@blamejs/exceptd-skills 0.13.71 → 0.13.72

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +385 -0
  6. package/data/atlas-ttps.json +1 -0
  7. package/data/attack-techniques.json +2 -0
  8. package/data/cve-catalog.json +117 -0
  9. package/data/cwe-catalog.json +2 -0
  10. package/data/framework-control-gaps.json +9 -1
  11. package/data/zeroday-lessons.json +50 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
1
  # Changelog
2
2
 
3
+ ## 0.13.72 — 2026-05-25
4
+
5
+ CVE catalog — AI-framework threat intel: adds **CVE-2026-25592**, the Microsoft Semantic Kernel prompt-injection-to-RCE (CVSS 9.9 critical; Microsoft-disclosed 2026-05-07; fixed in Microsoft.SemanticKernel.Plugins.Core 1.71.0). A path traversal (CWE-22) in the `SessionsPythonPlugin` allows arbitrary file write; because the plugin runs inside a tool-wired agent, an injected prompt (ATLAS AML.T0051) drives the write to host code execution — a single prompt was shown launching calc.exe on the agent host. This is the catalog's core thesis made concrete: once an agent can reach a file-writing or code-running tool, prompt injection is a remote-code-execution primitive, not a content-safety nuisance. The RWEP score is deliberately P3 (30) despite the 9.9 CVSS — it is not KEV-listed, has no confirmed in-the-wild exploitation, and shipped with a patch (Hard Rule #3: real-world-exploit priority over CVSS). The entry carries CWE-22/94 + ATLAS AML.T0051 + ATT&CK T1059/T1203 mappings, global-first framework gaps including the prompt-injection access-control gap, behavioral IoCs, and a zero-day lesson whose new control (NEW-CTRL-080) requires sandboxing the AI agent's tool-execution boundary. CVE count 321 → 322.
6
+
3
7
  ## 0.13.71 — 2026-05-25
4
8
 
5
9
  CVE catalog currency: closes the last of the 2026-05-20 CISA KEV batch by adding the five legacy CVEs CISA re-listed for renewed exploitation against unpatched / end-of-life systems — CVE-2008-4250 (Windows Server-service RPC RCE, MS08-067 / Conficker), CVE-2009-1537 (DirectShow QuickTime parsing RCE), CVE-2009-3459 (Adobe Acrobat/Reader heap overflow), CVE-2010-0249 (Internet Explorer use-after-free, Operation Aurora), and CVE-2010-0806 (Internet Explorer iepeers use-after-free). Each is KEV-listed 2026-05-20, due 2026-06-03, with patches long available — the re-listing is a legacy-exploitation-resurgence signal, and the framework-gap notes call out that the real exposure is the patch-deployment gap on assets that have fallen out of the managed vulnerability program. Added as enrichment-pending drafts (RWEP P1 70, CWE + ATT&CK mappings, reverse references propagated) matching the catalog's auto-imported KEV-intake convention. With these, the catalog is current to the latest published CISA KEV as of today. CVE count 316 → 321.
