@blamejs/exceptd-skills 0.13.72 → 0.13.74

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +10 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +770 -0
  6. package/data/atlas-ttps.json +8 -2
  7. package/data/attack-techniques.json +6 -0
  8. package/data/cve-catalog.json +213 -0
  9. package/data/cwe-catalog.json +7 -2
  10. package/data/framework-control-gaps.json +15 -1
  11. package/data/zeroday-lessons.json +100 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/data/_indexes/chains.json CHANGED
@@ -16611,6 +16611,730 @@
16611
16611
  ]
16612
16612
  }
16613
16613
  },
16614
+ "CVE-2025-49596": {
16615
+ "name": "MCP Inspector Missing Authentication — Unauthenticated RCE via the Inspector Proxy",
16616
+ "rwep": 30,
16617
+ "cvss": 8.3,
16618
+ "cisa_kev": false,
16619
+ "epss_score": null,
16620
+ "referencing_skills": [
16621
+ "kernel-lpe-triage",
16622
+ "ai-attack-surface",
16623
+ "compliance-theater",
16624
+ "attack-surface-pentest",
16625
+ "ot-ics-security",
16626
+ "coordinated-vuln-disclosure",
16627
+ "sector-energy"
16628
+ ],
16629
+ "chain": {
16630
+ "cwes": [
16631
+ {
16632
+ "id": "CWE-1037",
16633
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
16634
+ "category": "Hardware / Side Channel"
16635
+ },
16636
+ {
16637
+ "id": "CWE-1039",
16638
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
16639
+ "category": "AI/ML"
16640
+ },
16641
+ {
16642
+ "id": "CWE-125",
16643
+ "name": "Out-of-bounds Read",
16644
+ "category": "Memory Safety"
16645
+ },
16646
+ {
16647
+ "id": "CWE-1357",
16648
+ "name": "Reliance on Insufficiently Trustworthy Component",
16649
+ "category": "Supply Chain"
16650
+ },
16651
+ {
16652
+ "id": "CWE-1395",
16653
+ "name": "Dependency on Vulnerable Third-Party Component",
16654
+ "category": "Supply Chain"
16655
+ },
16656
+ {
16657
+ "id": "CWE-1426",
16658
+ "name": "Improper Validation of Generative AI Output",
16659
+ "category": "AI/ML"
16660
+ },
16661
+ {
16662
+ "id": "CWE-22",
16663
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
16664
+ "category": "Path/Resource"
16665
+ },
16666
+ {
16667
+ "id": "CWE-269",
16668
+ "name": "Improper Privilege Management",
16669
+ "category": "Authorization"
16670
+ },
16671
+ {
16672
+ "id": "CWE-287",
16673
+ "name": "Improper Authentication",
16674
+ "category": "Authentication"
16675
+ },
16676
+ {
16677
+ "id": "CWE-306",
16678
+ "name": "Missing Authentication for Critical Function",
16679
+ "category": "Authentication"
16680
+ },
16681
+ {
16682
+ "id": "CWE-352",
16683
+ "name": "Cross-Site Request Forgery (CSRF)",
16684
+ "category": "Session"
16685
+ },
16686
+ {
16687
+ "id": "CWE-362",
16688
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
16689
+ "category": "Concurrency"
16690
+ },
16691
+ {
16692
+ "id": "CWE-416",
16693
+ "name": "Use After Free",
16694
+ "category": "Memory Safety"
16695
+ },
16696
+ {
16697
+ "id": "CWE-434",
16698
+ "name": "Unrestricted Upload of File with Dangerous Type",
16699
+ "category": "File Handling"
16700
+ },
16701
+ {
16702
+ "id": "CWE-672",
16703
+ "name": "Operation on a Resource after Expiration or Release",
16704
+ "category": "Memory Safety"
16705
+ },
16706
+ {
16707
+ "id": "CWE-732",
16708
+ "name": "Incorrect Permission Assignment for Critical Resource",
16709
+ "category": "Authorization"
16710
+ },
16711
+ {
16712
+ "id": "CWE-78",
16713
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
16714
+ "category": "Injection"
16715
+ },
16716
+ {
16717
+ "id": "CWE-787",
16718
+ "name": "Out-of-bounds Write",
16719
+ "category": "Memory Safety"
16720
+ },
16721
+ {
16722
+ "id": "CWE-79",
16723
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
16724
+ "category": "Injection"
