CWE-59 link following in the Malware Protection Engine running as SYSTEM) and Microsoft's advisory; no public packet/payload capture available at curation time."
+    },
+    "source_verified": "2026-05-24",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2026-41091",
+      "https://www.helpnetsecurity.com/2026/05/21/microsoft-defender-vulnerabilities-cve-2026-41091-cve-2026-45498/",
+      "https://thehackernews.com/2026/05/microsoft-warns-of-two-actively.html",
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "CISA KEV",
+        "advisory_id": "CVE-2026-41091",
+        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+        "severity": "high",
+        "published_date": "2026-05-20"
+      },
+      {
+        "vendor": "Microsoft (MSRC)",
+        "advisory_id": "CVE-2026-41091",
+        "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091",
+        "severity": "high",
+        "published_date": "2026-05-20"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2026-41091",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41091",
+        "severity": "high",
+        "published_date": "2026-05-20"
+      }
+    ],
+    "last_updated": "2026-05-24",
+    "discovery_attribution_note": "Manually curated from NVD + Microsoft MSRC ('Exploitation Detected') + CISA KEV (added 2026-05-20, due 2026-06-03) + Help Net Security / The Hacker News coverage (2026-05-21). CWE-59 (link following) in the Malware Protection Engine, which runs as SYSTEM. Postdates the v0.13.17 bulk KEV intake (catalog version 2026.05.15).",
+    "_auto_imported": false,
+    "_intake_method": "manual-verified-curation",
+    "_kev_short_description": "Microsoft Defender (Malware Protection Engine) improperly resolves links before file access, allowing local privilege elevation to SYSTEM."
+  },
+  "CVE-2026-34926": {
+    "name": "Trend Micro Apex One Directory Traversal → Malicious Agent Code Deployment",
+    "type": "RCE",
+    "cvss_score": 6.7,
+    "cvss_vector": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L",
+    "cvss_note": "NVD CVSS v3.1 base 6.7 (MEDIUM). High privileges (PR:H — server admin) and high complexity (AC:H) gate it, but Scope:Changed reflects the real impact: the directory traversal lets an attacker on the Apex One management server inject code that the server then deploys to every managed agent — a fleet-wide push from the security tool's own deployment channel.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-05-21",
+    "cisa_kev_due_date": "2026-06-04",
+    "cisa_kev_due_date_note": "CISA KEV remediation deadline for the 2026-05-21 listing; verified against the live KEV catalog.",
+    "poc_available": false,
+    "poc_description": "CISA KEV-listed (confirmed exploitation). No public proof-of-concept repository referenced by NVD or the Trend Micro advisory at curation time.",
+    "ai_discovered": false,
+    "ai_discovery_source": "vendor_research",
+    "ai_discovery_notes": "Reported through Trend Micro / ZDI coordinated disclosure; no AI-discovery attribution surfaced.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization reported.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added the CVE to the KEV catalog on 2026-05-21 (confirmed-exploitation attestation).",
+    "affected": "Trend Micro Apex One on-premise (before 14.0.0.17079) and Apex One SaaS (before 14.0.20731).",
+    "affected_versions": [
+      "Trend Micro Apex One (on-premise) < 14.0.0.17079",
+      "Trend Micro Apex One (SaaS) < 14.0.20731"
+    ],
+    "vector": "A relative path-traversal flaw (CWE-23) on the Apex One on-premise management server lets an attacker who already has server access and administrative credentials modify a key table and inject malicious code that the server deploys to its managed agents. The trust the endpoints place in the management server's deployment channel turns a post-admin server foothold into fleet-wide agent code execution (Scope:Changed).",
+    "complexity": "high",
+    "complexity_notes": "NVD AC:H, PR:H: requires server access plus already-obtained administrative credentials. This is a post-admin-compromise propagation primitive, not an initial-access RCE — its value to an attacker is turning one server into the whole agent fleet.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "Vendor fix via product update — Apex One on-premise 14.0.0.17079 / SaaS 14.0.20731 or later; application update, no host reboot.",
+    "vendor_update_paths": [
+      "Update Apex One on-premise to 14.0.0.17079 or later; Apex One SaaS to 14.0.20731 or later."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SI-2": "30-day flaw-remediation SLA is inadequate for a KEV-listed actively-exploited flaw; the CISA KEV due date (2026-06-04) is the binding clock.",
+      "ISO-27001-2022-A.8.8": "Vulnerability-management clause does not differentiate routinely-disclosed CVEs from KEV-listed actively-exploited ones.",