package/data/_indexes/_meta.json CHANGED
@@ -1,21 +1,21 @@
1
1
  {
2
2
  "schema_version": "1.1.0",
3
- "generated_at": "2026-05-25T12:26:27.873Z",
3
+ "generated_at": "2026-05-25T12:59:54.071Z",
4
4
  "generator": "scripts/build-indexes.js",
5
5
  "source_count": 54,
6
6
  "source_hashes": {
7
- "manifest.json": "4d256554216769625ae78dd8f5ed476b5ac909c507baf4e309ae2f5bb62c73f3",
8
- "data/atlas-ttps.json": "019f12d24dc45ef8f5ae8812dec7c31a9506429a94751aaa559890a007ec6b22",
9
- "data/attack-techniques.json": "812c7c826116ab5def0a0fbb66a33bf9cf35987fc48885883e73f8937bff013f",
10
- "data/cve-catalog.json": "de2d3a5ecc39d4f7be972712d948f0f04e9cdfe4d128b17ac2d21d022b1e71f8",
11
- "data/cwe-catalog.json": "997d078443ede73715724bf4c31592699ea9171a5e1441fb898d17c065f9359a",
7
+ "manifest.json": "cf386c69d7e2cae5a1acb841b7fd5b71abe24c402742fccbad3698ad21c0cf13",
8
+ "data/atlas-ttps.json": "eb47b6ad6b38e9a785a36769897adc8987fbc27a4b0b77ea4bed9c6d2aba0f3c",
9
+ "data/attack-techniques.json": "d722164514d749b1f33d8585085896358791f54f17c1bb99363a1920ab7a75e6",
10
+ "data/cve-catalog.json": "07c035c69875f30af633ab21d9e0c78bf641d27f5391d22b252772a906a8bca8",
11
+ "data/cwe-catalog.json": "b50b4abc33f7436f1d0e06c77b03a7c5768146976984e2f7966d6a7c1017038a",
12
12
  "data/d3fend-catalog.json": "9a54bccb9f24f84b32024216cc3f53819a053721ac8ab43c326859e68fc0ffaf",
13
13
  "data/dlp-controls.json": "d2406c482dddd30e49203879999dc4b3a7fd4d0494d6a61d86b91ee76415df19",
14
14
  "data/exploit-availability.json": "ec2656f0d9a893610e27b43eb6035fe9b18e057c9f6dfaac7e7d4959bbcbb795",
15
- "data/framework-control-gaps.json": "beda5f3950b07a3f1a8f1591fe42d237977caa8dae3389eb2e4b16abfe0bd3b9",
15
+ "data/framework-control-gaps.json": "db8b48b090617a028598f5e467ccc638ad5b8ca3baef3087bd999a68c79282c5",
16
16
  "data/global-frameworks.json": "9ba563a85f7f8d6c3c957de64945e20925a89d0ed6ea6fc561cf093811acf558",
17
17
  "data/rfc-references.json": "66ef2e1f444a2cf0c2700a754f0a66030bb8a91d9e68394b9537ea1fe8b904fe",
18
- "data/zeroday-lessons.json": "a8283ec189cc26bab26ae942529cbce3c0fa9bea853eb8bf06a5a38e26bab41c",
18
+ "data/zeroday-lessons.json": "6e5f485e9cb275ab64beb28842606b5610e88b898a778ac24d860497c72f074b",
19
19
  "skills/kernel-lpe-triage/skill.md": "08b3e9815ba481c57c80f5fc0ccbf5bb7cbb41f570c235ba6ff9596b8c07354d",
20
20
  "skills/ai-attack-surface/skill.md": "c4c1eb22a38ca7a959b5725222bab8fbd4f4044a548a93f3e288e6f698334b72",
21
21
  "skills/mcp-agent-trust/skill.md": "89ac89084391d2341b6513fefb1be2d36b93de1c130f057696219c1c59440f13",
@@ -72,7 +72,7 @@
72
72
  "dlp_refs": 0
73
73
  },
74
74
  "trigger_table_entries": 538,
75
- "chains_cve_entries": 310,
75
+ "chains_cve_entries": 311,
76
76
  "chains_cwe_entries": 171,
77
77
  "jurisdictions_indexed": 29,
78
78
  "handoff_dag_nodes": 42,
package/data/_indexes/activity-feed.json CHANGED
@@ -149,7 +149,7 @@
149
149
  "artifact": "data/cve-catalog.json",
150
150
  "path": "data/cve-catalog.json",
151
151
