@blamejs/exceptd-skills 0.13.74 → 0.13.76
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/data/_indexes/_meta.json +8 -8
- package/data/_indexes/activity-feed.json +2 -2
- package/data/_indexes/catalog-summaries.json +2 -2
- package/data/_indexes/chains.json +2695 -0
- package/data/attack-techniques.json +14 -0
- package/data/cve-catalog.json +682 -1
- package/data/cwe-catalog.json +16 -2
- package/data/framework-control-gaps.json +50 -1
- package/data/zeroday-lessons.json +350 -0
- package/manifest.json +44 -44
- package/package.json +2 -2
- package/sbom.cdx.json +23 -23
|
@@ -277,13 +277,20 @@
|
|
|
277
277
|
"CVE-2025-54136",
|
|
278
278
|
"CVE-2025-55319",
|
|
279
279
|
"CVE-2025-68664",
|
|
280
|
+
"CVE-2026-22252",
|
|
281
|
+
"CVE-2026-22688",
|
|
280
282
|
"CVE-2026-22778",
|
|
281
283
|
"CVE-2026-25592",
|
|
282
284
|
"CVE-2026-30615",
|
|
285
|
+
"CVE-2026-30616",
|
|
286
|
+
"CVE-2026-30617",
|
|
283
287
|
"CVE-2026-30623",
|
|
288
|
+
"CVE-2026-30624",
|
|
289
|
+
"CVE-2026-30625",
|
|
284
290
|
"CVE-2026-32202",
|
|
285
291
|
"CVE-2026-39884",
|
|
286
292
|
"CVE-2026-39987",
|
|
293
|
+
"CVE-2026-40933",
|
|
287
294
|
"CVE-2026-6973"
|
|
288
295
|
],
|
|
289
296
|
"description_full": "Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries. These interfaces and languages provide ways of interacting with computer systems and are a common feature across many different platforms. Most systems come with some built-in command-line interface and scripting capabilities, for example, macOS and Linux distributions include some flavor of [Unix Shell](https://attack.mitre.org/techniques/T1059/004) while Windows installations include the [Windows Command Shell](https://attack.mitre.org/techniques/T1059/003) and [PowerShell](https://attack.mitre.org/techniques/T1059/001). There are also cross-platform interpreters such as [Python](https://attack.mitre.org/techniques/T1059/006), as well as those commonly associated with client applications such as [JavaScript](https://attack.mitre.org/techniques/T1059/007) and [Visual Basic](https://attack.mitre.org/techniques/T1059/005). Adversaries may abuse these technologies in various ways as a means of executing arbitrary commands. Commands and scripts can be embedded in [Initial Access](https://attack.mitre.org/tactics/TA0001) payloads delivered to victims as lure documents or as secondary payloads downloaded from an existing C2. Adversaries may also execute commands through interactive terminals/shells, as well as utilize various [Remote Services](https://attack.mitre.org/techniques/T1021) in order to achieve remote Execution.(Citation: Powershell Remote Commands)(Citation: Cisco IOS Software Integrity Assurance - Command History)(Citation: Remote Shell Execution in Python)",
|
|
@@ -945,11 +952,17 @@
|
|
|
945
952
|
"CVE-2026-21525",
|
|
946
953
|
"CVE-2026-21533",
|
|
947
954
|
"CVE-2026-21643",
|
|
955
|
+
"CVE-2026-22252",
|
|
956
|
+
"CVE-2026-22688",
|
|
948
957
|
"CVE-2026-22719",
|
|
949
958
|
"CVE-2026-22769",
|
|
950
959
|
"CVE-2026-22778",
|
|
951
960
|
"CVE-2026-23760",
|
|
952
961
|
"CVE-2026-25108",
|
|
962
|
+
"CVE-2026-30616",
|
|
963
|
+
"CVE-2026-30617",
|
|
964
|
+
"CVE-2026-30624",
|
|
965
|
+
"CVE-2026-30625",
|
|
953
966
|
"CVE-2026-32201",
|
|
954
967
|
"CVE-2026-32202",
|
|
955
968
|
"CVE-2026-33017",
|
|
@@ -961,6 +974,7 @@
|
|
|
961
974
|
"CVE-2026-3909",
|
|
962
975
|
"CVE-2026-3910",
|
|
963
976
|
"CVE-2026-39987",
|
|
977
|
+
"CVE-2026-40933",
|
|
964
978
|
"CVE-2026-42208",
|
|
965
979
|
"CVE-2026-42897",
|
|
966
980
|
"CVE-2026-42945",
|