16725
+ },
16726
+ {
16727
+ "id": "CWE-798",
16728
+ "name": "Use of Hard-coded Credentials",
16729
+ "category": "Credentials"
16730
+ },
16731
+ {
16732
+ "id": "CWE-89",
16733
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
16734
+ "category": "Injection"
16735
+ },
16736
+ {
16737
+ "id": "CWE-918",
16738
+ "name": "Server-Side Request Forgery (SSRF)",
16739
+ "category": "Network"
16740
+ },
16741
+ {
16742
+ "id": "CWE-94",
16743
+ "name": "Improper Control of Generation of Code (Code Injection)",
16744
+ "category": "Injection"
16745
+ }
16746
+ ],
16747
+ "atlas": [
16748
+ {
16749
+ "id": "AML.T0010",
16750
+ "name": "ML Supply Chain Compromise",
16751
+ "tactic": "Initial Access"
16752
+ },
16753
+ {
16754
+ "id": "AML.T0016",
16755
+ "name": "Obtain Capabilities: Develop Capabilities",
16756
+ "tactic": "Resource Development"
16757
+ },
16758
+ {
16759
+ "id": "AML.T0017",
16760
+ "name": "Discover ML Model Ontology",
16761
+ "tactic": "Discovery"
16762
+ },
16763
+ {
16764
+ "id": "AML.T0018",
16765
+ "name": "Backdoor ML Model",
16766
+ "tactic": "Persistence"
16767
+ },
16768
+ {
16769
+ "id": "AML.T0020",
16770
+ "name": "Poison Training Data",
16771
+ "tactic": "ML Attack Staging"
16772
+ },
16773
+ {
16774
+ "id": "AML.T0043",
16775
+ "name": "Craft Adversarial Data",
16776
+ "tactic": "ML Attack Staging"
16777
+ },
16778
+ {
16779
+ "id": "AML.T0051",
16780
+ "name": "LLM Prompt Injection",
16781
+ "tactic": "Execution"
16782
+ },
16783
+ {
16784
+ "id": "AML.T0054",
16785
+ "name": "LLM Jailbreak",
16786
+ "tactic": "Defense Evasion"
16787
+ },
16788
+ {
16789
+ "id": "AML.T0096",
16790
+ "name": "AI API as Covert C2 Channel",
16791
+ "tactic": "Command and Control"
16792
+ }
16793
+ ],
16794
+ "d3fend": [
16795
+ {
16796
+ "id": "D3-ASLR",
16797
+ "name": "Address Space Layout Randomization",
16798
+ "tactic": "Harden"
16799
+ },
16800
+ {
16801
+ "id": "D3-CSPP",
16802
+ "name": "Client-server Payload Profiling",
16803
+ "tactic": "Detect"
16804
+ },
16805
+ {
16806
+ "id": "D3-EAL",
16807
+ "name": "Executable Allowlisting",
16808
+ "tactic": "Harden"
16809
+ },
16810
+ {
16811
+ "id": "D3-IOPR",
16812
+ "name": "Input/Output Profiling Resource",
16813
+ "tactic": "Detect"
16814
+ },
16815
+ {
16816
+ "id": "D3-NTA",
16817
+ "name": "Network Traffic Analysis",
16818
+ "tactic": "Detect"
16819
+ },
16820
+ {
16821
+ "id": "D3-PHRA",
16822
+ "name": "Process Hardware Resource Access",
16823
+ "tactic": "Isolate"
16824
+ },
16825
+ {
16826
+ "id": "D3-PSEP",
16827
+ "name": "Process Segment Execution Prevention",
16828
+ "tactic": "Harden"
16829
+ }
16830
+ ],
16831
+ "framework_gaps": [
16832
+ {
16833
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
16834
+ "framework": "ALL",
16835
+ "control_name": "AI Pipeline Integrity"
16836
+ },
16837
+ {
16838
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
16839
+ "framework": "ALL",
16840
+ "control_name": "Prompt Injection as Access Control Failure"
16841
+ },
16842
+ {
16843
+ "id": "CIS-Controls-v8-Control7",
16844
+ "framework": "CIS Controls v8",
16845
+ "control_name": "Continuous Vulnerability Management"
16846
+ },
16847
+ {
16848
+ "id": "CMMC-2.0-Level-2",
16849
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
16850
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
16851
+ },
16852
+ {
16853
+ "id": "FedRAMP-Rev5-Moderate",
16854
+ "framework": "FedRAMP Rev 5 Moderate",
16855
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
16856
+ },
16857
+ {
16858
+ "id": "IEC-62443-3-3",
16859
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
16860
+ "control_name": "System security requirements and security levels"
16861
+ },
16862
+ {
16863