  "schema_version": "1.0.0",
152
- "entry_count": 321
152
+ "entry_count": 322
153
153
  },
154
154
  {
155
155
  "date": "2026-05-18",
@@ -165,7 +165,7 @@
165
165
  "artifact": "data/zeroday-lessons.json",
166
166
  "path": "data/zeroday-lessons.json",
167
167
  "schema_version": "1.1.0",
168
- "entry_count": 316
168
+ "entry_count": 317
169
169
  },
170
170
  {
171
171
  "date": "2026-05-17",
package/data/_indexes/catalog-summaries.json CHANGED
@@ -62,7 +62,7 @@
62
62
  "rebuild_after_days": 365,
63
63
  "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
64
64
  },
65
- "entry_count": 321,
65
+ "entry_count": 322,
66
66
  "sample_keys": [
67
67
  "CVE-2025-53773",
68
68
  "CVE-2026-30615",
@@ -238,7 +238,7 @@
238
238
  "rebuild_after_days": 365,
239
239
  "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
240
240
  },
241
- "entry_count": 316,
241
+ "entry_count": 317,
242
242
  "sample_keys": [
243
243
  "CVE-2026-31431",
244
244
  "CVE-2025-53773",
package/data/_indexes/chains.json CHANGED
@@ -16249,6 +16249,368 @@
16249
16249
  ]
16250
16250
  }
16251
16251
  },
16252
+ "CVE-2026-25592": {
16253
+ "name": "Microsoft Semantic Kernel SessionsPythonPlugin Path Traversal — Prompt-Injection to Host RCE",
16254
+ "rwep": 30,
16255
+ "cvss": 9.9,
16256
+ "cisa_kev": false,
16257
+ "epss_score": null,
16258
+ "referencing_skills": [
16259
+ "kernel-lpe-triage",
16260
+ "ai-attack-surface",
16261
+ "compliance-theater",
16262
+ "attack-surface-pentest",
16263
+ "ot-ics-security",
16264
+ "coordinated-vuln-disclosure",
16265
+ "sector-energy"
16266
+ ],
16267
+ "chain": {
16268
+ "cwes": [
16269
+ {
16270
+ "id": "CWE-1037",
16271
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
16272
+ "category": "Hardware / Side Channel"
16273
+ },
16274
+ {
16275
+ "id": "CWE-1039",
16276
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
16277
+ "category": "AI/ML"
16278
+ },
16279
+ {
16280
+ "id": "CWE-125",
16281
+ "name": "Out-of-bounds Read",
16282
+ "category": "Memory Safety"
16283
+ },
16284
+ {
16285
+ "id": "CWE-1357",
16286
+ "name": "Reliance on Insufficiently Trustworthy Component",
16287
+ "category": "Supply Chain"
16288
+ },
16289
+ {
16290
+ "id": "CWE-1395",
16291
+ "name": "Dependency on Vulnerable Third-Party Component",
16292
+ "category": "Supply Chain"
16293
+ },
16294
+ {
16295
+ "id": "CWE-1426",
16296
+ "name": "Improper Validation of Generative AI Output",
16297
+ "category": "AI/ML"
16298
+ },
16299
+ {
16300
+ "id": "CWE-22",
16301
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
16302
+ "category": "Path/Resource"
16303
+ },
16304
+ {
16305
+ "id": "CWE-269",
16306
+ "name": "Improper Privilege Management",
16307
+ "category": "Authorization"
16308
+ },
16309
+ {
16310
+ "id": "CWE-287",
16311
+ "name": "Improper Authentication",
16312
+ "category": "Authentication"
16313
+ },
16314
+ {
16315
+ "id": "CWE-306",
16316
+ "name": "Missing Authentication for Critical Function",
16317
+ "category": "Authentication"
