@blamejs/exceptd-skills 0.13.68 → 0.13.70

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/CHANGELOG.md +8 -0
  2. package/data/_indexes/_meta.json +8 -8
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +548 -0
  6. package/data/attack-techniques.json +12 -4
  7. package/data/cve-catalog.json +223 -0
  8. package/data/cwe-catalog.json +7 -3
  9. package/data/framework-control-gaps.json +12 -0
  10. package/data/zeroday-lessons.json +90 -0
  11. package/manifest.json +44 -44
  12. package/package.json +2 -2
  13. package/sbom.cdx.json +23 -23
package/data/_indexes/chains.json CHANGED
@@ -16503,6 +16503,514 @@
16503
16503
  ]
16504
16504
  }
16505
16505
  },
16506
+ "CVE-2026-34926": {
16507
+ "name": "Trend Micro Apex One Directory Traversal → Malicious Agent Code Deployment",
16508
+ "rwep": 52,
16509
+ "cvss": 6.7,
16510
+ "cisa_kev": true,
16511
+ "epss_score": null,
16512
+ "referencing_skills": [
16513
+ "kernel-lpe-triage",
16514
+ "attack-surface-pentest",
16515
+ "ot-ics-security",
16516
+ "coordinated-vuln-disclosure",
16517
+ "sector-energy"
16518
+ ],
16519
+ "chain": {
16520
+ "cwes": [
16521
+ {
16522
+ "id": "CWE-1037",
16523
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
16524
+ "category": "Hardware / Side Channel"
16525
+ },
16526
+ {
16527
+ "id": "CWE-125",
16528
+ "name": "Out-of-bounds Read",
16529
+ "category": "Memory Safety"
16530
+ },
16531
+ {
16532
+ "id": "CWE-1357",
16533
+ "name": "Reliance on Insufficiently Trustworthy Component",
16534
+ "category": "Supply Chain"
16535
+ },
16536
+ {
16537
+ "id": "CWE-1395",
16538
+ "name": "Dependency on Vulnerable Third-Party Component",
16539
+ "category": "Supply Chain"
16540
+ },
16541
+ {
16542
+ "id": "CWE-22",
16543
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
16544
+ "category": "Path/Resource"
16545
+ },
16546
+ {
16547
+ "id": "CWE-269",
16548
+ "name": "Improper Privilege Management",
16549
+ "category": "Authorization"
16550
+ },
16551
+ {
16552
+ "id": "CWE-287",
16553
+ "name": "Improper Authentication",
16554
+ "category": "Authentication"
16555
+ },
16556
+ {
16557
+ "id": "CWE-306",
16558
+ "name": "Missing Authentication for Critical Function",
16559
+ "category": "Authentication"
16560
+ },
16561
+ {
16562
+ "id": "CWE-352",
16563
+ "name": "Cross-Site Request Forgery (CSRF)",
16564
+ "category": "Session"
16565
+ },
16566
+ {
16567
+ "id": "CWE-362",
16568
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
16569
+ "category": "Concurrency"
16570
+ },
16571
+ {
16572
+ "id": "CWE-416",
16573
+ "name": "Use After Free",
16574
+ "category": "Memory Safety"
16575
+ },
16576
+ {
16577
+ "id": "CWE-434",
16578
+ "name": "Unrestricted Upload of File with Dangerous Type",
16579
+ "category": "File Handling"
16580
+ },
16581
+ {
16582
+ "id": "CWE-672",
16583
+ "name": "Operation on a Resource after Expiration or Release",
16584
+ "category": "Memory Safety"
16585
+ },
16586
+ {
16587
+ "id": "CWE-732",
16588
+ "name": "Incorrect Permission Assignment for Critical Resource",
16589
+ "category": "Authorization"
16590
+ },
16591
+ {
16592
+ "id": "CWE-78",
16593
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
16594
+ "category": "Injection"
16595
+ },
16596
+ {
16597
+ "id": "CWE-787",
16598
+ "name": "Out-of-bounds Write",
16599
+ "category": "Memory Safety"
16600
+ },
16601
+ {
16602
+ "id": "CWE-79",
16603