+ "id": "ISO-27001-2022-A.8.28",
16864
+ "framework": "ISO/IEC 27001:2022",
16865
+ "control_name": "Secure coding"
16866
+ },
16867
+ {
16868
+ "id": "ISO-27001-2022-A.8.8",
16869
+ "framework": "ISO/IEC 27001:2022",
16870
+ "control_name": "Management of technical vulnerabilities"
16871
+ },
16872
+ {
16873
+ "id": "ISO-IEC-23894-2023-clause-7",
16874
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
16875
+ "control_name": "AI risk management process"
16876
+ },
16877
+ {
16878
+ "id": "NERC-CIP-007-6-R4",
16879
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
16880
+ "control_name": "Security event monitoring"
16881
+ },
16882
+ {
16883
+ "id": "NIS2-Art21-patch-management",
16884
+ "framework": "EU NIS2 Directive",
16885
+ "control_name": "Vulnerability handling and disclosure"
16886
+ },
16887
+ {
16888
+ "id": "NIST-800-115",
16889
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
16890
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
16891
+ },
16892
+ {
16893
+ "id": "NIST-800-218-SSDF",
16894
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
16895
+ "control_name": "Secure Software Development Framework"
16896
+ },
16897
+ {
16898
+ "id": "NIST-800-53-AC-2",
16899
+ "framework": "NIST SP 800-53 Rev 5",
16900
+ "control_name": "Account Management"
16901
+ },
16902
+ {
16903
+ "id": "NIST-800-53-SC-8",
16904
+ "framework": "NIST SP 800-53 Rev 5",
16905
+ "control_name": "Transmission Confidentiality and Integrity"
16906
+ },
16907
+ {
16908
+ "id": "NIST-800-53-SI-2",
16909
+ "framework": "NIST SP 800-53 Rev 5",
16910
+ "control_name": "Flaw Remediation"
16911
+ },
16912
+ {
16913
+ "id": "NIST-800-53-SI-3",
16914
+ "framework": "NIST SP 800-53 Rev 5",
16915
+ "control_name": "Malicious Code Protection"
16916
+ },
16917
+ {
16918
+ "id": "NIST-800-82r3",
16919
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
16920
+ "control_name": "Guide to Operational Technology (OT) Security"
16921
+ },
16922
+ {
16923
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
16924
+ "framework": "OWASP Top 10 for LLM Applications 2025",
16925
+ "control_name": "Prompt Injection"
16926
+ },
16927
+ {
16928
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
16929
+ "framework": "OWASP Top 10 for LLM Applications 2025",
16930
+ "control_name": "Sensitive Information Disclosure"
16931
+ },
16932
+ {
16933
+ "id": "OWASP-Pen-Testing-Guide-v5",
16934
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
16935
+ "control_name": "Web application penetration testing methodology"
16936
+ },
16937
+ {
16938
+ "id": "PCI-DSS-4.0-6.3.3",
16939
+ "framework": "PCI DSS 4.0",
16940
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
16941
+ },
16942
+ {
16943
+ "id": "PTES-Pre-engagement",
16944
+ "framework": "Penetration Testing Execution Standard (PTES)",
16945
+ "control_name": "Pre-engagement Interactions"
16946
+ },
16947
+ {
16948
+ "id": "SOC2-CC6-logical-access",
16949
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
16950
+ "control_name": "Logical and Physical Access Controls"
16951
+ },
16952
+ {
16953
+ "id": "SOC2-CC9-vendor-management",
16954
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
16955
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
16956
+ }
16957
+ ],
16958
+ "attack_refs": [
16959
+ "T0855",
16960
+ "T0883",
16961
+ "T1059",
16962
+ "T1068",
16963
+ "T1078",
16964
+ "T1133",
16965
+ "T1190",
16966
+ "T1548.001",
16967
+ "T1566"
16968
+ ],
16969
+ "rfc_refs": [
16970
+ "RFC-4301",
16971
+ "RFC-4303",
16972
+ "RFC-7296"
16973
+ ]
16974
+ }
16975
+ },
16976
+ "CVE-2025-54136": {
16977
+ "name": "Cursor MCPoison — Persistent RCE via Modified Already-Trusted MCP Config",
16978
+ "rwep": 30,
16979