16318
+ },
16319
+ {
16320
+ "id": "CWE-352",
16321
+ "name": "Cross-Site Request Forgery (CSRF)",
16322
+ "category": "Session"
16323
+ },
16324
+ {
16325
+ "id": "CWE-362",
16326
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
16327
+ "category": "Concurrency"
16328
+ },
16329
+ {
16330
+ "id": "CWE-416",
16331
+ "name": "Use After Free",
16332
+ "category": "Memory Safety"
16333
+ },
16334
+ {
16335
+ "id": "CWE-434",
16336
+ "name": "Unrestricted Upload of File with Dangerous Type",
16337
+ "category": "File Handling"
16338
+ },
16339
+ {
16340
+ "id": "CWE-672",
16341
+ "name": "Operation on a Resource after Expiration or Release",
16342
+ "category": "Memory Safety"
16343
+ },
16344
+ {
16345
+ "id": "CWE-732",
16346
+ "name": "Incorrect Permission Assignment for Critical Resource",
16347
+ "category": "Authorization"
16348
+ },
16349
+ {
16350
+ "id": "CWE-78",
16351
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
16352
+ "category": "Injection"
16353
+ },
16354
+ {
16355
+ "id": "CWE-787",
16356
+ "name": "Out-of-bounds Write",
16357
+ "category": "Memory Safety"
16358
+ },
16359
+ {
16360
+ "id": "CWE-79",
16361
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
16362
+ "category": "Injection"
16363
+ },
16364
+ {
16365
+ "id": "CWE-798",
16366
+ "name": "Use of Hard-coded Credentials",
16367
+ "category": "Credentials"
16368
+ },
16369
+ {
16370
+ "id": "CWE-89",
16371
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
16372
+ "category": "Injection"
16373
+ },
16374
+ {
16375
+ "id": "CWE-918",
16376
+ "name": "Server-Side Request Forgery (SSRF)",
16377
+ "category": "Network"
16378
+ },
16379
+ {
16380
+ "id": "CWE-94",
16381
+ "name": "Improper Control of Generation of Code (Code Injection)",
16382
+ "category": "Injection"
16383
+ }
16384
+ ],
16385
+ "atlas": [
16386
+ {
16387
+ "id": "AML.T0010",
16388
+ "name": "ML Supply Chain Compromise",
16389
+ "tactic": "Initial Access"
16390
+ },
16391
+ {
16392
+ "id": "AML.T0016",
16393
+ "name": "Obtain Capabilities: Develop Capabilities",
16394
+ "tactic": "Resource Development"
16395
+ },
16396
+ {
16397
+ "id": "AML.T0017",
16398
+ "name": "Discover ML Model Ontology",
16399
+ "tactic": "Discovery"
16400
+ },
16401
+ {
16402
+ "id": "AML.T0018",
16403
+ "name": "Backdoor ML Model",
16404
+ "tactic": "Persistence"
16405
+ },
16406
+ {
16407
+ "id": "AML.T0020",
16408
+ "name": "Poison Training Data",
16409
+ "tactic": "ML Attack Staging"
16410
+ },
16411
+ {
16412
+ "id": "AML.T0043",
16413
+ "name": "Craft Adversarial Data",
16414
+ "tactic": "ML Attack Staging"
16415
+ },
16416
+ {
16417
+ "id": "AML.T0051",
16418
+ "name": "LLM Prompt Injection",
16419
+ "tactic": "Execution"
16420
+ },
16421
+ {
16422
+ "id": "AML.T0054",
16423
+ "name": "LLM Jailbreak",
16424
+ "tactic": "Defense Evasion"
16425
+ },
16426
+ {
16427
+ "id": "AML.T0096",
16428
+ "name": "AI API as Covert C2 Channel",
16429
+ "tactic": "Command and Control"
16430
+ }
16431
+ ],