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
16604
+ "category": "Injection"
16605
+ },
16606
+ {
16607
+ "id": "CWE-798",
16608
+ "name": "Use of Hard-coded Credentials",
16609
+ "category": "Credentials"
16610
+ },
16611
+ {
16612
+ "id": "CWE-89",
16613
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
16614
+ "category": "Injection"
16615
+ },
16616
+ {
16617
+ "id": "CWE-918",
16618
+ "name": "Server-Side Request Forgery (SSRF)",
16619
+ "category": "Network"
16620
+ }
16621
+ ],
16622
+ "atlas": [
16623
+ {
16624
+ "id": "AML.T0010",
16625
+ "name": "ML Supply Chain Compromise",
16626
+ "tactic": "Initial Access"
16627
+ },
16628
+ {
16629
+ "id": "AML.T0043",
16630
+ "name": "Craft Adversarial Data",
16631
+ "tactic": "ML Attack Staging"
16632
+ },
16633
+ {
16634
+ "id": "AML.T0051",
16635
+ "name": "LLM Prompt Injection",
16636
+ "tactic": "Execution"
16637
+ }
16638
+ ],
16639
+ "d3fend": [
16640
+ {
16641
+ "id": "D3-ASLR",
16642
+ "name": "Address Space Layout Randomization",
16643
+ "tactic": "Harden"
16644
+ },
16645
+ {
16646
+ "id": "D3-CSPP",
16647
+ "name": "Client-server Payload Profiling",
16648
+ "tactic": "Detect"
16649
+ },
16650
+ {
16651
+ "id": "D3-EAL",
16652
+ "name": "Executable Allowlisting",
16653
+ "tactic": "Harden"
16654
+ },
16655
+ {
16656
+ "id": "D3-NTA",
16657
+ "name": "Network Traffic Analysis",
16658
+ "tactic": "Detect"
16659
+ },
16660
+ {
16661
+ "id": "D3-PHRA",
16662
+ "name": "Process Hardware Resource Access",
16663
+ "tactic": "Isolate"
16664
+ },
16665
+ {
16666
+ "id": "D3-PSEP",
16667
+ "name": "Process Segment Execution Prevention",
16668
+ "tactic": "Harden"
16669
+ }
16670
+ ],
16671
+ "framework_gaps": [
16672
+ {
16673
+ "id": "CIS-Controls-v8-Control7",
16674
+ "framework": "CIS Controls v8",
16675
+ "control_name": "Continuous Vulnerability Management"
16676
+ },
16677
+ {
16678
+ "id": "IEC-62443-3-3",
16679
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
16680
+ "control_name": "System security requirements and security levels"
16681
+ },
16682
+ {
16683
+ "id": "ISO-27001-2022-A.8.8",
16684
+ "framework": "ISO/IEC 27001:2022",
16685
+ "control_name": "Management of technical vulnerabilities"
16686
+ },
16687
+ {
16688
+ "id": "NERC-CIP-007-6-R4",
16689
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
16690
+ "control_name": "Security event monitoring"
16691
+ },
16692
+ {
16693
+ "id": "NIS2-Art21-patch-management",
16694
+ "framework": "EU NIS2 Directive",
16695
+ "control_name": "Vulnerability handling and disclosure"
16696
+ },
16697
+ {
16698
+ "id": "NIST-800-115",
16699
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
16700
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
16701
+ },
16702
+ {
16703
+ "id": "NIST-800-218-SSDF",
16704
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
16705
+ "control_name": "Secure Software Development Framework"
16706
+ },
16707
+ {
16708
+ "id": "NIST-800-53-SC-8",
16709
+ "framework": "NIST SP 800-53 Rev 5",
16710
+ "control_name": "Transmission Confidentiality and Integrity"
16711
+ },
16712
+ {
16713
+ "id": "NIST-800-53-SI-2",
16714
+ "framework": "NIST SP 800-53 Rev 5",
16715
+ "control_name": "Flaw Remediation"
16716
+ },
16717
+ {
16718
+ "id": "NIST-800-82r3",
16719
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
16720
+ "control_name": "Guide to Operational Technology (OT) Security"
