@blamejs/exceptd-skills 0.13.76 → 0.13.78

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/CHANGELOG.md +8 -0
  2. package/data/_indexes/_meta.json +8 -8
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +2199 -0
  6. package/data/attack-techniques.json +9 -0
  7. package/data/cve-catalog.json +610 -0
  8. package/data/cwe-catalog.json +8 -1
  9. package/data/framework-control-gaps.json +51 -5
  10. package/data/zeroday-lessons.json +300 -0
  11. package/manifest.json +44 -44
  12. package/package.json +2 -2
  13. package/sbom.cdx.json +23 -23
package/data/_indexes/chains.json CHANGED
@@ -19869,6 +19869,2070 @@
19869
19869
  ]
19870
19870
  }
19871
19871
  },
19872
+ "CVE-2026-26015": {
19873
+ "name": "DocsGPT MCP stdio Unauthenticated Remote Code Execution",
19874
+ "rwep": 27,
19875
+ "cvss": 9.8,
19876
+ "cisa_kev": false,
19877
+ "epss_score": null,
19878
+ "referencing_skills": [
19879
+ "kernel-lpe-triage",
19880
+ "ai-attack-surface",
19881
+ "compliance-theater",
19882
+ "attack-surface-pentest",
19883
+ "ot-ics-security",
19884
+ "coordinated-vuln-disclosure",
19885
+ "sector-energy"
19886
+ ],
19887
+ "chain": {
19888
+ "cwes": [
19889
+ {
19890
+ "id": "CWE-1037",
19891
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
19892
+ "category": "Hardware / Side Channel"
19893
+ },
19894
+ {
19895
+ "id": "CWE-1039",
19896
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
19897
+ "category": "AI/ML"
19898
+ },
19899
+ {
19900
+ "id": "CWE-125",
19901
+ "name": "Out-of-bounds Read",
19902
+ "category": "Memory Safety"
19903
+ },
19904
+ {
19905
+ "id": "CWE-1357",
19906
+ "name": "Reliance on Insufficiently Trustworthy Component",
19907
+ "category": "Supply Chain"
19908
+ },
19909
+ {
19910
+ "id": "CWE-1395",
19911
+ "name": "Dependency on Vulnerable Third-Party Component",
19912
+ "category": "Supply Chain"
19913
+ },
19914
+ {
19915
+ "id": "CWE-1426",
19916
+ "name": "Improper Validation of Generative AI Output",
19917
+ "category": "AI/ML"
19918
+ },
19919
+ {
19920
+ "id": "CWE-22",
19921
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
19922
+ "category": "Path/Resource"
19923
+ },
19924
+ {
19925
+ "id": "CWE-269",
19926
+ "name": "Improper Privilege Management",
19927
+ "category": "Authorization"
19928
+ },
19929
+ {
19930
+ "id": "CWE-287",
19931
+ "name": "Improper Authentication",
19932
+ "category": "Authentication"
19933
+ },
19934
+ {
19935
+ "id": "CWE-306",
19936
+ "name": "Missing Authentication for Critical Function",
19937
+ "category": "Authentication"
19938
+ },
19939
+ {
19940
+ "id": "CWE-352",
19941
+ "name": "Cross-Site Request Forgery (CSRF)",
19942
+ "category": "Session"
19943
+ },
19944
+ {
19945
+ "id": "CWE-362",
19946
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
19947
+ "category": "Concurrency"
19948
+ },
19949
+ {
19950
+ "id": "CWE-416",
19951
+ "name": "Use After Free",
19952
+ "category": "Memory Safety"
19953
+ },
19954
+ {
19955
+ "id": "CWE-434",
19956
+ "name": "Unrestricted Upload of File with Dangerous Type",
19957
+ "category": "File Handling"
19958
+ },
19959
+ {
19960
+ "id": "CWE-672",
19961
+ "name": "Operation on a Resource after Expiration or Release",
19962
+ "category": "Memory Safety"
19963
+ },
19964
+ {
19965
+ "id": "CWE-732",
19966
+ "name": "Incorrect Permission Assignment for Critical Resource",
19967
+ "category": "Authorization"
19968
+ },
19969
+ {
19970
+ "id": "CWE-78",
19971
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
19972
+ "category": "Injection"
19973
+ },
19974
+ {
19975
+ "id": "CWE-787",
19976
+ "name": "Out-of-bounds Write",
19977
+ "category": "Memory Safety"
19978
+ },
19979
+ {
19980
+ "id": "CWE-79",
19981
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
19982
+ "category": "Injection"
19983
+ },
19984
+ {
19985
+ "id": "CWE-798",
19986
+ "name": "Use of Hard-coded Credentials",
19987
+ "category": "Credentials"
19988
+ },
19989
+ {
19990
+ "id": "CWE-89",
19991
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
19992
+ "category": "Injection"
19993
+ },
19994
+ {
19995
+ "id": "CWE-918",
19996
+ "name": "Server-Side Request Forgery (SSRF)",
19997
+ "category": "Network"
19998
+ },
19999
+ {
20000
+ "id": "CWE-94",
20001
+ "name": "Improper Control of Generation of Code (Code Injection)",
20002
+ "category": "Injection"
20003
+ }
20004
+ ],
20005
+ "atlas": [
20006
+ {
20007
+ "id": "AML.T0010",
20008
+ "name": "ML Supply Chain Compromise",
20009
+ "tactic": "Initial Access"
20010
+ },
20011
+ {
20012
+ "id": "AML.T0016",
20013
+ "name": "Obtain Capabilities: Develop Capabilities",
20014
+ "tactic": "Resource Development"
20015
+ },
20016
+ {
20017
+ "id": "AML.T0017",
20018
+ "name": "Discover ML Model Ontology",
20019
+ "tactic": "Discovery"
20020
+ },
20021
+ {
20022
+ "id": "AML.T0018",
20023
+ "name": "Backdoor ML Model",
20024
+ "tactic": "Persistence"
20025
+ },
20026
+ {
20027
+ "id": "AML.T0020",
20028
+ "name": "Poison Training Data",
20029
+ "tactic": "ML Attack Staging"
20030
+ },
20031
+ {
20032
+ "id": "AML.T0043",
20033
+ "name": "Craft Adversarial Data",
20034
+ "tactic": "ML Attack Staging"
20035
+ },
20036
+ {
20037
+ "id": "AML.T0051",
20038
+ "name": "LLM Prompt Injection",
20039
+ "tactic": "Execution"
20040
+ },
20041
+ {
20042
+ "id": "AML.T0054",
20043
+ "name": "LLM Jailbreak",
20044
+ "tactic": "Defense Evasion"
20045
+ },
20046
+ {
20047
+ "id": "AML.T0096",
20048
+ "name": "AI API as Covert C2 Channel",
20049
+ "tactic": "Command and Control"
20050
+ }
20051
+ ],
20052
+ "d3fend": [
20053
+ {
20054
+ "id": "D3-ASLR",
20055
+ "name": "Address Space Layout Randomization",
20056
+ "tactic": "Harden"
20057
+ },
20058
+ {
20059
+ "id": "D3-CSPP",
20060
+ "name": "Client-server Payload Profiling",
20061
+ "tactic": "Detect"
20062
+ },
20063
+ {
20064
+ "id": "D3-EAL",
20065
+ "name": "Executable Allowlisting",
20066
+ "tactic": "Harden"
20067
+ },
20068
+ {
20069
+ "id": "D3-IOPR",
20070
+ "name": "Input/Output Profiling Resource",
20071
+ "tactic": "Detect"
20072
+ },
20073
+ {
20074
+ "id": "D3-NTA",
20075
+ "name": "Network Traffic Analysis",
20076
+ "tactic": "Detect"
20077
+ },
20078
+ {
20079
+ "id": "D3-PHRA",
20080
+ "name": "Process Hardware Resource Access",
20081
+ "tactic": "Isolate"
20082
+ },
20083
+ {
20084
+ "id": "D3-PSEP",
20085
+ "name": "Process Segment Execution Prevention",
20086
+ "tactic": "Harden"
20087
+ }
20088
+ ],
20089
+ "framework_gaps": [
20090
+ {
20091
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
20092
+ "framework": "ALL",
20093
+ "control_name": "AI Pipeline Integrity"
20094
+ },
20095
+ {
20096
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
20097
+ "framework": "ALL",
20098
+ "control_name": "Prompt Injection as Access Control Failure"
20099
+ },
20100
+ {
20101
+ "id": "CIS-Controls-v8-Control7",
20102
+ "framework": "CIS Controls v8",
20103
+ "control_name": "Continuous Vulnerability Management"
20104
+ },
20105
+ {
20106
+ "id": "CMMC-2.0-Level-2",
20107
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
20108
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
20109
+ },
20110
+ {
20111
+ "id": "FedRAMP-Rev5-Moderate",
20112
+ "framework": "FedRAMP Rev 5 Moderate",
20113
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
20114
+ },
20115
+ {
20116
+ "id": "IEC-62443-3-3",
20117
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
20118
+ "control_name": "System security requirements and security levels"
20119
+ },
20120
+ {
20121
+ "id": "ISO-27001-2022-A.8.28",
20122
+ "framework": "ISO/IEC 27001:2022",
20123
+ "control_name": "Secure coding"
20124
+ },
20125
+ {
20126
+ "id": "ISO-27001-2022-A.8.8",
20127
+ "framework": "ISO/IEC 27001:2022",
20128
+ "control_name": "Management of technical vulnerabilities"
20129
+ },
20130
+ {
20131
+ "id": "ISO-IEC-23894-2023-clause-7",
20132
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
20133
+ "control_name": "AI risk management process"
20134
+ },
20135
+ {
20136
+ "id": "NERC-CIP-007-6-R4",
20137
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
20138
+ "control_name": "Security event monitoring"
20139
+ },
20140
+ {
20141
+ "id": "NIS2-Art21-patch-management",
20142
+ "framework": "EU NIS2 Directive",
20143
+ "control_name": "Vulnerability handling and disclosure"
20144
+ },
20145
+ {
20146
+ "id": "NIST-800-115",
20147
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
20148
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
20149
+ },
20150
+ {
20151
+ "id": "NIST-800-218-SSDF",
20152
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
20153
+ "control_name": "Secure Software Development Framework"
20154
+ },
20155
+ {
20156
+ "id": "NIST-800-53-AC-2",
20157
+ "framework": "NIST SP 800-53 Rev 5",
20158
+ "control_name": "Account Management"
20159
+ },
20160
+ {
20161
+ "id": "NIST-800-53-SC-8",
20162
+ "framework": "NIST SP 800-53 Rev 5",
20163
+ "control_name": "Transmission Confidentiality and Integrity"
20164
+ },
20165
+ {
20166
+ "id": "NIST-800-53-SI-2",
20167
+ "framework": "NIST SP 800-53 Rev 5",
20168
+ "control_name": "Flaw Remediation"
20169
+ },
20170
+ {
20171
+ "id": "NIST-800-53-SI-3",
20172
+ "framework": "NIST SP 800-53 Rev 5",
20173
+ "control_name": "Malicious Code Protection"
20174
+ },
20175
+ {
20176
+ "id": "NIST-800-82r3",
20177
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
20178
+ "control_name": "Guide to Operational Technology (OT) Security"
20179
+ },
20180
+ {
20181
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
20182
+ "framework": "OWASP Top 10 for LLM Applications 2025",
20183
+ "control_name": "Prompt Injection"
20184
+ },
20185
+ {
20186
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
20187
+ "framework": "OWASP Top 10 for LLM Applications 2025",
20188
+ "control_name": "Sensitive Information Disclosure"
20189
+ },
20190
+ {
20191
+ "id": "OWASP-Pen-Testing-Guide-v5",
20192
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
20193
+ "control_name": "Web application penetration testing methodology"
20194
+ },
20195
+ {
20196
+ "id": "PCI-DSS-4.0-6.3.3",
20197
+ "framework": "PCI DSS 4.0",
20198
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
20199
+ },
20200
+ {
20201
+ "id": "PTES-Pre-engagement",
20202
+ "framework": "Penetration Testing Execution Standard (PTES)",
20203
+ "control_name": "Pre-engagement Interactions"
20204
+ },
20205
+ {