16432
+ "d3fend": [
16433
+ {
16434
+ "id": "D3-ASLR",
16435
+ "name": "Address Space Layout Randomization",
16436
+ "tactic": "Harden"
16437
+ },
16438
+ {
16439
+ "id": "D3-CSPP",
16440
+ "name": "Client-server Payload Profiling",
16441
+ "tactic": "Detect"
16442
+ },
16443
+ {
16444
+ "id": "D3-EAL",
16445
+ "name": "Executable Allowlisting",
16446
+ "tactic": "Harden"
16447
+ },
16448
+ {
16449
+ "id": "D3-IOPR",
16450
+ "name": "Input/Output Profiling Resource",
16451
+ "tactic": "Detect"
16452
+ },
16453
+ {
16454
+ "id": "D3-NTA",
16455
+ "name": "Network Traffic Analysis",
16456
+ "tactic": "Detect"
16457
+ },
16458
+ {
16459
+ "id": "D3-PHRA",
16460
+ "name": "Process Hardware Resource Access",
16461
+ "tactic": "Isolate"
16462
+ },
16463
+ {
16464
+ "id": "D3-PSEP",
16465
+ "name": "Process Segment Execution Prevention",
16466
+ "tactic": "Harden"
16467
+ }
16468
+ ],
16469
+ "framework_gaps": [
16470
+ {
16471
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
16472
+ "framework": "ALL",
16473
+ "control_name": "AI Pipeline Integrity"
16474
+ },
16475
+ {
16476
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
16477
+ "framework": "ALL",
16478
+ "control_name": "Prompt Injection as Access Control Failure"
16479
+ },
16480
+ {
16481
+ "id": "CIS-Controls-v8-Control7",
16482
+ "framework": "CIS Controls v8",
16483
+ "control_name": "Continuous Vulnerability Management"
16484
+ },
16485
+ {
16486
+ "id": "CMMC-2.0-Level-2",
16487
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
16488
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
16489
+ },
16490
+ {
16491
+ "id": "FedRAMP-Rev5-Moderate",
16492
+ "framework": "FedRAMP Rev 5 Moderate",
16493
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
16494
+ },
16495
+ {
16496
+ "id": "IEC-62443-3-3",
16497
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
16498
+ "control_name": "System security requirements and security levels"
16499
+ },
16500
+ {
16501
+ "id": "ISO-27001-2022-A.8.28",
16502
+ "framework": "ISO/IEC 27001:2022",
16503
+ "control_name": "Secure coding"
16504
+ },
16505
+ {
16506
+ "id": "ISO-27001-2022-A.8.8",
16507
+ "framework": "ISO/IEC 27001:2022",
16508
+ "control_name": "Management of technical vulnerabilities"
16509
+ },
16510
+ {
16511
+ "id": "ISO-IEC-23894-2023-clause-7",
16512
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
16513
+ "control_name": "AI risk management process"
16514
+ },
16515
+ {
16516
+ "id": "NERC-CIP-007-6-R4",
16517
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
16518
+ "control_name": "Security event monitoring"
16519
+ },
16520
+ {
16521
+ "id": "NIS2-Art21-patch-management",
16522
+ "framework": "EU NIS2 Directive",
16523
+ "control_name": "Vulnerability handling and disclosure"
16524
+ },
16525
+ {
16526
+ "id": "NIST-800-115",
16527
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
16528
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
16529
+ },
16530
+ {
16531
+ "id": "NIST-800-218-SSDF",
