@blamejs/exceptd-skills 0.13.75 → 0.13.77

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/CHANGELOG.md +8 -0
  2. package/data/_indexes/_meta.json +8 -8
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +2584 -0
  6. package/data/attack-techniques.json +13 -0
  7. package/data/cve-catalog.json +685 -1
  8. package/data/cwe-catalog.json +14 -2
  9. package/data/framework-control-gaps.json +55 -6
  10. package/data/zeroday-lessons.json +350 -0
  11. package/manifest.json +44 -44
  12. package/package.json +2 -2
  13. package/sbom.cdx.json +23 -23
package/data/_indexes/chains.json CHANGED
@@ -18059,6 +18059,2432 @@
18059
18059
  ]
18060
18060
  }
18061
18061
  },
18062
+ "CVE-2026-40933": {
18063
+ "name": "FlowiseAI Flowise MCP Custom Config Command Injection",
18064
+ "rwep": 30,
18065
+ "cvss": 9.9,
18066
+ "cisa_kev": false,
18067
+ "epss_score": null,
18068
+ "referencing_skills": [
18069
+ "kernel-lpe-triage",
18070
+ "ai-attack-surface",
18071
+ "compliance-theater",
18072
+ "attack-surface-pentest",
18073
+ "ot-ics-security",
18074
+ "coordinated-vuln-disclosure",
18075
+ "sector-energy"
18076
+ ],
18077
+ "chain": {
18078
+ "cwes": [
18079
+ {
18080
+ "id": "CWE-1037",
18081
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
18082
+ "category": "Hardware / Side Channel"
18083
+ },
18084
+ {
18085
+ "id": "CWE-1039",
18086
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
18087
+ "category": "AI/ML"
18088
+ },
18089
+ {
18090
+ "id": "CWE-125",
18091
+ "name": "Out-of-bounds Read",
18092
+ "category": "Memory Safety"
18093
+ },
18094
+ {
18095
+ "id": "CWE-1357",
18096
+ "name": "Reliance on Insufficiently Trustworthy Component",
18097
+ "category": "Supply Chain"
18098
+ },
18099
+ {
18100
+ "id": "CWE-1395",
18101
+ "name": "Dependency on Vulnerable Third-Party Component",
18102
+ "category": "Supply Chain"
18103
+ },
18104
+ {
18105
+ "id": "CWE-1426",
18106
+ "name": "Improper Validation of Generative AI Output",
18107
+ "category": "AI/ML"
18108
+ },
18109
+ {
18110
+ "id": "CWE-22",
18111
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
18112
+ "category": "Path/Resource"
18113
+ },
18114
+ {
18115
+ "id": "CWE-269",
18116
+ "name": "Improper Privilege Management",
18117
+ "category": "Authorization"
18118
+ },
18119
+ {
18120
+ "id": "CWE-287",
18121
+ "name": "Improper Authentication",
18122
+ "category": "Authentication"
18123
+ },
18124
+ {
18125
+ "id": "CWE-306",
18126
+ "name": "Missing Authentication for Critical Function",
18127
+ "category": "Authentication"
18128
+ },
18129
+ {
18130
+ "id": "CWE-352",
18131
+ "name": "Cross-Site Request Forgery (CSRF)",
18132
+ "category": "Session"
18133
+ },
18134
+ {
18135
+ "id": "CWE-362",
18136
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
18137
+ "category": "Concurrency"
18138
+ },
18139
+ {
18140
+ "id": "CWE-416",
18141
+ "name": "Use After Free",
18142
+ "category": "Memory Safety"
18143
+ },
18144
+ {
18145
+ "id": "CWE-434",
18146
+ "name": "Unrestricted Upload of File with Dangerous Type",
18147
+ "category": "File Handling"
18148
+ },
18149
+ {
18150
+ "id": "CWE-672",
18151
+ "name": "Operation on a Resource after Expiration or Release",
18152
+ "category": "Memory Safety"
18153
+ },
18154
+ {
18155
+ "id": "CWE-732",
18156
+ "name": "Incorrect Permission Assignment for Critical Resource",
18157
+ "category": "Authorization"
18158
+ },
18159
+ {
18160
+ "id": "CWE-78",
18161
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
18162
+ "category": "Injection"
18163
+ },
18164
+ {
18165
+ "id": "CWE-787",
18166
+ "name": "Out-of-bounds Write",
18167
+ "category": "Memory Safety"
18168
+ },
18169
+ {
18170
+ "id": "CWE-79",
18171
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
18172
+ "category": "Injection"
18173
+ },
18174
+ {
18175
+ "id": "CWE-798",
18176
+ "name": "Use of Hard-coded Credentials",
18177
+ "category": "Credentials"
18178
+ },
18179
+ {
18180
+ "id": "CWE-89",
18181
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
18182
+ "category": "Injection"
18183
+ },
18184
+ {
18185
+ "id": "CWE-918",
18186
+ "name": "Server-Side Request Forgery (SSRF)",
18187
+ "category": "Network"
18188
+ },
18189
+ {
18190
+ "id": "CWE-94",
18191
+ "name": "Improper Control of Generation of Code (Code Injection)",
18192
+ "category": "Injection"
18193
+ }
18194
+ ],
18195
+ "atlas": [
18196
+ {
18197
+ "id": "AML.T0010",
18198
+ "name": "ML Supply Chain Compromise",
18199
+ "tactic": "Initial Access"
18200
+ },
18201
+ {
18202
+ "id": "AML.T0016",
18203
+ "name": "Obtain Capabilities: Develop Capabilities",
18204
+ "tactic": "Resource Development"
18205
+ },
18206
+ {
18207
+ "id": "AML.T0017",
18208
+ "name": "Discover ML Model Ontology",
18209
+ "tactic": "Discovery"
18210
+ },
18211
+ {
18212
+ "id": "AML.T0018",
18213
+ "name": "Backdoor ML Model",
18214
+ "tactic": "Persistence"
18215
+ },
18216
+ {
18217
+ "id": "AML.T0020",
18218
+ "name": "Poison Training Data",
18219
+ "tactic": "ML Attack Staging"
18220
+ },
18221
+ {
18222
+ "id": "AML.T0043",
18223
+ "name": "Craft Adversarial Data",
18224
+ "tactic": "ML Attack Staging"
18225
+ },
18226
+ {
18227
+ "id": "AML.T0051",
18228
+ "name": "LLM Prompt Injection",
18229
+ "tactic": "Execution"
18230
+ },
18231
+ {
18232
+ "id": "AML.T0054",
18233
+ "name": "LLM Jailbreak",
18234
+ "tactic": "Defense Evasion"
18235
+ },
18236
+ {
18237
+ "id": "AML.T0096",
18238
+ "name": "AI API as Covert C2 Channel",
18239
+ "tactic": "Command and Control"
18240
+ }
18241
+ ],
18242
+ "d3fend": [
18243
+ {
18244
+ "id": "D3-ASLR",
18245
+ "name": "Address Space Layout Randomization",
18246
+ "tactic": "Harden"
18247
+ },
18248
+ {
18249
+ "id": "D3-CSPP",
18250
+ "name": "Client-server Payload Profiling",
18251
+ "tactic": "Detect"
18252
+ },
18253
+ {
18254
+ "id": "D3-EAL",
18255
+ "name": "Executable Allowlisting",
18256
+ "tactic": "Harden"
18257
+ },
18258
+ {
18259
+ "id": "D3-IOPR",
18260
+ "name": "Input/Output Profiling Resource",
18261
+ "tactic": "Detect"
18262
+ },
18263
+ {
18264
+ "id": "D3-NTA",
18265
+ "name": "Network Traffic Analysis",
18266
+ "tactic": "Detect"
18267
+ },
18268
+ {
18269
+ "id": "D3-PHRA",
18270
+ "name": "Process Hardware Resource Access",
18271
+ "tactic": "Isolate"
18272
+ },
18273
+ {
18274
+ "id": "D3-PSEP",
18275
+ "name": "Process Segment Execution Prevention",
18276
+ "tactic": "Harden"
18277
+ }
18278
+ ],
18279
+ "framework_gaps": [
18280
+ {
18281
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
18282
+ "framework": "ALL",
18283
+ "control_name": "AI Pipeline Integrity"
18284
+ },
18285
+ {
18286
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
18287
+ "framework": "ALL",
18288
+ "control_name": "Prompt Injection as Access Control Failure"
18289
+ },
18290
+ {
18291
+ "id": "CIS-Controls-v8-Control7",
18292
+ "framework": "CIS Controls v8",
18293
+ "control_name": "Continuous Vulnerability Management"
18294
+ },
18295
+ {
18296
+ "id": "CMMC-2.0-Level-2",
18297
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
18298
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
18299
+ },
18300
+ {
18301
+ "id": "FedRAMP-Rev5-Moderate",
18302
+ "framework": "FedRAMP Rev 5 Moderate",
18303
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
18304
+ },
18305
+ {
18306
+ "id": "IEC-62443-3-3",
18307
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
18308
+ "control_name": "System security requirements and security levels"
18309
+ },
18310
+ {
18311
+ "id": "ISO-27001-2022-A.8.28",
18312
+ "framework": "ISO/IEC 27001:2022",
18313
+ "control_name": "Secure coding"
18314
+ },
18315
+ {
18316
+ "id": "ISO-27001-2022-A.8.8",
18317
+ "framework": "ISO/IEC 27001:2022",
18318
+ "control_name": "Management of technical vulnerabilities"
18319
+ },
18320
+ {
18321
+ "id": "ISO-IEC-23894-2023-clause-7",
18322
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
18323
+ "control_name": "AI risk management process"
18324
+ },
18325
+ {
18326
+ "id": "NERC-CIP-007-6-R4",
18327
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
18328
+ "control_name": "Security event monitoring"
18329
+ },
18330
+ {
18331
+ "id": "NIS2-Art21-patch-management",
18332
+ "framework": "EU NIS2 Directive",
18333
+ "control_name": "Vulnerability handling and disclosure"
18334
+ },
18335
+ {
18336
+ "id": "NIST-800-115",
18337
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
18338
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
18339
+ },
18340
+ {
18341
+ "id": "NIST-800-218-SSDF",
18342
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
18343
+ "control_name": "Secure Software Development Framework"
18344
+ },
18345
+ {
18346
+ "id": "NIST-800-53-AC-2",
18347
+ "framework": "NIST SP 800-53 Rev 5",
18348
+ "control_name": "Account Management"
18349
+ },
18350
+ {
18351
+ "id": "NIST-800-53-SC-8",
18352
+ "framework": "NIST SP 800-53 Rev 5",
18353
+ "control_name": "Transmission Confidentiality and Integrity"
18354
+ },
18355
+ {
18356
+ "id": "NIST-800-53-SI-2",
18357
+ "framework": "NIST SP 800-53 Rev 5",
18358
+ "control_name": "Flaw Remediation"
18359
+ },
18360
+ {
18361
+ "id": "NIST-800-53-SI-3",
18362
+ "framework": "NIST SP 800-53 Rev 5",
18363
+ "control_name": "Malicious Code Protection"
18364
+ },
18365
+ {
18366
+ "id": "NIST-800-82r3",
18367
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
18368
+ "control_name": "Guide to Operational Technology (OT) Security"
18369
+ },
18370
+ {
18371
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
18372
+ "framework": "OWASP Top 10 for LLM Applications 2025",
18373
+ "control_name": "Prompt Injection"
18374
+ },
18375
+ {
18376
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
18377
+ "framework": "OWASP Top 10 for LLM Applications 2025",
18378
+ "control_name": "Sensitive Information Disclosure"
18379
+ },
18380
+ {
18381
+ "id": "OWASP-Pen-Testing-Guide-v5",
18382
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
18383
+ "control_name": "Web application penetration testing methodology"
18384
+ },
18385
+ {
18386
+ "id": "PCI-DSS-4.0-6.3.3",
18387
+ "framework": "PCI DSS 4.0",
18388
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
18389
+ },
18390
+ {
18391
+ "id": "PTES-Pre-engagement",
18392
+ "framework": "Penetration Testing Execution Standard (PTES)",
18393
+ "control_name": "Pre-engagement Interactions"
18394
+ },
18395
+ {
18396
+ "id": "SOC2-CC6-logical-access",
18397
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
18398
+ "control_name": "Logical and Physical Access Controls"
18399
+ },
18400
+ {
18401
+ "id": "SOC2-CC9-vendor-management",
18402
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
18403
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
18404
+ }
18405
+ ],
18406
+ "attack_refs": [
18407
+ "T0855",
18408
+ "T0883",
18409
+ "T1059",
18410
+ "T1068",
18411
+ "T1078",
18412
+ "T1133",
18413
+ "T1190",
18414
+ "T1548.001",
18415
+ "T1566"