20206
+ "id": "SOC2-CC6-logical-access",
20207
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
20208
+ "control_name": "Logical and Physical Access Controls"
20209
+ },
20210
+ {
20211
+ "id": "SOC2-CC9-vendor-management",
20212
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
20213
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
20214
+ }
20215
+ ],
20216
+ "attack_refs": [
20217
+ "T0855",
20218
+ "T0883",
20219
+ "T1059",
20220
+ "T1068",
20221
+ "T1078",
20222
+ "T1133",
20223
+ "T1190",
20224
+ "T1548.001",
20225
+ "T1566"
20226
+ ],
20227
+ "rfc_refs": [
20228
+ "RFC-4301",
20229
+ "RFC-4303",
20230
+ "RFC-7296"
20231
+ ]
20232
+ }
20233
+ },
20234
+ "CVE-2026-9082": {
20235
+ "name": "Drupal Core Database API Unauthenticated SQL Injection (SA-CORE-2026-004)",
20236
+ "rwep": 78,
20237
+ "cvss": 9.8,
20238
+ "cisa_kev": true,
20239
+ "epss_score": null,
20240
+ "referencing_skills": [
20241
+ "kernel-lpe-triage",
20242
+ "attack-surface-pentest",
20243
+ "ot-ics-security",
20244
+ "coordinated-vuln-disclosure",
20245
+ "sector-energy"
20246
+ ],
20247
+ "chain": {
20248
+ "cwes": [
20249
+ {
20250
+ "id": "CWE-1037",
20251
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
20252
+ "category": "Hardware / Side Channel"
20253
+ },
20254
+ {
20255
+ "id": "CWE-125",
20256
+ "name": "Out-of-bounds Read",
20257
+ "category": "Memory Safety"
20258
+ },
20259
+ {
20260
+ "id": "CWE-1357",
20261
+ "name": "Reliance on Insufficiently Trustworthy Component",
20262
+ "category": "Supply Chain"
20263
+ },
20264
+ {
20265
+ "id": "CWE-1395",
20266
+ "name": "Dependency on Vulnerable Third-Party Component",
20267
+ "category": "Supply Chain"
20268
+ },
20269
+ {
20270
+ "id": "CWE-22",
20271
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
20272
+ "category": "Path/Resource"
20273
+ },
20274
+ {
20275
+ "id": "CWE-269",
20276
+ "name": "Improper Privilege Management",
20277
+ "category": "Authorization"
20278
+ },
20279
+ {
20280
+ "id": "CWE-287",
20281
+ "name": "Improper Authentication",
20282
+ "category": "Authentication"
20283
+ },
20284
+ {
20285
+ "id": "CWE-306",
20286
+ "name": "Missing Authentication for Critical Function",
20287
+ "category": "Authentication"
20288
+ },
20289
+ {
20290
+ "id": "CWE-352",
20291
+ "name": "Cross-Site Request Forgery (CSRF)",
20292
+ "category": "Session"
20293
+ },
20294
+ {
20295
+ "id": "CWE-362",
20296
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
20297
+ "category": "Concurrency"
20298
+ },
20299
+ {
20300
+ "id": "CWE-416",
20301
+ "name": "Use After Free",
20302
+ "category": "Memory Safety"
20303
+ },
20304
+ {
20305
+ "id": "CWE-434",
20306
+ "name": "Unrestricted Upload of File with Dangerous Type",
20307
+ "category": "File Handling"
20308
+ },
20309
+ {
20310
+ "id": "CWE-672",
20311
+ "name": "Operation on a Resource after Expiration or Release",
20312
+ "category": "Memory Safety"
20313
+ },
20314
+ {
20315
+ "id": "CWE-732",
20316
+ "name": "Incorrect Permission Assignment for Critical Resource",
20317
+ "category": "Authorization"
20318
+ },
20319
+ {
20320
+ "id": "CWE-78",
20321
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
20322
+ "category": "Injection"
20323
+ },
20324
+ {
20325
+ "id": "CWE-787",
20326
+ "name": "Out-of-bounds Write",
20327
+ "category": "Memory Safety"
20328
+ },
20329
+ {
20330
+ "id": "CWE-79",
20331
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
20332
+ "category": "Injection"
20333
+ },
20334
+ {
20335
+ "id": "CWE-798",
20336
+ "name": "Use of Hard-coded Credentials",
20337
+ "category": "Credentials"
20338
+ },
20339
+ {
20340
+ "id": "CWE-89",
20341
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
20342
+ "category": "Injection"
20343
+ },
20344
+ {
20345
+ "id": "CWE-918",
20346
+ "name": "Server-Side Request Forgery (SSRF)",
20347
+ "category": "Network"
20348
+ }
20349
+ ],
20350
+ "atlas": [
20351
+ {
20352
+ "id": "AML.T0010",
20353
+ "name": "ML Supply Chain Compromise",
20354
+ "tactic": "Initial Access"
20355
+ },
20356
+ {
20357
+ "id": "AML.T0043",
20358
+ "name": "Craft Adversarial Data",
20359
+ "tactic": "ML Attack Staging"
20360
+ },
20361
+ {
20362
+ "id": "AML.T0051",
20363
+ "name": "LLM Prompt Injection",
20364
+ "tactic": "Execution"
20365
+ }
20366
+ ],
20367
+ "d3fend": [
20368
+ {
20369
+ "id": "D3-ASLR",
20370
+ "name": "Address Space Layout Randomization",
20371
+ "tactic": "Harden"
20372
+ },
20373
+ {
20374
+ "id": "D3-CSPP",
20375
+ "name": "Client-server Payload Profiling",
20376
+ "tactic": "Detect"
20377
+ },
20378
+ {
20379
+ "id": "D3-EAL",
20380
+ "name": "Executable Allowlisting",
20381
+ "tactic": "Harden"
20382
+ },
20383
+ {
20384
+ "id": "D3-NTA",
20385
+ "name": "Network Traffic Analysis",
20386
+ "tactic": "Detect"
20387
+ },
20388
+ {
20389
+ "id": "D3-PHRA",
20390
+ "name": "Process Hardware Resource Access",
20391
+ "tactic": "Isolate"
20392
+ },
20393
+ {
20394
+ "id": "D3-PSEP",
20395
+ "name": "Process Segment Execution Prevention",
20396
+ "tactic": "Harden"
20397
+ }
20398
+ ],
20399
+ "framework_gaps": [
20400
+ {
20401
+ "id": "CIS-Controls-v8-Control7",
20402
+ "framework": "CIS Controls v8",
20403
+ "control_name": "Continuous Vulnerability Management"
20404
+ },
20405
+ {
20406
+ "id": "IEC-62443-3-3",
20407
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
20408
+ "control_name": "System security requirements and security levels"
20409
+ },
20410
+ {
20411
+ "id": "ISO-27001-2022-A.8.8",
20412
+ "framework": "ISO/IEC 27001:2022",
20413
+ "control_name": "Management of technical vulnerabilities"
20414
+ },
20415
+ {
20416
+ "id": "NERC-CIP-007-6-R4",
20417
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
20418
+ "control_name": "Security event monitoring"
20419
+ },
20420
+ {
20421
+ "id": "NIS2-Art21-patch-management",
20422
+ "framework": "EU NIS2 Directive",
20423
+ "control_name": "Vulnerability handling and disclosure"
20424
+ },
20425
+ {
20426
+ "id": "NIST-800-115",
20427
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
20428
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
20429
+ },
20430
+ {
20431
+ "id": "NIST-800-218-SSDF",
20432
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
20433
+ "control_name": "Secure Software Development Framework"
20434
+ },
20435
+ {
20436
+ "id": "NIST-800-53-SC-8",
20437
+ "framework": "NIST SP 800-53 Rev 5",
20438
+ "control_name": "Transmission Confidentiality and Integrity"
20439
+ },
20440
+ {
20441
+ "id": "NIST-800-53-SI-2",
20442
+ "framework": "NIST SP 800-53 Rev 5",
20443
+ "control_name": "Flaw Remediation"
20444
+ },
20445
+ {
20446
+ "id": "NIST-800-82r3",
20447
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
20448
+ "control_name": "Guide to Operational Technology (OT) Security"
20449
+ },
20450
+ {
20451
+ "id": "OWASP-Pen-Testing-Guide-v5",
20452
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
20453
+ "control_name": "Web application penetration testing methodology"
20454
+ },
20455
+ {
20456
+ "id": "PCI-DSS-4.0-6.3.3",
20457
+ "framework": "PCI DSS 4.0",
20458
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
20459
+ },
20460
+ {
20461
+ "id": "PTES-Pre-engagement",
20462
+ "framework": "Penetration Testing Execution Standard (PTES)",
20463
+ "control_name": "Pre-engagement Interactions"
20464
+ },
20465
+ {
20466
+ "id": "SOC2-CC9-vendor-management",
20467
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
20468
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
20469
+ }
20470
+ ],
20471
+ "attack_refs": [
20472
+ "T0855",
20473
+ "T0883",
20474
+ "T1059",
20475
+ "T1068",
20476
+ "T1078",
20477
+ "T1133",
20478
+ "T1190",
20479
+ "T1548.001"
20480
+ ],
20481
+ "rfc_refs": [
20482
+ "RFC-4301",
20483
+ "RFC-4303",
20484
+ "RFC-7296"
20485
+ ]
20486
+ }
20487
+ },
20488
+ "CVE-2025-23254": {
20489
+ "name": "NVIDIA TensorRT-LLM Python Executor Deserialization RCE (ShadowMQ)",
20490
+ "rwep": 29,
20491
+ "cvss": 8.8,
20492
+ "cisa_kev": false,
20493
+ "epss_score": null,
20494
+ "referencing_skills": [
20495
+ "kernel-lpe-triage",
20496
+ "ai-attack-surface",
20497
+ "compliance-theater",
20498
+ "attack-surface-pentest",
20499
+ "ot-ics-security",
20500
+ "coordinated-vuln-disclosure",
20501
+ "sector-energy"
20502
+ ],
20503
+ "chain": {
20504
+ "cwes": [
20505
+ {
20506
+ "id": "CWE-1037",
20507
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
20508
+ "category": "Hardware / Side Channel"
20509
+ },
20510
+ {
20511
+ "id": "CWE-1039",
20512
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
20513
+ "category": "AI/ML"
20514
+ },
20515
+ {
20516
+ "id": "CWE-125",
20517
+ "name": "Out-of-bounds Read",
20518
+ "category": "Memory Safety"
20519
+ },
20520
+ {
20521
+ "id": "CWE-1357",
20522
+ "name": "Reliance on Insufficiently Trustworthy Component",
20523
+ "category": "Supply Chain"
20524
+ },
20525
+ {
20526
+ "id": "CWE-1395",
20527
+ "name": "Dependency on Vulnerable Third-Party Component",
20528
+ "category": "Supply Chain"
20529
+ },
20530
+ {
20531
+ "id": "CWE-1426",
20532
+ "name": "Improper Validation of Generative AI Output",
20533
+ "category": "AI/ML"
20534
+ },
20535
+ {
20536
+ "id": "CWE-22",
20537
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
20538
+ "category": "Path/Resource"
20539
+ },
20540
+ {
20541
+ "id": "CWE-269",
20542
+ "name": "Improper Privilege Management",
20543
+ "category": "Authorization"
20544
+ },
20545
+ {
20546
+ "id": "CWE-287",
20547
+ "name": "Improper Authentication",
20548
+ "category": "Authentication"
20549
+ },
20550
+ {
20551
+ "id": "CWE-306",
20552
+ "name": "Missing Authentication for Critical Function",
20553
+ "category": "Authentication"
20554
+ },
20555
+ {
20556
+ "id": "CWE-352",
20557
+ "name": "Cross-Site Request Forgery (CSRF)",
20558
+ "category": "Session"
20559
+ },
20560
+ {
20561
+ "id": "CWE-362",
20562
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
20563
+ "category": "Concurrency"
20564
+ },
20565
+ {
20566
+ "id": "CWE-416",
20567
+ "name": "Use After Free",
20568
+ "category": "Memory Safety"
20569
+ },
20570
+ {
20571
+ "id": "CWE-434",
20572
+ "name": "Unrestricted Upload of File with Dangerous Type",
20573
+ "category": "File Handling"
20574
+ },
20575
+ {
20576
+ "id": "CWE-672",
20577
+ "name": "Operation on a Resource after Expiration or Release",
20578
+ "category": "Memory Safety"
20579
+ },
20580