+ "cvss": 8.8,
16980
+ "cisa_kev": false,
16981
+ "epss_score": null,
16982
+ "referencing_skills": [
16983
+ "kernel-lpe-triage",
16984
+ "ai-attack-surface",
16985
+ "compliance-theater",
16986
+ "attack-surface-pentest",
16987
+ "ot-ics-security",
16988
+ "coordinated-vuln-disclosure",
16989
+ "sector-energy"
16990
+ ],
16991
+ "chain": {
16992
+ "cwes": [
16993
+ {
16994
+ "id": "CWE-1037",
16995
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
16996
+ "category": "Hardware / Side Channel"
16997
+ },
16998
+ {
16999
+ "id": "CWE-1039",
17000
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
17001
+ "category": "AI/ML"
17002
+ },
17003
+ {
17004
+ "id": "CWE-125",
17005
+ "name": "Out-of-bounds Read",
17006
+ "category": "Memory Safety"
17007
+ },
17008
+ {
17009
+ "id": "CWE-1357",
17010
+ "name": "Reliance on Insufficiently Trustworthy Component",
17011
+ "category": "Supply Chain"
17012
+ },
17013
+ {
17014
+ "id": "CWE-1395",
17015
+ "name": "Dependency on Vulnerable Third-Party Component",
17016
+ "category": "Supply Chain"
17017
+ },
17018
+ {
17019
+ "id": "CWE-1426",
17020
+ "name": "Improper Validation of Generative AI Output",
17021
+ "category": "AI/ML"
17022
+ },
17023
+ {
17024
+ "id": "CWE-22",
17025
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
17026
+ "category": "Path/Resource"
17027
+ },
17028
+ {
17029
+ "id": "CWE-269",
17030
+ "name": "Improper Privilege Management",
17031
+ "category": "Authorization"
17032
+ },
17033
+ {
17034
+ "id": "CWE-287",
17035
+ "name": "Improper Authentication",
17036
+ "category": "Authentication"
17037
+ },
17038
+ {
17039
+ "id": "CWE-306",
17040
+ "name": "Missing Authentication for Critical Function",
17041
+ "category": "Authentication"
17042
+ },
17043
+ {
17044
+ "id": "CWE-352",
17045
+ "name": "Cross-Site Request Forgery (CSRF)",
17046
+ "category": "Session"
17047
+ },
17048
+ {
17049
+ "id": "CWE-362",
17050
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
17051
+ "category": "Concurrency"
17052
+ },
17053
+ {
17054
+ "id": "CWE-416",
17055
+ "name": "Use After Free",
17056
+ "category": "Memory Safety"
17057
+ },
17058
+ {
17059
+ "id": "CWE-434",
17060
+ "name": "Unrestricted Upload of File with Dangerous Type",
17061
+ "category": "File Handling"
17062
+ },
17063
+ {
17064
+ "id": "CWE-672",
17065
+ "name": "Operation on a Resource after Expiration or Release",
17066
+ "category": "Memory Safety"
17067
+ },
17068
+ {
17069
+ "id": "CWE-732",
17070
+ "name": "Incorrect Permission Assignment for Critical Resource",
17071
+ "category": "Authorization"
17072
+ },
17073
+ {
17074
+ "id": "CWE-78",
17075
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
17076
+ "category": "Injection"
17077
+ },
17078
+ {
17079
+ "id": "CWE-787",
17080
+ "name": "Out-of-bounds Write",
17081
+ "category": "Memory Safety"
17082
+ },
17083
+ {
17084
+ "id": "CWE-79",
17085
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
17086
+ "category": "Injection"
17087
+ },
17088
+ {
17089
+ "id": "CWE-798",
17090
+ "name": "Use of Hard-coded Credentials",
17091
+ "category": "Credentials"
17092
+ },
17093
+ {
17094
+ "id": "CWE-89",
17095
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
17096
+ "category": "Injection"
17097
+ },
17098
+ {
17099
+ "id": "CWE-918",
17100
+ "name": "Server-Side Request Forgery (SSRF)",
17101
+ "category": "Network"
17102
+ },
17103
+ {
17104
+ "id": "CWE-94",
17105
+ "name": "Improper Control of Generation of Code (Code Injection)",
17106
+ "category": "Injection"
17107
+ }
17108
+ ],
17109
+ "atlas": [
17110
+ {
17111
+ "id": "AML.T0010",
17112
+ "name": "ML Supply Chain Compromise",
17113
+ "tactic": "Initial Access"
17114
+ },
17115
+ {
17116