18416
+ ],
18417
+ "rfc_refs": [
18418
+ "RFC-4301",
18419
+ "RFC-4303",
18420
+ "RFC-7296"
18421
+ ]
18422
+ }
18423
+ },
18424
+ "CVE-2026-30624": {
18425
+ "name": "Agent Zero MCP Server Config Command Injection",
18426
+ "rwep": 40,
18427
+ "cvss": 8.6,
18428
+ "cisa_kev": false,
18429
+ "epss_score": null,
18430
+ "referencing_skills": [
18431
+ "kernel-lpe-triage",
18432
+ "ai-attack-surface",
18433
+ "compliance-theater",
18434
+ "attack-surface-pentest",
18435
+ "ot-ics-security",
18436
+ "coordinated-vuln-disclosure",
18437
+ "sector-energy"
18438
+ ],
18439
+ "chain": {
18440
+ "cwes": [
18441
+ {
18442
+ "id": "CWE-1037",
18443
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
18444
+ "category": "Hardware / Side Channel"
18445
+ },
18446
+ {
18447
+ "id": "CWE-1039",
18448
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
18449
+ "category": "AI/ML"
18450
+ },
18451
+ {
18452
+ "id": "CWE-125",
18453
+ "name": "Out-of-bounds Read",
18454
+ "category": "Memory Safety"
18455
+ },
18456
+ {
18457
+ "id": "CWE-1357",
18458
+ "name": "Reliance on Insufficiently Trustworthy Component",
18459
+ "category": "Supply Chain"
18460
+ },
18461
+ {
18462
+ "id": "CWE-1395",
18463
+ "name": "Dependency on Vulnerable Third-Party Component",
18464
+ "category": "Supply Chain"
18465
+ },
18466
+ {
18467
+ "id": "CWE-1426",
18468
+ "name": "Improper Validation of Generative AI Output",
18469
+ "category": "AI/ML"
18470
+ },
18471
+ {
18472
+ "id": "CWE-22",
18473
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
18474
+ "category": "Path/Resource"
18475
+ },
18476
+ {
18477
+ "id": "CWE-269",
18478
+ "name": "Improper Privilege Management",
18479
+ "category": "Authorization"
18480
+ },
18481
+ {
18482
+ "id": "CWE-287",
18483
+ "name": "Improper Authentication",
18484
+ "category": "Authentication"
18485
+ },
18486
+ {
18487
+ "id": "CWE-306",
18488
+ "name": "Missing Authentication for Critical Function",
18489
+ "category": "Authentication"
18490
+ },
18491
+ {
18492
+ "id": "CWE-352",
18493
+ "name": "Cross-Site Request Forgery (CSRF)",
18494
+ "category": "Session"
18495
+ },
18496
+ {
18497
+ "id": "CWE-362",
18498
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
18499
+ "category": "Concurrency"
18500
+ },
18501
+ {
18502
+ "id": "CWE-416",
18503
+ "name": "Use After Free",
18504
+ "category": "Memory Safety"
18505
+ },
18506
+ {
18507
+ "id": "CWE-434",
18508
+ "name": "Unrestricted Upload of File with Dangerous Type",
18509
+ "category": "File Handling"
18510
+ },
18511
+ {
18512
+ "id": "CWE-672",
18513
+ "name": "Operation on a Resource after Expiration or Release",
18514
+ "category": "Memory Safety"
18515
+ },
18516
+ {
18517
+ "id": "CWE-732",
18518
+ "name": "Incorrect Permission Assignment for Critical Resource",
18519
+ "category": "Authorization"
18520
+ },
18521
+ {
18522
+ "id": "CWE-78",
18523
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
18524
+ "category": "Injection"
18525
+ },
18526
+ {
18527
+ "id": "CWE-787",
18528
+ "name": "Out-of-bounds Write",
18529
+ "category": "Memory Safety"
18530
+ },
18531
+ {
18532
+ "id": "CWE-79",
18533
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
18534
+ "category": "Injection"
18535
+ },
18536
+ {
18537
+ "id": "CWE-798",
18538
+ "name": "Use of Hard-coded Credentials",
18539
+ "category": "Credentials"
18540
+ },
18541
+ {
18542
+ "id": "CWE-89",
18543
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
18544
+ "category": "Injection"
18545
+ },
18546
+ {
18547
+ "id": "CWE-918",
18548
+ "name": "Server-Side Request Forgery (SSRF)",
18549
+ "category": "Network"
18550
+ },
18551
+ {
18552
+ "id": "CWE-94",
18553
+ "name": "Improper Control of Generation of Code (Code Injection)",
18554
+ "category": "Injection"
18555
+ }
18556
+ ],
18557
+ "atlas": [
18558
+ {
18559
+ "id": "AML.T0010",
18560
+ "name": "ML Supply Chain Compromise",
18561
+ "tactic": "Initial Access"
18562
+ },
18563
+ {
18564
+ "id": "AML.T0016",
18565
+ "name": "Obtain Capabilities: Develop Capabilities",
18566
+ "tactic": "Resource Development"
18567
+ },
18568
+ {
18569
+ "id": "AML.T0017",
18570
+ "name": "Discover ML Model Ontology",
18571
+ "tactic": "Discovery"
18572
+ },
18573
+ {
18574
+ "id": "AML.T0018",
18575
+ "name": "Backdoor ML Model",
18576
+ "tactic": "Persistence"
18577
+ },
18578
+ {
18579
+ "id": "AML.T0020",
18580
+ "name": "Poison Training Data",
18581
+ "tactic": "ML Attack Staging"
18582
+ },
18583
+ {
18584
+ "id": "AML.T0043",
18585
+ "name": "Craft Adversarial Data",
18586
+ "tactic": "ML Attack Staging"
18587
+ },
18588
+ {
18589
+ "id": "AML.T0051",
18590
+ "name": "LLM Prompt Injection",
18591
+ "tactic": "Execution"
18592
+ },
18593
+ {
18594
+ "id": "AML.T0054",
18595
+ "name": "LLM Jailbreak",
18596
+ "tactic": "Defense Evasion"
18597
+ },
18598
+ {
18599
+ "id": "AML.T0096",
18600
+ "name": "AI API as Covert C2 Channel",
18601
+ "tactic": "Command and Control"
18602
+ }
18603
+ ],
18604
+ "d3fend": [
18605
+ {
18606
+ "id": "D3-ASLR",
18607
+ "name": "Address Space Layout Randomization",
18608
+ "tactic": "Harden"
18609
+ },
18610
+ {
18611
+ "id": "D3-CSPP",
18612
+ "name": "Client-server Payload Profiling",
18613
+ "tactic": "Detect"
18614
+ },
18615
+ {
18616
+ "id": "D3-EAL",
18617
+ "name": "Executable Allowlisting",
18618
+ "tactic": "Harden"
18619
+ },
18620
+ {
18621
+ "id": "D3-IOPR",
18622
+ "name": "Input/Output Profiling Resource",
18623
+ "tactic": "Detect"
18624
+ },
18625
+ {
18626
+ "id": "D3-NTA",
18627
+ "name": "Network Traffic Analysis",
18628
+ "tactic": "Detect"
18629
+ },
18630
+ {
18631
+ "id": "D3-PHRA",
18632
+ "name": "Process Hardware Resource Access",
18633
+ "tactic": "Isolate"
18634
+ },
18635
+ {
18636
+ "id": "D3-PSEP",
18637
+ "name": "Process Segment Execution Prevention",
18638
+ "tactic": "Harden"
18639
+ }
18640
+ ],
18641
+ "framework_gaps": [
18642
+ {
18643
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
18644
+ "framework": "ALL",
18645
+ "control_name": "AI Pipeline Integrity"
18646
+ },
18647
+ {
18648
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
18649
+ "framework": "ALL",
18650
+ "control_name": "Prompt Injection as Access Control Failure"
18651
+ },
18652
+ {
18653
+ "id": "CIS-Controls-v8-Control7",
18654
+ "framework": "CIS Controls v8",
18655
+ "control_name": "Continuous Vulnerability Management"
18656
+ },
18657
+ {
18658
+ "id": "CMMC-2.0-Level-2",
18659
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
18660
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
18661
+ },
18662
+ {
18663
+ "id": "FedRAMP-Rev5-Moderate",
18664
+ "framework": "FedRAMP Rev 5 Moderate",
18665
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
18666
+ },
18667
+ {
18668
+ "id": "IEC-62443-3-3",
18669
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
18670
+ "control_name": "System security requirements and security levels"
18671
+ },
18672
+ {
18673
+ "id": "ISO-27001-2022-A.8.28",
18674
+ "framework": "ISO/IEC 27001:2022",
18675
+ "control_name": "Secure coding"
18676
+ },
18677
+ {
18678
+ "id": "ISO-27001-2022-A.8.8",
18679
+ "framework": "ISO/IEC 27001:2022",
18680
+ "control_name": "Management of technical vulnerabilities"
18681
+ },
18682
+ {
18683
+ "id": "ISO-IEC-23894-2023-clause-7",
18684
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
18685
+ "control_name": "AI risk management process"
18686
+ },
18687
+ {
18688
+ "id": "NERC-CIP-007-6-R4",
18689
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
18690
+ "control_name": "Security event monitoring"
18691
+ },
18692
+ {
18693
+ "id": "NIS2-Art21-patch-management",
18694
+ "framework": "EU NIS2 Directive",
18695
+ "control_name": "Vulnerability handling and disclosure"
18696
+ },
18697
+ {
18698
+ "id": "NIST-800-115",
18699
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
18700
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
18701
+ },
18702
+ {
18703
+ "id": "NIST-800-218-SSDF",
18704
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
18705
+ "control_name": "Secure Software Development Framework"
18706
+ },
18707
+ {
18708
+ "id": "NIST-800-53-AC-2",
18709
+ "framework": "NIST SP 800-53 Rev 5",
18710
+ "control_name": "Account Management"
18711
+ },
18712
+ {
18713
+ "id": "NIST-800-53-SC-8",
18714
+ "framework": "NIST SP 800-53 Rev 5",
18715
+ "control_name": "Transmission Confidentiality and Integrity"
18716
+ },
18717
+ {
18718
+ "id": "NIST-800-53-SI-2",
18719
+ "framework": "NIST SP 800-53 Rev 5",
18720
+ "control_name": "Flaw Remediation"
18721
+ },
18722
+ {
18723
+ "id": "NIST-800-53-SI-3",
18724
+ "framework": "NIST SP 800-53 Rev 5",
18725
+ "control_name": "Malicious Code Protection"
18726
+ },
18727
+ {
18728
+ "id": "NIST-800-82r3",
18729
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
18730
+ "control_name": "Guide to Operational Technology (OT) Security"
18731
+ },
18732
+ {
18733
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
18734
+ "framework": "OWASP Top 10 for LLM Applications 2025",
18735
+ "control_name": "Prompt Injection"
18736
+ },
18737
+ {
18738
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
18739
+ "framework": "OWASP Top 10 for LLM Applications 2025",
18740
+ "control_name": "Sensitive Information Disclosure"
18741
+ },
18742
+ {
18743
+ "id": "OWASP-Pen-Testing-Guide-v5",
18744
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
18745
+ "control_name": "Web application penetration testing methodology"
18746
+ },
18747
+ {
18748
+ "id": "PCI-DSS-4.0-6.3.3",
18749
+ "framework": "PCI DSS 4.0",
18750
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
18751
+ },
18752
+ {
18753
+ "id": "PTES-Pre-engagement",
18754
+ "framework": "Penetration Testing Execution Standard (PTES)",
18755
+ "control_name": "Pre-engagement Interactions"
18756
+ },
18757
+ {
18758
+ "id": "SOC2-CC6-logical-access",
18759
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
18760
+ "control_name": "Logical and Physical Access Controls"
18761
+ },
18762
+ {
18763
+ "id": "SOC2-CC9-vendor-management",
18764
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
18765
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
18766
+ }
18767
+ ],
18768
+ "attack_refs": [
18769
+ "T0855",
18770
+ "T0883",
18771
+ "T1059",
18772
+ "T1068",
18773
+ "T1078",
18774
+ "T1133",
18775
+ "T1190",
18776
+ "T1548.001",
18777
+ "T1566"
18778
+ ],
18779
+ "rfc_refs": [
18780
+ "RFC-4301",
18781
+ "RFC-4303",
18782
+ "RFC-7296"
18783
+ ]
18784
+ }
18785
+ },
18786
+ "CVE-2026-30616": {
18787
+ "name": "Jaaz MCP stdio Command Execution RCE",
18788
+ "rwep": 35,
18789
+ "cvss": 7.3,
18790
+ "cisa_kev": false,
18791
+ "epss_score": null,
18792
+ "referencing_skills": [
18793
+ "kernel-lpe-triage",
18794
+ "ai-attack-surface",
18795
+ "compliance-theater",
18796
+ "attack-surface-pentest",
18797
+ "ot-ics-security",
18798
+ "coordinated-vuln-disclosure",
18799
+ "sector-energy"
18800