+ {
20581
+ "id": "CWE-732",
20582
+ "name": "Incorrect Permission Assignment for Critical Resource",
20583
+ "category": "Authorization"
20584
+ },
20585
+ {
20586
+ "id": "CWE-78",
20587
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
20588
+ "category": "Injection"
20589
+ },
20590
+ {
20591
+ "id": "CWE-787",
20592
+ "name": "Out-of-bounds Write",
20593
+ "category": "Memory Safety"
20594
+ },
20595
+ {
20596
+ "id": "CWE-79",
20597
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
20598
+ "category": "Injection"
20599
+ },
20600
+ {
20601
+ "id": "CWE-798",
20602
+ "name": "Use of Hard-coded Credentials",
20603
+ "category": "Credentials"
20604
+ },
20605
+ {
20606
+ "id": "CWE-89",
20607
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
20608
+ "category": "Injection"
20609
+ },
20610
+ {
20611
+ "id": "CWE-918",
20612
+ "name": "Server-Side Request Forgery (SSRF)",
20613
+ "category": "Network"
20614
+ },
20615
+ {
20616
+ "id": "CWE-94",
20617
+ "name": "Improper Control of Generation of Code (Code Injection)",
20618
+ "category": "Injection"
20619
+ }
20620
+ ],
20621
+ "atlas": [
20622
+ {
20623
+ "id": "AML.T0010",
20624
+ "name": "ML Supply Chain Compromise",
20625
+ "tactic": "Initial Access"
20626
+ },
20627
+ {
20628
+ "id": "AML.T0016",
20629
+ "name": "Obtain Capabilities: Develop Capabilities",
20630
+ "tactic": "Resource Development"
20631
+ },
20632
+ {
20633
+ "id": "AML.T0017",
20634
+ "name": "Discover ML Model Ontology",
20635
+ "tactic": "Discovery"
20636
+ },
20637
+ {
20638
+ "id": "AML.T0018",
20639
+ "name": "Backdoor ML Model",
20640
+ "tactic": "Persistence"
20641
+ },
20642
+ {
20643
+ "id": "AML.T0020",
20644
+ "name": "Poison Training Data",
20645
+ "tactic": "ML Attack Staging"
20646
+ },
20647
+ {
20648
+ "id": "AML.T0043",
20649
+ "name": "Craft Adversarial Data",
20650
+ "tactic": "ML Attack Staging"
20651
+ },
20652
+ {
20653
+ "id": "AML.T0051",
20654
+ "name": "LLM Prompt Injection",
20655
+ "tactic": "Execution"
20656
+ },
20657
+ {
20658
+ "id": "AML.T0054",
20659
+ "name": "LLM Jailbreak",
20660
+ "tactic": "Defense Evasion"
20661
+ },
20662
+ {
20663
+ "id": "AML.T0096",
20664
+ "name": "AI API as Covert C2 Channel",
20665
+ "tactic": "Command and Control"
20666
+ }
20667
+ ],
20668
+ "d3fend": [
20669
+ {
20670
+ "id": "D3-ASLR",
20671
+ "name": "Address Space Layout Randomization",
20672
+ "tactic": "Harden"
20673
+ },
20674
+ {
20675
+ "id": "D3-CSPP",
20676
+ "name": "Client-server Payload Profiling",
20677
+ "tactic": "Detect"
20678
+ },
20679
+ {
20680
+ "id": "D3-EAL",
20681
+ "name": "Executable Allowlisting",
20682
+ "tactic": "Harden"
20683
+ },
20684
+ {
20685
+ "id": "D3-IOPR",
20686
+ "name": "Input/Output Profiling Resource",
20687
+ "tactic": "Detect"
20688
+ },
20689
+ {
20690
+ "id": "D3-NTA",
20691
+ "name": "Network Traffic Analysis",
20692
+ "tactic": "Detect"
20693
+ },
20694
+ {
20695
+ "id": "D3-PHRA",
20696
+ "name": "Process Hardware Resource Access",
20697
+ "tactic": "Isolate"
20698
+ },
20699
+ {
20700
+ "id": "D3-PSEP",
20701
+ "name": "Process Segment Execution Prevention",
20702
+ "tactic": "Harden"
20703
+ }
20704
+ ],
20705
+ "framework_gaps": [
20706
+ {
20707
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
20708
+ "framework": "ALL",
20709
+ "control_name": "AI Pipeline Integrity"
20710
+ },
20711
+ {
20712
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
20713
+ "framework": "ALL",
20714
+ "control_name": "Prompt Injection as Access Control Failure"
20715
+ },
20716
+ {
20717
+ "id": "CIS-Controls-v8-Control7",
20718
+ "framework": "CIS Controls v8",
20719
+ "control_name": "Continuous Vulnerability Management"
20720
+ },
20721
+ {
20722
+ "id": "CMMC-2.0-Level-2",
20723
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
20724
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
20725
+ },
20726
+ {
20727
+ "id": "FedRAMP-Rev5-Moderate",
20728
+ "framework": "FedRAMP Rev 5 Moderate",
20729
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
20730
+ },
20731
+ {
20732
+ "id": "IEC-62443-3-3",
20733
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
20734
+ "control_name": "System security requirements and security levels"
20735
+ },
20736
+ {
20737
+ "id": "ISO-27001-2022-A.8.28",
20738
+ "framework": "ISO/IEC 27001:2022",
20739
+ "control_name": "Secure coding"
20740
+ },
20741
+ {
20742
+ "id": "ISO-27001-2022-A.8.8",
20743
+ "framework": "ISO/IEC 27001:2022",
20744
+ "control_name": "Management of technical vulnerabilities"
20745
+ },
20746
+ {
20747
+ "id": "ISO-IEC-23894-2023-clause-7",
20748
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
20749
+ "control_name": "AI risk management process"
20750
+ },
20751
+ {
20752
+ "id": "NERC-CIP-007-6-R4",
20753
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
20754
+ "control_name": "Security event monitoring"
20755
+ },
20756
+ {
20757
+ "id": "NIS2-Art21-patch-management",
20758
+ "framework": "EU NIS2 Directive",
20759
+ "control_name": "Vulnerability handling and disclosure"
20760
+ },
20761
+ {
20762
+ "id": "NIST-800-115",
20763
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
20764
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
20765
+ },
20766
+ {
20767
+ "id": "NIST-800-218-SSDF",
20768
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
20769
+ "control_name": "Secure Software Development Framework"
20770
+ },
20771
+ {
20772
+ "id": "NIST-800-53-AC-2",
20773
+ "framework": "NIST SP 800-53 Rev 5",
20774
+ "control_name": "Account Management"
20775
+ },
20776
+ {
20777
+ "id": "NIST-800-53-SC-8",
20778
+ "framework": "NIST SP 800-53 Rev 5",
20779
+ "control_name": "Transmission Confidentiality and Integrity"
20780
+ },
20781
+ {
20782
+ "id": "NIST-800-53-SI-2",
20783
+ "framework": "NIST SP 800-53 Rev 5",
20784
+ "control_name": "Flaw Remediation"
20785
+ },
20786
+ {
20787
+ "id": "NIST-800-53-SI-3",
20788
+ "framework": "NIST SP 800-53 Rev 5",
20789
+ "control_name": "Malicious Code Protection"
20790
+ },
20791
+ {
20792
+ "id": "NIST-800-82r3",
20793
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
20794
+ "control_name": "Guide to Operational Technology (OT) Security"
20795
+ },
20796
+ {
20797
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
20798
+ "framework": "OWASP Top 10 for LLM Applications 2025",
20799
+ "control_name": "Prompt Injection"
20800
+ },
20801
+ {
20802
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
20803
+ "framework": "OWASP Top 10 for LLM Applications 2025",
20804
+ "control_name": "Sensitive Information Disclosure"
20805
+ },
20806
+ {
20807
+ "id": "OWASP-Pen-Testing-Guide-v5",
20808
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
20809
+ "control_name": "Web application penetration testing methodology"
20810
+ },
20811
+ {
20812
+ "id": "PCI-DSS-4.0-6.3.3",
20813
+ "framework": "PCI DSS 4.0",
20814
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
20815
+ },
20816
+ {
20817
+ "id": "PTES-Pre-engagement",
20818
+ "framework": "Penetration Testing Execution Standard (PTES)",
20819
+ "control_name": "Pre-engagement Interactions"
20820
+ },
20821
+ {
20822
+ "id": "SOC2-CC6-logical-access",
20823
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
20824
+ "control_name": "Logical and Physical Access Controls"
20825
+ },
20826
+ {
20827
+ "id": "SOC2-CC9-vendor-management",
20828
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
20829
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
20830
+ }
20831
+ ],
20832
+ "attack_refs": [
20833
+ "T0855",
20834
+ "T0883",
20835
+ "T1059",
20836
+ "T1068",
20837
+ "T1078",
20838
+ "T1133",
20839
+ "T1190",
20840
+ "T1548.001",
20841
+ "T1566"
20842
+ ],
20843
+ "rfc_refs": [
20844
+ "RFC-4301",
20845
+ "RFC-4303",
20846
+ "RFC-7296"
20847
+ ]
20848
+ }
20849
+ },
20850
+ "CVE-2025-30165": {
20851
+ "name": "vLLM V0 Engine ZeroMQ Deserialization RCE (ShadowMQ)",
20852
+ "rwep": 46,
20853
+ "cvss": 8,
20854
+ "cisa_kev": false,
20855
+ "epss_score": null,
20856
+ "referencing_skills": [
20857
+ "kernel-lpe-triage",
20858
+ "ai-attack-surface",
20859
+ "compliance-theater",
20860
+ "attack-surface-pentest",
20861
+ "ot-ics-security",
20862
+ "coordinated-vuln-disclosure",
20863
+ "sector-energy"
20864
+ ],
20865
+ "chain": {
20866
+ "cwes": [
20867
+ {
20868
+ "id": "CWE-1037",
20869
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
20870
+ "category": "Hardware / Side Channel"
20871
+ },
20872
+ {
20873
+ "id": "CWE-1039",
20874
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
20875
+ "category": "AI/ML"
20876
+ },
20877
+ {
20878
+ "id": "CWE-125",
20879
+ "name": "Out-of-bounds Read",
20880
+ "category": "Memory Safety"
20881
+ },
20882
+ {
20883
+ "id": "CWE-1357",
20884
+ "name": "Reliance on Insufficiently Trustworthy Component",
20885
+ "category": "Supply Chain"
20886
+ },
20887
+ {
20888
+ "id": "CWE-1395",
20889
+ "name": "Dependency on Vulnerable Third-Party Component",
20890
+ "category": "Supply Chain"
20891
+ },
20892
+ {
20893
+ "id": "CWE-1426",
20894
+ "name": "Improper Validation of Generative AI Output",
20895
+ "category": "AI/ML"
20896
+ },
20897
+ {
20898
+ "id": "CWE-22",
20899
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
20900
+ "category": "Path/Resource"
20901
+ },
20902
+ {
20903
+ "id": "CWE-269",
20904
+ "name": "Improper Privilege Management",
20905
+ "category": "Authorization"
20906
+ },
20907
+ {
20908
+ "id": "CWE-287",
20909
+ "name": "Improper Authentication",
20910
+ "category": "Authentication"
20911
+ },
20912
+ {
20913
+ "id": "CWE-306",
20914
+ "name": "Missing Authentication for Critical Function",
20915
+ "category": "Authentication"
20916
+ },
20917
+ {
20918
+ "id": "CWE-352",
20919
+ "name": "Cross-Site Request Forgery (CSRF)",
20920
+ "category": "Session"
20921
+ },
20922
+ {
20923
+ "id": "CWE-362",
20924
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
20925
+ "category": "Concurrency"
20926
+ },
20927
+ {
20928
+ "id": "CWE-416",
20929
+ "name": "Use After Free",
20930
+ "category": "Memory Safety"
20931
+ },
20932
+ {
20933
+ "id": "CWE-434",
20934
+ "name": "Unrestricted Upload of File with Dangerous Type",
20935
+ "category": "File Handling"
20936
+ },
20937
+ {
20938
+ "id": "CWE-672",
20939
+ "name": "Operation on a Resource after Expiration or Release",
20940
+ "category": "Memory Safety"
20941
+ },
20942
+ {
20943