+ "id": "AML.T0016",
17117
+ "name": "Obtain Capabilities: Develop Capabilities",
17118
+ "tactic": "Resource Development"
17119
+ },
17120
+ {
17121
+ "id": "AML.T0017",
17122
+ "name": "Discover ML Model Ontology",
17123
+ "tactic": "Discovery"
17124
+ },
17125
+ {
17126
+ "id": "AML.T0018",
17127
+ "name": "Backdoor ML Model",
17128
+ "tactic": "Persistence"
17129
+ },
17130
+ {
17131
+ "id": "AML.T0020",
17132
+ "name": "Poison Training Data",
17133
+ "tactic": "ML Attack Staging"
17134
+ },
17135
+ {
17136
+ "id": "AML.T0043",
17137
+ "name": "Craft Adversarial Data",
17138
+ "tactic": "ML Attack Staging"
17139
+ },
17140
+ {
17141
+ "id": "AML.T0051",
17142
+ "name": "LLM Prompt Injection",
17143
+ "tactic": "Execution"
17144
+ },
17145
+ {
17146
+ "id": "AML.T0054",
17147
+ "name": "LLM Jailbreak",
17148
+ "tactic": "Defense Evasion"
17149
+ },
17150
+ {
17151
+ "id": "AML.T0096",
17152
+ "name": "AI API as Covert C2 Channel",
17153
+ "tactic": "Command and Control"
17154
+ }
17155
+ ],
17156
+ "d3fend": [
17157
+ {
17158
+ "id": "D3-ASLR",
17159
+ "name": "Address Space Layout Randomization",
17160
+ "tactic": "Harden"
17161
+ },
17162
+ {
17163
+ "id": "D3-CSPP",
17164
+ "name": "Client-server Payload Profiling",
17165
+ "tactic": "Detect"
17166
+ },
17167
+ {
17168
+ "id": "D3-EAL",
17169
+ "name": "Executable Allowlisting",
17170
+ "tactic": "Harden"
17171
+ },
17172
+ {
17173
+ "id": "D3-IOPR",
17174
+ "name": "Input/Output Profiling Resource",
17175
+ "tactic": "Detect"
17176
+ },
17177
+ {
17178
+ "id": "D3-NTA",
17179
+ "name": "Network Traffic Analysis",
17180
+ "tactic": "Detect"
17181
+ },
17182
+ {
17183
+ "id": "D3-PHRA",
17184
+ "name": "Process Hardware Resource Access",
17185
+ "tactic": "Isolate"
17186
+ },
17187
+ {
17188
+ "id": "D3-PSEP",
17189
+ "name": "Process Segment Execution Prevention",
17190
+ "tactic": "Harden"
17191
+ }
17192
+ ],
17193
+ "framework_gaps": [
17194
+ {
17195
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
17196
+ "framework": "ALL",
17197
+ "control_name": "AI Pipeline Integrity"
17198
+ },
17199
+ {
17200
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
17201
+ "framework": "ALL",
17202
+ "control_name": "Prompt Injection as Access Control Failure"
17203
+ },
17204
+ {
17205
+ "id": "CIS-Controls-v8-Control7",
17206
+ "framework": "CIS Controls v8",
17207
+ "control_name": "Continuous Vulnerability Management"
17208
+ },
17209
+ {
17210
+ "id": "CMMC-2.0-Level-2",
17211
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
17212
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
17213
+ },
17214
+ {
17215
+ "id": "FedRAMP-Rev5-Moderate",
17216
+ "framework": "FedRAMP Rev 5 Moderate",
17217
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
17218
+ },
17219
+ {
17220
+ "id": "IEC-62443-3-3",
17221
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
17222
+ "control_name": "System security requirements and security levels"
17223
+ },
17224
+ {
17225
+ "id": "ISO-27001-2022-A.8.28",
17226
+ "framework": "ISO/IEC 27001:2022",
17227
+ "control_name": "Secure coding"
17228
+ },
17229
+ {
17230
+ "id": "ISO-27001-2022-A.8.8",
17231
+ "framework": "ISO/IEC 27001:2022",
17232
+ "control_name": "Management of technical vulnerabilities"
17233
+ },
17234
+ {
17235
+ "id": "ISO-IEC-23894-2023-clause-7",
17236
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
17237
+ "control_name": "AI risk management process"
17238
+ },
17239
+ {
17240
+ "id": "NERC-CIP-007-6-R4",
17241
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
17242
+ "control_name": "Security event monitoring"
17243
+ },
17244
+ {
17245
+ "id": "NIS2-Art21-patch-management",
17246
+ "framework": "EU NIS2 Directive",
17247