+ ],
18801
+ "chain": {
18802
+ "cwes": [
18803
+ {
18804
+ "id": "CWE-1037",
18805
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
18806
+ "category": "Hardware / Side Channel"
18807
+ },
18808
+ {
18809
+ "id": "CWE-1039",
18810
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
18811
+ "category": "AI/ML"
18812
+ },
18813
+ {
18814
+ "id": "CWE-125",
18815
+ "name": "Out-of-bounds Read",
18816
+ "category": "Memory Safety"
18817
+ },
18818
+ {
18819
+ "id": "CWE-1357",
18820
+ "name": "Reliance on Insufficiently Trustworthy Component",
18821
+ "category": "Supply Chain"
18822
+ },
18823
+ {
18824
+ "id": "CWE-1395",
18825
+ "name": "Dependency on Vulnerable Third-Party Component",
18826
+ "category": "Supply Chain"
18827
+ },
18828
+ {
18829
+ "id": "CWE-1426",
18830
+ "name": "Improper Validation of Generative AI Output",
18831
+ "category": "AI/ML"
18832
+ },
18833
+ {
18834
+ "id": "CWE-22",
18835
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
18836
+ "category": "Path/Resource"
18837
+ },
18838
+ {
18839
+ "id": "CWE-269",
18840
+ "name": "Improper Privilege Management",
18841
+ "category": "Authorization"
18842
+ },
18843
+ {
18844
+ "id": "CWE-287",
18845
+ "name": "Improper Authentication",
18846
+ "category": "Authentication"
18847
+ },
18848
+ {
18849
+ "id": "CWE-306",
18850
+ "name": "Missing Authentication for Critical Function",
18851
+ "category": "Authentication"
18852
+ },
18853
+ {
18854
+ "id": "CWE-352",
18855
+ "name": "Cross-Site Request Forgery (CSRF)",
18856
+ "category": "Session"
18857
+ },
18858
+ {
18859
+ "id": "CWE-362",
18860
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
18861
+ "category": "Concurrency"
18862
+ },
18863
+ {
18864
+ "id": "CWE-416",
18865
+ "name": "Use After Free",
18866
+ "category": "Memory Safety"
18867
+ },
18868
+ {
18869
+ "id": "CWE-434",
18870
+ "name": "Unrestricted Upload of File with Dangerous Type",
18871
+ "category": "File Handling"
18872
+ },
18873
+ {
18874
+ "id": "CWE-672",
18875
+ "name": "Operation on a Resource after Expiration or Release",
18876
+ "category": "Memory Safety"
18877
+ },
18878
+ {
18879
+ "id": "CWE-732",
18880
+ "name": "Incorrect Permission Assignment for Critical Resource",
18881
+ "category": "Authorization"
18882
+ },
18883
+ {
18884
+ "id": "CWE-78",
18885
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
18886
+ "category": "Injection"
18887
+ },
18888
+ {
18889
+ "id": "CWE-787",
18890
+ "name": "Out-of-bounds Write",
18891
+ "category": "Memory Safety"
18892
+ },
18893
+ {
18894
+ "id": "CWE-79",
18895
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
18896
+ "category": "Injection"
18897
+ },
18898
+ {
18899
+ "id": "CWE-798",
18900
+ "name": "Use of Hard-coded Credentials",
18901
+ "category": "Credentials"
18902
+ },
18903
+ {
18904
+ "id": "CWE-89",
18905
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
18906
+ "category": "Injection"
18907
+ },
18908
+ {
18909
+ "id": "CWE-918",
18910
+ "name": "Server-Side Request Forgery (SSRF)",
18911
+ "category": "Network"
18912
+ },
18913
+ {
18914
+ "id": "CWE-94",
18915
+ "name": "Improper Control of Generation of Code (Code Injection)",
18916
+ "category": "Injection"
18917
+ }
18918
+ ],
18919
+ "atlas": [
18920
+ {
18921
+ "id": "AML.T0010",
18922
+ "name": "ML Supply Chain Compromise",
18923
+ "tactic": "Initial Access"
18924
+ },
18925
+ {
18926
+ "id": "AML.T0016",
18927
+ "name": "Obtain Capabilities: Develop Capabilities",
18928
+ "tactic": "Resource Development"
18929
+ },
18930
+ {
18931
+ "id": "AML.T0017",
18932
+ "name": "Discover ML Model Ontology",
18933
+ "tactic": "Discovery"
18934
+ },
18935
+ {
18936
+ "id": "AML.T0018",
18937
+ "name": "Backdoor ML Model",
18938
+ "tactic": "Persistence"
18939
+ },
18940
+ {
18941
+ "id": "AML.T0020",
18942
+ "name": "Poison Training Data",
18943
+ "tactic": "ML Attack Staging"
18944
+ },
18945
+ {
18946
+ "id": "AML.T0043",
18947
+ "name": "Craft Adversarial Data",
18948
+ "tactic": "ML Attack Staging"
18949
+ },
18950
+ {
18951
+ "id": "AML.T0051",
18952
+ "name": "LLM Prompt Injection",
18953
+ "tactic": "Execution"
18954
+ },
18955
+ {
18956
+ "id": "AML.T0054",
18957
+ "name": "LLM Jailbreak",
18958
+ "tactic": "Defense Evasion"
18959
+ },
18960
+ {
18961
+ "id": "AML.T0096",
18962
+ "name": "AI API as Covert C2 Channel",
18963
+ "tactic": "Command and Control"
18964
+ }
18965
+ ],
18966
+ "d3fend": [
18967
+ {
18968
+ "id": "D3-ASLR",
18969
+ "name": "Address Space Layout Randomization",
18970
+ "tactic": "Harden"
18971
+ },
18972
+ {
18973
+ "id": "D3-CSPP",
18974
+ "name": "Client-server Payload Profiling",
18975
+ "tactic": "Detect"
18976
+ },
18977
+ {
18978
+ "id": "D3-EAL",
18979
+ "name": "Executable Allowlisting",
18980
+ "tactic": "Harden"
18981
+ },
18982
+ {
18983
+ "id": "D3-IOPR",
18984
+ "name": "Input/Output Profiling Resource",
18985
+ "tactic": "Detect"
18986
+ },
18987
+ {
18988
+ "id": "D3-NTA",
18989
+ "name": "Network Traffic Analysis",
18990
+ "tactic": "Detect"
18991
+ },
18992
+ {
18993
+ "id": "D3-PHRA",
18994
+ "name": "Process Hardware Resource Access",
18995
+ "tactic": "Isolate"
18996
+ },
18997
+ {
18998
+ "id": "D3-PSEP",
18999
+ "name": "Process Segment Execution Prevention",
19000
+ "tactic": "Harden"
19001
+ }
19002
+ ],
19003
+ "framework_gaps": [
19004
+ {
19005
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
19006
+ "framework": "ALL",
19007
+ "control_name": "AI Pipeline Integrity"
19008
+ },
19009
+ {
19010
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
19011
+ "framework": "ALL",
19012
+ "control_name": "Prompt Injection as Access Control Failure"
19013
+ },
19014
+ {
19015
+ "id": "CIS-Controls-v8-Control7",
19016
+ "framework": "CIS Controls v8",
19017
+ "control_name": "Continuous Vulnerability Management"
19018
+ },
19019
+ {
19020
+ "id": "CMMC-2.0-Level-2",
19021
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
19022
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
19023
+ },
19024
+ {
19025
+ "id": "FedRAMP-Rev5-Moderate",
19026
+ "framework": "FedRAMP Rev 5 Moderate",
19027
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
19028
+ },
19029
+ {
19030
+ "id": "IEC-62443-3-3",
19031
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
19032
+ "control_name": "System security requirements and security levels"
19033
+ },
19034
+ {
19035
+ "id": "ISO-27001-2022-A.8.28",
19036
+ "framework": "ISO/IEC 27001:2022",
19037
+ "control_name": "Secure coding"
19038
+ },
19039
+ {
19040
+ "id": "ISO-27001-2022-A.8.8",
19041
+ "framework": "ISO/IEC 27001:2022",
19042
+ "control_name": "Management of technical vulnerabilities"
19043
+ },
19044
+ {
19045
+ "id": "ISO-IEC-23894-2023-clause-7",
19046
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
19047
+ "control_name": "AI risk management process"
19048
+ },
19049
+ {
19050
+ "id": "NERC-CIP-007-6-R4",
19051
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
19052
+ "control_name": "Security event monitoring"
19053
+ },
19054
+ {
19055
+ "id": "NIS2-Art21-patch-management",
19056
+ "framework": "EU NIS2 Directive",
19057
+ "control_name": "Vulnerability handling and disclosure"
19058
+ },
19059
+ {
19060
+ "id": "NIST-800-115",
19061
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
19062
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
19063
+ },
19064
+ {
19065
+ "id": "NIST-800-218-SSDF",
19066
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
19067
+ "control_name": "Secure Software Development Framework"
19068
+ },
19069
+ {
19070
+ "id": "NIST-800-53-AC-2",
19071
+ "framework": "NIST SP 800-53 Rev 5",
19072
+ "control_name": "Account Management"
19073
+ },
19074
+ {
19075
+ "id": "NIST-800-53-SC-8",
19076
+ "framework": "NIST SP 800-53 Rev 5",
19077
+ "control_name": "Transmission Confidentiality and Integrity"
19078
+ },
19079
+ {
19080
+ "id": "NIST-800-53-SI-2",
19081
+ "framework": "NIST SP 800-53 Rev 5",
19082
+ "control_name": "Flaw Remediation"
19083
+ },
19084
+ {
19085
+ "id": "NIST-800-53-SI-3",
19086
+ "framework": "NIST SP 800-53 Rev 5",
19087
+ "control_name": "Malicious Code Protection"
19088
+ },
19089
+ {
19090
+ "id": "NIST-800-82r3",
19091
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
19092
+ "control_name": "Guide to Operational Technology (OT) Security"
19093
+ },
19094
+ {
19095
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
19096
+ "framework": "OWASP Top 10 for LLM Applications 2025",
19097
+ "control_name": "Prompt Injection"
19098
+ },
19099
+ {
19100
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
19101
+ "framework": "OWASP Top 10 for LLM Applications 2025",
19102
+ "control_name": "Sensitive Information Disclosure"
19103
+ },
19104
+ {
19105
+ "id": "OWASP-Pen-Testing-Guide-v5",
19106
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
19107
+ "control_name": "Web application penetration testing methodology"
19108
+ },
19109
+ {
19110
+ "id": "PCI-DSS-4.0-6.3.3",
19111
+ "framework": "PCI DSS 4.0",
19112
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
19113
+ },
19114
+ {
19115
+ "id": "PTES-Pre-engagement",
19116
+ "framework": "Penetration Testing Execution Standard (PTES)",
19117
+ "control_name": "Pre-engagement Interactions"
19118
+ },
19119
+ {
19120
+ "id": "SOC2-CC6-logical-access",
19121
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
19122
+ "control_name": "Logical and Physical Access Controls"
19123
+ },
19124
+ {
19125
+ "id": "SOC2-CC9-vendor-management",
19126
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
19127
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
19128
+ }
19129
+ ],
19130
+ "attack_refs": [
19131
+ "T0855",
19132
+ "T0883",
19133
+ "T1059",
19134
+ "T1068",
19135
+ "T1078",
19136
+ "T1133",
19137
+ "T1190",
19138
+ "T1548.001",
19139
+ "T1566"
19140
+ ],
19141
+ "rfc_refs": [
19142
+ "RFC-4301",
19143
+ "RFC-4303",
19144
+ "RFC-7296"
19145
+ ]
19146
+ }
19147
+ },
19148
+ "CVE-2026-30617": {
19149
+ "name": "Langchain-Chatchat MCP Management Interface stdio RCE",
19150
+ "rwep": 42,
19151
+ "cvss": 8.6,
19152
+ "cisa_kev": false,
19153
+ "epss_score": null,
19154
+ "referencing_skills": [
19155
+ "kernel-lpe-triage",
19156
+ "ai-attack-surface",
19157
+ "compliance-theater",
19158
+ "attack-surface-pentest",
19159
+ "ot-ics-security",
19160
+ "coordinated-vuln-disclosure",
19161
+ "sector-energy"
19162
+ ],
19163
+ "chain": {
19164
+ "cwes": [
19165
+ {
19166
+ "id": "CWE-1037",
19167
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
19168
+ "category": "Hardware / Side Channel"
19169
+ },
19170
+ {
19171
+ "id": "CWE-1039",
19172
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
19173
+ "category": "AI/ML"
19174
+ },
19175
+ {
19176
+ "id": "CWE-125",
19177
+ "name": "Out-of-bounds Read",
19178
+ "category": "Memory Safety"
19179
+ },
19180
+ {
19181
+ "id": "CWE-1357",
19182
+ "name": "Reliance on Insufficiently Trustworthy Component",