+ "id": "CWE-732",
20944
+ "name": "Incorrect Permission Assignment for Critical Resource",
20945
+ "category": "Authorization"
20946
+ },
20947
+ {
20948
+ "id": "CWE-78",
20949
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
20950
+ "category": "Injection"
20951
+ },
20952
+ {
20953
+ "id": "CWE-787",
20954
+ "name": "Out-of-bounds Write",
20955
+ "category": "Memory Safety"
20956
+ },
20957
+ {
20958
+ "id": "CWE-79",
20959
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
20960
+ "category": "Injection"
20961
+ },
20962
+ {
20963
+ "id": "CWE-798",
20964
+ "name": "Use of Hard-coded Credentials",
20965
+ "category": "Credentials"
20966
+ },
20967
+ {
20968
+ "id": "CWE-89",
20969
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
20970
+ "category": "Injection"
20971
+ },
20972
+ {
20973
+ "id": "CWE-918",
20974
+ "name": "Server-Side Request Forgery (SSRF)",
20975
+ "category": "Network"
20976
+ },
20977
+ {
20978
+ "id": "CWE-94",
20979
+ "name": "Improper Control of Generation of Code (Code Injection)",
20980
+ "category": "Injection"
20981
+ }
20982
+ ],
20983
+ "atlas": [
20984
+ {
20985
+ "id": "AML.T0010",
20986
+ "name": "ML Supply Chain Compromise",
20987
+ "tactic": "Initial Access"
20988
+ },
20989
+ {
20990
+ "id": "AML.T0016",
20991
+ "name": "Obtain Capabilities: Develop Capabilities",
20992
+ "tactic": "Resource Development"
20993
+ },
20994
+ {
20995
+ "id": "AML.T0017",
20996
+ "name": "Discover ML Model Ontology",
20997
+ "tactic": "Discovery"
20998
+ },
20999
+ {
21000
+ "id": "AML.T0018",
21001
+ "name": "Backdoor ML Model",
21002
+ "tactic": "Persistence"
21003
+ },
21004
+ {
21005
+ "id": "AML.T0020",
21006
+ "name": "Poison Training Data",
21007
+ "tactic": "ML Attack Staging"
21008
+ },
21009
+ {
21010
+ "id": "AML.T0043",
21011
+ "name": "Craft Adversarial Data",
21012
+ "tactic": "ML Attack Staging"
21013
+ },
21014
+ {
21015
+ "id": "AML.T0051",
21016
+ "name": "LLM Prompt Injection",
21017
+ "tactic": "Execution"
21018
+ },
21019
+ {
21020
+ "id": "AML.T0054",
21021
+ "name": "LLM Jailbreak",
21022
+ "tactic": "Defense Evasion"
21023
+ },
21024
+ {
21025
+ "id": "AML.T0096",
21026
+ "name": "AI API as Covert C2 Channel",
21027
+ "tactic": "Command and Control"
21028
+ }
21029
+ ],
21030
+ "d3fend": [
21031
+ {
21032
+ "id": "D3-ASLR",
21033
+ "name": "Address Space Layout Randomization",
21034
+ "tactic": "Harden"
21035
+ },
21036
+ {
21037
+ "id": "D3-CSPP",
21038
+ "name": "Client-server Payload Profiling",
21039
+ "tactic": "Detect"
21040
+ },
21041
+ {
21042
+ "id": "D3-EAL",
21043
+ "name": "Executable Allowlisting",
21044
+ "tactic": "Harden"
21045
+ },
21046
+ {
21047
+ "id": "D3-IOPR",
21048
+ "name": "Input/Output Profiling Resource",
21049
+ "tactic": "Detect"
21050
+ },
21051
+ {
21052
+ "id": "D3-NTA",
21053
+ "name": "Network Traffic Analysis",
21054
+ "tactic": "Detect"
21055
+ },
21056
+ {
21057
+ "id": "D3-PHRA",
21058
+ "name": "Process Hardware Resource Access",
21059
+ "tactic": "Isolate"
21060
+ },
21061
+ {
21062
+ "id": "D3-PSEP",
21063
+ "name": "Process Segment Execution Prevention",
21064
+ "tactic": "Harden"
21065
+ }
21066
+ ],
21067
+ "framework_gaps": [
21068
+ {
21069
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
21070
+ "framework": "ALL",
21071
+ "control_name": "AI Pipeline Integrity"
21072
+ },
21073
+ {
21074
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
21075
+ "framework": "ALL",
21076
+ "control_name": "Prompt Injection as Access Control Failure"
21077
+ },
21078
+ {
21079
+ "id": "CIS-Controls-v8-Control7",
21080
+ "framework": "CIS Controls v8",
21081
+ "control_name": "Continuous Vulnerability Management"
21082
+ },
21083
+ {
21084
+ "id": "CMMC-2.0-Level-2",
21085
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
21086
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
21087
+ },
21088
+ {
21089
+ "id": "FedRAMP-Rev5-Moderate",
21090
+ "framework": "FedRAMP Rev 5 Moderate",
21091
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
21092
+ },
21093
+ {
21094
+ "id": "IEC-62443-3-3",
21095
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
21096
+ "control_name": "System security requirements and security levels"
21097
+ },
21098
+ {
21099
+ "id": "ISO-27001-2022-A.8.28",
21100
+ "framework": "ISO/IEC 27001:2022",
21101
+ "control_name": "Secure coding"
21102
+ },
21103
+ {
21104
+ "id": "ISO-27001-2022-A.8.8",
21105
+ "framework": "ISO/IEC 27001:2022",
21106
+ "control_name": "Management of technical vulnerabilities"
21107
+ },
21108
+ {
21109
+ "id": "ISO-IEC-23894-2023-clause-7",
21110
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
21111
+ "control_name": "AI risk management process"
21112
+ },
21113
+ {
21114
+ "id": "NERC-CIP-007-6-R4",
21115
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
21116
+ "control_name": "Security event monitoring"
21117
+ },
21118
+ {
21119
+ "id": "NIS2-Art21-patch-management",
21120
+ "framework": "EU NIS2 Directive",
21121
+ "control_name": "Vulnerability handling and disclosure"
21122
+ },
21123
+ {
21124
+ "id": "NIST-800-115",
21125
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
21126
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
21127
+ },
21128
+ {
21129
+ "id": "NIST-800-218-SSDF",
21130
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
21131
+ "control_name": "Secure Software Development Framework"
21132
+ },
21133
+ {
21134
+ "id": "NIST-800-53-AC-2",
21135
+ "framework": "NIST SP 800-53 Rev 5",
21136
+ "control_name": "Account Management"
21137
+ },
21138
+ {
21139
+ "id": "NIST-800-53-SC-8",
21140
+ "framework": "NIST SP 800-53 Rev 5",
21141
+ "control_name": "Transmission Confidentiality and Integrity"
21142
+ },
21143
+ {
21144
+ "id": "NIST-800-53-SI-2",
21145
+ "framework": "NIST SP 800-53 Rev 5",
21146
+ "control_name": "Flaw Remediation"
21147
+ },
21148
+ {
21149
+ "id": "NIST-800-53-SI-3",
21150
+ "framework": "NIST SP 800-53 Rev 5",
21151
+ "control_name": "Malicious Code Protection"
21152
+ },
21153
+ {
21154
+ "id": "NIST-800-82r3",
21155
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
21156
+ "control_name": "Guide to Operational Technology (OT) Security"
21157
+ },
21158
+ {
21159
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
21160
+ "framework": "OWASP Top 10 for LLM Applications 2025",
21161
+ "control_name": "Prompt Injection"
21162
+ },
21163
+ {
21164
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
21165
+ "framework": "OWASP Top 10 for LLM Applications 2025",
21166
+ "control_name": "Sensitive Information Disclosure"
21167
+ },
21168
+ {
21169
+ "id": "OWASP-Pen-Testing-Guide-v5",
21170
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
21171
+ "control_name": "Web application penetration testing methodology"
21172
+ },
21173
+ {
21174
+ "id": "PCI-DSS-4.0-6.3.3",
21175
+ "framework": "PCI DSS 4.0",
21176
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
21177
+ },
21178
+ {
21179
+ "id": "PTES-Pre-engagement",
21180
+ "framework": "Penetration Testing Execution Standard (PTES)",
21181
+ "control_name": "Pre-engagement Interactions"
21182
+ },
21183
+ {
21184
+ "id": "SOC2-CC6-logical-access",
21185
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
21186
+ "control_name": "Logical and Physical Access Controls"
21187
+ },
21188
+ {
21189
+ "id": "SOC2-CC9-vendor-management",
21190
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
21191
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
21192
+ }
21193
+ ],
21194
+ "attack_refs": [
21195
+ "T0855",
21196
+ "T0883",
21197
+ "T1059",
21198
+ "T1068",
21199
+ "T1078",
21200
+ "T1133",
21201
+ "T1190",
21202
+ "T1548.001",
21203
+ "T1566"
21204
+ ],
21205
+ "rfc_refs": [
21206
+ "RFC-4301",
21207
+ "RFC-4303",
21208
+ "RFC-7296"
21209
+ ]
21210
+ }
21211
+ },
21212
+ "CVE-2024-50050": {
21213
+ "name": "Meta Llama Stack Socket Deserialization RCE (ShadowMQ)",
21214
+ "rwep": 27,
21215
+ "cvss": 6.3,
21216
+ "cisa_kev": false,
21217
+ "epss_score": null,
21218
+ "referencing_skills": [
21219
+ "kernel-lpe-triage",
21220
+ "ai-attack-surface",
21221
+ "compliance-theater",
21222
+ "attack-surface-pentest",
21223
+ "ot-ics-security",
21224
+ "coordinated-vuln-disclosure",
21225
+ "sector-energy"
21226
+ ],
21227
+ "chain": {
21228
+ "cwes": [
21229
+ {
21230
+ "id": "CWE-1037",
21231
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
21232
+ "category": "Hardware / Side Channel"
21233
+ },
21234
+ {
21235
+ "id": "CWE-1039",
21236
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
21237
+ "category": "AI/ML"
21238
+ },
21239
+ {
21240
+ "id": "CWE-125",
21241
+ "name": "Out-of-bounds Read",
21242
+ "category": "Memory Safety"
21243
+ },
21244
+ {
21245
+ "id": "CWE-1357",
21246
+ "name": "Reliance on Insufficiently Trustworthy Component",
21247
+ "category": "Supply Chain"
21248
+ },
21249
+ {
21250
+ "id": "CWE-1395",
21251
+ "name": "Dependency on Vulnerable Third-Party Component",
21252
+ "category": "Supply Chain"
21253
+ },
21254
+ {
21255
+ "id": "CWE-1426",
21256
+ "name": "Improper Validation of Generative AI Output",
21257
+ "category": "AI/ML"
21258
+ },
21259
+ {
21260
+ "id": "CWE-22",
21261
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
21262
+ "category": "Path/Resource"
21263
+ },
21264
+ {
21265
+ "id": "CWE-269",
21266
+ "name": "Improper Privilege Management",
21267
+ "category": "Authorization"
21268
+ },
21269
+ {
21270
+ "id": "CWE-287",
21271
+ "name": "Improper Authentication",
21272
+ "category": "Authentication"
21273
+ },
21274
+ {
21275
+ "id": "CWE-306",
21276
+ "name": "Missing Authentication for Critical Function",
21277
+ "category": "Authentication"
21278
+ },
21279
+ {
21280
+ "id": "CWE-352",
21281
+ "name": "Cross-Site Request Forgery (CSRF)",
21282
+ "category": "Session"
21283
+ },
21284
+ {
21285
+ "id": "CWE-362",
21286
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
21287
+ "category": "Concurrency"
21288
+ },
21289
+ {
21290
+ "id": "CWE-416",
21291
+ "name": "Use After Free",
21292
+ "category": "Memory Safety"
21293
+ },
21294
+ {
21295
+ "id": "CWE-434",
21296
+ "name": "Unrestricted Upload of File with Dangerous Type",
21297
+ "category": "File Handling"
21298
+ },
21299
+ {
21300
+ "id": "CWE-672",
21301
+ "name": "Operation on a Resource after Expiration or Release",
21302
+ "category": "Memory Safety"
21303
+ },
21304
+ {
21305