+ "control_name": "Vulnerability handling and disclosure"
17248
+ },
17249
+ {
17250
+ "id": "NIST-800-115",
17251
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
17252
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
17253
+ },
17254
+ {
17255
+ "id": "NIST-800-218-SSDF",
17256
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
17257
+ "control_name": "Secure Software Development Framework"
17258
+ },
17259
+ {
17260
+ "id": "NIST-800-53-AC-2",
17261
+ "framework": "NIST SP 800-53 Rev 5",
17262
+ "control_name": "Account Management"
17263
+ },
17264
+ {
17265
+ "id": "NIST-800-53-SC-8",
17266
+ "framework": "NIST SP 800-53 Rev 5",
17267
+ "control_name": "Transmission Confidentiality and Integrity"
17268
+ },
17269
+ {
17270
+ "id": "NIST-800-53-SI-2",
17271
+ "framework": "NIST SP 800-53 Rev 5",
17272
+ "control_name": "Flaw Remediation"
17273
+ },
17274
+ {
17275
+ "id": "NIST-800-53-SI-3",
17276
+ "framework": "NIST SP 800-53 Rev 5",
17277
+ "control_name": "Malicious Code Protection"
17278
+ },
17279
+ {
17280
+ "id": "NIST-800-82r3",
17281
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
17282
+ "control_name": "Guide to Operational Technology (OT) Security"
17283
+ },
17284
+ {
17285
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
17286
+ "framework": "OWASP Top 10 for LLM Applications 2025",
17287
+ "control_name": "Prompt Injection"
17288
+ },
17289
+ {
17290
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
17291
+ "framework": "OWASP Top 10 for LLM Applications 2025",
17292
+ "control_name": "Sensitive Information Disclosure"
17293
+ },
17294
+ {
17295
+ "id": "OWASP-Pen-Testing-Guide-v5",
17296
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
17297
+ "control_name": "Web application penetration testing methodology"
17298
+ },
17299
+ {
17300
+ "id": "PCI-DSS-4.0-6.3.3",
17301
+ "framework": "PCI DSS 4.0",
17302
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
17303
+ },
17304
+ {
17305
+ "id": "PTES-Pre-engagement",
17306
+ "framework": "Penetration Testing Execution Standard (PTES)",
17307
+ "control_name": "Pre-engagement Interactions"
17308
+ },
17309
+ {
17310
+ "id": "SOC2-CC6-logical-access",
17311
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
17312
+ "control_name": "Logical and Physical Access Controls"
17313
+ },
17314
+ {
17315
+ "id": "SOC2-CC9-vendor-management",
17316
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
17317
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
17318
+ }
17319
+ ],
17320
+ "attack_refs": [
17321
+ "T0855",
17322
+ "T0883",
17323
+ "T1059",
17324
+ "T1068",
17325
+ "T1078",
17326
+ "T1133",
17327
+ "T1190",
17328
+ "T1548.001",
17329
+ "T1566"
17330
+ ],
17331
+ "rfc_refs": [
17332
+ "RFC-4301",
17333
+ "RFC-4303",
17334
+ "RFC-7296"
17335
+ ]
17336
+ }
17337
+ },
16614
17338
  "CVE-2026-41091": {
16615
17339
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
16616
17340
  "rwep": 45,
@@ -42996,8 +43720,10 @@
42996
43720
  "CVE-2025-34291",
42997
43721
  "CVE-2025-38352",
42998
43722
  "CVE-2025-43300",
43723
+ "CVE-2025-49596",
42999
43724
  "CVE-2025-49844",
43000
43725
  "CVE-2025-53773",
43726
+ "CVE-2025-54136",
43001
43727
  "CVE-2025-6965",
43002
43728
  "CVE-2026-25592",
43003
43729
  "CVE-2026-30615",
@@ -43343,6 +44069,8 @@
43343
44069
  "CVE-2025-34291",
43344
44070
  "CVE-2025-38352",
43345
44071
  "CVE-2025-43300",
44072
+ "CVE-2025-49596",
44073
+ "CVE-2025-54136",
43346
44074
  "CVE-2025-6965",
43347
44075
  "CVE-2026-25592",
43348
44076
  "CVE-2026-30623",
@@ -43483,6 +44211,8 @@
43483
44211
  "CVE-2025-34291",
43484
44212
  "CVE-2025-38352",
43485
44213
  "CVE-2025-43300",
44214
+ "CVE-2025-49596",
44215
+ "CVE-2025-54136",
43486