19183
+ "category": "Supply Chain"
19184
+ },
19185
+ {
19186
+ "id": "CWE-1395",
19187
+ "name": "Dependency on Vulnerable Third-Party Component",
19188
+ "category": "Supply Chain"
19189
+ },
19190
+ {
19191
+ "id": "CWE-1426",
19192
+ "name": "Improper Validation of Generative AI Output",
19193
+ "category": "AI/ML"
19194
+ },
19195
+ {
19196
+ "id": "CWE-22",
19197
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
19198
+ "category": "Path/Resource"
19199
+ },
19200
+ {
19201
+ "id": "CWE-269",
19202
+ "name": "Improper Privilege Management",
19203
+ "category": "Authorization"
19204
+ },
19205
+ {
19206
+ "id": "CWE-287",
19207
+ "name": "Improper Authentication",
19208
+ "category": "Authentication"
19209
+ },
19210
+ {
19211
+ "id": "CWE-306",
19212
+ "name": "Missing Authentication for Critical Function",
19213
+ "category": "Authentication"
19214
+ },
19215
+ {
19216
+ "id": "CWE-352",
19217
+ "name": "Cross-Site Request Forgery (CSRF)",
19218
+ "category": "Session"
19219
+ },
19220
+ {
19221
+ "id": "CWE-362",
19222
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
19223
+ "category": "Concurrency"
19224
+ },
19225
+ {
19226
+ "id": "CWE-416",
19227
+ "name": "Use After Free",
19228
+ "category": "Memory Safety"
19229
+ },
19230
+ {
19231
+ "id": "CWE-434",
19232
+ "name": "Unrestricted Upload of File with Dangerous Type",
19233
+ "category": "File Handling"
19234
+ },
19235
+ {
19236
+ "id": "CWE-672",
19237
+ "name": "Operation on a Resource after Expiration or Release",
19238
+ "category": "Memory Safety"
19239
+ },
19240
+ {
19241
+ "id": "CWE-732",
19242
+ "name": "Incorrect Permission Assignment for Critical Resource",
19243
+ "category": "Authorization"
19244
+ },
19245
+ {
19246
+ "id": "CWE-78",
19247
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
19248
+ "category": "Injection"
19249
+ },
19250
+ {
19251
+ "id": "CWE-787",
19252
+ "name": "Out-of-bounds Write",
19253
+ "category": "Memory Safety"
19254
+ },
19255
+ {
19256
+ "id": "CWE-79",
19257
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
19258
+ "category": "Injection"
19259
+ },
19260
+ {
19261
+ "id": "CWE-798",
19262
+ "name": "Use of Hard-coded Credentials",
19263
+ "category": "Credentials"
19264
+ },
19265
+ {
19266
+ "id": "CWE-89",
19267
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
19268
+ "category": "Injection"
19269
+ },
19270
+ {
19271
+ "id": "CWE-918",
19272
+ "name": "Server-Side Request Forgery (SSRF)",
19273
+ "category": "Network"
19274
+ },
19275
+ {
19276
+ "id": "CWE-94",
19277
+ "name": "Improper Control of Generation of Code (Code Injection)",
19278
+ "category": "Injection"
19279
+ }
19280
+ ],
19281
+ "atlas": [
19282
+ {
19283
+ "id": "AML.T0010",
19284
+ "name": "ML Supply Chain Compromise",
19285
+ "tactic": "Initial Access"
19286
+ },
19287
+ {
19288
+ "id": "AML.T0016",
19289
+ "name": "Obtain Capabilities: Develop Capabilities",
19290
+ "tactic": "Resource Development"
19291
+ },
19292
+ {
19293
+ "id": "AML.T0017",
19294
+ "name": "Discover ML Model Ontology",
19295
+ "tactic": "Discovery"
19296
+ },
19297
+ {
19298
+ "id": "AML.T0018",
19299
+ "name": "Backdoor ML Model",
19300
+ "tactic": "Persistence"
19301
+ },
19302
+ {
19303
+ "id": "AML.T0020",
19304
+ "name": "Poison Training Data",
19305
+ "tactic": "ML Attack Staging"
19306
+ },
19307
+ {
19308
+ "id": "AML.T0043",
19309
+ "name": "Craft Adversarial Data",
19310
+ "tactic": "ML Attack Staging"
19311
+ },
19312
+ {
19313
+ "id": "AML.T0051",
19314
+ "name": "LLM Prompt Injection",
19315
+ "tactic": "Execution"
19316
+ },
19317
+ {
19318
+ "id": "AML.T0054",
19319
+ "name": "LLM Jailbreak",
19320
+ "tactic": "Defense Evasion"
19321
+ },
19322
+ {
19323
+ "id": "AML.T0096",
19324
+ "name": "AI API as Covert C2 Channel",
19325
+ "tactic": "Command and Control"
19326
+ }
19327
+ ],
19328
+ "d3fend": [
19329
+ {
19330
+ "id": "D3-ASLR",
19331
+ "name": "Address Space Layout Randomization",
19332
+ "tactic": "Harden"
19333
+ },
19334
+ {
19335
+ "id": "D3-CSPP",
19336
+ "name": "Client-server Payload Profiling",
19337
+ "tactic": "Detect"
19338
+ },
19339
+ {
19340
+ "id": "D3-EAL",
19341
+ "name": "Executable Allowlisting",
19342
+ "tactic": "Harden"
19343
+ },
19344
+ {
19345
+ "id": "D3-IOPR",
19346
+ "name": "Input/Output Profiling Resource",
19347
+ "tactic": "Detect"
19348
+ },
19349
+ {
19350
+ "id": "D3-NTA",
19351
+ "name": "Network Traffic Analysis",
19352
+ "tactic": "Detect"
19353
+ },
19354
+ {
19355
+ "id": "D3-PHRA",
19356
+ "name": "Process Hardware Resource Access",
19357
+ "tactic": "Isolate"
19358
+ },
19359
+ {
19360
+ "id": "D3-PSEP",
19361
+ "name": "Process Segment Execution Prevention",
19362
+ "tactic": "Harden"
19363
+ }
19364
+ ],
19365
+ "framework_gaps": [
19366
+ {
19367
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
19368
+ "framework": "ALL",
19369
+ "control_name": "AI Pipeline Integrity"
19370
+ },
19371
+ {
19372
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
19373
+ "framework": "ALL",
19374
+ "control_name": "Prompt Injection as Access Control Failure"
19375
+ },
19376
+ {
19377
+ "id": "CIS-Controls-v8-Control7",
19378
+ "framework": "CIS Controls v8",
19379
+ "control_name": "Continuous Vulnerability Management"
19380
+ },
19381
+ {
19382
+ "id": "CMMC-2.0-Level-2",
19383
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
19384
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
19385
+ },
19386
+ {
19387
+ "id": "FedRAMP-Rev5-Moderate",
19388
+ "framework": "FedRAMP Rev 5 Moderate",
19389
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
19390
+ },
19391
+ {
19392
+ "id": "IEC-62443-3-3",
19393
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
19394
+ "control_name": "System security requirements and security levels"
19395
+ },
19396
+ {
19397
+ "id": "ISO-27001-2022-A.8.28",
19398
+ "framework": "ISO/IEC 27001:2022",
19399
+ "control_name": "Secure coding"
19400
+ },
19401
+ {
19402
+ "id": "ISO-27001-2022-A.8.8",
19403
+ "framework": "ISO/IEC 27001:2022",
19404
+ "control_name": "Management of technical vulnerabilities"
19405
+ },
19406
+ {
19407
+ "id": "ISO-IEC-23894-2023-clause-7",
19408
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
19409
+ "control_name": "AI risk management process"
19410
+ },
19411
+ {
19412
+ "id": "NERC-CIP-007-6-R4",
19413
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
19414
+ "control_name": "Security event monitoring"
19415
+ },
19416
+ {
19417
+ "id": "NIS2-Art21-patch-management",
19418
+ "framework": "EU NIS2 Directive",
19419
+ "control_name": "Vulnerability handling and disclosure"
19420
+ },
19421
+ {
19422
+ "id": "NIST-800-115",
19423
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
19424
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
19425
+ },
19426
+ {
19427
+ "id": "NIST-800-218-SSDF",
19428
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
19429
+ "control_name": "Secure Software Development Framework"
19430
+ },
19431
+ {
19432
+ "id": "NIST-800-53-AC-2",
19433
+ "framework": "NIST SP 800-53 Rev 5",
19434
+ "control_name": "Account Management"
19435
+ },
19436
+ {
19437
+ "id": "NIST-800-53-SC-8",
19438
+ "framework": "NIST SP 800-53 Rev 5",
19439
+ "control_name": "Transmission Confidentiality and Integrity"
19440
+ },
19441
+ {
19442
+ "id": "NIST-800-53-SI-2",
19443
+ "framework": "NIST SP 800-53 Rev 5",
19444
+ "control_name": "Flaw Remediation"
19445
+ },
19446
+ {
19447
+ "id": "NIST-800-53-SI-3",
19448
+ "framework": "NIST SP 800-53 Rev 5",
19449
+ "control_name": "Malicious Code Protection"
19450
+ },
19451
+ {
19452
+ "id": "NIST-800-82r3",
19453
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
19454
+ "control_name": "Guide to Operational Technology (OT) Security"
19455
+ },
19456
+ {
19457
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
19458
+ "framework": "OWASP Top 10 for LLM Applications 2025",
19459
+ "control_name": "Prompt Injection"
19460
+ },
19461
+ {
19462
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
19463
+ "framework": "OWASP Top 10 for LLM Applications 2025",
19464
+ "control_name": "Sensitive Information Disclosure"
19465
+ },
19466
+ {
19467
+ "id": "OWASP-Pen-Testing-Guide-v5",
19468
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
19469
+ "control_name": "Web application penetration testing methodology"
19470
+ },
19471
+ {
19472
+ "id": "PCI-DSS-4.0-6.3.3",
19473
+ "framework": "PCI DSS 4.0",
19474
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
19475
+ },
19476
+ {
19477
+ "id": "PTES-Pre-engagement",
19478
+ "framework": "Penetration Testing Execution Standard (PTES)",
19479
+ "control_name": "Pre-engagement Interactions"
19480
+ },
19481
+ {
19482
+ "id": "SOC2-CC6-logical-access",
19483
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
19484
+ "control_name": "Logical and Physical Access Controls"
19485
+ },
19486
+ {
19487
+ "id": "SOC2-CC9-vendor-management",
19488
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
19489
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
19490
+ }
19491
+ ],
19492
+ "attack_refs": [
19493
+ "T0855",
19494
+ "T0883",
19495
+ "T1059",
19496
+ "T1068",
19497
+ "T1078",
19498
+ "T1133",
19499
+ "T1190",
19500
+ "T1548.001",
19501
+ "T1566"
19502
+ ],
19503
+ "rfc_refs": [
19504
+ "RFC-4301",
19505
+ "RFC-4303",
19506
+ "RFC-7296"
19507
+ ]
19508
+ }
19509
+ },
19510
+ "CVE-2026-30625": {
19511
+ "name": "Upsonic MCP Task Allowed-Command Argument Injection RCE",
19512
+ "rwep": 38,
19513
+ "cvss": 9.8,
19514
+ "cisa_kev": false,
19515
+ "epss_score": null,
19516
+ "referencing_skills": [
19517
+ "kernel-lpe-triage",
19518
+ "ai-attack-surface",
19519
+ "compliance-theater",
19520
+ "attack-surface-pentest",
19521
+ "ot-ics-security",
19522
+ "coordinated-vuln-disclosure",
19523
+ "sector-energy"
19524
+ ],
19525
+ "chain": {
19526
+ "cwes": [
19527
+ {
19528
+ "id": "CWE-1037",
19529
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
19530
+ "category": "Hardware / Side Channel"
19531
+ },
19532
+ {
19533
+ "id": "CWE-1039",
19534
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
19535
+ "category": "AI/ML"
19536
+ },
19537
+ {
19538
+ "id": "CWE-125",
19539
+ "name": "Out-of-bounds Read",
19540
+ "category": "Memory Safety"
19541
+ },
19542
+ {
19543
+ "id": "CWE-1357",
19544
+ "name": "Reliance on Insufficiently Trustworthy Component",
19545
+ "category": "Supply Chain"
19546
+ },
19547
+ {
19548
+ "id": "CWE-1395",
19549
+ "name": "Dependency on Vulnerable Third-Party Component",
19550
+ "category": "Supply Chain"
19551
+ },
19552
+ {
19553
+ "id": "CWE-1426",
19554
+ "name": "Improper Validation of Generative AI Output",
19555
+ "category": "AI/ML"
19556
+ },
19557
+ {
19558
+ "id": "CWE-22",
19559
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
19560
+ "category": "Path/Resource"
19561
+ },
19562
+ {
19563
+ "id": "CWE-269",
19564
+ "name": "Improper Privilege Management",