16721
+ },
16722
+ {
16723
+ "id": "OWASP-Pen-Testing-Guide-v5",
16724
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
16725
+ "control_name": "Web application penetration testing methodology"
16726
+ },
16727
+ {
16728
+ "id": "PCI-DSS-4.0-6.3.3",
16729
+ "framework": "PCI DSS 4.0",
16730
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
16731
+ },
16732
+ {
16733
+ "id": "PTES-Pre-engagement",
16734
+ "framework": "Penetration Testing Execution Standard (PTES)",
16735
+ "control_name": "Pre-engagement Interactions"
16736
+ },
16737
+ {
16738
+ "id": "SOC2-CC9-vendor-management",
16739
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
16740
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
16741
+ }
16742
+ ],
16743
+ "attack_refs": [
16744
+ "T0855",
16745
+ "T0883",
16746
+ "T1059",
16747
+ "T1068",
16748
+ "T1078",
16749
+ "T1133",
16750
+ "T1190",
16751
+ "T1548.001"
16752
+ ],
16753
+ "rfc_refs": [
16754
+ "RFC-4301",
16755
+ "RFC-4303",
16756
+ "RFC-7296"
16757
+ ]
16758
+ }
16759
+ },
16760
+ "CVE-2026-45498": {
16761
+ "name": "Microsoft Defender Remote Denial of Service (Antimalware Platform)",
16762
+ "rwep": 45,
16763
+ "cvss": 7.5,
16764
+ "cisa_kev": true,
16765
+ "epss_score": null,
16766
+ "referencing_skills": [
16767
+ "kernel-lpe-triage",
16768
+ "attack-surface-pentest",
16769
+ "ot-ics-security",
16770
+ "coordinated-vuln-disclosure",
16771
+ "sector-energy"
16772
+ ],
16773
+ "chain": {
16774
+ "cwes": [
16775
+ {
16776
+ "id": "CWE-1037",
16777
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
16778
+ "category": "Hardware / Side Channel"
16779
+ },
16780
+ {
16781
+ "id": "CWE-125",
16782
+ "name": "Out-of-bounds Read",
16783
+ "category": "Memory Safety"
16784
+ },
16785
+ {
16786
+ "id": "CWE-1357",
16787
+ "name": "Reliance on Insufficiently Trustworthy Component",
16788
+ "category": "Supply Chain"
16789
+ },
16790
+ {
16791
+ "id": "CWE-1395",
16792
+ "name": "Dependency on Vulnerable Third-Party Component",
16793
+ "category": "Supply Chain"
16794
+ },
16795
+ {
16796
+ "id": "CWE-22",
16797
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
16798
+ "category": "Path/Resource"
16799
+ },
16800
+ {
16801
+ "id": "CWE-269",
16802
+ "name": "Improper Privilege Management",
16803
+ "category": "Authorization"
16804
+ },
16805
+ {
16806
+ "id": "CWE-287",
16807
+ "name": "Improper Authentication",
16808
+ "category": "Authentication"
16809
+ },
16810
+ {
16811
+ "id": "CWE-306",
16812
+ "name": "Missing Authentication for Critical Function",
16813
+ "category": "Authentication"
16814
+ },
16815
+ {
16816
+ "id": "CWE-352",
16817
+ "name": "Cross-Site Request Forgery (CSRF)",
16818
+ "category": "Session"
16819
+ },
16820
+ {
16821
+ "id": "CWE-362",
16822
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
16823
+ "category": "Concurrency"
16824
+ },
16825
+ {
16826
+ "id": "CWE-416",
16827
+ "name": "Use After Free",
16828
+ "category": "Memory Safety"
16829
+ },
16830
+ {
16831
+ "id": "CWE-434",
16832
+ "name": "Unrestricted Upload of File with Dangerous Type",
16833
+ "category": "File Handling"
16834
+ },
16835
+ {
16836
+ "id": "CWE-672",
16837
+ "name": "Operation on a Resource after Expiration or Release",
16838
+ "category": "Memory Safety"
16839
+ },
16840
+ {
16841
+ "id": "CWE-732",
16842
+ "name": "Incorrect Permission Assignment for Critical Resource",