44216
  "CVE-2025-6965",
43487
44217
  "CVE-2026-25592",
43488
44218
  "CVE-2026-30623",
@@ -43637,6 +44367,8 @@
43637
44367
  "CVE-2025-34291",
43638
44368
  "CVE-2025-38352",
43639
44369
  "CVE-2025-43300",
44370
+ "CVE-2025-49596",
44371
+ "CVE-2025-54136",
43640
44372
  "CVE-2025-6965",
43641
44373
  "CVE-2026-25592",
43642
44374
  "CVE-2026-30623",
@@ -43894,8 +44626,10 @@
43894
44626
  "CVE-2025-1094",
43895
44627
  "CVE-2025-11837",
43896
44628
  "CVE-2025-34291",
44629
+ "CVE-2025-49596",
43897
44630
  "CVE-2025-49844",
43898
44631
  "CVE-2025-53773",
44632
+ "CVE-2025-54136",
43899
44633
  "CVE-2025-6965",
43900
44634
  "CVE-2026-22778",
43901
44635
  "CVE-2026-25592",
@@ -44204,6 +44938,7 @@
44204
44938
  "CVE-2025-48928",
44205
44939
  "CVE-2025-49113",
44206
44940
  "CVE-2025-4919",
44941
+ "CVE-2025-49596",
44207
44942
  "CVE-2025-49704",
44208
44943
  "CVE-2025-49706",
44209
44944
  "CVE-2025-49844",
@@ -44213,6 +44948,7 @@
44213
44948
  "CVE-2025-53690",
44214
44949
  "CVE-2025-53770",
44215
44950
  "CVE-2025-54068",
44951
+ "CVE-2025-54136",
44216
44952
  "CVE-2025-5419",
44217
44953
  "CVE-2025-54236",
44218
44954
  "CVE-2025-54253",
@@ -44902,8 +45638,10 @@
44902
45638
  "CVE-2025-34291",
44903
45639
  "CVE-2025-38352",
44904
45640
  "CVE-2025-43300",
45641
+ "CVE-2025-49596",
44905
45642
  "CVE-2025-49844",
44906
45643
  "CVE-2025-53773",
45644
+ "CVE-2025-54136",
44907
45645
  "CVE-2025-6965",
44908
45646
  "CVE-2026-25592",
44909
45647
  "CVE-2026-30615",
@@ -45481,8 +46219,10 @@
45481
46219
  "CVE-2025-34291",
45482
46220
  "CVE-2025-38352",
45483
46221
  "CVE-2025-43300",
46222
+ "CVE-2025-49596",
45484
46223
  "CVE-2025-49844",
45485
46224
  "CVE-2025-53773",
46225
+ "CVE-2025-54136",
45486
46226
  "CVE-2025-6965",
45487
46227
  "CVE-2026-25592",
45488
46228
  "CVE-2026-30615",
@@ -45696,7 +46436,9 @@
45696
46436
  "CVE-2025-34291",
45697
46437
  "CVE-2025-38352",
45698
46438
  "CVE-2025-43300",
46439
+ "CVE-2025-49596",
45699
46440
  "CVE-2025-53773",
46441
+ "CVE-2025-54136",
45700
46442
  "CVE-2026-25592",
45701
46443
  "CVE-2026-30615",
45702
46444
  "CVE-2026-31431",
@@ -46341,8 +47083,10 @@
46341
47083
  "CVE-2025-34291",
46342
47084
  "CVE-2025-38352",
46343
47085
  "CVE-2025-43300",
47086
+ "CVE-2025-49596",
46344
47087
  "CVE-2025-49844",
46345
47088
  "CVE-2025-53773",
47089
+ "CVE-2025-54136",
46346
47090
  "CVE-2025-6965",
46347
47091
  "CVE-2026-25592",
46348
47092
  "CVE-2026-30615",
@@ -46654,6 +47398,7 @@
46654
47398
  "CVE-2025-48928",
46655
47399
  "CVE-2025-49113",
46656
47400
  "CVE-2025-4919",
47401
+ "CVE-2025-49596",
46657
47402
  "CVE-2025-49704",
46658
47403
  "CVE-2025-49706",
46659
47404
  "CVE-2025-49844",
@@ -46663,6 +47408,7 @@
46663
47408
  "CVE-2025-53690",
46664
47409
  "CVE-2025-53770",
46665
47410
  "CVE-2025-54068",
47411
+ "CVE-2025-54136",
46666
47412
  "CVE-2025-5419",
46667
47413
  "CVE-2025-54236",
46668
47414
  "CVE-2025-54253",
@@ -47054,6 +47800,7 @@
47054
47800
  "CVE-2025-48928",
47055
47801
  "CVE-2025-49113",
47056
47802
  "CVE-2025-4919",
47803
+ "CVE-2025-49596",
47057
47804
  "CVE-2025-49704",
47058
47805
  "CVE-2025-49706",
47059
47806
  "CVE-2025-49844",
@@ -47063,6 +47810,7 @@
47063
47810
  "CVE-2025-53690",
47064
47811
  "CVE-2025-53770",
47065
47812
  "CVE-2025-54068",
47813
+ "CVE-2025-54136",
47066
47814
  "CVE-2025-5419",
47067
47815
  "CVE-2025-54236",
47068
47816
  "CVE-2025-54253",
@@ -47393,8 +48141,10 @@
47393
48141
  "CVE-2025-34291",
47394
48142
  "CVE-2025-38352",
47395
48143
  "CVE-2025-43300",
48144
+ "CVE-2025-49596",
47396
48145
  "CVE-2025-49844",
47397
48146
  "CVE-2025-53773",
48147
+ "CVE-2025-54136",
47398
48148
  "CVE-2025-6965",
47399
48149