19565
+ "category": "Authorization"
19566
+ },
19567
+ {
19568
+ "id": "CWE-287",
19569
+ "name": "Improper Authentication",
19570
+ "category": "Authentication"
19571
+ },
19572
+ {
19573
+ "id": "CWE-306",
19574
+ "name": "Missing Authentication for Critical Function",
19575
+ "category": "Authentication"
19576
+ },
19577
+ {
19578
+ "id": "CWE-352",
19579
+ "name": "Cross-Site Request Forgery (CSRF)",
19580
+ "category": "Session"
19581
+ },
19582
+ {
19583
+ "id": "CWE-362",
19584
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
19585
+ "category": "Concurrency"
19586
+ },
19587
+ {
19588
+ "id": "CWE-416",
19589
+ "name": "Use After Free",
19590
+ "category": "Memory Safety"
19591
+ },
19592
+ {
19593
+ "id": "CWE-434",
19594
+ "name": "Unrestricted Upload of File with Dangerous Type",
19595
+ "category": "File Handling"
19596
+ },
19597
+ {
19598
+ "id": "CWE-672",
19599
+ "name": "Operation on a Resource after Expiration or Release",
19600
+ "category": "Memory Safety"
19601
+ },
19602
+ {
19603
+ "id": "CWE-732",
19604
+ "name": "Incorrect Permission Assignment for Critical Resource",
19605
+ "category": "Authorization"
19606
+ },
19607
+ {
19608
+ "id": "CWE-78",
19609
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
19610
+ "category": "Injection"
19611
+ },
19612
+ {
19613
+ "id": "CWE-787",
19614
+ "name": "Out-of-bounds Write",
19615
+ "category": "Memory Safety"
19616
+ },
19617
+ {
19618
+ "id": "CWE-79",
19619
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
19620
+ "category": "Injection"
19621
+ },
19622
+ {
19623
+ "id": "CWE-798",
19624
+ "name": "Use of Hard-coded Credentials",
19625
+ "category": "Credentials"
19626
+ },
19627
+ {
19628
+ "id": "CWE-89",
19629
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
19630
+ "category": "Injection"
19631
+ },
19632
+ {
19633
+ "id": "CWE-918",
19634
+ "name": "Server-Side Request Forgery (SSRF)",
19635
+ "category": "Network"
19636
+ },
19637
+ {
19638
+ "id": "CWE-94",
19639
+ "name": "Improper Control of Generation of Code (Code Injection)",
19640
+ "category": "Injection"
19641
+ }
19642
+ ],
19643
+ "atlas": [
19644
+ {
19645
+ "id": "AML.T0010",
19646
+ "name": "ML Supply Chain Compromise",
19647
+ "tactic": "Initial Access"
19648
+ },
19649
+ {
19650
+ "id": "AML.T0016",
19651
+ "name": "Obtain Capabilities: Develop Capabilities",
19652
+ "tactic": "Resource Development"
19653
+ },
19654
+ {
19655
+ "id": "AML.T0017",
19656
+ "name": "Discover ML Model Ontology",
19657
+ "tactic": "Discovery"
19658
+ },
19659
+ {
19660
+ "id": "AML.T0018",
19661
+ "name": "Backdoor ML Model",
19662
+ "tactic": "Persistence"
19663
+ },
19664
+ {
19665
+ "id": "AML.T0020",
19666
+ "name": "Poison Training Data",
19667
+ "tactic": "ML Attack Staging"
19668
+ },
19669
+ {
19670
+ "id": "AML.T0043",
19671
+ "name": "Craft Adversarial Data",
19672
+ "tactic": "ML Attack Staging"
19673
+ },
19674
+ {
19675
+ "id": "AML.T0051",
19676
+ "name": "LLM Prompt Injection",
19677
+ "tactic": "Execution"
19678
+ },
19679
+ {
19680
+ "id": "AML.T0054",
19681
+ "name": "LLM Jailbreak",
19682
+ "tactic": "Defense Evasion"
19683
+ },
19684
+ {
19685
+ "id": "AML.T0096",
19686
+ "name": "AI API as Covert C2 Channel",
19687
+ "tactic": "Command and Control"
19688
+ }
19689
+ ],
19690
+ "d3fend": [
19691
+ {
19692
+ "id": "D3-ASLR",
19693
+ "name": "Address Space Layout Randomization",
19694
+ "tactic": "Harden"
19695
+ },
19696
+ {
19697
+ "id": "D3-CSPP",
19698
+ "name": "Client-server Payload Profiling",
19699
+ "tactic": "Detect"
19700
+ },
19701
+ {
19702
+ "id": "D3-EAL",
19703
+ "name": "Executable Allowlisting",
19704
+ "tactic": "Harden"
19705
+ },
19706
+ {
19707
+ "id": "D3-IOPR",
19708
+ "name": "Input/Output Profiling Resource",
19709
+ "tactic": "Detect"
19710
+ },
19711
+ {
19712
+ "id": "D3-NTA",
19713
+ "name": "Network Traffic Analysis",
19714
+ "tactic": "Detect"
19715
+ },
19716
+ {
19717
+ "id": "D3-PHRA",
19718
+ "name": "Process Hardware Resource Access",
19719
+ "tactic": "Isolate"
19720
+ },
19721
+ {
19722
+ "id": "D3-PSEP",
19723
+ "name": "Process Segment Execution Prevention",
19724
+ "tactic": "Harden"
19725
+ }
19726
+ ],
19727
+ "framework_gaps": [
19728
+ {
19729
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
19730
+ "framework": "ALL",
19731
+ "control_name": "AI Pipeline Integrity"
19732
+ },
19733
+ {
19734
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
19735
+ "framework": "ALL",
19736
+ "control_name": "Prompt Injection as Access Control Failure"
19737
+ },
19738
+ {
19739
+ "id": "CIS-Controls-v8-Control7",
19740
+ "framework": "CIS Controls v8",
19741
+ "control_name": "Continuous Vulnerability Management"
19742
+ },
19743
+ {
19744
+ "id": "CMMC-2.0-Level-2",
19745
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
19746
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
19747
+ },
19748
+ {
19749
+ "id": "FedRAMP-Rev5-Moderate",
19750
+ "framework": "FedRAMP Rev 5 Moderate",
19751
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
19752
+ },
19753
+ {
19754
+ "id": "IEC-62443-3-3",
19755
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
19756
+ "control_name": "System security requirements and security levels"
19757
+ },
19758
+ {
19759
+ "id": "ISO-27001-2022-A.8.28",
19760
+ "framework": "ISO/IEC 27001:2022",
19761
+ "control_name": "Secure coding"
19762
+ },
19763
+ {
19764
+ "id": "ISO-27001-2022-A.8.8",
19765
+ "framework": "ISO/IEC 27001:2022",
19766
+ "control_name": "Management of technical vulnerabilities"
19767
+ },
19768
+ {
19769
+ "id": "ISO-IEC-23894-2023-clause-7",
19770
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
19771
+ "control_name": "AI risk management process"
19772
+ },
19773
+ {
19774
+ "id": "NERC-CIP-007-6-R4",
19775
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
19776
+ "control_name": "Security event monitoring"
19777
+ },
19778
+ {
19779
+ "id": "NIS2-Art21-patch-management",
19780
+ "framework": "EU NIS2 Directive",
19781
+ "control_name": "Vulnerability handling and disclosure"
19782
+ },
19783
+ {
19784
+ "id": "NIST-800-115",
19785
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
19786
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
19787
+ },
19788
+ {
19789
+ "id": "NIST-800-218-SSDF",
19790
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
19791
+ "control_name": "Secure Software Development Framework"
19792
+ },
19793
+ {
19794
+ "id": "NIST-800-53-AC-2",
19795
+ "framework": "NIST SP 800-53 Rev 5",
19796
+ "control_name": "Account Management"
19797
+ },
19798
+ {
19799
+ "id": "NIST-800-53-SC-8",
19800
+ "framework": "NIST SP 800-53 Rev 5",
19801
+ "control_name": "Transmission Confidentiality and Integrity"
19802
+ },
19803
+ {
19804
+ "id": "NIST-800-53-SI-2",
19805
+ "framework": "NIST SP 800-53 Rev 5",
19806
+ "control_name": "Flaw Remediation"
19807
+ },
19808
+ {
19809
+ "id": "NIST-800-53-SI-3",
19810
+ "framework": "NIST SP 800-53 Rev 5",
19811
+ "control_name": "Malicious Code Protection"
19812
+ },
19813
+ {
19814
+ "id": "NIST-800-82r3",
19815
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
19816
+ "control_name": "Guide to Operational Technology (OT) Security"
19817
+ },
19818
+ {
19819
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
19820
+ "framework": "OWASP Top 10 for LLM Applications 2025",
19821
+ "control_name": "Prompt Injection"
19822
+ },
19823
+ {
19824
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
19825
+ "framework": "OWASP Top 10 for LLM Applications 2025",
19826
+ "control_name": "Sensitive Information Disclosure"
19827
+ },
19828
+ {
19829
+ "id": "OWASP-Pen-Testing-Guide-v5",
19830
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
19831
+ "control_name": "Web application penetration testing methodology"
19832
+ },
19833
+ {
19834
+ "id": "PCI-DSS-4.0-6.3.3",
19835
+ "framework": "PCI DSS 4.0",
19836
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
19837
+ },
19838
+ {
19839
+ "id": "PTES-Pre-engagement",
19840
+ "framework": "Penetration Testing Execution Standard (PTES)",
19841
+ "control_name": "Pre-engagement Interactions"
19842
+ },
19843
+ {
19844
+ "id": "SOC2-CC6-logical-access",
19845
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
19846
+ "control_name": "Logical and Physical Access Controls"
19847
+ },
19848
+ {
19849
+ "id": "SOC2-CC9-vendor-management",
19850
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
19851
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
19852
+ }
19853
+ ],
19854
+ "attack_refs": [
19855
+ "T0855",
19856
+ "T0883",
19857
+ "T1059",
19858
+ "T1068",
19859
+ "T1078",
19860
+ "T1133",
19861
+ "T1190",
19862
+ "T1548.001",
19863
+ "T1566"
19864
+ ],
19865
+ "rfc_refs": [
19866
+ "RFC-4301",
19867
+ "RFC-4303",
19868
+ "RFC-7296"
19869
+ ]
19870
+ }
19871
+ },
19872
+ "CVE-2026-26015": {
19873
+ "name": "DocsGPT MCP stdio Unauthenticated Remote Code Execution",
19874
+ "rwep": 27,
19875
+ "cvss": 9.8,
19876
+ "cisa_kev": false,
19877
+ "epss_score": null,
19878
+ "referencing_skills": [
19879
+ "kernel-lpe-triage",
19880
+ "ai-attack-surface",
19881
+ "compliance-theater",
19882
+ "attack-surface-pentest",
19883
+ "ot-ics-security",
19884
+ "coordinated-vuln-disclosure",
19885
+ "sector-energy"
19886
+ ],
19887
+ "chain": {
19888
+ "cwes": [
19889
+ {
19890
+ "id": "CWE-1037",
19891
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
19892
+ "category": "Hardware / Side Channel"
19893
+ },
19894
+ {
19895
+ "id": "CWE-1039",
19896
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
19897
+ "category": "AI/ML"
19898
+ },
19899
+ {
19900
+ "id": "CWE-125",
19901
+ "name": "Out-of-bounds Read",
19902
+ "category": "Memory Safety"
19903
+ },
19904
+ {
19905
+ "id": "CWE-1357",
19906
+ "name": "Reliance on Insufficiently Trustworthy Component",
19907
+ "category": "Supply Chain"
19908
+ },
19909
+ {
19910
+ "id": "CWE-1395",
19911
+ "name": "Dependency on Vulnerable Third-Party Component",
19912
+ "category": "Supply Chain"
19913
+ },
19914
+ {
19915
+ "id": "CWE-1426",
19916
+ "name": "Improper Validation of Generative AI Output",
19917
+ "category": "AI/ML"
19918
+ },
19919
+ {
19920
+ "id": "CWE-22",
19921
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
19922
+ "category": "Path/Resource"
19923
+ },
19924
+ {
19925
+ "id": "CWE-269",
19926
+ "name": "Improper Privilege Management",
19927
+ "category": "Authorization"
19928
+ },
19929
+ {
19930
+ "id": "CWE-287",
19931
+ "name": "Improper Authentication",
19932
+ "category": "Authentication"
19933
+ },
19934
+ {
19935
+ "id": "CWE-306",
19936
+ "name": "Missing Authentication for Critical Function",
19937
+ "category": "Authentication"
19938
+ },
19939
+ {
19940
+ "id": "CWE-352",
19941
+ "name": "Cross-Site Request Forgery (CSRF)",
19942
+ "category": "Session"
19943
+ },
19944
+ {
19945
+ "id": "CWE-362",
19946
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