16532
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
16533
+ "control_name": "Secure Software Development Framework"
16534
+ },
16535
+ {
16536
+ "id": "NIST-800-53-AC-2",
16537
+ "framework": "NIST SP 800-53 Rev 5",
16538
+ "control_name": "Account Management"
16539
+ },
16540
+ {
16541
+ "id": "NIST-800-53-SC-8",
16542
+ "framework": "NIST SP 800-53 Rev 5",
16543
+ "control_name": "Transmission Confidentiality and Integrity"
16544
+ },
16545
+ {
16546
+ "id": "NIST-800-53-SI-2",
16547
+ "framework": "NIST SP 800-53 Rev 5",
16548
+ "control_name": "Flaw Remediation"
16549
+ },
16550
+ {
16551
+ "id": "NIST-800-53-SI-3",
16552
+ "framework": "NIST SP 800-53 Rev 5",
16553
+ "control_name": "Malicious Code Protection"
16554
+ },
16555
+ {
16556
+ "id": "NIST-800-82r3",
16557
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
16558
+ "control_name": "Guide to Operational Technology (OT) Security"
16559
+ },
16560
+ {
16561
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
16562
+ "framework": "OWASP Top 10 for LLM Applications 2025",
16563
+ "control_name": "Prompt Injection"
16564
+ },
16565
+ {
16566
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
16567
+ "framework": "OWASP Top 10 for LLM Applications 2025",
16568
+ "control_name": "Sensitive Information Disclosure"
16569
+ },
16570
+ {
16571
+ "id": "OWASP-Pen-Testing-Guide-v5",
16572
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
16573
+ "control_name": "Web application penetration testing methodology"
16574
+ },
16575
+ {
16576
+ "id": "PCI-DSS-4.0-6.3.3",
16577
+ "framework": "PCI DSS 4.0",
16578
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
16579
+ },
16580
+ {
16581
+ "id": "PTES-Pre-engagement",
16582
+ "framework": "Penetration Testing Execution Standard (PTES)",
16583
+ "control_name": "Pre-engagement Interactions"
16584
+ },
16585
+ {
16586
+ "id": "SOC2-CC6-logical-access",
16587
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
16588
+ "control_name": "Logical and Physical Access Controls"
16589
+ },
16590
+ {
16591
+ "id": "SOC2-CC9-vendor-management",
16592
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
16593
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
16594
+ }
16595
+ ],
16596
+ "attack_refs": [
16597
+ "T0855",
16598
+ "T0883",
16599
+ "T1059",
16600
+ "T1068",
16601
+ "T1078",
16602
+ "T1133",
16603
+ "T1190",
16604
+ "T1548.001",
16605
+ "T1566"
16606
+ ],
16607
+ "rfc_refs": [
16608
+ "RFC-4301",
16609
+ "RFC-4303",
16610
+ "RFC-7296"
16611
+ ]
16612
+ }
16613
+ },
16252
16614
  "CVE-2026-41091": {
16253
16615
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
16254
16616
  "rwep": 45,
@@ -42637,6 +42999,7 @@
42637
42999
  "CVE-2025-49844",
42638
43000
  "CVE-2025-53773",
42639
43001
  "CVE-2025-6965",
43002
+ "CVE-2026-25592",
42640
43003
  "CVE-2026-30615",
42641
43004
  "CVE-2026-30623",
42642
43005
  "CVE-2026-31431",
@@ -42981,6 +43344,7 @@
42981
43344
  "CVE-2025-38352",
42982
43345