16843
+ "category": "Authorization"
16844
+ },
16845
+ {
16846
+ "id": "CWE-78",
16847
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
16848
+ "category": "Injection"
16849
+ },
16850
+ {
16851
+ "id": "CWE-787",
16852
+ "name": "Out-of-bounds Write",
16853
+ "category": "Memory Safety"
16854
+ },
16855
+ {
16856
+ "id": "CWE-79",
16857
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
16858
+ "category": "Injection"
16859
+ },
16860
+ {
16861
+ "id": "CWE-798",
16862
+ "name": "Use of Hard-coded Credentials",
16863
+ "category": "Credentials"
16864
+ },
16865
+ {
16866
+ "id": "CWE-89",
16867
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
16868
+ "category": "Injection"
16869
+ },
16870
+ {
16871
+ "id": "CWE-918",
16872
+ "name": "Server-Side Request Forgery (SSRF)",
16873
+ "category": "Network"
16874
+ }
16875
+ ],
16876
+ "atlas": [
16877
+ {
16878
+ "id": "AML.T0010",
16879
+ "name": "ML Supply Chain Compromise",
16880
+ "tactic": "Initial Access"
16881
+ },
16882
+ {
16883
+ "id": "AML.T0043",
16884
+ "name": "Craft Adversarial Data",
16885
+ "tactic": "ML Attack Staging"
16886
+ },
16887
+ {
16888
+ "id": "AML.T0051",
16889
+ "name": "LLM Prompt Injection",
16890
+ "tactic": "Execution"
16891
+ }
16892
+ ],
16893
+ "d3fend": [
16894
+ {
16895
+ "id": "D3-ASLR",
16896
+ "name": "Address Space Layout Randomization",
16897
+ "tactic": "Harden"
16898
+ },
16899
+ {
16900
+ "id": "D3-CSPP",
16901
+ "name": "Client-server Payload Profiling",
16902
+ "tactic": "Detect"
16903
+ },
16904
+ {
16905
+ "id": "D3-EAL",
16906
+ "name": "Executable Allowlisting",
16907
+ "tactic": "Harden"
16908
+ },
16909
+ {
16910
+ "id": "D3-NTA",
16911
+ "name": "Network Traffic Analysis",
16912
+ "tactic": "Detect"
16913
+ },
16914
+ {
16915
+ "id": "D3-PHRA",
16916
+ "name": "Process Hardware Resource Access",
16917
+ "tactic": "Isolate"
16918
+ },
16919
+ {
16920
+ "id": "D3-PSEP",
16921
+ "name": "Process Segment Execution Prevention",
16922
+ "tactic": "Harden"
16923
+ }
16924
+ ],
16925
+ "framework_gaps": [
16926
+ {
16927
+ "id": "CIS-Controls-v8-Control7",
16928
+ "framework": "CIS Controls v8",
16929
+ "control_name": "Continuous Vulnerability Management"
16930
+ },
16931
+ {
16932
+ "id": "IEC-62443-3-3",
16933
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
16934
+ "control_name": "System security requirements and security levels"
16935
+ },
16936
+ {
16937
+ "id": "ISO-27001-2022-A.8.8",
16938
+ "framework": "ISO/IEC 27001:2022",
16939
+ "control_name": "Management of technical vulnerabilities"
16940
+ },
16941
+ {
16942
+ "id": "NERC-CIP-007-6-R4",
16943
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
16944
+ "control_name": "Security event monitoring"
16945
+ },
16946
+ {
16947
+ "id": "NIS2-Art21-patch-management",
16948
+ "framework": "EU NIS2 Directive",
16949
+ "control_name": "Vulnerability handling and disclosure"
16950
+ },
16951
+ {
16952
+ "id": "NIST-800-115",
16953
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
16954
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
16955
+ },
16956
+ {
16957
+ "id": "NIST-800-218-SSDF",
16958
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
16959
+ "control_name": "Secure Software Development Framework"
16960
+ },
16961
+ {
16962
+ "id": "NIST-800-53-SC-8",
16963
+ "framework": "NIST SP 800-53 Rev 5",
16964