19947
+ "category": "Concurrency"
19948
+ },
19949
+ {
19950
+ "id": "CWE-416",
19951
+ "name": "Use After Free",
19952
+ "category": "Memory Safety"
19953
+ },
19954
+ {
19955
+ "id": "CWE-434",
19956
+ "name": "Unrestricted Upload of File with Dangerous Type",
19957
+ "category": "File Handling"
19958
+ },
19959
+ {
19960
+ "id": "CWE-672",
19961
+ "name": "Operation on a Resource after Expiration or Release",
19962
+ "category": "Memory Safety"
19963
+ },
19964
+ {
19965
+ "id": "CWE-732",
19966
+ "name": "Incorrect Permission Assignment for Critical Resource",
19967
+ "category": "Authorization"
19968
+ },
19969
+ {
19970
+ "id": "CWE-78",
19971
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
19972
+ "category": "Injection"
19973
+ },
19974
+ {
19975
+ "id": "CWE-787",
19976
+ "name": "Out-of-bounds Write",
19977
+ "category": "Memory Safety"
19978
+ },
19979
+ {
19980
+ "id": "CWE-79",
19981
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
19982
+ "category": "Injection"
19983
+ },
19984
+ {
19985
+ "id": "CWE-798",
19986
+ "name": "Use of Hard-coded Credentials",
19987
+ "category": "Credentials"
19988
+ },
19989
+ {
19990
+ "id": "CWE-89",
19991
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
19992
+ "category": "Injection"
19993
+ },
19994
+ {
19995
+ "id": "CWE-918",
19996
+ "name": "Server-Side Request Forgery (SSRF)",
19997
+ "category": "Network"
19998
+ },
19999
+ {
20000
+ "id": "CWE-94",
20001
+ "name": "Improper Control of Generation of Code (Code Injection)",
20002
+ "category": "Injection"
20003
+ }
20004
+ ],
20005
+ "atlas": [
20006
+ {
20007
+ "id": "AML.T0010",
20008
+ "name": "ML Supply Chain Compromise",
20009
+ "tactic": "Initial Access"
20010
+ },
20011
+ {
20012
+ "id": "AML.T0016",
20013
+ "name": "Obtain Capabilities: Develop Capabilities",
20014
+ "tactic": "Resource Development"
20015
+ },
20016
+ {
20017
+ "id": "AML.T0017",
20018
+ "name": "Discover ML Model Ontology",
20019
+ "tactic": "Discovery"
20020
+ },
20021
+ {
20022
+ "id": "AML.T0018",
20023
+ "name": "Backdoor ML Model",
20024
+ "tactic": "Persistence"
20025
+ },
20026
+ {
20027
+ "id": "AML.T0020",
20028
+ "name": "Poison Training Data",
20029
+ "tactic": "ML Attack Staging"
20030
+ },
20031
+ {
20032
+ "id": "AML.T0043",
20033
+ "name": "Craft Adversarial Data",
20034
+ "tactic": "ML Attack Staging"
20035
+ },
20036
+ {
20037
+ "id": "AML.T0051",
20038
+ "name": "LLM Prompt Injection",
20039
+ "tactic": "Execution"
20040
+ },
20041
+ {
20042
+ "id": "AML.T0054",
20043
+ "name": "LLM Jailbreak",
20044
+ "tactic": "Defense Evasion"
20045
+ },
20046
+ {
20047
+ "id": "AML.T0096",
20048
+ "name": "AI API as Covert C2 Channel",
20049
+ "tactic": "Command and Control"
20050
+ }
20051
+ ],
20052
+ "d3fend": [
20053
+ {
20054
+ "id": "D3-ASLR",
20055
+ "name": "Address Space Layout Randomization",
20056
+ "tactic": "Harden"
20057
+ },
20058
+ {
20059
+ "id": "D3-CSPP",
20060
+ "name": "Client-server Payload Profiling",
20061
+ "tactic": "Detect"
20062
+ },
20063
+ {
20064
+ "id": "D3-EAL",
20065
+ "name": "Executable Allowlisting",
20066
+ "tactic": "Harden"
20067
+ },
20068
+ {
20069
+ "id": "D3-IOPR",
20070
+ "name": "Input/Output Profiling Resource",
20071
+ "tactic": "Detect"
20072
+ },
20073
+ {
20074
+ "id": "D3-NTA",
20075
+ "name": "Network Traffic Analysis",
20076
+ "tactic": "Detect"
20077
+ },
20078
+ {
20079
+ "id": "D3-PHRA",
20080
+ "name": "Process Hardware Resource Access",
20081
+ "tactic": "Isolate"
20082
+ },
20083
+ {
20084
+ "id": "D3-PSEP",
20085
+ "name": "Process Segment Execution Prevention",
20086
+ "tactic": "Harden"
20087
+ }
20088
+ ],
20089
+ "framework_gaps": [
20090
+ {
20091
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
20092
+ "framework": "ALL",
20093
+ "control_name": "AI Pipeline Integrity"
20094
+ },
20095
+ {
20096
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
20097
+ "framework": "ALL",
20098
+ "control_name": "Prompt Injection as Access Control Failure"
20099
+ },
20100
+ {
20101
+ "id": "CIS-Controls-v8-Control7",
20102
+ "framework": "CIS Controls v8",
20103
+ "control_name": "Continuous Vulnerability Management"
20104
+ },
20105
+ {
20106
+ "id": "CMMC-2.0-Level-2",
20107
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
20108
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
20109
+ },
20110
+ {
20111
+ "id": "FedRAMP-Rev5-Moderate",
20112
+ "framework": "FedRAMP Rev 5 Moderate",
20113
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
20114
+ },
20115
+ {
20116
+ "id": "IEC-62443-3-3",
20117
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
20118
+ "control_name": "System security requirements and security levels"
20119
+ },
20120
+ {
20121
+ "id": "ISO-27001-2022-A.8.28",
20122
+ "framework": "ISO/IEC 27001:2022",
20123
+ "control_name": "Secure coding"
20124
+ },
20125
+ {
20126
+ "id": "ISO-27001-2022-A.8.8",
20127
+ "framework": "ISO/IEC 27001:2022",
20128
+ "control_name": "Management of technical vulnerabilities"
20129
+ },
20130
+ {
20131
+ "id": "ISO-IEC-23894-2023-clause-7",
20132
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
20133
+ "control_name": "AI risk management process"
20134
+ },
20135
+ {
20136
+ "id": "NERC-CIP-007-6-R4",
20137
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
20138
+ "control_name": "Security event monitoring"
20139
+ },
20140
+ {
20141
+ "id": "NIS2-Art21-patch-management",
20142
+ "framework": "EU NIS2 Directive",
20143
+ "control_name": "Vulnerability handling and disclosure"
20144
+ },
20145
+ {
20146
+ "id": "NIST-800-115",
20147
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
20148
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
20149
+ },
20150
+ {
20151
+ "id": "NIST-800-218-SSDF",
20152
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
20153
+ "control_name": "Secure Software Development Framework"
20154
+ },
20155
+ {
20156
+ "id": "NIST-800-53-AC-2",
20157
+ "framework": "NIST SP 800-53 Rev 5",
20158
+ "control_name": "Account Management"
20159
+ },
20160
+ {
20161
+ "id": "NIST-800-53-SC-8",
20162
+ "framework": "NIST SP 800-53 Rev 5",
20163
+ "control_name": "Transmission Confidentiality and Integrity"
20164
+ },
20165
+ {
20166
+ "id": "NIST-800-53-SI-2",
20167
+ "framework": "NIST SP 800-53 Rev 5",
20168
+ "control_name": "Flaw Remediation"
20169
+ },
20170
+ {
20171
+ "id": "NIST-800-53-SI-3",
20172
+ "framework": "NIST SP 800-53 Rev 5",
20173
+ "control_name": "Malicious Code Protection"
20174
+ },
20175
+ {
20176
+ "id": "NIST-800-82r3",
20177
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
20178
+ "control_name": "Guide to Operational Technology (OT) Security"
20179
+ },
20180
+ {
20181
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
20182
+ "framework": "OWASP Top 10 for LLM Applications 2025",
20183
+ "control_name": "Prompt Injection"
20184
+ },
20185
+ {
20186
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
20187
+ "framework": "OWASP Top 10 for LLM Applications 2025",
20188
+ "control_name": "Sensitive Information Disclosure"
20189
+ },
20190
+ {
20191
+ "id": "OWASP-Pen-Testing-Guide-v5",
20192
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
20193
+ "control_name": "Web application penetration testing methodology"
20194
+ },
20195
+ {
20196
+ "id": "PCI-DSS-4.0-6.3.3",
20197
+ "framework": "PCI DSS 4.0",
20198
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
20199
+ },
20200
+ {
20201
+ "id": "PTES-Pre-engagement",
20202
+ "framework": "Penetration Testing Execution Standard (PTES)",
20203
+ "control_name": "Pre-engagement Interactions"
20204
+ },
20205
+ {
20206
+ "id": "SOC2-CC6-logical-access",
20207
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
20208
+ "control_name": "Logical and Physical Access Controls"
20209
+ },
20210
+ {
20211
+ "id": "SOC2-CC9-vendor-management",
20212
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
20213
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
20214
+ }
20215
+ ],
20216
+ "attack_refs": [
20217
+ "T0855",
20218
+ "T0883",
20219
+ "T1059",
20220
+ "T1068",
20221
+ "T1078",
20222
+ "T1133",
20223
+ "T1190",
20224
+ "T1548.001",
20225
+ "T1566"
20226
+ ],
20227
+ "rfc_refs": [
20228
+ "RFC-4301",
20229
+ "RFC-4303",
20230
+ "RFC-7296"
20231
+ ]
20232
+ }
20233
+ },
20234
+ "CVE-2026-9082": {
20235
+ "name": "Drupal Core Database API Unauthenticated SQL Injection (SA-CORE-2026-004)",
20236
+ "rwep": 78,
20237
+ "cvss": 9.8,
20238
+ "cisa_kev": true,
20239
+ "epss_score": null,
20240
+ "referencing_skills": [
20241
+ "kernel-lpe-triage",
20242
+ "attack-surface-pentest",
20243
+ "ot-ics-security",
20244
+ "coordinated-vuln-disclosure",
20245
+ "sector-energy"
20246
+ ],
20247
+ "chain": {
20248
+ "cwes": [
20249
+ {
20250
+ "id": "CWE-1037",
20251
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
20252
+ "category": "Hardware / Side Channel"
20253
+ },
20254
+ {
20255
+ "id": "CWE-125",
20256
+ "name": "Out-of-bounds Read",
20257
+ "category": "Memory Safety"
20258
+ },
20259
+ {
20260
+ "id": "CWE-1357",
20261
+ "name": "Reliance on Insufficiently Trustworthy Component",
20262
+ "category": "Supply Chain"
20263
+ },
20264
+ {
20265
+ "id": "CWE-1395",
20266
+ "name": "Dependency on Vulnerable Third-Party Component",
20267
+ "category": "Supply Chain"
20268
+ },
20269
+ {
20270
+ "id": "CWE-22",
20271
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
20272
+ "category": "Path/Resource"
20273
+ },
20274
+ {
20275
+ "id": "CWE-269",
20276
+ "name": "Improper Privilege Management",
20277
+ "category": "Authorization"
20278
+ },
20279
+ {
20280
+ "id": "CWE-287",
20281
+ "name": "Improper Authentication",
20282
+ "category": "Authentication"
20283
+ },
20284
+ {
20285
+ "id": "CWE-306",
20286
+ "name": "Missing Authentication for Critical Function",
20287
+ "category": "Authentication"
20288
+ },
20289
+ {
20290
+ "id": "CWE-352",
20291
+ "name": "Cross-Site Request Forgery (CSRF)",
20292
+ "category": "Session"
20293
+ },
20294
+ {
20295
+ "id": "CWE-362",
20296
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
20297
+ "category": "Concurrency"
20298
+ },
20299
+ {
20300
+ "id": "CWE-416",
20301
+ "name": "Use After Free",
20302
+ "category": "Memory Safety"
20303
+ },
20304
+ {
20305
+ "id": "CWE-434",
20306
+ "name": "Unrestricted Upload of File with Dangerous Type",
20307
+ "category": "File Handling"
20308
+ },
20309
+ {
20310
+ "id": "CWE-672",
20311
+ "name": "Operation on a Resource after Expiration or Release",
20312
+ "category": "Memory Safety"
20313
+ },
20314
+ {
20315
+ "id": "CWE-732",
20316
+ "name": "Incorrect Permission Assignment for Critical Resource",
20317
+ "category": "Authorization"
20318
+ },
20319
+ {
20320
+ "id": "CWE-78",
20321
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
20322
+ "category": "Injection"
20323
+ },
20324
+ {
20325
+ "id": "CWE-787",
20326
+ "name": "Out-of-bounds Write",
20327
+ "category": "Memory Safety"