+ "id": "CWE-732",
21306
+ "name": "Incorrect Permission Assignment for Critical Resource",
21307
+ "category": "Authorization"
21308
+ },
21309
+ {
21310
+ "id": "CWE-78",
21311
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
21312
+ "category": "Injection"
21313
+ },
21314
+ {
21315
+ "id": "CWE-787",
21316
+ "name": "Out-of-bounds Write",
21317
+ "category": "Memory Safety"
21318
+ },
21319
+ {
21320
+ "id": "CWE-79",
21321
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
21322
+ "category": "Injection"
21323
+ },
21324
+ {
21325
+ "id": "CWE-798",
21326
+ "name": "Use of Hard-coded Credentials",
21327
+ "category": "Credentials"
21328
+ },
21329
+ {
21330
+ "id": "CWE-89",
21331
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
21332
+ "category": "Injection"
21333
+ },
21334
+ {
21335
+ "id": "CWE-918",
21336
+ "name": "Server-Side Request Forgery (SSRF)",
21337
+ "category": "Network"
21338
+ },
21339
+ {
21340
+ "id": "CWE-94",
21341
+ "name": "Improper Control of Generation of Code (Code Injection)",
21342
+ "category": "Injection"
21343
+ }
21344
+ ],
21345
+ "atlas": [
21346
+ {
21347
+ "id": "AML.T0010",
21348
+ "name": "ML Supply Chain Compromise",
21349
+ "tactic": "Initial Access"
21350
+ },
21351
+ {
21352
+ "id": "AML.T0016",
21353
+ "name": "Obtain Capabilities: Develop Capabilities",
21354
+ "tactic": "Resource Development"
21355
+ },
21356
+ {
21357
+ "id": "AML.T0017",
21358
+ "name": "Discover ML Model Ontology",
21359
+ "tactic": "Discovery"
21360
+ },
21361
+ {
21362
+ "id": "AML.T0018",
21363
+ "name": "Backdoor ML Model",
21364
+ "tactic": "Persistence"
21365
+ },
21366
+ {
21367
+ "id": "AML.T0020",
21368
+ "name": "Poison Training Data",
21369
+ "tactic": "ML Attack Staging"
21370
+ },
21371
+ {
21372
+ "id": "AML.T0043",
21373
+ "name": "Craft Adversarial Data",
21374
+ "tactic": "ML Attack Staging"
21375
+ },
21376
+ {
21377
+ "id": "AML.T0051",
21378
+ "name": "LLM Prompt Injection",
21379
+ "tactic": "Execution"
21380
+ },
21381
+ {
21382
+ "id": "AML.T0054",
21383
+ "name": "LLM Jailbreak",
21384
+ "tactic": "Defense Evasion"
21385
+ },
21386
+ {
21387
+ "id": "AML.T0096",
21388
+ "name": "AI API as Covert C2 Channel",
21389
+ "tactic": "Command and Control"
21390
+ }
21391
+ ],
21392
+ "d3fend": [
21393
+ {
21394
+ "id": "D3-ASLR",
21395
+ "name": "Address Space Layout Randomization",
21396
+ "tactic": "Harden"
21397
+ },
21398
+ {
21399
+ "id": "D3-CSPP",
21400
+ "name": "Client-server Payload Profiling",
21401
+ "tactic": "Detect"
21402
+ },
21403
+ {
21404
+ "id": "D3-EAL",
21405
+ "name": "Executable Allowlisting",
21406
+ "tactic": "Harden"
21407
+ },
21408
+ {
21409
+ "id": "D3-IOPR",
21410
+ "name": "Input/Output Profiling Resource",
21411
+ "tactic": "Detect"
21412
+ },
21413
+ {
21414
+ "id": "D3-NTA",
21415
+ "name": "Network Traffic Analysis",
21416
+ "tactic": "Detect"
21417
+ },
21418
+ {
21419
+ "id": "D3-PHRA",
21420
+ "name": "Process Hardware Resource Access",
21421
+ "tactic": "Isolate"
21422
+ },
21423
+ {
21424
+ "id": "D3-PSEP",
21425
+ "name": "Process Segment Execution Prevention",
21426
+ "tactic": "Harden"
21427
+ }
21428
+ ],
21429
+ "framework_gaps": [
21430
+ {
21431
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
21432
+ "framework": "ALL",
21433
+ "control_name": "AI Pipeline Integrity"
21434
+ },
21435
+ {
21436
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
21437
+ "framework": "ALL",
21438
+ "control_name": "Prompt Injection as Access Control Failure"
21439
+ },
21440
+ {
21441
+ "id": "CIS-Controls-v8-Control7",
21442
+ "framework": "CIS Controls v8",
21443
+ "control_name": "Continuous Vulnerability Management"
21444
+ },
21445
+ {
21446
+ "id": "CMMC-2.0-Level-2",
21447
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
21448
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
21449
+ },
21450
+ {
21451
+ "id": "FedRAMP-Rev5-Moderate",
21452
+ "framework": "FedRAMP Rev 5 Moderate",
21453
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
21454
+ },
21455
+ {
21456
+ "id": "IEC-62443-3-3",
21457
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
21458
+ "control_name": "System security requirements and security levels"
21459
+ },
21460
+ {
21461
+ "id": "ISO-27001-2022-A.8.28",
21462
+ "framework": "ISO/IEC 27001:2022",
21463
+ "control_name": "Secure coding"
21464
+ },
21465
+ {
21466
+ "id": "ISO-27001-2022-A.8.8",
21467
+ "framework": "ISO/IEC 27001:2022",
21468
+ "control_name": "Management of technical vulnerabilities"
21469
+ },
21470
+ {
21471
+ "id": "ISO-IEC-23894-2023-clause-7",
21472
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
21473
+ "control_name": "AI risk management process"
21474
+ },
21475
+ {
21476
+ "id": "NERC-CIP-007-6-R4",
21477
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
21478
+ "control_name": "Security event monitoring"
21479
+ },
21480
+ {
21481
+ "id": "NIS2-Art21-patch-management",
21482
+ "framework": "EU NIS2 Directive",
21483
+ "control_name": "Vulnerability handling and disclosure"
21484
+ },
21485
+ {
21486
+ "id": "NIST-800-115",
21487
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
21488
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
21489
+ },
21490
+ {
21491
+ "id": "NIST-800-218-SSDF",
21492
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
21493
+ "control_name": "Secure Software Development Framework"
21494
+ },
21495
+ {
21496
+ "id": "NIST-800-53-AC-2",
21497
+ "framework": "NIST SP 800-53 Rev 5",
21498
+ "control_name": "Account Management"
21499
+ },
21500
+ {
21501
+ "id": "NIST-800-53-SC-8",
21502
+ "framework": "NIST SP 800-53 Rev 5",
21503
+ "control_name": "Transmission Confidentiality and Integrity"
21504
+ },
21505
+ {
21506
+ "id": "NIST-800-53-SI-2",
21507
+ "framework": "NIST SP 800-53 Rev 5",
21508
+ "control_name": "Flaw Remediation"
21509
+ },
21510
+ {
21511
+ "id": "NIST-800-53-SI-3",
21512
+ "framework": "NIST SP 800-53 Rev 5",
21513
+ "control_name": "Malicious Code Protection"
21514
+ },
21515
+ {
21516
+ "id": "NIST-800-82r3",
21517
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
21518
+ "control_name": "Guide to Operational Technology (OT) Security"
21519
+ },
21520
+ {
21521
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
21522
+ "framework": "OWASP Top 10 for LLM Applications 2025",
21523
+ "control_name": "Prompt Injection"
21524
+ },
21525
+ {
21526
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
21527
+ "framework": "OWASP Top 10 for LLM Applications 2025",
21528
+ "control_name": "Sensitive Information Disclosure"
21529
+ },
21530
+ {
21531
+ "id": "OWASP-Pen-Testing-Guide-v5",
21532
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
21533
+ "control_name": "Web application penetration testing methodology"
21534
+ },
21535
+ {
21536
+ "id": "PCI-DSS-4.0-6.3.3",
21537
+ "framework": "PCI DSS 4.0",
21538
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
21539
+ },
21540
+ {
21541
+ "id": "PTES-Pre-engagement",
21542
+ "framework": "Penetration Testing Execution Standard (PTES)",
21543
+ "control_name": "Pre-engagement Interactions"
21544
+ },
21545
+ {
21546
+ "id": "SOC2-CC6-logical-access",
21547
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
21548
+ "control_name": "Logical and Physical Access Controls"
21549
+ },
21550
+ {
21551
+ "id": "SOC2-CC9-vendor-management",
21552
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
21553
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
21554
+ }
21555
+ ],
21556
+ "attack_refs": [
21557
+ "T0855",
21558
+ "T0883",
21559
+ "T1059",
21560
+ "T1068",
21561
+ "T1078",
21562
+ "T1133",
21563
+ "T1190",
21564
+ "T1548.001",
21565
+ "T1566"
21566
+ ],
21567
+ "rfc_refs": [
21568
+ "RFC-4301",
21569
+ "RFC-4303",
21570
+ "RFC-7296"
21571
+ ]
21572
+ }
21573
+ },
21574
+ "CVE-2025-60455": {
21575
+ "name": "Modular Max Server KVCache-Agent Deserialization RCE (ShadowMQ)",
21576
+ "rwep": 23,
21577
+ "cvss": 8.4,
21578
+ "cisa_kev": false,
21579
+ "epss_score": null,
21580
+ "referencing_skills": [
21581
+ "kernel-lpe-triage",
21582
+ "ai-attack-surface",
21583
+ "compliance-theater",
21584
+ "attack-surface-pentest",
21585
+ "ot-ics-security",
21586
+ "coordinated-vuln-disclosure",
21587
+ "sector-energy"
21588
+ ],
21589
+ "chain": {
21590
+ "cwes": [
21591
+ {
21592
+ "id": "CWE-1037",
21593
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
21594
+ "category": "Hardware / Side Channel"
21595
+ },
21596
+ {
21597
+ "id": "CWE-1039",
21598
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
21599
+ "category": "AI/ML"
21600
+ },
21601
+ {
21602
+ "id": "CWE-125",
21603
+ "name": "Out-of-bounds Read",
21604
+ "category": "Memory Safety"
21605
+ },
21606
+ {
21607
+ "id": "CWE-1357",
21608
+ "name": "Reliance on Insufficiently Trustworthy Component",
21609
+ "category": "Supply Chain"
21610
+ },
21611
+ {
21612
+ "id": "CWE-1395",
21613
+ "name": "Dependency on Vulnerable Third-Party Component",
21614
+ "category": "Supply Chain"
21615
+ },
21616
+ {
21617
+ "id": "CWE-1426",
21618
+ "name": "Improper Validation of Generative AI Output",
21619
+ "category": "AI/ML"
21620
+ },
21621
+ {
21622
+ "id": "CWE-22",
21623
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
21624
+ "category": "Path/Resource"
21625
+ },
21626
+ {
21627
+ "id": "CWE-269",
21628
+ "name": "Improper Privilege Management",
21629
+ "category": "Authorization"
21630
+ },
21631
+ {
21632
+ "id": "CWE-287",
21633
+ "name": "Improper Authentication",
21634
+ "category": "Authentication"
21635
+ },
21636
+ {
21637
+ "id": "CWE-306",
21638
+ "name": "Missing Authentication for Critical Function",
21639
+ "category": "Authentication"
21640
+ },
21641
+ {
21642
+ "id": "CWE-352",
21643
+ "name": "Cross-Site Request Forgery (CSRF)",
21644
+ "category": "Session"
21645
+ },
21646
+ {
21647
+ "id": "CWE-362",
21648
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
21649
+ "category": "Concurrency"
21650
+ },
21651
+ {
21652
+ "id": "CWE-416",
21653
+ "name": "Use After Free",
21654
+ "category": "Memory Safety"
21655
+ },
21656
+ {
21657
+ "id": "CWE-434",
21658
+ "name": "Unrestricted Upload of File with Dangerous Type",
21659
+ "category": "File Handling"
21660
+ },
21661
+ {
21662
+ "id": "CWE-672",
21663
+ "name": "Operation on a Resource after Expiration or Release",
21664
+ "category": "Memory Safety"
21665
+ },
21666
+ {
21667