+      "NIS2-Art21-patch-management": "Article 21 measures mandate patching but do not treat the EDR/endpoint-management server's agent-deployment channel as a high-blast-radius supply-chain control plane that must be hardened and monitored.",
+      "DORA-Art-9": "ICT protection measures assume the endpoint-management platform is trustworthy; abuse of its own deployment channel to push code to agents is outside the typical control narrative.",
+      "UK-CAF-B4": "System Security objective expects remediation but does not call out the management-server → agent deployment path as a privileged trust boundary requiring integrity controls.",
+      "AU-ISM-1546": "Patch-application timeframe control is product-agnostic; it does not address the fleet-wide propagation risk of a compromised endpoint-management server."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1072",
+      "T1083"
+    ],
+    "rwep_score": 52,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 22,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "P2 (RWEP 52 per lib/scoring.js). KEV-listed with confirmed exploitation. blast_radius=22: the management server's deployment channel reaches the whole agent fleet, but PR:H/AC:H (requires pre-existing server admin) caps practical reach below an unauthenticated RCE. No verified public PoC. patch_available -15 (vendor update).",
+    "epss_score": null,
+    "epss_date": "2026-05-24",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2026-34926",
+    "cwe_refs": [
+      "CWE-23",
+      "CWE-22"
+    ],
+    "iocs": {
+      "behavioral": [
+        "Modification of the Apex One server's agent-deployment key table or staged agent payloads by a process/path outside the normal product update workflow.",
+        "Apex One management server pushing an agent update/package that was not initiated by a sanctioned administrator action (deployment from an anomalous session or off-hours).",
+        "Path-traversal sequences (`..\\` / `../`) in requests to Apex One on-premise server endpoints that handle file or key-table writes.",
+        "On-premise Apex One server below 14.0.0.17079 (or SaaS below 14.0.20731) — the exposed precondition."
+      ],
+      "_ioc_source_note": "Behavioral signatures derived from the NVD CVE-2026-34926 mechanism (CWE-23 relative path traversal enabling key-table modification and malicious agent deployment) and the Trend Micro advisory; no public packet/payload capture available at curation time."
+    },
+    "source_verified": "2026-05-24",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2026-34926",
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "CISA KEV",
+        "advisory_id": "CVE-2026-34926",
+        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+        "severity": "medium",
+        "published_date": "2026-05-21"
+      },
+      {
+        "vendor": "Trend Micro",
+        "advisory_id": "CVE-2026-34926",
+        "url": "https://success.trendmicro.com/solution/CVE-2026-34926",
+        "severity": "medium",
+        "published_date": "2026-05-21"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2026-34926",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34926",
+        "severity": "medium",
+        "published_date": "2026-05-21"
+      }
+    ],
+    "last_updated": "2026-05-24",
+    "discovery_attribution_note": "Manually curated from NVD + CISA KEV (added 2026-05-21, due 2026-06-04). CWE-23 relative path traversal on the Apex One on-premise management server enabling key-table modification and malicious code deployment to managed agents. Postdates the v0.13.17 bulk KEV intake (catalog version 2026.05.15).",
+    "_auto_imported": false,
+    "_intake_method": "manual-verified-curation",
+    "_kev_short_description": "Trend Micro Apex One on-premise contains a directory traversal that lets a pre-authenticated local attacker modify a key table to inject malicious code deployed to agents."
+  },
   "CVE-2025-32432": {
     "name": "Craft CMS Code Injection Vulnerability",
     "type": "RCE",

package/data/cwe-catalog.json

@@ -101,7 +101,8 @@
       "CVE-2025-27920",
       "CVE-2025-4632",
       "CVE-2025-6218",
-      "CVE-2025-8110"
+      "CVE-2025-8110",
+      "CVE-2026-34926"
     ],
     "framework_controls_partially_addressing": [
       "NIST-800-53-AC-3",
@@ -577,7 +578,8 @@
       "CVE-2025-48543",
       "CVE-2025-48572",
       "CVE-2025-62849",
-      "CVE-2026-21533"
+      "CVE-2026-21533",
+      "CVE-2026-41091"
     ],
     "framework_controls_partially_addressing": [
       "NIST-800-53-AC-6",
@@ -2109,7 +2111,8 @@
     "related_weaknesses": [],
     "evidence_cves": [
       "CVE-2024-27199",
-      "CVE-2025-64446"
+      "CVE-2025-64446",
+      "CVE-2026-34926"
     ],
     "last_verified": "2026-05-18",
     "notes": "Added v0.13.17 KEV bulk-import."