  "CVE-2025-43300",
42983
43346
  "CVE-2025-6965",
43347
+ "CVE-2026-25592",
42984
43348
  "CVE-2026-30623",
42985
43349
  "CVE-2026-31431",
42986
43350
  "CVE-2026-34926",
@@ -43120,6 +43484,7 @@
43120
43484
  "CVE-2025-38352",
43121
43485
  "CVE-2025-43300",
43122
43486
  "CVE-2025-6965",
43487
+ "CVE-2026-25592",
43123
43488
  "CVE-2026-30623",
43124
43489
  "CVE-2026-31431",
43125
43490
  "CVE-2026-34926",
@@ -43273,6 +43638,7 @@
43273
43638
  "CVE-2025-38352",
43274
43639
  "CVE-2025-43300",
43275
43640
  "CVE-2025-6965",
43641
+ "CVE-2026-25592",
43276
43642
  "CVE-2026-30623",
43277
43643
  "CVE-2026-31431",
43278
43644
  "CVE-2026-34926",
@@ -43532,6 +43898,7 @@
43532
43898
  "CVE-2025-53773",
43533
43899
  "CVE-2025-6965",
43534
43900
  "CVE-2026-22778",
43901
+ "CVE-2026-25592",
43535
43902
  "CVE-2026-30615",
43536
43903
  "CVE-2026-30623",
43537
43904
  "CVE-2026-32202",
@@ -43925,6 +44292,7 @@
43925
44292
  "CVE-2026-24423",
43926
44293
  "CVE-2026-24858",
43927
44294
  "CVE-2026-25108",
44295
+ "CVE-2026-25592",
43928
44296
  "CVE-2026-3055",
43929
44297
  "CVE-2026-31431",
43930
44298
  "CVE-2026-31635",
@@ -44537,6 +44905,7 @@
44537
44905
  "CVE-2025-49844",
44538
44906
  "CVE-2025-53773",
44539
44907
  "CVE-2025-6965",
44908
+ "CVE-2026-25592",
44540
44909
  "CVE-2026-30615",
44541
44910
  "CVE-2026-30623",
44542
44911
  "CVE-2026-31431",
@@ -45115,6 +45484,7 @@
45115
45484
  "CVE-2025-49844",
45116
45485
  "CVE-2025-53773",
45117
45486
  "CVE-2025-6965",
45487
+ "CVE-2026-25592",
45118
45488
  "CVE-2026-30615",
45119
45489
  "CVE-2026-30623",
45120
45490
  "CVE-2026-31431",
@@ -45327,6 +45697,7 @@
45327
45697
  "CVE-2025-38352",
45328
45698
  "CVE-2025-43300",
45329
45699
  "CVE-2025-53773",
45700
+ "CVE-2026-25592",
45330
45701
  "CVE-2026-30615",
45331
45702
  "CVE-2026-31431",
45332
45703
  "CVE-2026-34926",
@@ -45973,6 +46344,7 @@
45973
46344
  "CVE-2025-49844",
45974
46345
  "CVE-2025-53773",
45975
46346
  "CVE-2025-6965",
46347
+ "CVE-2026-25592",
45976
46348
  "CVE-2026-30615",
45977
46349
  "CVE-2026-30623",
45978
46350
  "CVE-2026-31431",
@@ -46370,6 +46742,7 @@
46370
46742
  "CVE-2026-24423",
46371
46743
  "CVE-2026-24858",
46372
46744
  "CVE-2026-25108",
46745
+ "CVE-2026-25592",
46373
46746
  "CVE-2026-3055",
46374
46747
  "CVE-2026-31431",
46375
46748
  "CVE-2026-31635",
@@ -46769,6 +47142,7 @@
46769
47142
  "CVE-2026-24423",
46770
47143
  "CVE-2026-24858",
46771
47144
  "CVE-2026-25108",
47145
+ "CVE-2026-25592",
46772
47146
  "CVE-2026-3055",
46773
47147
  "CVE-2026-31431",
46774
47148
  "CVE-2026-31635",
@@ -47022,6 +47396,7 @@
47022
47396
  "CVE-2025-49844",
47023
47397
  "CVE-2025-53773",
47024
47398
  "CVE-2025-6965",
47399
+ "CVE-2026-25592",
47025
47400
  "CVE-2026-30615",
47026
47401
  "CVE-2026-30623",
47027
47402
  "CVE-2026-31431",
@@ -47971,6 +48346,7 @@
47971
48346
  "CVE-2026-24423",
47972
48347
  "CVE-2026-24858",
47973
48348
  "CVE-2026-25108",
48349
+ "CVE-2026-25592",
47974
48350