20328
+ },
20329
+ {
20330
+ "id": "CWE-79",
20331
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
20332
+ "category": "Injection"
20333
+ },
20334
+ {
20335
+ "id": "CWE-798",
20336
+ "name": "Use of Hard-coded Credentials",
20337
+ "category": "Credentials"
20338
+ },
20339
+ {
20340
+ "id": "CWE-89",
20341
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
20342
+ "category": "Injection"
20343
+ },
20344
+ {
20345
+ "id": "CWE-918",
20346
+ "name": "Server-Side Request Forgery (SSRF)",
20347
+ "category": "Network"
20348
+ }
20349
+ ],
20350
+ "atlas": [
20351
+ {
20352
+ "id": "AML.T0010",
20353
+ "name": "ML Supply Chain Compromise",
20354
+ "tactic": "Initial Access"
20355
+ },
20356
+ {
20357
+ "id": "AML.T0043",
20358
+ "name": "Craft Adversarial Data",
20359
+ "tactic": "ML Attack Staging"
20360
+ },
20361
+ {
20362
+ "id": "AML.T0051",
20363
+ "name": "LLM Prompt Injection",
20364
+ "tactic": "Execution"
20365
+ }
20366
+ ],
20367
+ "d3fend": [
20368
+ {
20369
+ "id": "D3-ASLR",
20370
+ "name": "Address Space Layout Randomization",
20371
+ "tactic": "Harden"
20372
+ },
20373
+ {
20374
+ "id": "D3-CSPP",
20375
+ "name": "Client-server Payload Profiling",
20376
+ "tactic": "Detect"
20377
+ },
20378
+ {
20379
+ "id": "D3-EAL",
20380
+ "name": "Executable Allowlisting",
20381
+ "tactic": "Harden"
20382
+ },
20383
+ {
20384
+ "id": "D3-NTA",
20385
+ "name": "Network Traffic Analysis",
20386
+ "tactic": "Detect"
20387
+ },
20388
+ {
20389
+ "id": "D3-PHRA",
20390
+ "name": "Process Hardware Resource Access",
20391
+ "tactic": "Isolate"
20392
+ },
20393
+ {
20394
+ "id": "D3-PSEP",
20395
+ "name": "Process Segment Execution Prevention",
20396
+ "tactic": "Harden"
20397
+ }
20398
+ ],
20399
+ "framework_gaps": [
20400
+ {
20401
+ "id": "CIS-Controls-v8-Control7",
20402
+ "framework": "CIS Controls v8",
20403
+ "control_name": "Continuous Vulnerability Management"
20404
+ },
20405
+ {
20406
+ "id": "IEC-62443-3-3",
20407
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
20408
+ "control_name": "System security requirements and security levels"
20409
+ },
20410
+ {
20411
+ "id": "ISO-27001-2022-A.8.8",
20412
+ "framework": "ISO/IEC 27001:2022",
20413
+ "control_name": "Management of technical vulnerabilities"
20414
+ },
20415
+ {
20416
+ "id": "NERC-CIP-007-6-R4",
20417
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
20418
+ "control_name": "Security event monitoring"
20419
+ },
20420
+ {
20421
+ "id": "NIS2-Art21-patch-management",
20422
+ "framework": "EU NIS2 Directive",
20423
+ "control_name": "Vulnerability handling and disclosure"
20424
+ },
20425
+ {
20426
+ "id": "NIST-800-115",
20427
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
20428
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
20429
+ },
20430
+ {
20431
+ "id": "NIST-800-218-SSDF",
20432
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
20433
+ "control_name": "Secure Software Development Framework"
20434
+ },
20435
+ {
20436
+ "id": "NIST-800-53-SC-8",
20437
+ "framework": "NIST SP 800-53 Rev 5",
20438
+ "control_name": "Transmission Confidentiality and Integrity"
20439
+ },
20440
+ {
20441
+ "id": "NIST-800-53-SI-2",
20442
+ "framework": "NIST SP 800-53 Rev 5",
20443
+ "control_name": "Flaw Remediation"
20444
+ },
20445
+ {
20446
+ "id": "NIST-800-82r3",
20447
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
20448
+ "control_name": "Guide to Operational Technology (OT) Security"
20449
+ },
20450
+ {
20451
+ "id": "OWASP-Pen-Testing-Guide-v5",
20452
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
20453
+ "control_name": "Web application penetration testing methodology"
20454
+ },
20455
+ {
20456
+ "id": "PCI-DSS-4.0-6.3.3",
20457
+ "framework": "PCI DSS 4.0",
20458
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
20459
+ },
20460
+ {
20461
+ "id": "PTES-Pre-engagement",
20462
+ "framework": "Penetration Testing Execution Standard (PTES)",
20463
+ "control_name": "Pre-engagement Interactions"
20464
+ },
20465
+ {
20466
+ "id": "SOC2-CC9-vendor-management",
20467
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
20468
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
20469
+ }
20470
+ ],
20471
+ "attack_refs": [
20472
+ "T0855",
20473
+ "T0883",
20474
+ "T1059",
20475
+ "T1068",
20476
+ "T1078",
20477
+ "T1133",
20478
+ "T1190",
20479
+ "T1548.001"
20480
+ ],
20481
+ "rfc_refs": [
20482
+ "RFC-4301",
20483
+ "RFC-4303",
20484
+ "RFC-7296"
20485
+ ]
20486
+ }
20487
+ },
18062
20488
  "CVE-2026-41091": {
18063
20489
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
18064
20490
  "rwep": 45,
@@ -44452,17 +46878,24 @@
44452
46878
  "CVE-2026-22252",
44453
46879
  "CVE-2026-22688",
44454
46880
  "CVE-2026-25592",
46881
+ "CVE-2026-26015",
44455
46882
  "CVE-2026-30615",
46883
+ "CVE-2026-30616",
46884
+ "CVE-2026-30617",
44456
46885
  "CVE-2026-30623",
46886
+ "CVE-2026-30624",
46887
+ "CVE-2026-30625",
44457
46888
  "CVE-2026-31431",
44458
46889
  "CVE-2026-34926",
44459
46890
  "CVE-2026-39884",
46891
+ "CVE-2026-40933",
44460
46892
  "CVE-2026-41091",
44461
46893
  "CVE-2026-42208",
44462
46894
  "CVE-2026-45321",
44463
46895
  "CVE-2026-45498",
44464
46896
  "CVE-2026-46300",
44465
46897
  "CVE-2026-46333",
46898
+ "CVE-2026-9082",
44466
46899
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
44467
46900
  "MAL-2026-3083",
44468
46901
  "MAL-2026-NODE-IPC-STEALER"
@@ -44801,16 +47234,23 @@
44801
47234
  "CVE-2026-22252",
44802
47235
  "CVE-2026-22688",
44803
47236
  "CVE-2026-25592",
47237
+ "CVE-2026-26015",
47238
+ "CVE-2026-30616",
47239
+ "CVE-2026-30617",
44804
47240
  "CVE-2026-30623",
47241
+ "CVE-2026-30624",
47242
+ "CVE-2026-30625",
44805
47243
  "CVE-2026-31431",
44806
47244
  "CVE-2026-34926",
44807
47245
  "CVE-2026-39884",
47246
+ "CVE-2026-40933",
44808
47247
  "CVE-2026-41091",
44809
47248
  "CVE-2026-42208",
44810
47249
  "CVE-2026-45321",
44811
47250
  "CVE-2026-45498",
44812
47251
  "CVE-2026-46300",
44813
47252
  "CVE-2026-46333",
47253
+ "CVE-2026-9082",
44814
47254
  "MAL-2026-3083",
44815
47255
  "MAL-2026-NODE-IPC-STEALER"
44816
47256
  ]
@@ -44945,16 +47385,23 @@
44945
47385
  "CVE-2026-22252",
44946
47386
  "CVE-2026-22688",
44947
47387
  "CVE-2026-25592",
47388
+ "CVE-2026-26015",
47389
+ "CVE-2026-30616",
47390
+ "CVE-2026-30617",
44948
47391
  "CVE-2026-30623",
47392
+ "CVE-2026-30624",
47393
+ "CVE-2026-30625",
44949
47394
  "CVE-2026-31431",
44950
47395
  "CVE-2026-34926",
44951
47396
  "CVE-2026-39884",
47397
+ "CVE-2026-40933",
44952
47398
  "CVE-2026-41091",
44953
47399
  "CVE-2026-42208",
44954
47400
  "CVE-2026-45321",
44955
47401
  "CVE-2026-45498",
44956
47402
  "CVE-2026-46300",
44957
47403
  "CVE-2026-46333",
47404
+ "CVE-2026-9082",
44958
47405
  "MAL-2026-3083",
44959
47406
  "MAL-2026-NODE-IPC-STEALER"
44960
47407
  ]
@@ -45103,16 +47550,23 @@
45103
47550
  "CVE-2026-22252",
45104
47551
  "CVE-2026-22688",
45105
47552
  "CVE-2026-25592",
47553
+ "CVE-2026-26015",
47554
+ "CVE-2026-30616",
47555
+ "CVE-2026-30617",
45106
47556
  "CVE-2026-30623",
47557
+ "CVE-2026-30624",
47558
+ "CVE-2026-30625",
45107
47559
  "CVE-2026-31431",
45108
47560
  "CVE-2026-34926",
45109
47561
  "CVE-2026-39884",
47562
+ "CVE-2026-40933",
45110
47563
  "CVE-2026-41091",
45111
47564
  "CVE-2026-42208",
45112
47565
  "CVE-2026-45321",
45113
47566
  "CVE-2026-45498",
45114
47567
  "CVE-2026-46300",
45115
47568
  "CVE-2026-46333",
47569
+ "CVE-2026-9082",
45116
47570
  "MAL-2026-3083",
45117
47571
  "MAL-2026-NODE-IPC-STEALER"
45118
47572
  ]
@@ -45367,11 +47821,17 @@
45367
47821
  "CVE-2026-22688",
45368
47822
  "CVE-2026-22778",
45369
47823
  "CVE-2026-25592",
47824
+ "CVE-2026-26015",
45370
47825
  "CVE-2026-30615",
47826
+ "CVE-2026-30616",
47827
+ "CVE-2026-30617",
45371
47828
  "CVE-2026-30623",
47829
+ "CVE-2026-30624",
47830
+ "CVE-2026-30625",
45372
47831
  "CVE-2026-32202",
45373
47832
  "CVE-2026-33825",
45374
47833
  "CVE-2026-39884",
47834
+ "CVE-2026-40933",
45375
47835
  "CVE-2026-42208",
45376
47836
  "CVE-2026-45321",
45377
47837
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
@@ -45765,7 +48225,12 @@
45765
48225
  "CVE-2026-24858",
45766
48226
  "CVE-2026-25108",
45767
48227
  "CVE-2026-25592",
48228
+ "CVE-2026-26015",
45768
48229
  "CVE-2026-3055",
48230
+ "CVE-2026-30616",
48231
+ "CVE-2026-30617",
48232
+ "CVE-2026-30624",
48233
+ "CVE-2026-30625",
45769
48234
  "CVE-2026-31431",
45770
48235
  "CVE-2026-31635",
45771
48236
  "CVE-2026-32201",
@@ -45781,6 +48246,7 @@
45781
48246
  "CVE-2026-3909",
45782
48247
  "CVE-2026-3910",
45783
48248
  "CVE-2026-39884",
48249
+ "CVE-2026-40933",
45784
48250
  "CVE-2026-41091",
45785
48251
  "CVE-2026-41940",
45786
48252
  "CVE-2026-42897",
@@ -45793,6 +48259,7 @@
45793
48259
  "CVE-2026-46333",
45794
48260
  "CVE-2026-5281",
45795
48261
  "CVE-2026-6973",
48262
+ "CVE-2026-9082",
45796
48263
  "MAL-2026-3083",
45797
48264
  "MAL-2026-NODE-IPC-STEALER"
45798
48265
  ]
@@ -46382,17 +48849,24 @@
46382
48849
  "CVE-2026-22252",
46383
48850
  "CVE-2026-22688",
46384
48851
  "CVE-2026-25592",
48852
+ "CVE-2026-26015",
46385
48853
  "CVE-2026-30615",
48854
+ "CVE-2026-30616",
48855
+ "CVE-2026-30617",
46386
48856
  "CVE-2026-30623",
48857
+ "CVE-2026-30624",
48858
+ "CVE-2026-30625",
46387
48859
  "CVE-2026-31431",
46388
48860
  "CVE-2026-34926",
46389
48861
  "CVE-2026-39884",
48862
+ "CVE-2026-40933",
46390
48863
  "CVE-2026-41091",
46391
48864
  "CVE-2026-42208",
46392
48865
  "CVE-2026-45321",
46393
48866
  "CVE-2026-45498",
46394
48867
  "CVE-2026-46300",
46395
48868
  "CVE-2026-46333",
48869
+ "CVE-2026-9082",
46396
48870
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
46397
48871
  "MAL-2026-3083",
46398
48872
  "MAL-2026-NODE-IPC-STEALER",
@@ -46965,17 +49439,24 @@
46965
49439
  "CVE-2026-22252",
46966
49440
  "CVE-2026-22688",
46967
49441
  "CVE-2026-25592",
49442
+ "CVE-2026-26015",
46968
49443
  "CVE-2026-30615",
49444
+ "CVE-2026-30616",
49445
+ "CVE-2026-30617",
46969
49446
  "CVE-2026-30623",
49447
+ "CVE-2026-30624",
49448
+ "CVE-2026-30625",
46970
49449
  "CVE-2026-31431",
46971
49450
  "CVE-2026-34926",
46972
49451
  "CVE-2026-39884",
49452
+ "CVE-2026-40933",
46973
49453
  "CVE-2026-41091",
46974
49454
  "CVE-2026-42208",
46975
49455
  "CVE-2026-45321",
46976
49456
  "CVE-2026-45498",
46977
49457
  "CVE-2026-46300",
46978
49458
  "CVE-2026-46333",
49459
+ "CVE-2026-9082",
46979
49460
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
46980
49461
  "MAL-2026-3083",
46981
49462
  "MAL-2026-NODE-IPC-STEALER"
@@ -47182,15 +49663,22 @@
47182
49663
  "CVE-2026-22252",
47183
49664
  "CVE-2026-22688",
47184
49665
  "CVE-2026-25592",
49666
+ "CVE-2026-26015",
47185
49667
  "CVE-2026-30615",
49668
+ "CVE-2026-30616",
49669
+ "CVE-2026-30617",
49670
+ "CVE-2026-30624",
49671
+ "CVE-2026-30625",
47186
49672
  "CVE-2026-31431",
47187
49673
  "CVE-2026-34926",
47188
49674
  "CVE-2026-39884",
49675