+ "id": "CWE-732",
21668
+ "name": "Incorrect Permission Assignment for Critical Resource",
21669
+ "category": "Authorization"
21670
+ },
21671
+ {
21672
+ "id": "CWE-78",
21673
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
21674
+ "category": "Injection"
21675
+ },
21676
+ {
21677
+ "id": "CWE-787",
21678
+ "name": "Out-of-bounds Write",
21679
+ "category": "Memory Safety"
21680
+ },
21681
+ {
21682
+ "id": "CWE-79",
21683
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
21684
+ "category": "Injection"
21685
+ },
21686
+ {
21687
+ "id": "CWE-798",
21688
+ "name": "Use of Hard-coded Credentials",
21689
+ "category": "Credentials"
21690
+ },
21691
+ {
21692
+ "id": "CWE-89",
21693
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
21694
+ "category": "Injection"
21695
+ },
21696
+ {
21697
+ "id": "CWE-918",
21698
+ "name": "Server-Side Request Forgery (SSRF)",
21699
+ "category": "Network"
21700
+ },
21701
+ {
21702
+ "id": "CWE-94",
21703
+ "name": "Improper Control of Generation of Code (Code Injection)",
21704
+ "category": "Injection"
21705
+ }
21706
+ ],
21707
+ "atlas": [
21708
+ {
21709
+ "id": "AML.T0010",
21710
+ "name": "ML Supply Chain Compromise",
21711
+ "tactic": "Initial Access"
21712
+ },
21713
+ {
21714
+ "id": "AML.T0016",
21715
+ "name": "Obtain Capabilities: Develop Capabilities",
21716
+ "tactic": "Resource Development"
21717
+ },
21718
+ {
21719
+ "id": "AML.T0017",
21720
+ "name": "Discover ML Model Ontology",
21721
+ "tactic": "Discovery"
21722
+ },
21723
+ {
21724
+ "id": "AML.T0018",
21725
+ "name": "Backdoor ML Model",
21726
+ "tactic": "Persistence"
21727
+ },
21728
+ {
21729
+ "id": "AML.T0020",
21730
+ "name": "Poison Training Data",
21731
+ "tactic": "ML Attack Staging"
21732
+ },
21733
+ {
21734
+ "id": "AML.T0043",
21735
+ "name": "Craft Adversarial Data",
21736
+ "tactic": "ML Attack Staging"
21737
+ },
21738
+ {
21739
+ "id": "AML.T0051",
21740
+ "name": "LLM Prompt Injection",
21741
+ "tactic": "Execution"
21742
+ },
21743
+ {
21744
+ "id": "AML.T0054",
21745
+ "name": "LLM Jailbreak",
21746
+ "tactic": "Defense Evasion"
21747
+ },
21748
+ {
21749
+ "id": "AML.T0096",
21750
+ "name": "AI API as Covert C2 Channel",
21751
+ "tactic": "Command and Control"
21752
+ }
21753
+ ],
21754
+ "d3fend": [
21755
+ {
21756
+ "id": "D3-ASLR",
21757
+ "name": "Address Space Layout Randomization",
21758
+ "tactic": "Harden"
21759
+ },
21760
+ {
21761
+ "id": "D3-CSPP",
21762
+ "name": "Client-server Payload Profiling",
21763
+ "tactic": "Detect"
21764
+ },
21765
+ {
21766
+ "id": "D3-EAL",
21767
+ "name": "Executable Allowlisting",
21768
+ "tactic": "Harden"
21769
+ },
21770
+ {
21771
+ "id": "D3-IOPR",
21772
+ "name": "Input/Output Profiling Resource",
21773
+ "tactic": "Detect"
21774
+ },
21775
+ {
21776
+ "id": "D3-NTA",
21777
+ "name": "Network Traffic Analysis",
21778
+ "tactic": "Detect"
21779
+ },
21780
+ {
21781
+ "id": "D3-PHRA",
21782
+ "name": "Process Hardware Resource Access",
21783
+ "tactic": "Isolate"
21784
+ },
21785
+ {
21786
+ "id": "D3-PSEP",
21787
+ "name": "Process Segment Execution Prevention",
21788
+ "tactic": "Harden"
21789
+ }
21790
+ ],
21791
+ "framework_gaps": [
21792
+ {
21793
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
21794
+ "framework": "ALL",
21795
+ "control_name": "AI Pipeline Integrity"
21796
+ },
21797
+ {
21798
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
21799
+ "framework": "ALL",
21800
+ "control_name": "Prompt Injection as Access Control Failure"
21801
+ },
21802
+ {
21803
+ "id": "CIS-Controls-v8-Control7",
21804
+ "framework": "CIS Controls v8",
21805
+ "control_name": "Continuous Vulnerability Management"
21806
+ },
21807
+ {
21808
+ "id": "CMMC-2.0-Level-2",
21809
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
21810
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
21811
+ },
21812
+ {
21813
+ "id": "FedRAMP-Rev5-Moderate",
21814
+ "framework": "FedRAMP Rev 5 Moderate",
21815
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
21816
+ },
21817
+ {
21818
+ "id": "IEC-62443-3-3",
21819
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
21820
+ "control_name": "System security requirements and security levels"
21821
+ },
21822
+ {
21823
+ "id": "ISO-27001-2022-A.8.28",
21824
+ "framework": "ISO/IEC 27001:2022",
21825
+ "control_name": "Secure coding"
21826
+ },
21827
+ {
21828
+ "id": "ISO-27001-2022-A.8.8",
21829
+ "framework": "ISO/IEC 27001:2022",
21830
+ "control_name": "Management of technical vulnerabilities"
21831
+ },
21832
+ {
21833
+ "id": "ISO-IEC-23894-2023-clause-7",
21834
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
21835
+ "control_name": "AI risk management process"
21836
+ },
21837
+ {
21838
+ "id": "NERC-CIP-007-6-R4",
21839
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
21840
+ "control_name": "Security event monitoring"
21841
+ },
21842
+ {
21843
+ "id": "NIS2-Art21-patch-management",
21844
+ "framework": "EU NIS2 Directive",
21845
+ "control_name": "Vulnerability handling and disclosure"
21846
+ },
21847
+ {
21848
+ "id": "NIST-800-115",
21849
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
21850
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
21851
+ },
21852
+ {
21853
+ "id": "NIST-800-218-SSDF",
21854
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
21855
+ "control_name": "Secure Software Development Framework"
21856
+ },
21857
+ {
21858
+ "id": "NIST-800-53-AC-2",
21859
+ "framework": "NIST SP 800-53 Rev 5",
21860
+ "control_name": "Account Management"
21861
+ },
21862
+ {
21863
+ "id": "NIST-800-53-SC-8",
21864
+ "framework": "NIST SP 800-53 Rev 5",
21865
+ "control_name": "Transmission Confidentiality and Integrity"
21866
+ },
21867
+ {
21868
+ "id": "NIST-800-53-SI-2",
21869
+ "framework": "NIST SP 800-53 Rev 5",
21870
+ "control_name": "Flaw Remediation"
21871
+ },
21872
+ {
21873
+ "id": "NIST-800-53-SI-3",
21874
+ "framework": "NIST SP 800-53 Rev 5",
21875
+ "control_name": "Malicious Code Protection"
21876
+ },
21877
+ {
21878
+ "id": "NIST-800-82r3",
21879
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
21880
+ "control_name": "Guide to Operational Technology (OT) Security"
21881
+ },
21882
+ {
21883
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
21884
+ "framework": "OWASP Top 10 for LLM Applications 2025",
21885
+ "control_name": "Prompt Injection"
21886
+ },
21887
+ {
21888
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
21889
+ "framework": "OWASP Top 10 for LLM Applications 2025",
21890
+ "control_name": "Sensitive Information Disclosure"
21891
+ },
21892
+ {
21893
+ "id": "OWASP-Pen-Testing-Guide-v5",
21894
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
21895
+ "control_name": "Web application penetration testing methodology"
21896
+ },
21897
+ {
21898
+ "id": "PCI-DSS-4.0-6.3.3",
21899
+ "framework": "PCI DSS 4.0",
21900
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
21901
+ },
21902
+ {
21903
+ "id": "PTES-Pre-engagement",
21904
+ "framework": "Penetration Testing Execution Standard (PTES)",
21905
+ "control_name": "Pre-engagement Interactions"
21906
+ },
21907
+ {
21908
+ "id": "SOC2-CC6-logical-access",
21909
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
21910
+ "control_name": "Logical and Physical Access Controls"
21911
+ },
21912
+ {
21913
+ "id": "SOC2-CC9-vendor-management",
21914
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
21915
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
21916
+ }
21917
+ ],
21918
+ "attack_refs": [
21919
+ "T0855",
21920
+ "T0883",
21921
+ "T1059",
21922
+ "T1068",
21923
+ "T1078",
21924
+ "T1133",
21925
+ "T1190",
21926
+ "T1548.001",
21927
+ "T1566"
21928
+ ],
21929
+ "rfc_refs": [
21930
+ "RFC-4301",
21931
+ "RFC-4303",
21932
+ "RFC-7296"
21933
+ ]
21934
+ }
21935
+ },
19872
21936
  "CVE-2026-41091": {
19873
21937
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
19874
21938
  "rwep": 45,
@@ -46247,10 +48311,13 @@
46247
48311
  "CVE-2023-43472",
46248
48312
  "CVE-2024-3094",
46249
48313
  "CVE-2024-3154",
48314
+ "CVE-2024-50050",
46250
48315
  "CVE-2025-0133",
46251
48316
  "CVE-2025-10585",
46252
48317
  "CVE-2025-1094",
46253
48318
  "CVE-2025-14174",
48319
+ "CVE-2025-23254",
48320
+ "CVE-2025-30165",
46254
48321
  "CVE-2025-34291",
46255
48322
  "CVE-2025-38352",
46256
48323
  "CVE-2025-43300",
@@ -46258,10 +48325,12 @@
46258
48325
  "CVE-2025-49844",
46259
48326
  "CVE-2025-53773",
46260
48327
  "CVE-2025-54136",
48328
+ "CVE-2025-60455",
46261
48329
  "CVE-2025-6965",
46262
48330
  "CVE-2026-22252",
46263
48331
  "CVE-2026-22688",
46264
48332
  "CVE-2026-25592",
48333
+ "CVE-2026-26015",
46265
48334
  "CVE-2026-30615",
46266
48335
  "CVE-2026-30616",
46267
48336
  "CVE-2026-30617",
@@ -46278,6 +48347,7 @@
46278
48347
  "CVE-2026-45498",
46279
48348
  "CVE-2026-46300",
46280
48349
  "CVE-2026-46333",
48350
+ "CVE-2026-9082",
46281
48351
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
46282
48352
  "MAL-2026-3083",
46283
48353
  "MAL-2026-NODE-IPC-STEALER"
@@ -46603,19 +48673,24 @@
46603
48673
  },
46604
48674
  "related_cves": [
46605
48675
  "CVE-2023-43472",
48676
+ "CVE-2024-50050",
46606
48677
  "CVE-2025-0133",
46607
48678
  "CVE-2025-10585",
46608
48679
  "CVE-2025-1094",
46609
48680
  "CVE-2025-14174",
48681
+ "CVE-2025-23254",
48682
+ "CVE-2025-30165",
46610
48683
  "CVE-2025-34291",
46611
48684
  "CVE-2025-38352",
46612
48685
  "CVE-2025-43300",
46613
48686
  "CVE-2025-49596",
46614
48687
  "CVE-2025-54136",
48688
+ "CVE-2025-60455",
46615
48689
  "CVE-2025-6965",
46616
48690
  "CVE-2026-22252",
46617
48691
  "CVE-2026-22688",
46618
48692
  "CVE-2026-25592",
48693
+ "CVE-2026-26015",
46619
48694
  "CVE-2026-30616",
46620
48695
  "CVE-2026-30617",
46621
48696
  "CVE-2026-30623",
@@ -46631,6 +48706,7 @@
46631
48706
  "CVE-2026-45498",
46632
48707
  "CVE-2026-46300",
46633
48708
  "CVE-2026-46333",
48709
+ "CVE-2026-9082",
46634
48710
  "MAL-2026-3083",
46635
48711
  "MAL-2026-NODE-IPC-STEALER"
46636
48712
  ]
@@ -46752,19 +48828,24 @@
46752
48828
  },
46753
48829
  "related_cves": [
46754
48830
  "CVE-2023-43472",
48831
+ "CVE-2024-50050",
46755
48832
  "CVE-2025-0133",
46756
48833
  "CVE-2025-10585",
46757
48834
  "CVE-2025-1094",
46758
48835
  "CVE-2025-14174",
48836
+ "CVE-2025-23254",
48837
+ "CVE-2025-30165",
46759
48838
  "CVE-2025-34291",
46760
48839
  "CVE-2025-38352",
46761