@@ -2148,7 +2151,8 @@
     "related_weaknesses": [],
     "evidence_cves": [
       "CVE-2025-48384",
-      "CVE-2025-60710"
+      "CVE-2025-60710",
+      "CVE-2026-41091"
     ],
     "last_verified": "2026-05-18",
     "notes": "Added v0.13.17 KEV bulk-import."

package/data/framework-control-gaps.json

@@ -1517,10 +1517,12 @@
       "CVE-2026-33634",
       "CVE-2026-34197",
       "CVE-2026-34621",
+      "CVE-2026-34926",
       "CVE-2026-3502",
       "CVE-2026-35616",
       "CVE-2026-3909",
       "CVE-2026-3910",
+      "CVE-2026-41091",
       "CVE-2026-41940",
       "CVE-2026-42945",
       "CVE-2026-46300",
@@ -1713,7 +1715,9 @@
       "CVE-2025-38352",
       "CVE-2025-43300",
       "CVE-2026-31431",
+      "CVE-2026-34926",
       "CVE-2026-39884",
+      "CVE-2026-41091",
       "CVE-2026-45321",
       "CVE-2026-46300",
       "CVE-2026-46333",
@@ -2438,10 +2442,12 @@
       "CVE-2026-33825",
       "CVE-2026-34197",
       "CVE-2026-34621",
+      "CVE-2026-34926",
       "CVE-2026-3502",
       "CVE-2026-35616",
       "CVE-2026-3909",
       "CVE-2026-3910",
+      "CVE-2026-41091",
       "CVE-2026-41940",
       "CVE-2026-42897",
       "CVE-2026-42945",
@@ -4691,6 +4697,8 @@
       "CVE-2025-34291",
       "CVE-2026-0300",
       "CVE-2026-20182",
+      "CVE-2026-34926",
+      "CVE-2026-41091",
       "CVE-2026-42897",
       "CVE-2026-42945",
       "CVE-2026-46300",
@@ -5177,6 +5185,8 @@
     "evidence_cves": [
       "CVE-2024-21762",
       "CVE-2025-34291",
+      "CVE-2026-34926",
+      "CVE-2026-41091",
       "CVE-2026-46300",
       "CVE-2026-46333",
       "MAL-2026-SHAI-HULUD-OSS"
@@ -5212,6 +5222,8 @@
     "evidence_cves": [
       "CVE-2024-21762",
       "CVE-2025-34291",
+      "CVE-2026-34926",
+      "CVE-2026-41091",
       "CVE-2026-46300",
       "CVE-2026-46333"
     ],

package/data/zeroday-lessons.json

@@ -5978,6 +5978,96 @@
     "_auto_imported": false,
     "_intake_method": "manual-verified-curation"
   },
+  "CVE-2026-41091": {
+    "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
+    "lesson_date": "2026-05-24",
+    "attack_vector": {
+      "description": "The Malware Protection Engine, which runs as SYSTEM, improperly resolves links before accessing files (CWE-59). A local low-privileged attacker plants a symlink/junction/hardlink so an engine file operation follows it to a target the attacker could not otherwise write, elevating to SYSTEM.",
+      "privileges_required": "local, low-privileged code execution (no admin)",
+      "complexity": "low (NVD AV:L / AC:L / PR:L)",
+      "ai_factor": "Not AI-discovered. The lesson: the EDR/AV agent is itself a SYSTEM-privileged confused deputy — a link-following flaw in the security tool is a maximally-severe LPE, and engine-build currency must be an audited control, not assumed because 'Defender auto-updates'. Surfaced by the CISA-KEV poller after the v0.13.17 bulk intake."
+    },
+    "framework_coverage": {
+      "NIST-800-53-SI-2": {
+        "covered": true,
+        "adequate": false,
+        "gap": "30-day SLA inadequate for a KEV-listed LPE; KEV due date (2026-06-03) is the binding clock, and engine-version currency is not a tracked remediation target."
+      },
+      "ISO-27001-2022-A.8.8": {
+        "covered": true,
+        "adequate": false,
+        "gap": "Does not differentiate routinely-disclosed CVEs from KEV-listed ones, nor require verifying that the security agent's own engine build is patched."