+ "CVE-2026-40933",
47189
49676
  "CVE-2026-41091",
47190
49677
  "CVE-2026-45321",
47191
49678
  "CVE-2026-45498",
47192
49679
  "CVE-2026-46300",
47193
49680
  "CVE-2026-46333",
49681
+ "CVE-2026-9082",
47194
49682
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
47195
49683
  "MAL-2026-3083"
47196
49684
  ]
@@ -47833,17 +50321,24 @@
47833
50321
  "CVE-2026-22252",
47834
50322
  "CVE-2026-22688",
47835
50323
  "CVE-2026-25592",
50324
+ "CVE-2026-26015",
47836
50325
  "CVE-2026-30615",
50326
+ "CVE-2026-30616",
50327
+ "CVE-2026-30617",
47837
50328
  "CVE-2026-30623",
50329
+ "CVE-2026-30624",
50330
+ "CVE-2026-30625",
47838
50331
  "CVE-2026-31431",
47839
50332
  "CVE-2026-34926",
47840
50333
  "CVE-2026-39884",
50334
+ "CVE-2026-40933",
47841
50335
  "CVE-2026-41091",
47842
50336
  "CVE-2026-42208",
47843
50337
  "CVE-2026-45321",
47844
50338
  "CVE-2026-45498",
47845
50339
  "CVE-2026-46300",
47846
50340
  "CVE-2026-46333",
50341
+ "CVE-2026-9082",
47847
50342
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
47848
50343
  "MAL-2026-3083",
47849
50344
  "MAL-2026-NODE-IPC-STEALER"
@@ -48235,7 +50730,12 @@
48235
50730
  "CVE-2026-24858",
48236
50731
  "CVE-2026-25108",
48237
50732
  "CVE-2026-25592",
50733
+ "CVE-2026-26015",
48238
50734
  "CVE-2026-3055",
50735
+ "CVE-2026-30616",
50736
+ "CVE-2026-30617",
50737
+ "CVE-2026-30624",
50738
+ "CVE-2026-30625",
48239
50739
  "CVE-2026-31431",
48240
50740
  "CVE-2026-31635",
48241
50741
  "CVE-2026-32201",
@@ -48251,6 +50751,7 @@
48251
50751
  "CVE-2026-3909",
48252
50752
  "CVE-2026-3910",
48253
50753
  "CVE-2026-39884",
50754
+ "CVE-2026-40933",
48254
50755
  "CVE-2026-41091",
48255
50756
  "CVE-2026-41940",
48256
50757
  "CVE-2026-42897",
@@ -48263,6 +50764,7 @@
48263
50764
  "CVE-2026-46333",
48264
50765
  "CVE-2026-5281",
48265
50766
  "CVE-2026-6973",
50767
+ "CVE-2026-9082",
48266
50768
  "MAL-2026-3083",
48267
50769
  "MAL-2026-NODE-IPC-STEALER"
48268
50770
  ]
@@ -48639,7 +51141,12 @@
48639
51141
  "CVE-2026-24858",
48640
51142
  "CVE-2026-25108",
48641
51143
  "CVE-2026-25592",
51144
+ "CVE-2026-26015",
48642
51145
  "CVE-2026-3055",
51146
+ "CVE-2026-30616",
51147
+ "CVE-2026-30617",
51148
+ "CVE-2026-30624",
51149
+ "CVE-2026-30625",
48643
51150
  "CVE-2026-31431",
48644
51151
  "CVE-2026-31635",
48645
51152
  "CVE-2026-32201",
@@ -48655,6 +51162,7 @@
48655
51162
  "CVE-2026-3909",
48656
51163
  "CVE-2026-3910",
48657
51164
  "CVE-2026-39884",
51165
+ "CVE-2026-40933",
48658
51166
  "CVE-2026-41091",
48659
51167
  "CVE-2026-41940",
48660
51168
  "CVE-2026-42897",
@@ -48667,6 +51175,7 @@
48667
51175
  "CVE-2026-46333",
48668
51176
  "CVE-2026-5281",
48669
51177
  "CVE-2026-6973",
51178
+ "CVE-2026-9082",
48670
51179
  "MAL-2026-3083",
48671
51180
  "MAL-2026-NODE-IPC-STEALER"
48672
51181
  ]
@@ -48897,17 +51406,24 @@
48897
51406
  "CVE-2026-22252",
48898
51407
  "CVE-2026-22688",
48899
51408
  "CVE-2026-25592",
51409
+ "CVE-2026-26015",
48900
51410
  "CVE-2026-30615",
51411
+ "CVE-2026-30616",
51412
+ "CVE-2026-30617",
48901
51413
  "CVE-2026-30623",
51414
+ "CVE-2026-30624",
51415
+ "CVE-2026-30625",
48902
51416
  "CVE-2026-31431",
48903
51417
  "CVE-2026-34926",
48904
51418
  "CVE-2026-39884",
51419
+ "CVE-2026-40933",
48905
51420
  "CVE-2026-41091",
48906
51421
  "CVE-2026-42208",
48907
51422
  "CVE-2026-45321",
48908
51423
  "CVE-2026-45498",
48909
51424
  "CVE-2026-46300",
48910
51425
  "CVE-2026-46333",
51426
+ "CVE-2026-9082",
48911
51427
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
48912
51428
  "MAL-2026-3083",
48913
51429
  "MAL-2026-NODE-IPC-STEALER"
@@ -49851,7 +52367,12 @@
49851
52367
  "CVE-2026-24858",
49852
52368
  "CVE-2026-25108",
49853
52369
  "CVE-2026-25592",
52370
+ "CVE-2026-26015",
49854
52371
  "CVE-2026-3055",
52372
+ "CVE-2026-30616",
52373
+ "CVE-2026-30617",
52374
+ "CVE-2026-30624",
52375
+ "CVE-2026-30625",
49855
52376
  "CVE-2026-31431",
49856
52377
  "CVE-2026-31635",
49857
52378
  "CVE-2026-32201",
@@ -49867,6 +52388,7 @@
49867
52388
  "CVE-2026-3909",
49868
52389
  "CVE-2026-3910",
49869
52390
  "CVE-2026-39884",
52391
+ "CVE-2026-40933",
49870
52392
  "CVE-2026-41091",
49871
52393
  "CVE-2026-41940",
49872
52394
  "CVE-2026-42897",
@@ -49879,6 +52401,7 @@
49879
52401
  "CVE-2026-46333",
49880
52402
  "CVE-2026-5281",
49881
52403
  "CVE-2026-6973",
52404
+ "CVE-2026-9082",
49882
52405
  "MAL-2026-3083"
49883
52406
  ]
49884
52407
  },
@@ -50173,17 +52696,24 @@
50173
52696
  "CVE-2026-22252",
50174
52697
  "CVE-2026-22688",
50175
52698
  "CVE-2026-25592",
52699
+ "CVE-2026-26015",
50176
52700
  "CVE-2026-30615",
52701
+ "CVE-2026-30616",
52702
+ "CVE-2026-30617",
50177
52703
  "CVE-2026-30623",
52704
+ "CVE-2026-30624",
52705
+ "CVE-2026-30625",
50178
52706
  "CVE-2026-31431",
50179
52707
  "CVE-2026-34926",
50180
52708
  "CVE-2026-39884",
52709
+ "CVE-2026-40933",
50181
52710
  "CVE-2026-41091",
50182
52711
  "CVE-2026-42208",
50183
52712
  "CVE-2026-45321",
50184
52713
  "CVE-2026-45498",
50185
52714
  "CVE-2026-46300",
50186
52715
  "CVE-2026-46333",
52716
+ "CVE-2026-9082",
50187
52717
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
50188
52718
  "MAL-2026-3083",
50189
52719
  "MAL-2026-NODE-IPC-STEALER",
@@ -50658,9 +53188,14 @@
50658
53188
  "CVE-2026-24858",
50659
53189
  "CVE-2026-25108",
50660
53190
  "CVE-2026-25592",
53191
+ "CVE-2026-26015",
50661
53192
  "CVE-2026-3055",
50662
53193
  "CVE-2026-30615",
53194
+ "CVE-2026-30616",
53195
+ "CVE-2026-30617",
50663
53196
  "CVE-2026-30623",
53197
+ "CVE-2026-30624",
53198
+ "CVE-2026-30625",
50664
53199
  "CVE-2026-31431",
50665
53200
  "CVE-2026-31635",
50666
53201
  "CVE-2026-32201",
@@ -50676,6 +53211,7 @@
50676
53211
  "CVE-2026-3909",
50677
53212
  "CVE-2026-3910",
50678
53213
  "CVE-2026-39884",
53214
+ "CVE-2026-40933",
50679
53215
  "CVE-2026-41091",
50680
53216
  "CVE-2026-41940",
50681
53217
  "CVE-2026-42897",
@@ -50688,6 +53224,7 @@
50688
53224
  "CVE-2026-46333",
50689
53225
  "CVE-2026-5281",
50690
53226
  "CVE-2026-6973",
53227
+ "CVE-2026-9082",
50691
53228
  "MAL-2026-3083",
50692
53229
  "MAL-2026-NODE-IPC-STEALER",
50693
53230
  "MAL-2026-SHAI-HULUD-OSS"
@@ -50992,15 +53529,22 @@
50992
53529
  "CVE-2026-22252",
50993
53530
  "CVE-2026-22688",
50994
53531
  "CVE-2026-25592",
53532
+ "CVE-2026-26015",
50995
53533
  "CVE-2026-30615",
53534
+ "CVE-2026-30616",
53535
+ "CVE-2026-30617",
53536
+ "CVE-2026-30624",
53537
+ "CVE-2026-30625",
50996
53538
  "CVE-2026-31431",
50997
53539
  "CVE-2026-34926",
50998
53540
  "CVE-2026-39884",
53541
+ "CVE-2026-40933",
50999
53542
  "CVE-2026-41091",
51000
53543
  "CVE-2026-45321",
51001
53544
  "CVE-2026-45498",
51002
53545
  "CVE-2026-46300",
51003
53546
  "CVE-2026-46333",
53547
+ "CVE-2026-9082",
51004
53548
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
51005
53549
  "MAL-2026-3083"
51006
53550
  ]
@@ -51912,17 +54456,24 @@
51912
54456
  "CVE-2026-22252",
51913
54457
  "CVE-2026-22688",
51914
54458
  "CVE-2026-25592",
54459
+ "CVE-2026-26015",
51915
54460
  "CVE-2026-30615",
54461
+ "CVE-2026-30616",
54462
+ "CVE-2026-30617",
51916
54463
  "CVE-2026-30623",
54464
+ "CVE-2026-30624",
54465
+ "CVE-2026-30625",
51917
54466
  "CVE-2026-31431",
51918
54467
  "CVE-2026-34926",
51919
54468
  "CVE-2026-39884",
54469
+ "CVE-2026-40933",
51920
54470
  "CVE-2026-41091",
51921
54471
  "CVE-2026-42208",
51922
54472
  "CVE-2026-45321",
51923
54473
  "CVE-2026-45498",
51924
54474
  "CVE-2026-46300",
51925
54475
  "CVE-2026-46333",
54476
+ "CVE-2026-9082",
51926
54477
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
51927
54478
  "MAL-2026-3083",
51928
54479
  "MAL-2026-NODE-IPC-STEALER"
@@ -51988,14 +54539,21 @@
51988
54539
  "CVE-2026-22252",
51989
54540
  "CVE-2026-22688",
51990
54541
  "CVE-2026-25592",
54542
+ "CVE-2026-26015",
54543
+ "CVE-2026-30616",
54544
+ "CVE-2026-30617",
54545
+ "CVE-2026-30624",
54546
+ "CVE-2026-30625",
51991
54547
  "CVE-2026-31431",
51992
54548
  "CVE-2026-34926",
51993
54549
  "CVE-2026-39884",
54550
+ "CVE-2026-40933",
51994
54551
  "CVE-2026-41091",
51995
54552
  "CVE-2026-45321",
51996
54553
  "CVE-2026-45498",
51997
54554
  "CVE-2026-46300",
51998
54555
  "CVE-2026-46333",
54556
+ "CVE-2026-9082",
51999
54557
  "MAL-2026-3083"
52000
54558
  ]
52001
54559
  },
@@ -52141,10 +54699,16 @@
52141
54699
  "CVE-2026-22688",
52142
54700
  "CVE-2026-22778",
52143
54701
  "CVE-2026-25592",
54702
+ "CVE-2026-26015",
54703
+ "CVE-2026-30616",
54704
+ "CVE-2026-30617",
52144
54705
  "CVE-2026-30623",
54706
+ "CVE-2026-30624",
54707
+ "CVE-2026-30625",
52145
54708
  "CVE-2026-32202",
52146
54709
  "CVE-2026-33825",
52147
54710
  "CVE-2026-39884",
54711
+ "CVE-2026-40933",
52148
54712
  "CVE-2026-42208"
52149
54713
  ]
52150
54714
  },
@@ -52721,8 +55285,13 @@
52721
55285
  "CVE-2026-24858",
52722
55286
  "CVE-2026-25108",
52723
55287
  "CVE-2026-25592",
55288
+ "CVE-2026-26015",
52724
55289
  "CVE-2026-3055",
52725
55290
  "CVE-2026-30615",
55291
+ "CVE-2026-30616",
55292
+ "CVE-2026-30617",
55293
+ "CVE-2026-30624",
55294
+ "CVE-2026-30625",
52726
55295
  "CVE-2026-31431",
52727
55296
  "CVE-2026-31635",
52728
55297
  "CVE-2026-32201",
@@ -52735,6 +55304,7 @@
52735
55304
  "CVE-2026-35616",
52736
55305
  "CVE-2026-3909",
52737
55306
  "CVE-2026-3910",
55307
+ "CVE-2026-40933",
52738
55308
  "CVE-2026-41091",
52739
55309
  "CVE-2026-41940",
52740
55310
  "CVE-2026-42945",
@@ -52743,6 +55313,7 @@
52743
55313
  "CVE-2026-46300",
52744
55314
  "CVE-2026-46333",
52745
55315
  "CVE-2026-5281",
55316
+ "CVE-2026-9082",
52746
55317
  "MAL-2026-3083",
52747
55318
  "MAL-2026-NODE-IPC-STEALER",
52748
55319
  "MAL-2026-SHAI-HULUD-OSS"
@@ -52978,16 +55549,23 @@
52978
55549
  "CVE-2026-22252",
52979
55550
  "CVE-2026-22688",
52980
55551
  "CVE-2026-25592",
55552
+ "CVE-2026-26015",
52981
55553
  "CVE-2026-30615",
55554
+ "CVE-2026-30616",
55555
+ "CVE-2026-30617",
52982
55556
  "CVE-2026-30623",
55557
+ "CVE-2026-30624",
55558
+ "CVE-2026-30625",
52983
55559
  "CVE-2026-31431",
52984
55560
  "CVE-2026-34926",
52985
55561
  "CVE-2026-39884",
55562
+ "CVE-2026-40933",
52986
55563
  "CVE-2026-41091",
52987
55564
  "CVE-2026-45321",
52988
55565
  "CVE-2026-45498",
52989
55566
  "CVE-2026-46300",
52990
55567
  "CVE-2026-46333",
55568
+ "CVE-2026-9082",
52991
55569
  "MAL-2026-3083",
52992
55570
  "MAL-2026-NODE-IPC-STEALER",
52993
55571
  "MAL-2026-SHAI-HULUD-OSS"
@@ -53253,11 +55831,17 @@
53253
55831
  "CVE-2026-22688",
53254
55832
  "CVE-2026-22778",
53255
55833
  "CVE-2026-25592",
55834
+ "CVE-2026-26015",
53256
55835
  "CVE-2026-30615",
55836
+ "CVE-2026-30616",
55837
+ "CVE-2026-30617",
53257
55838
  "CVE-2026-30623",
55839
+ "CVE-2026-30624",
55840
+ "CVE-2026-30625",
53258
55841
  "CVE-2026-32202",
53259
55842
  "CVE-2026-33825",
53260
55843
  "CVE-2026-39884",
55844
+ "CVE-2026-40933",
53261
55845
  "CVE-2026-42208",
53262
55846
  "CVE-2026-42897",
53263
55847
  "CVE-2026-43284",