48840
  "CVE-2025-43300",
46762
48841
  "CVE-2025-49596",
46763
48842
  "CVE-2025-54136",
48843
+ "CVE-2025-60455",
46764
48844
  "CVE-2025-6965",
46765
48845
  "CVE-2026-22252",
46766
48846
  "CVE-2026-22688",
46767
48847
  "CVE-2026-25592",
48848
+ "CVE-2026-26015",
46768
48849
  "CVE-2026-30616",
46769
48850
  "CVE-2026-30617",
46770
48851
  "CVE-2026-30623",
@@ -46780,6 +48861,7 @@
46780
48861
  "CVE-2026-45498",
46781
48862
  "CVE-2026-46300",
46782
48863
  "CVE-2026-46333",
48864
+ "CVE-2026-9082",
46783
48865
  "MAL-2026-3083",
46784
48866
  "MAL-2026-NODE-IPC-STEALER"
46785
48867
  ]
@@ -46915,19 +48997,24 @@
46915
48997
  },
46916
48998
  "related_cves": [
46917
48999
  "CVE-2023-43472",
49000
+ "CVE-2024-50050",
46918
49001
  "CVE-2025-0133",
46919
49002
  "CVE-2025-10585",
46920
49003
  "CVE-2025-1094",
46921
49004
  "CVE-2025-14174",
49005
+ "CVE-2025-23254",
49006
+ "CVE-2025-30165",
46922
49007
  "CVE-2025-34291",
46923
49008
  "CVE-2025-38352",
46924
49009
  "CVE-2025-43300",
46925
49010
  "CVE-2025-49596",
46926
49011
  "CVE-2025-54136",
49012
+ "CVE-2025-60455",
46927
49013
  "CVE-2025-6965",
46928
49014
  "CVE-2026-22252",
46929
49015
  "CVE-2026-22688",
46930
49016
  "CVE-2026-25592",
49017
+ "CVE-2026-26015",
46931
49018
  "CVE-2026-30616",
46932
49019
  "CVE-2026-30617",
46933
49020
  "CVE-2026-30623",
@@ -46943,6 +49030,7 @@
46943
49030
  "CVE-2026-45498",
46944
49031
  "CVE-2026-46300",
46945
49032
  "CVE-2026-46333",
49033
+ "CVE-2026-9082",
46946
49034
  "MAL-2026-3083",
46947
49035
  "MAL-2026-NODE-IPC-STEALER"
46948
49036
  ]
@@ -47184,19 +49272,24 @@
47184
49272
  "CVE-2023-43472",
47185
49273
  "CVE-2024-3094",
47186
49274
  "CVE-2024-3154",
49275
+ "CVE-2024-50050",
47187
49276
  "CVE-2025-0133",
47188
49277
  "CVE-2025-1094",
47189
49278
  "CVE-2025-11837",
49279
+ "CVE-2025-23254",
49280
+ "CVE-2025-30165",
47190
49281
  "CVE-2025-34291",
47191
49282
  "CVE-2025-49596",
47192
49283
  "CVE-2025-49844",
47193
49284
  "CVE-2025-53773",
47194
49285
  "CVE-2025-54136",
49286
+ "CVE-2025-60455",
47195
49287
  "CVE-2025-6965",
47196
49288
  "CVE-2026-22252",
47197
49289
  "CVE-2026-22688",
47198
49290
  "CVE-2026-22778",
47199
49291
  "CVE-2026-25592",
49292
+ "CVE-2026-26015",
47200
49293
  "CVE-2026-30615",
47201
49294
  "CVE-2026-30616",
47202
49295
  "CVE-2026-30617",
@@ -47416,6 +49509,7 @@
47416
49509
  "CVE-2024-37079",
47417
49510
  "CVE-2024-42009",
47418
49511
  "CVE-2024-43468",
49512
+ "CVE-2024-50050",
47419
49513
  "CVE-2024-54085",
47420
49514
  "CVE-2024-56145",
47421
49515
  "CVE-2024-57726",
@@ -47446,6 +49540,7 @@
47446
49540
  "CVE-2025-21043",
47447
49541
  "CVE-2025-21479",
47448
49542
  "CVE-2025-21480",
49543
+ "CVE-2025-23254",
47449
49544
  "CVE-2025-24016",
47450
49545
  "CVE-2025-24201",
47451
49546
  "CVE-2025-24893",
@@ -47461,6 +49556,7 @@
47461
49556
  "CVE-2025-27915",
47462
49557
  "CVE-2025-27920",
47463
49558
  "CVE-2025-29635",
49559
+ "CVE-2025-30165",
47464
49560
  "CVE-2025-30397",
47465
49561
  "CVE-2025-31125",
47466
49562
  "CVE-2025-31277",
@@ -47536,6 +49632,7 @@
47536
49632
  "CVE-2025-59389",
47537
49633
  "CVE-2025-59689",
47538
49634
  "CVE-2025-59718",
49635
+ "CVE-2025-60455",
47539
49636
  "CVE-2025-60710",
47540
49637
  "CVE-2025-61757",
47541
49638
  "CVE-2025-61882",
@@ -47600,6 +49697,7 @@
47600
49697
  "CVE-2026-24858",
47601
49698
  "CVE-2026-25108",
47602
49699
  "CVE-2026-25592",
49700
+ "CVE-2026-26015",
47603
49701
  "CVE-2026-3055",
47604
49702
  "CVE-2026-30616",
47605
49703
  "CVE-2026-30617",
@@ -47633,6 +49731,7 @@
47633
49731
  "CVE-2026-46333",
47634
49732
  "CVE-2026-5281",
47635
49733
  "CVE-2026-6973",
49734
+ "CVE-2026-9082",
47636
49735
  "MAL-2026-3083",
47637
49736
  "MAL-2026-NODE-IPC-STEALER"
47638
49737
  ]
@@ -48207,10 +50306,13 @@
48207
50306
  "CVE-2023-43472",
48208
50307
  "CVE-2024-3094",
48209
50308
  "CVE-2024-3154",
50309
+ "CVE-2024-50050",
48210
50310
  "CVE-2025-0133",
48211
50311
  "CVE-2025-10585",
48212
50312
  "CVE-2025-1094",
48213
50313
  "CVE-2025-14174",
50314
+ "CVE-2025-23254",
50315
+ "CVE-2025-30165",
48214
50316
  "CVE-2025-34291",
48215
50317
  "CVE-2025-38352",
48216
50318
  "CVE-2025-43300",
@@ -48218,10 +50320,12 @@
48218
50320
  "CVE-2025-49844",
48219
50321
  "CVE-2025-53773",
48220
50322
  "CVE-2025-54136",
50323
+ "CVE-2025-60455",
48221
50324
  "CVE-2025-6965",
48222
50325
  "CVE-2026-22252",
48223
50326
  "CVE-2026-22688",
48224
50327
  "CVE-2026-25592",
50328
+ "CVE-2026-26015",
48225
50329
  "CVE-2026-30615",
48226
50330
  "CVE-2026-30616",
48227
50331
  "CVE-2026-30617",
@@ -48238,6 +50342,7 @@
48238
50342
  "CVE-2026-45498",
48239
50343
  "CVE-2026-46300",
48240
50344
  "CVE-2026-46333",
50345
+ "CVE-2026-9082",
48241
50346
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
48242
50347
  "MAL-2026-3083",
48243
50348
  "MAL-2026-NODE-IPC-STEALER",
@@ -48795,10 +50900,13 @@
48795
50900
  "CVE-2023-43472",
48796
50901
  "CVE-2024-3094",
48797
50902
  "CVE-2024-3154",
50903
+ "CVE-2024-50050",
48798
50904
  "CVE-2025-0133",
48799
50905
  "CVE-2025-10585",
48800
50906
  "CVE-2025-1094",
48801
50907
  "CVE-2025-14174",
50908
+ "CVE-2025-23254",
50909
+ "CVE-2025-30165",
48802
50910
  "CVE-2025-34291",
48803
50911
  "CVE-2025-38352",
48804
50912
  "CVE-2025-43300",
@@ -48806,10 +50914,12 @@
48806
50914
  "CVE-2025-49844",
48807
50915
  "CVE-2025-53773",
48808
50916
  "CVE-2025-54136",
50917
+ "CVE-2025-60455",
48809
50918
  "CVE-2025-6965",
48810
50919
  "CVE-2026-22252",
48811
50920
  "CVE-2026-22688",
48812
50921
  "CVE-2026-25592",
50922
+ "CVE-2026-26015",
48813
50923
  "CVE-2026-30615",
48814
50924
  "CVE-2026-30616",
48815
50925
  "CVE-2026-30617",
@@ -48826,6 +50936,7 @@
48826
50936
  "CVE-2026-45498",
48827
50937
  "CVE-2026-46300",
48828
50938
  "CVE-2026-46333",
50939
+ "CVE-2026-9082",
48829
50940
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
48830
50941
  "MAL-2026-3083",
48831
50942
  "MAL-2026-NODE-IPC-STEALER"
@@ -49020,18 +51131,23 @@
49020
51131
  },
49021
51132
  "related_cves": [
49022
51133
  "CVE-2024-3094",
51134
+ "CVE-2024-50050",
49023
51135
  "CVE-2025-10585",
49024
51136
  "CVE-2025-1094",
49025
51137
  "CVE-2025-14174",
51138
+ "CVE-2025-23254",
51139
+ "CVE-2025-30165",
49026
51140
  "CVE-2025-34291",
49027
51141
  "CVE-2025-38352",
49028
51142
  "CVE-2025-43300",
49029
51143
  "CVE-2025-49596",
49030
51144
  "CVE-2025-53773",
49031
51145
  "CVE-2025-54136",
51146
+ "CVE-2025-60455",
49032
51147
  "CVE-2026-22252",
49033
51148
  "CVE-2026-22688",
49034
51149
  "CVE-2026-25592",
51150
+ "CVE-2026-26015",
49035
51151
  "CVE-2026-30615",
49036
51152
  "CVE-2026-30616",
49037
51153
  "CVE-2026-30617",
@@ -49046,6 +51162,7 @@
49046
51162
  "CVE-2026-45498",
49047
51163
  "CVE-2026-46300",
49048
51164
  "CVE-2026-46333",
51165
+ "CVE-2026-9082",
49049
51166
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
49050
51167
  "MAL-2026-3083"
49051
51168
  ]
@@ -49673,10 +51790,13 @@
49673
51790
  "CVE-2023-43472",
49674
51791
  "CVE-2024-3094",
49675
51792
  "CVE-2024-3154",
51793
+ "CVE-2024-50050",
49676
51794
  "CVE-2025-0133",
49677
51795
  "CVE-2025-10585",
49678
51796
  "CVE-2025-1094",
49679
51797
  "CVE-2025-14174",
51798
+ "CVE-2025-23254",
51799
+ "CVE-2025-30165",
49680
51800
  "CVE-2025-34291",
49681
51801
  "CVE-2025-38352",
49682
51802
  "CVE-2025-43300",
@@ -49684,10 +51804,12 @@
49684
51804
  "CVE-2025-49844",
49685
51805
  "CVE-2025-53773",
49686
51806
  "CVE-2025-54136",
51807
+ "CVE-2025-60455",
49687
51808
  "CVE-2025-6965",
49688
51809
  "CVE-2026-22252",
49689
51810
  "CVE-2026-22688",
49690
51811
  "CVE-2026-25592",
51812
+ "CVE-2026-26015",
49691
51813
  "CVE-2026-30615",
49692
51814
  "CVE-2026-30616",
49693
51815
  "CVE-2026-30617",
@@ -49704,6 +51826,7 @@
49704
51826
  "CVE-2026-45498",
49705
51827
  "CVE-2026-46300",
49706
51828
  "CVE-2026-46333",
51829
+ "CVE-2026-9082",
49707
51830
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
49708
51831
  "MAL-2026-3083",
49709
51832
  "MAL-2026-NODE-IPC-STEALER"
@@ -49911,6 +52034,7 @@
49911
52034
  "CVE-2024-37079",
49912
52035
  "CVE-2024-42009",
49913
52036
  "CVE-2024-43468",
52037
+ "CVE-2024-50050",
49914
52038
  "CVE-2024-54085",
49915
52039
  "CVE-2024-56145",
49916
52040
  "CVE-2024-57726",
@@ -49941,6 +52065,7 @@
49941
52065
  "CVE-2025-21043",
49942
52066
  "CVE-2025-21479",
49943
52067
  "CVE-2025-21480",
52068
+ "CVE-2025-23254",
49944
52069
  "CVE-2025-24016",
49945
52070
  "CVE-2025-24201",
49946
52071
  "CVE-2025-24893",
@@ -49956,6 +52081,7 @@
49956
52081
  "CVE-2025-27915",
49957
52082
  "CVE-2025-27920",
49958
52083
  "CVE-2025-29635",
52084
+ "CVE-2025-30165",
49959
52085
  "CVE-2025-30397",
49960
52086
  "CVE-2025-31125",
49961
52087
  "CVE-2025-31277",
@@ -50031,6 +52157,7 @@
50031
52157
  "CVE-2025-59389",
50032
52158
  "CVE-2025-59689",
50033
52159
  "CVE-2025-59718",
52160
+ "CVE-2025-60455",
50034
52161
  "CVE-2025-60710",
50035
52162
  "CVE-2025-61757",
50036
52163
  "CVE-2025-61882",
@@ -50095,6 +52222,7 @@
50095
52222
  "CVE-2026-24858",
50096
52223
  "CVE-2026-25108",
50097
52224
  "CVE-2026-25592",
52225
+ "CVE-2026-26015",
50098
52226
  "CVE-2026-3055",
50099
52227
  "CVE-2026-30616",
50100
52228
  "CVE-2026-30617",
@@ -50128,6 +52256,7 @@
50128
52256
  "CVE-2026-46333",
50129
52257
  "CVE-2026-5281",
50130
52258
  "CVE-2026-6973",
52259
+ "CVE-2026-9082",
50131
52260
  "MAL-2026-3083",
50132
52261
  "MAL-2026-NODE-IPC-STEALER"
50133
52262
  ]
@@ -50320,6 +52449,7 @@
50320
52449
  "CVE-2024-37079",
50321
52450
  "CVE-2024-42009",
50322
52451
  "CVE-2024-43468",
52452
+ "CVE-2024-50050",
50323
52453
  "CVE-2024-54085",
50324
52454
  "CVE-2024-56145",
50325
52455
  "CVE-2024-57726",
@@ -50350,6 +52480,7 @@
50350
52480
  "CVE-2025-21043",
50351
52481
  "CVE-2025-21479",
50352
52482
  "CVE-2025-21480",
52483
+ "CVE-2025-23254",
50353
52484
  "CVE-2025-24016",
50354
52485
  "CVE-2025-24201",
50355
52486
  "CVE-2025-24893",
@@ -50365,6 +52496,7 @@
50365
52496
  "CVE-2025-27915",
50366
52497
  "CVE-2025-27920",
50367
52498
  "CVE-2025-29635",
52499
+ "CVE-2025-30165",
50368
52500
  "CVE-2025-30397",
50369
52501
  "CVE-2025-31125",
50370
52502
  "CVE-2025-31277",
@@ -50440,6 +52572,7 @@
50440
52572
  "CVE-2025-59389",
50441
52573
  "CVE-2025-59689",
50442
52574
  "CVE-2025-59718",
52575
+ "CVE-2025-60455",
50443
52576