+ "control_name": "Transmission Confidentiality and Integrity"
16965
+ },
16966
+ {
16967
+ "id": "NIST-800-53-SI-2",
16968
+ "framework": "NIST SP 800-53 Rev 5",
16969
+ "control_name": "Flaw Remediation"
16970
+ },
16971
+ {
16972
+ "id": "NIST-800-82r3",
16973
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
16974
+ "control_name": "Guide to Operational Technology (OT) Security"
16975
+ },
16976
+ {
16977
+ "id": "OWASP-Pen-Testing-Guide-v5",
16978
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
16979
+ "control_name": "Web application penetration testing methodology"
16980
+ },
16981
+ {
16982
+ "id": "PCI-DSS-4.0-6.3.3",
16983
+ "framework": "PCI DSS 4.0",
16984
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
16985
+ },
16986
+ {
16987
+ "id": "PTES-Pre-engagement",
16988
+ "framework": "Penetration Testing Execution Standard (PTES)",
16989
+ "control_name": "Pre-engagement Interactions"
16990
+ },
16991
+ {
16992
+ "id": "SOC2-CC9-vendor-management",
16993
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
16994
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
16995
+ }
16996
+ ],
16997
+ "attack_refs": [
16998
+ "T0855",
16999
+ "T0883",
17000
+ "T1059",
17001
+ "T1068",
17002
+ "T1078",
17003
+ "T1133",
17004
+ "T1190",
17005
+ "T1548.001"
17006
+ ],
17007
+ "rfc_refs": [
17008
+ "RFC-4301",
17009
+ "RFC-4303",
17010
+ "RFC-7296"
17011
+ ]
17012
+ }
17013
+ },
16506
17014
  "CVE-2025-32432": {
16507
17015
  "name": "Craft CMS Code Injection Vulnerability",
16508
17016
  "rwep": 77,
@@ -41537,10 +42045,12 @@
41537
42045
  "CVE-2026-30615",
41538
42046
  "CVE-2026-30623",
41539
42047
  "CVE-2026-31431",
42048
+ "CVE-2026-34926",
41540
42049
  "CVE-2026-39884",
41541
42050
  "CVE-2026-41091",
41542
42051
  "CVE-2026-42208",
41543
42052
  "CVE-2026-45321",
42053
+ "CVE-2026-45498",
41544
42054
  "CVE-2026-46300",
41545
42055
  "CVE-2026-46333",
41546
42056
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
@@ -41878,10 +42388,12 @@
41878
42388
  "CVE-2025-6965",
41879
42389
  "CVE-2026-30623",
41880
42390
  "CVE-2026-31431",
42391
+ "CVE-2026-34926",
41881
42392
  "CVE-2026-39884",
41882
42393
  "CVE-2026-41091",
41883
42394
  "CVE-2026-42208",
41884
42395
  "CVE-2026-45321",
42396
+ "CVE-2026-45498",
41885
42397
  "CVE-2026-46300",
41886
42398
  "CVE-2026-46333",
41887
42399
  "MAL-2026-3083",
@@ -42015,10 +42527,12 @@
42015
42527
  "CVE-2025-6965",
42016
42528
  "CVE-2026-30623",
42017
42529
  "CVE-2026-31431",
42530
+ "CVE-2026-34926",
42018
42531
  "CVE-2026-39884",
42019
42532
  "CVE-2026-41091",
42020
42533
  "CVE-2026-42208",
42021
42534
  "CVE-2026-45321",
42535
+ "CVE-2026-45498",
42022
42536
  "CVE-2026-46300",
42023
42537
  "CVE-2026-46333",
42024
42538
  "MAL-2026-3083",
@@ -42166,10 +42680,12 @@
42166
42680
  "CVE-2025-6965",
42167
42681
  "CVE-2026-30623",
42168
42682
  "CVE-2026-31431",
42683
+ "CVE-2026-34926",
42169
42684
  "CVE-2026-39884",
42170
42685
  "CVE-2026-41091",
42171
42686
  "CVE-2026-42208",
42172
42687
  "CVE-2026-45321",
42688
+ "CVE-2026-45498",
42173
42689
  "CVE-2026-46300",
42174
42690
  "CVE-2026-46333",
42175
42691
  "MAL-2026-3083",
@@ -42819,6 +43335,7 @@
42819
43335
  "CVE-2026-33825",
42820
43336
  "CVE-2026-34197",
42821
43337
  "CVE-2026-34621",
43338
+ "CVE-2026-34926",
42822
43339
  "CVE-2026-3502",
42823
43340
  "CVE-2026-35616",
42824
43341
  "CVE-2026-3909",
