@blamejs/exceptd-skills 0.13.70 → 0.13.71

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/data/_indexes/_meta.json +7 -7
  3. package/data/_indexes/activity-feed.json +1 -1
  4. package/data/_indexes/catalog-summaries.json +1 -1
  5. package/data/_indexes/chains.json +625 -0
  6. package/data/attack-techniques.json +8 -1
  7. package/data/cve-catalog.json +406 -1
  8. package/data/cwe-catalog.json +5 -0
  9. package/data/framework-control-gaps.json +15 -0
  10. package/manifest.json +44 -44
  11. package/package.json +2 -2
  12. package/sbom.cdx.json +21 -21
package/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
1
  # Changelog
2
2
 
3
+ ## 0.13.71 — 2026-05-25
4
+
5
+ CVE catalog currency: closes the last of the 2026-05-20 CISA KEV batch by adding the five legacy CVEs CISA re-listed for renewed exploitation against unpatched / end-of-life systems — CVE-2008-4250 (Windows Server-service RPC RCE, MS08-067 / Conficker), CVE-2009-1537 (DirectShow QuickTime parsing RCE), CVE-2009-3459 (Adobe Acrobat/Reader heap overflow), CVE-2010-0249 (Internet Explorer use-after-free, Operation Aurora), and CVE-2010-0806 (Internet Explorer iepeers use-after-free). Each is KEV-listed 2026-05-20, due 2026-06-03, with patches long available — the re-listing is a legacy-exploitation-resurgence signal, and the framework-gap notes call out that the real exposure is the patch-deployment gap on assets that have fallen out of the managed vulnerability program. Added as enrichment-pending drafts (RWEP P1 70, CWE + ATT&CK mappings, reverse references propagated) matching the catalog's auto-imported KEV-intake convention. With these, the catalog is current to the latest published CISA KEV as of today. CVE count 316 → 321.
6
+
3
7
  ## 0.13.70 — 2026-05-24
4
8
 
5
9
  CVE catalog currency: adds **CVE-2026-45498**, the actively-exploited Microsoft Defender remote denial of service (CVSS 7.5 — network, unauthenticated; CISA KEV 2026-05-20, due 2026-06-03), companion to CVE-2026-41091 in the same Defender advisory. Uncontrolled resource consumption (CWE-400) lets a remote attacker crash or hang Defender, removing the host's AV/EDR coverage — a defense-impairment primitive (ATT&CK T1562.001) that enables follow-on intrusion. (Early press reported CVSS 4.0; NVD's authoritative score is 7.5.) Fixed in Defender antimalware platform 4.18.26040.7 (auto-update, no reboot). The entry carries RWEP scoring (P2, 45 via lib/scoring.js), CWE-400 and ATT&CK T1562.001/T1499 mappings, global-first framework-gap declarations, behavioral IoCs, and a zero-day lesson whose new control (NEW-CTRL-079) makes loss of AV/EDR availability a monitored security event. Postdates the catalog's prior bulk KEV intake (KEV catalog 2026.05.15).
package/data/_indexes/_meta.json CHANGED
@@ -1,18 +1,18 @@
1
1
  {
2
2
  "schema_version": "1.1.0",
3
- "generated_at": "2026-05-25T06:30:17.716Z",
3
+ "generated_at": "2026-05-25T12:26:27.873Z",
4
4
  "generator": "scripts/build-indexes.js",
5
5
  "source_count": 54,
6
6
  "source_hashes": {
7
- "manifest.json": "2ef5e043e6e1ca9519dc9bccf1df86d42b46a2244c8885a01dd88e24d60eec8b",
7
+ "manifest.json": "4d256554216769625ae78dd8f5ed476b5ac909c507baf4e309ae2f5bb62c73f3",
8
8
  "data/atlas-ttps.json": "019f12d24dc45ef8f5ae8812dec7c31a9506429a94751aaa559890a007ec6b22",
9
- "data/attack-techniques.json": "c5cb0ab9d14f531a671623cad187aa92afb647626fd1170cb934e8d19ba4221d",
10
- "data/cve-catalog.json": "0d8e58d0f666b47596985d86619c2cc739070e4ce644be14af100aae3fbedde7",
11
- "data/cwe-catalog.json": "ab362db52eb840fec10e3b568418a6420cddc1fad1a02d3b7b34b187ffdcfba4",
9
+ "data/attack-techniques.json": "812c7c826116ab5def0a0fbb66a33bf9cf35987fc48885883e73f8937bff013f",
10
+ "data/cve-catalog.json": "de2d3a5ecc39d4f7be972712d948f0f04e9cdfe4d128b17ac2d21d022b1e71f8",
11
+ "data/cwe-catalog.json": "997d078443ede73715724bf4c31592699ea9171a5e1441fb898d17c065f9359a",
12
12
  "data/d3fend-catalog.json": "9a54bccb9f24f84b32024216cc3f53819a053721ac8ab43c326859e68fc0ffaf",
13
13
  "data/dlp-controls.json": "d2406c482dddd30e49203879999dc4b3a7fd4d0494d6a61d86b91ee76415df19",
14
14
  "data/exploit-availability.json": "ec2656f0d9a893610e27b43eb6035fe9b18e057c9f6dfaac7e7d4959bbcbb795",
15
- "data/framework-control-gaps.json": "d76aa93b18b997f783b4e615b117452020641fa546db6418ffe7fdacdff14b2b",
15
+ "data/framework-control-gaps.json": "beda5f3950b07a3f1a8f1591fe42d237977caa8dae3389eb2e4b16abfe0bd3b9",
16
16
  "data/global-frameworks.json": "9ba563a85f7f8d6c3c957de64945e20925a89d0ed6ea6fc561cf093811acf558",
17
17
  "data/rfc-references.json": "66ef2e1f444a2cf0c2700a754f0a66030bb8a91d9e68394b9537ea1fe8b904fe",
18
18
  "data/zeroday-lessons.json": "a8283ec189cc26bab26ae942529cbce3c0fa9bea853eb8bf06a5a38e26bab41c",
@@ -72,7 +72,7 @@
72
72
  "dlp_refs": 0
73
73
  },
74
74
  "trigger_table_entries": 538,
75
- "chains_cve_entries": 305,
75
+ "chains_cve_entries": 310,
76
76
  "chains_cwe_entries": 171,
77
77
  "jurisdictions_indexed": 29,
78
78
  "handoff_dag_nodes": 42,
package/data/_indexes/activity-feed.json CHANGED
@@ -149,7 +149,7 @@
149
149
  "artifact": "data/cve-catalog.json",
150
150
  "path": "data/cve-catalog.json",
151
151
  "schema_version": "1.0.0",
152
- "entry_count": 316
152
+ "entry_count": 321
153
153
  },
154
154
  {
155
155
  "date": "2026-05-18",
package/data/_indexes/catalog-summaries.json CHANGED
@@ -62,7 +62,7 @@
62
62
  "rebuild_after_days": 365,
63
63
  "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
64
64
  },
65
- "entry_count": 316,
65
+ "entry_count": 321,
66
66
  "sample_keys": [
67
67
  "CVE-2025-53773",
68
68
  "CVE-2026-30615",