  "CVE-2026-3055",
47975
48351
  "CVE-2026-31431",
47976
48352
  "CVE-2026-31635",
@@ -48288,6 +48664,7 @@
48288
48664
  "CVE-2025-49844",
48289
48665
  "CVE-2025-53773",
48290
48666
  "CVE-2025-6965",
48667
+ "CVE-2026-25592",
48291
48668
  "CVE-2026-30615",
48292
48669
  "CVE-2026-30623",
48293
48670
  "CVE-2026-31431",
@@ -48768,6 +49145,7 @@
48768
49145
  "CVE-2026-24423",
48769
49146
  "CVE-2026-24858",
48770
49147
  "CVE-2026-25108",
49148
+ "CVE-2026-25592",
48771
49149
  "CVE-2026-3055",
48772
49150
  "CVE-2026-30615",
48773
49151
  "CVE-2026-30623",
@@ -49097,6 +49475,7 @@
49097
49475
  "CVE-2025-43300",
49098
49476
  "CVE-2025-49844",
49099
49477
  "CVE-2025-53773",
49478
+ "CVE-2026-25592",
49100
49479
  "CVE-2026-30615",
49101
49480
  "CVE-2026-31431",
49102
49481
  "CVE-2026-34926",
@@ -50012,6 +50391,7 @@
50012
50391
  "CVE-2025-49844",
50013
50392
  "CVE-2025-53773",
50014
50393
  "CVE-2025-6965",
50394
+ "CVE-2026-25592",
50015
50395
  "CVE-2026-30615",
50016
50396
  "CVE-2026-30623",
50017
50397
  "CVE-2026-31431",
@@ -50083,6 +50463,7 @@
50083
50463
  "CVE-2025-34291",
50084
50464
  "CVE-2025-38352",
50085
50465
  "CVE-2025-43300",
50466
+ "CVE-2026-25592",
50086
50467
  "CVE-2026-31431",
50087
50468
  "CVE-2026-34926",
50088
50469
  "CVE-2026-39884",
@@ -50231,6 +50612,7 @@
50231
50612
  "CVE-2025-53773",
50232
50613
  "CVE-2025-6965",
50233
50614
  "CVE-2026-22778",
50615
+ "CVE-2026-25592",
50234
50616
  "CVE-2026-30623",
50235
50617
  "CVE-2026-32202",
50236
50618
  "CVE-2026-33825",
@@ -50806,6 +51188,7 @@
50806
51188
  "CVE-2026-24423",
50807
51189
  "CVE-2026-24858",
50808
51190
  "CVE-2026-25108",
51191
+ "CVE-2026-25592",
50809
51192
  "CVE-2026-3055",
50810
51193
  "CVE-2026-30615",
50811
51194
  "CVE-2026-31431",
@@ -51058,6 +51441,7 @@
51058
51441
  "CVE-2025-49844",
51059
51442
  "CVE-2025-53773",
51060
51443
  "CVE-2025-6965",
51444
+ "CVE-2026-25592",
51061
51445
  "CVE-2026-30615",
51062
51446
  "CVE-2026-30623",
51063
51447
  "CVE-2026-31431",
@@ -51328,6 +51712,7 @@
51328
51712
  "CVE-2025-53773",
51329
51713
  "CVE-2025-6965",
51330
51714
  "CVE-2026-22778",
51715
+ "CVE-2026-25592",
51331
51716
  "CVE-2026-30615",
51332
51717
  "CVE-2026-30623",
51333
51718
  "CVE-2026-32202",
package/data/atlas-ttps.json CHANGED
@@ -541,6 +541,7 @@
541
541
  "CVE-2025-53773",
542
542
  "CVE-2025-55319",
543
543
  "CVE-2025-68664",
544
+ "CVE-2026-25592",
544
545
  "CVE-2026-30615",
545
546
  "CVE-2026-39884",
546
547
  "CVE-2026-39987"
package/data/attack-techniques.json CHANGED
@@ -276,6 +276,7 @@
276
276
  "CVE-2025-55319",
277
277
  "CVE-2025-68664",
278
278
  "CVE-2026-22778",
279
+ "CVE-2026-25592",
279
280
  "CVE-2026-30615",
280
281
  "CVE-2026-30623",
281
282
  "CVE-2026-32202",
@@ -1104,6 +1105,7 @@
1104
1105
  "CVE-2025-4919",
1105
1106
  "CVE-2026-21385",
1106
1107
  "CVE-2026-2441",
1108
+ "CVE-2026-25592",
1107
1109
  "CVE-2026-5281",
1108
1110
  "MAL-2025-AI-FOUND-FFMPEG-BIGSLEEP"
1109
1111
  ],