@@ -42831,6 +43348,7 @@
42831
43348
  "CVE-2026-43284",
42832
43349
  "CVE-2026-43500",
42833
43350
  "CVE-2026-45321",
43351
+ "CVE-2026-45498",
42834
43352
  "CVE-2026-46300",
42835
43353
  "CVE-2026-46333",
42836
43354
  "CVE-2026-5281",
@@ -43422,10 +43940,12 @@
43422
43940
  "CVE-2026-30615",
43423
43941
  "CVE-2026-30623",
43424
43942
  "CVE-2026-31431",
43943
+ "CVE-2026-34926",
43425
43944
  "CVE-2026-39884",
43426
43945
  "CVE-2026-41091",
43427
43946
  "CVE-2026-42208",
43428
43947
  "CVE-2026-45321",
43948
+ "CVE-2026-45498",
43429
43949
  "CVE-2026-46300",
43430
43950
  "CVE-2026-46333",
43431
43951
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
@@ -43998,10 +44518,12 @@
43998
44518
  "CVE-2026-30615",
43999
44519
  "CVE-2026-30623",
44000
44520
  "CVE-2026-31431",
44521
+ "CVE-2026-34926",
44001
44522
  "CVE-2026-39884",
44002
44523
  "CVE-2026-41091",
44003
44524
  "CVE-2026-42208",
44004
44525
  "CVE-2026-45321",
44526
+ "CVE-2026-45498",
44005
44527
  "CVE-2026-46300",
44006
44528
  "CVE-2026-46333",
44007
44529
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
@@ -44207,9 +44729,11 @@
44207
44729
  "CVE-2025-53773",
44208
44730
  "CVE-2026-30615",
44209
44731
  "CVE-2026-31431",
44732
+ "CVE-2026-34926",
44210
44733
  "CVE-2026-39884",
44211
44734
  "CVE-2026-41091",
44212
44735
  "CVE-2026-45321",
44736
+ "CVE-2026-45498",
44213
44737
  "CVE-2026-46300",
44214
44738
  "CVE-2026-46333",
44215
44739
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
@@ -44852,10 +45376,12 @@
44852
45376
  "CVE-2026-30615",
44853
45377
  "CVE-2026-30623",
44854
45378
  "CVE-2026-31431",
45379
+ "CVE-2026-34926",
44855
45380
  "CVE-2026-39884",
44856
45381
  "CVE-2026-41091",
44857
45382
  "CVE-2026-42208",
44858
45383
  "CVE-2026-45321",
45384
+ "CVE-2026-45498",
44859
45385
  "CVE-2026-46300",
44860
45386
  "CVE-2026-46333",
44861
45387
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
@@ -45249,6 +45775,7 @@
45249
45775
  "CVE-2026-33825",
45250
45776
  "CVE-2026-34197",
45251
45777
  "CVE-2026-34621",
45778
+ "CVE-2026-34926",
45252
45779
  "CVE-2026-3502",
45253
45780
  "CVE-2026-35616",
45254
45781
  "CVE-2026-3909",
@@ -45261,6 +45788,7 @@
45261
45788
  "CVE-2026-43284",
45262
45789
  "CVE-2026-43500",
45263
45790
  "CVE-2026-45321",
45791
+ "CVE-2026-45498",
45264
45792
  "CVE-2026-46300",
45265
45793
  "CVE-2026-46333",
45266
45794
  "CVE-2026-5281",
@@ -45641,6 +46169,7 @@
45641
46169
  "CVE-2026-33825",
45642
46170
  "CVE-2026-34197",
45643
46171
  "CVE-2026-34621",
46172
+ "CVE-2026-34926",
45644
46173
  "CVE-2026-3502",
45645
46174
  "CVE-2026-35616",
45646
46175
  "CVE-2026-3909",
@@ -45653,6 +46182,7 @@
45653
46182
  "CVE-2026-43284",
45654
46183
  "CVE-2026-43500",
45655
46184
  "CVE-2026-45321",
46185
+ "CVE-2026-45498",
45656
46186
  "CVE-2026-46300",
45657
46187
  "CVE-2026-46333",
45658
46188
  "CVE-2026-5281",
@@ -45885,10 +46415,12 @@
45885
46415
  "CVE-2026-30615",
45886
46416
  "CVE-2026-30623",
45887
46417
  "CVE-2026-31431",
46418
+ "CVE-2026-34926",
45888
46419
  "CVE-2026-39884",
45889
46420
  "CVE-2026-41091",
45890
46421
  "CVE-2026-42208",
45891
46422
  "CVE-2026-45321",
46423
+ "CVE-2026-45498",
45892
46424
  "CVE-2026-46300",
45893
46425
  "CVE-2026-46333",
45894
46426
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
@@ -46834,6 +47366,7 @@
46834
47366
  "CVE-2026-33825",
