@blamejs/exceptd-skills 0.13.75 → 0.13.77
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/data/_indexes/_meta.json +8 -8
- package/data/_indexes/activity-feed.json +2 -2
- package/data/_indexes/catalog-summaries.json +2 -2
- package/data/_indexes/chains.json +2584 -0
- package/data/attack-techniques.json +13 -0
- package/data/cve-catalog.json +685 -1
- package/data/cwe-catalog.json +14 -2
- package/data/framework-control-gaps.json +55 -6
- package/data/zeroday-lessons.json +350 -0
- package/manifest.json +44 -44
- package/package.json +2 -2
- package/sbom.cdx.json +23 -23
|
@@ -281,11 +281,17 @@
|
|
|
281
281
|
"CVE-2026-22688",
|
|
282
282
|
"CVE-2026-22778",
|
|
283
283
|
"CVE-2026-25592",
|
|
284
|
+
"CVE-2026-26015",
|
|
284
285
|
"CVE-2026-30615",
|
|
286
|
+
"CVE-2026-30616",
|
|
287
|
+
"CVE-2026-30617",
|
|
285
288
|
"CVE-2026-30623",
|
|
289
|
+
"CVE-2026-30624",
|
|
290
|
+
"CVE-2026-30625",
|
|
286
291
|
"CVE-2026-32202",
|
|
287
292
|
"CVE-2026-39884",
|
|
288
293
|
"CVE-2026-39987",
|
|
294
|
+
"CVE-2026-40933",
|
|
289
295
|
"CVE-2026-6973"
|
|
290
296
|
],
|
|
291
297
|
"description_full": "Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries. These interfaces and languages provide ways of interacting with computer systems and are a common feature across many different platforms. Most systems come with some built-in command-line interface and scripting capabilities, for example, macOS and Linux distributions include some flavor of [Unix Shell](https://attack.mitre.org/techniques/T1059/004) while Windows installations include the [Windows Command Shell](https://attack.mitre.org/techniques/T1059/003) and [PowerShell](https://attack.mitre.org/techniques/T1059/001). There are also cross-platform interpreters such as [Python](https://attack.mitre.org/techniques/T1059/006), as well as those commonly associated with client applications such as [JavaScript](https://attack.mitre.org/techniques/T1059/007) and [Visual Basic](https://attack.mitre.org/techniques/T1059/005). Adversaries may abuse these technologies in various ways as a means of executing arbitrary commands. Commands and scripts can be embedded in [Initial Access](https://attack.mitre.org/tactics/TA0001) payloads delivered to victims as lure documents or as secondary payloads downloaded from an existing C2. Adversaries may also execute commands through interactive terminals/shells, as well as utilize various [Remote Services](https://attack.mitre.org/techniques/T1021) in order to achieve remote Execution.(Citation: Powershell Remote Commands)(Citation: Cisco IOS Software Integrity Assurance - Command History)(Citation: Remote Shell Execution in Python)",
|
|
@@ -954,6 +960,11 @@
|
|
|
954
960
|
"CVE-2026-22778",
|
|
955
961
|
"CVE-2026-23760",
|
|
956
962
|
"CVE-2026-25108",
|
|
963
|
+
"CVE-2026-26015",
|
|
964
|
+
"CVE-2026-30616",
|
|
965
|
+
"CVE-2026-30617",
|
|
966
|
+
"CVE-2026-30624",
|
|
967
|
+
"CVE-2026-30625",
|
|
957
968
|
"CVE-2026-32201",
|
|
958
969
|
"CVE-2026-32202",
|
|
959
970
|
"CVE-2026-33017",
|
|
@@ -965,11 +976,13 @@
|
|
|
965
976
|
"CVE-2026-3909",
|
|
966
977
|
"CVE-2026-3910",
|
|
967
978
|
"CVE-2026-39987",
|
|
979
|
+
"CVE-2026-40933",
|
|
968
980
|
"CVE-2026-42208",
|
|
969
981
|
"CVE-2026-42897",
|
|
970
982
|
"CVE-2026-42945",
|
|
971
983
|
"CVE-2026-6973",
|
|
972
984
|
"CVE-2026-7482",
|
|
985
|
+
"CVE-2026-9082",
|
|
973
986
|
"MAL-2025-AI-FOUND-FFMPEG-BIGSLEEP"
|
|
974
987
|
],
|
|
975
988
|
"description_full": "Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network. The weakness in the system can be a software bug, a temporary glitch, or a misconfiguration. Exploited applications are often websites/web servers, but can also include databases (like SQL), standard services (like SMB or SSH), network device administration and management protocols (like SNMP and Smart Install), and any other system with Internet-accessible open sockets.(Citation: NVD CVE-2016-6662)(Citation: CIS Multiple SMB Vulnerabilities)(Citation: US-CERT TA18-106A Network Infrastructure Devices 2018)(Citation: Cisco Blog Legacy Device Attacks)(Citation: NVD CVE-2014-7169) On ESXi infrastructure, adversaries may exploit exposed OpenSLP services; they may alternatively exploit exposed VMware vCenter servers.(Citation: Recorded Future ESXiArgs Ransomware 2023)(Citation: Ars Technica VMWare Code Execution Vulnerability 2021) Depending on the flaw being exploited, this may also involve [Exploitation for Stealth](https://attack.mitre.org/techniques/T1211) or [Exploitation for Client Execution](https://attack.mitre.org/techniques/T1203). If an application is hosted on cloud-based infrastructure and/or is containerized, then exploiting it may lead to compromise of the underlying instance or container. This can allow an adversary a path to access the cloud or container APIs (e.g., via the [Cloud Instance Metadata API](https://attack.mitre.org/techniques/T1552/005)), exploit container host access via [Escape to Host](https://attack.mitre.org/techniques/T1611), or take advantage of weak identity and access management policies. Adversaries may also exploit edge network infrastructure and related appliances, specifically targeting devices that do not support robust host-based defenses.(Citation: Mandiant Fortinet Zero Day)(Citation: Wired Russia Cyberwar) For websites and databases, the OWASP top 10 and CWE top 25 highlight the most common web-based vulnerabilities.(Citation: OWASP Top 10)(Citation: CWE top 25)",
|