+      }
+    },
+    "compliance_exposure_score": {
+      "percent_audit_passing_orgs_still_exposed": 50,
+      "basis": "Most orgs assume Defender auto-updates close engine flaws; managed environments that pin/delay engine builds remain exposed while passing patch-SLA audits that track OS patches, not AV-engine builds.",
+      "theater_pattern": "patch_management"
+    },
+    "ai_discovered_zeroday": false,
+    "ai_discovery_source": "vendor_research",
+    "ai_assist_factor": "none",
+    "new_control_requirements": [
+      {
+        "id": "NEW-CTRL-077",
+        "name": "SECURITY-AGENT-ENGINE-CURRENCY-AUDIT",
+        "description": "Treat the EDR/AV agent's own engine/platform build as a first-class, audited remediation target: verify (not assume) that the deployed Microsoft Defender Malware Protection Engine is >= the fixed build (1.1.26040.8 for CVE-2026-41091) on every endpoint, and alarm on hosts whose engine build lags despite an auto-update policy. A SYSTEM-privileged security agent's flaws are LPE-to-SYSTEM by construction.",
+        "evidence": "https://nvd.nist.gov/vuln/detail/CVE-2026-41091",
+        "gap_closes": [
+          "NIST-800-53-SI-2",
+          "ISO-27001-2022-A.8.8",
+          "AU-ISM-1546"
+        ]
+      }
+    ],
+    "_auto_imported": false,
+    "_intake_method": "manual-verified-curation"
+  },
+  "CVE-2026-34926": {
+    "name": "Trend Micro Apex One Directory Traversal → Malicious Agent Code Deployment",
+    "lesson_date": "2026-05-24",
+    "attack_vector": {
+      "description": "A relative path traversal (CWE-23) on the Apex One on-premise management server lets an attacker with server admin access modify a key table and inject malicious code that the server deploys to all managed agents — fleet-wide code execution through the security tool's own trusted deployment channel.",
+      "privileges_required": "server access + already-obtained administrative credentials (PR:H)",
+      "complexity": "high (NVD AC:H) — post-admin-compromise propagation primitive, not initial access",
+      "ai_factor": "Not AI-discovered. The lesson: an endpoint-management server's agent-deployment channel is a high-blast-radius supply-chain control plane — its integrity must be monitored, because a foothold on the server becomes the entire agent fleet. Surfaced by the CISA-KEV poller after the v0.13.17 bulk intake."
+    },
+    "framework_coverage": {
+      "NIST-800-53-SI-2": {
+        "covered": true,
+        "adequate": false,
+        "gap": "30-day SLA inadequate for a KEV-listed flaw; KEV due date (2026-06-04) is the binding clock."
+      },
+      "ISO-27001-2022-A.8.8": {
+        "covered": true,
+        "adequate": false,
+        "gap": "Does not differentiate routinely-disclosed CVEs from KEV-listed ones, nor treat the agent-deployment channel as a control plane needing integrity monitoring."
+      }
+    },
+    "compliance_exposure_score": {
+      "percent_audit_passing_orgs_still_exposed": 45,
+      "basis": "Orgs audit endpoint protection for coverage and patch SLA but rarely monitor the integrity of the management server's agent-deployment channel; a post-admin foothold there is treated as 'already game over' rather than as a fleet-propagation risk to contain.",
+      "theater_pattern": "detection_gap"
+    },
+    "ai_discovered_zeroday": false,
+    "ai_discovery_source": "vendor_research",
+    "ai_assist_factor": "none",
+    "new_control_requirements": [
+      {
+        "id": "NEW-CTRL-078",
+        "name": "ENDPOINT-MGMT-DEPLOYMENT-CHANNEL-INTEGRITY",
+        "description": "Treat the EDR/endpoint-management server's agent-deployment channel (package/key-table → agent push) as a privileged supply-chain control plane: integrity-monitor the deployment artifacts and key tables, alert on agent pushes not tied to a sanctioned admin action, and patch the management server to the fixed build (Apex One on-prem 14.0.0.17079 / SaaS 14.0.20731) as a KEV-priority item. A server foothold must not silently become fleet-wide agent code execution.",
+        "evidence": "https://nvd.nist.gov/vuln/detail/CVE-2026-34926",
+        "gap_closes": [
+          "NIST-800-53-SI-2",
+          "ISO-27001-2022-A.8.8",
+          "NIS2-Art21-patch-management"
+        ]
+      }
+    ],
+    "_auto_imported": false,
+    "_intake_method": "manual-verified-curation"
+  },
   "CVE-2025-32432": {
     "name": "Craft CMS Code Injection Vulnerability",
     "lesson_date": "2026-05-18",