46835
47367
  "CVE-2026-34197",
46836
47368
  "CVE-2026-34621",
47369
+ "CVE-2026-34926",
46837
47370
  "CVE-2026-3502",
46838
47371
  "CVE-2026-35616",
46839
47372
  "CVE-2026-3909",
@@ -46846,6 +47379,7 @@
46846
47379
  "CVE-2026-43284",
46847
47380
  "CVE-2026-43500",
46848
47381
  "CVE-2026-45321",
47382
+ "CVE-2026-45498",
46849
47383
  "CVE-2026-46300",
46850
47384
  "CVE-2026-46333",
46851
47385
  "CVE-2026-5281",
@@ -47142,10 +47676,12 @@
47142
47676
  "CVE-2026-30615",
47143
47677
  "CVE-2026-30623",
47144
47678
  "CVE-2026-31431",
47679
+ "CVE-2026-34926",
47145
47680
  "CVE-2026-39884",
47146
47681
  "CVE-2026-41091",
47147
47682
  "CVE-2026-42208",
47148
47683
  "CVE-2026-45321",
47684
+ "CVE-2026-45498",
47149
47685
  "CVE-2026-46300",
47150
47686
  "CVE-2026-46333",
47151
47687
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
@@ -47624,6 +48160,7 @@
47624
48160
  "CVE-2026-33825",
47625
48161
  "CVE-2026-34197",
47626
48162
  "CVE-2026-34621",
48163
+ "CVE-2026-34926",
47627
48164
  "CVE-2026-3502",
47628
48165
  "CVE-2026-35616",
47629
48166
  "CVE-2026-3909",
@@ -47636,6 +48173,7 @@
47636
48173
  "CVE-2026-43284",
47637
48174
  "CVE-2026-43500",
47638
48175
  "CVE-2026-45321",
48176
+ "CVE-2026-45498",
47639
48177
  "CVE-2026-46300",
47640
48178
  "CVE-2026-46333",
47641
48179
  "CVE-2026-5281",
@@ -47941,9 +48479,11 @@
47941
48479
  "CVE-2025-53773",
47942
48480
  "CVE-2026-30615",
47943
48481
  "CVE-2026-31431",
48482
+ "CVE-2026-34926",
47944
48483
  "CVE-2026-39884",
47945
48484
  "CVE-2026-41091",
47946
48485
  "CVE-2026-45321",
48486
+ "CVE-2026-45498",
47947
48487
  "CVE-2026-46300",
47948
48488
  "CVE-2026-46333",
47949
48489
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
@@ -48855,10 +49395,12 @@
48855
49395
  "CVE-2026-30615",
48856
49396
  "CVE-2026-30623",
48857
49397
  "CVE-2026-31431",
49398
+ "CVE-2026-34926",
48858
49399
  "CVE-2026-39884",
48859
49400
  "CVE-2026-41091",
48860
49401
  "CVE-2026-42208",
48861
49402
  "CVE-2026-45321",
49403
+ "CVE-2026-45498",
48862
49404
  "CVE-2026-46300",
48863
49405
  "CVE-2026-46333",
48864
49406
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
@@ -48922,9 +49464,11 @@
48922
49464
  "CVE-2025-38352",
48923
49465
  "CVE-2025-43300",
48924
49466
  "CVE-2026-31431",
49467
+ "CVE-2026-34926",
48925
49468
  "CVE-2026-39884",
48926
49469
  "CVE-2026-41091",
48927
49470
  "CVE-2026-45321",
49471
+ "CVE-2026-45498",
48928
49472
  "CVE-2026-46300",
48929
49473
  "CVE-2026-46333",
48930
49474
  "MAL-2026-3083"
@@ -49646,6 +50190,7 @@
49646
50190
  "CVE-2026-33634",
49647
50191
  "CVE-2026-34197",
49648
50192
  "CVE-2026-34621",
50193
+ "CVE-2026-34926",
49649
50194
  "CVE-2026-3502",
49650
50195
  "CVE-2026-35616",
49651
50196
  "CVE-2026-3909",
@@ -49654,6 +50199,7 @@
49654
50199
  "CVE-2026-41940",
49655
50200
  "CVE-2026-42945",
49656
50201
  "CVE-2026-45321",
50202
+ "CVE-2026-45498",
49657
50203
  "CVE-2026-46300",
49658
50204
  "CVE-2026-46333",
49659
50205
  "CVE-2026-5281",
@@ -49890,9 +50436,11 @@
49890
50436
  "CVE-2026-30615",
49891
50437
  "CVE-2026-30623",
49892
50438
  "CVE-2026-31431",
50439
+ "CVE-2026-34926",
49893
50440
  "CVE-2026-39884",
49894
50441
  "CVE-2026-41091",
49895
50442
  "CVE-2026-45321",
50443
+ "CVE-2026-45498",
49896
50444
  "CVE-2026-46300",
49897
50445
  "CVE-2026-46333",
49898
50446
  "MAL-2026-3083",