  "CVE-2026-25592",
47400
48150
  "CVE-2026-30615",
@@ -48258,6 +49008,7 @@
48258
49008
  "CVE-2025-48928",
48259
49009
  "CVE-2025-49113",
48260
49010
  "CVE-2025-4919",
49011
+ "CVE-2025-49596",
48261
49012
  "CVE-2025-49704",
48262
49013
  "CVE-2025-49706",
48263
49014
  "CVE-2025-49844",
@@ -48267,6 +49018,7 @@
48267
49018
  "CVE-2025-53690",
48268
49019
  "CVE-2025-53770",
48269
49020
  "CVE-2025-54068",
49021
+ "CVE-2025-54136",
48270
49022
  "CVE-2025-5419",
48271
49023
  "CVE-2025-54236",
48272
49024
  "CVE-2025-54253",
@@ -48661,8 +49413,10 @@
48661
49413
  "CVE-2025-34291",
48662
49414
  "CVE-2025-38352",
48663
49415
  "CVE-2025-43300",
49416
+ "CVE-2025-49596",
48664
49417
  "CVE-2025-49844",
48665
49418
  "CVE-2025-53773",
49419
+ "CVE-2025-54136",
48666
49420
  "CVE-2025-6965",
48667
49421
  "CVE-2026-25592",
48668
49422
  "CVE-2026-30615",
@@ -49055,6 +49809,7 @@
49055
49809
  "CVE-2025-48928",
49056
49810
  "CVE-2025-49113",
49057
49811
  "CVE-2025-4919",
49812
+ "CVE-2025-49596",
49058
49813
  "CVE-2025-49704",
49059
49814
  "CVE-2025-49706",
49060
49815
  "CVE-2025-49844",
@@ -49065,6 +49820,7 @@
49065
49820
  "CVE-2025-53770",
49066
49821
  "CVE-2025-53773",
49067
49822
  "CVE-2025-54068",
49823
+ "CVE-2025-54136",
49068
49824
  "CVE-2025-5419",
49069
49825
  "CVE-2025-54236",
49070
49826
  "CVE-2025-54253",
@@ -49473,8 +50229,10 @@
49473
50229
  "CVE-2025-34291",
49474
50230
  "CVE-2025-38352",
49475
50231
  "CVE-2025-43300",
50232
+ "CVE-2025-49596",
49476
50233
  "CVE-2025-49844",
49477
50234
  "CVE-2025-53773",
50235
+ "CVE-2025-54136",
49478
50236
  "CVE-2026-25592",
49479
50237
  "CVE-2026-30615",
49480
50238
  "CVE-2026-31431",
@@ -50388,8 +51146,10 @@
50388
51146
  "CVE-2025-34291",
50389
51147
  "CVE-2025-38352",
50390
51148
  "CVE-2025-43300",
51149
+ "CVE-2025-49596",
50391
51150
  "CVE-2025-49844",
50392
51151
  "CVE-2025-53773",
51152
+ "CVE-2025-54136",
50393
51153
  "CVE-2025-6965",
50394
51154
  "CVE-2026-25592",
50395
51155
  "CVE-2026-30615",
@@ -50463,6 +51223,8 @@
50463
51223
  "CVE-2025-34291",
50464
51224
  "CVE-2025-38352",
50465
51225
  "CVE-2025-43300",
51226
+ "CVE-2025-49596",
51227
+ "CVE-2025-54136",
50466
51228
  "CVE-2026-25592",
50467
51229
  "CVE-2026-31431",
50468
51230
  "CVE-2026-34926",
@@ -50609,7 +51371,9 @@
50609
51371
  "CVE-2025-1094",
50610
51372
  "CVE-2025-11837",
50611
51373
  "CVE-2025-34291",
51374
+ "CVE-2025-49596",
50612
51375
  "CVE-2025-53773",
51376
+ "CVE-2025-54136",
50613
51377
  "CVE-2025-6965",
50614
51378
  "CVE-2026-22778",
50615
51379
  "CVE-2026-25592",
@@ -51105,6 +51869,7 @@
51105
51869
  "CVE-2025-48928",
51106
51870
  "CVE-2025-49113",
51107
51871
  "CVE-2025-4919",
51872
+ "CVE-2025-49596",
51108
51873
  "CVE-2025-49704",
51109
51874
  "CVE-2025-49706",
51110
51875
  "CVE-2025-5086",
@@ -51113,6 +51878,7 @@
51113
51878
  "CVE-2025-53690",
51114
51879
  "CVE-2025-53770",
51115
51880
  "CVE-2025-54068",
51881
+ "CVE-2025-54136",
51116
51882
  "CVE-2025-5419",
51117
51883
  "CVE-2025-54236",
51118
51884
  "CVE-2025-54253",
@@ -51438,8 +52204,10 @@
51438
52204
  "CVE-2025-34291",
51439
52205
  "CVE-2025-38352",
51440
52206
  "CVE-2025-43300",
52207
+ "CVE-2025-49596",
51441
52208
  "CVE-2025-49844",
51442
52209
  "CVE-2025-53773",
52210
+ "CVE-2025-54136",
51443
52211
  "CVE-2025-6965",
51444
52212
  "CVE-2026-25592",
51445
52213
  "CVE-2026-30615",
@@ -51708,8 +52476,10 @@
51708
52476
  "CVE-2025-14847",
51709
52477
  "CVE-2025-22226",
51710
52478
  "CVE-2025-34291",
52479
+ "CVE-2025-49596",
51711
52480
  "CVE-2025-53767",
51712
52481
  "CVE-2025-53773",
52482
+ "CVE-2025-54136",
51713
52483
  "CVE-2025-6965",
51714
52484
  "CVE-2026-22778",
51715
52485
  "CVE-2026-25592",