  "CVE-2025-60710",
50444
52577
  "CVE-2025-61757",
50445
52578
  "CVE-2025-61882",
@@ -50504,6 +52637,7 @@
50504
52637
  "CVE-2026-24858",
50505
52638
  "CVE-2026-25108",
50506
52639
  "CVE-2026-25592",
52640
+ "CVE-2026-26015",
50507
52641
  "CVE-2026-3055",
50508
52642
  "CVE-2026-30616",
50509
52643
  "CVE-2026-30617",
@@ -50537,6 +52671,7 @@
50537
52671
  "CVE-2026-46333",
50538
52672
  "CVE-2026-5281",
50539
52673
  "CVE-2026-6973",
52674
+ "CVE-2026-9082",
50540
52675
  "MAL-2026-3083",
50541
52676
  "MAL-2026-NODE-IPC-STEALER"
50542
52677
  ]
@@ -50752,10 +52887,13 @@
50752
52887
  "CVE-2023-43472",
50753
52888
  "CVE-2024-3094",
50754
52889
  "CVE-2024-3154",
52890
+ "CVE-2024-50050",
50755
52891
  "CVE-2025-0133",
50756
52892
  "CVE-2025-10585",
50757
52893
  "CVE-2025-1094",
50758
52894
  "CVE-2025-14174",
52895
+ "CVE-2025-23254",
52896
+ "CVE-2025-30165",
50759
52897
  "CVE-2025-34291",
50760
52898
  "CVE-2025-38352",
50761
52899
  "CVE-2025-43300",
@@ -50763,10 +52901,12 @@
50763
52901
  "CVE-2025-49844",
50764
52902
  "CVE-2025-53773",
50765
52903
  "CVE-2025-54136",
52904
+ "CVE-2025-60455",
50766
52905
  "CVE-2025-6965",
50767
52906
  "CVE-2026-22252",
50768
52907
  "CVE-2026-22688",
50769
52908
  "CVE-2026-25592",
52909
+ "CVE-2026-26015",
50770
52910
  "CVE-2026-30615",
50771
52911
  "CVE-2026-30616",
50772
52912
  "CVE-2026-30617",
@@ -50783,6 +52923,7 @@
50783
52923
  "CVE-2026-45498",
50784
52924
  "CVE-2026-46300",
50785
52925
  "CVE-2026-46333",
52926
+ "CVE-2026-9082",
50786
52927
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
50787
52928
  "MAL-2026-3083",
50788
52929
  "MAL-2026-NODE-IPC-STEALER"
@@ -51542,6 +53683,7 @@
51542
53683
  "CVE-2024-37079",
51543
53684
  "CVE-2024-42009",
51544
53685
  "CVE-2024-43468",
53686
+ "CVE-2024-50050",
51545
53687
  "CVE-2024-54085",
51546
53688
  "CVE-2024-56145",
51547
53689
  "CVE-2024-57726",
@@ -51572,6 +53714,7 @@
51572
53714
  "CVE-2025-21043",
51573
53715
  "CVE-2025-21479",
51574
53716
  "CVE-2025-21480",
53717
+ "CVE-2025-23254",
51575
53718
  "CVE-2025-24016",
51576
53719
  "CVE-2025-24201",
51577
53720
  "CVE-2025-24893",
@@ -51587,6 +53730,7 @@
51587
53730
  "CVE-2025-27915",
51588
53731
  "CVE-2025-27920",
51589
53732
  "CVE-2025-29635",
53733
+ "CVE-2025-30165",
51590
53734
  "CVE-2025-30397",
51591
53735
  "CVE-2025-31125",
51592
53736
  "CVE-2025-31277",
@@ -51662,6 +53806,7 @@
51662
53806
  "CVE-2025-59389",
51663
53807
  "CVE-2025-59689",
51664
53808
  "CVE-2025-59718",
53809
+ "CVE-2025-60455",
51665
53810
  "CVE-2025-60710",
51666
53811
  "CVE-2025-61757",
51667
53812
  "CVE-2025-61882",
@@ -51726,6 +53871,7 @@
51726
53871
  "CVE-2026-24858",
51727
53872
  "CVE-2026-25108",
51728
53873
  "CVE-2026-25592",
53874
+ "CVE-2026-26015",
51729
53875
  "CVE-2026-3055",
51730
53876
  "CVE-2026-30616",
51731
53877
  "CVE-2026-30617",
@@ -51759,6 +53905,7 @@
51759
53905
  "CVE-2026-46333",
51760
53906
  "CVE-2026-5281",
51761
53907
  "CVE-2026-6973",
53908
+ "CVE-2026-9082",
51762
53909
  "MAL-2026-3083"
51763
53910
  ]
51764
53911
  },
@@ -52038,10 +54185,13 @@
52038
54185
  "CVE-2023-43472",
52039
54186
  "CVE-2024-3094",
52040
54187
  "CVE-2024-3154",
54188
+ "CVE-2024-50050",
52041
54189
  "CVE-2025-0133",
52042
54190
  "CVE-2025-10585",
52043
54191
  "CVE-2025-1094",
52044
54192
  "CVE-2025-14174",
54193
+ "CVE-2025-23254",
54194
+ "CVE-2025-30165",
52045
54195
  "CVE-2025-34291",
52046
54196
  "CVE-2025-38352",
52047
54197
  "CVE-2025-43300",
@@ -52049,10 +54199,12 @@
52049
54199
  "CVE-2025-49844",
52050
54200
  "CVE-2025-53773",
52051
54201
  "CVE-2025-54136",
54202
+ "CVE-2025-60455",
52052
54203
  "CVE-2025-6965",
52053
54204
  "CVE-2026-22252",
52054
54205
  "CVE-2026-22688",
52055
54206
  "CVE-2026-25592",
54207
+ "CVE-2026-26015",
52056
54208
  "CVE-2026-30615",
52057
54209
  "CVE-2026-30616",
52058
54210
  "CVE-2026-30617",
@@ -52069,6 +54221,7 @@
52069
54221
  "CVE-2026-45498",
52070
54222
  "CVE-2026-46300",
52071
54223
  "CVE-2026-46333",
54224
+ "CVE-2026-9082",
52072
54225
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
52073
54226
  "MAL-2026-3083",
52074
54227
  "MAL-2026-NODE-IPC-STEALER",
@@ -52356,6 +54509,7 @@
52356
54509
  "CVE-2024-37079",
52357
54510
  "CVE-2024-42009",
52358
54511
  "CVE-2024-43468",
54512
+ "CVE-2024-50050",
52359
54513
  "CVE-2024-54085",
52360
54514
  "CVE-2024-56145",
52361
54515
  "CVE-2024-57726",
@@ -52387,6 +54541,7 @@
52387
54541
  "CVE-2025-21043",
52388
54542
  "CVE-2025-21479",
52389
54543
  "CVE-2025-21480",
54544
+ "CVE-2025-23254",
52390
54545
  "CVE-2025-24016",
52391
54546
  "CVE-2025-24201",
52392
54547
  "CVE-2025-24893",
@@ -52402,6 +54557,7 @@
52402
54557
  "CVE-2025-27915",
52403
54558
  "CVE-2025-27920",
52404
54559
  "CVE-2025-29635",
54560
+ "CVE-2025-30165",
52405
54561
  "CVE-2025-30397",
52406
54562
  "CVE-2025-31125",
52407
54563
  "CVE-2025-31277",
@@ -52478,6 +54634,7 @@
52478
54634
  "CVE-2025-59389",
52479
54635
  "CVE-2025-59689",
52480
54636
  "CVE-2025-59718",
54637
+ "CVE-2025-60455",
52481
54638
  "CVE-2025-60710",
52482
54639
  "CVE-2025-61757",
52483
54640
  "CVE-2025-61882",
@@ -52543,6 +54700,7 @@
52543
54700
  "CVE-2026-24858",
52544
54701
  "CVE-2026-25108",
52545
54702
  "CVE-2026-25592",
54703
+ "CVE-2026-26015",
52546
54704
  "CVE-2026-3055",
52547
54705
  "CVE-2026-30615",
52548
54706
  "CVE-2026-30616",
@@ -52578,6 +54736,7 @@
52578
54736
  "CVE-2026-46333",
52579
54737
  "CVE-2026-5281",
52580
54738
  "CVE-2026-6973",
54739
+ "CVE-2026-9082",
52581
54740
  "MAL-2026-3083",
52582
54741
  "MAL-2026-NODE-IPC-STEALER",
52583
54742
  "MAL-2026-SHAI-HULUD-OSS"
@@ -52869,9 +55028,12 @@
52869
55028
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
52870
55029
  "CVE-2024-3094",
52871
55030
  "CVE-2024-3154",
55031
+ "CVE-2024-50050",
52872
55032
  "CVE-2025-10585",
52873
55033
  "CVE-2025-1094",
52874
55034
  "CVE-2025-14174",
55035
+ "CVE-2025-23254",
55036
+ "CVE-2025-30165",
52875
55037
  "CVE-2025-34291",
52876
55038
  "CVE-2025-38352",
52877
55039
  "CVE-2025-43300",
@@ -52879,9 +55041,11 @@
52879
55041
  "CVE-2025-49844",
52880
55042
  "CVE-2025-53773",
52881
55043
  "CVE-2025-54136",
55044
+ "CVE-2025-60455",
52882
55045
  "CVE-2026-22252",
52883
55046
  "CVE-2026-22688",
52884
55047
  "CVE-2026-25592",
55048
+ "CVE-2026-26015",
52885
55049
  "CVE-2026-30615",
52886
55050
  "CVE-2026-30616",
52887
55051
  "CVE-2026-30617",
@@ -52896,6 +55060,7 @@
52896
55060
  "CVE-2026-45498",
52897
55061
  "CVE-2026-46300",
52898
55062
  "CVE-2026-46333",
55063
+ "CVE-2026-9082",
52899
55064
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
52900
55065
  "MAL-2026-3083"
52901
55066
  ]
@@ -53792,10 +55957,13 @@
53792
55957
  "CVE-2023-43472",
53793
55958
  "CVE-2024-3094",
53794
55959
  "CVE-2024-3154",
55960
+ "CVE-2024-50050",
53795
55961
  "CVE-2025-0133",
53796
55962
  "CVE-2025-10585",
53797
55963
  "CVE-2025-1094",
53798
55964
  "CVE-2025-14174",
55965
+ "CVE-2025-23254",
55966
+ "CVE-2025-30165",
53799
55967
  "CVE-2025-34291",
53800
55968
  "CVE-2025-38352",
53801
55969
  "CVE-2025-43300",
@@ -53803,10 +55971,12 @@
53803
55971
  "CVE-2025-49844",
53804
55972
  "CVE-2025-53773",
53805
55973
  "CVE-2025-54136",
55974
+ "CVE-2025-60455",
53806
55975
  "CVE-2025-6965",
53807
55976
  "CVE-2026-22252",
53808
55977
  "CVE-2026-22688",
53809
55978
  "CVE-2026-25592",
55979
+ "CVE-2026-26015",
53810
55980
  "CVE-2026-30615",
53811
55981
  "CVE-2026-30616",
53812
55982
  "CVE-2026-30617",
@@ -53823,6 +55993,7 @@
53823
55993
  "CVE-2026-45498",
53824
55994
  "CVE-2026-46300",
53825
55995
  "CVE-2026-46333",
55996
+ "CVE-2026-9082",
53826
55997
  "MAL-2024-PYPI-ULTRALYTICS-XMRIG",
53827
55998
  "MAL-2026-3083",
53828
55999
  "MAL-2026-NODE-IPC-STEALER"
@@ -53877,17 +56048,22 @@
53877
56048
  "rfc_refs": []
53878
56049
  },
53879
56050
  "related_cves": [
56051
+ "CVE-2024-50050",
53880
56052
  "CVE-2025-10585",
53881
56053
  "CVE-2025-1094",
53882
56054
  "CVE-2025-14174",
56055
+ "CVE-2025-23254",
56056
+ "CVE-2025-30165",
53883
56057
  "CVE-2025-34291",
53884
56058
  "CVE-2025-38352",
53885
56059
  "CVE-2025-43300",
53886
56060
  "CVE-2025-49596",
53887
56061
  "CVE-2025-54136",
56062
+ "CVE-2025-60455",
53888
56063
  "CVE-2026-22252",
53889
56064
  "CVE-2026-22688",
53890
56065
  "CVE-2026-25592",
56066
+ "CVE-2026-26015",
53891
56067
  "CVE-2026-30616",
53892
56068
  "CVE-2026-30617",
53893
56069
  "CVE-2026-30624",
@@ -53901,6 +56077,7 @@
53901
56077
  "CVE-2026-45498",
53902
56078
  "CVE-2026-46300",
53903
56079
  "CVE-2026-46333",
56080
+ "CVE-2026-9082",
53904
56081
  "MAL-2026-3083"
53905
56082
  ]
53906
56083
  },
@@ -54034,18 +56211,23 @@
54034
56211
  "related_cves": [
54035
56212
  "BUG-2026-NIGHTMARE-ECLIPSE-UNDEFEND",
54036
56213
  "CVE-2023-43472",
56214
+ "CVE-2024-50050",
54037
56215
  "CVE-2025-0133",
54038
56216
  "CVE-2025-1094",
54039
56217
  "CVE-2025-11837",
56218
+ "CVE-2025-23254",
56219
+ "CVE-2025-30165",
54040
56220
  "CVE-2025-34291",
54041
56221
  "CVE-2025-49596",
54042
56222
  "CVE-2025-53773",
54043
56223
  "CVE-2025-54136",
56224
+ "CVE-2025-60455",
54044
56225
  "CVE-2025-6965",
54045
56226
  "CVE-2026-22252",
54046
56227
  "CVE-2026-22688",
54047
56228
  "CVE-2026-22778",
54048
56229
  "CVE-2026-25592",
56230
+ "CVE-2026-26015",
54049
56231
  "CVE-2026-30616",
54050
56232
  "CVE-2026-30617",
54051
56233
  "CVE-2026-30623",
@@ -54454,6 +56636,7 @@
54454
56636
  "CVE-2024-37079",
54455
56637
  "CVE-2024-42009",
54456
56638
  "CVE-2024-43468",
56639
+ "CVE-2024-50050",
54457
56640
  "CVE-2024-54085",
54458
56641
  "CVE-2024-56145",
54459
56642
  "CVE-2024-57726",
@@ -54482,6 +56665,7 @@
54482
56665
  "CVE-2025-21043",
54483
56666
  "CVE-2025-21479",
54484
56667
  "CVE-2025-21480",
56668
+ "CVE-2025-23254",
54485
56669
  "CVE-2025-24016",
54486
56670
  "CVE-2025-24201",
54487
56671
  "CVE-2025-24893",
@@ -54497,6 +56681,7 @@
54497
56681
  "CVE-2025-27915",
54498
56682
  "CVE-2025-27920",
54499
56683
  "CVE-2025-29635",
56684
+ "CVE-2025-30165",
54500
56685
  "CVE-2025-30397",
54501
56686
  "CVE-2025-31125",
54502
56687
  "CVE-2025-31277",
@@ -54570,6 +56755,7 @@
54570
56755
  "CVE-2025-59374",
54571
56756
  "CVE-2025-59689",
54572
56757
  "CVE-2025-59718",
56758
+ "CVE-2025-60455",
54573
56759
  "CVE-2025-60710",
54574
56760
  "CVE-2025-61757",
54575
56761
  "CVE-2025-61882",
@@ -54631,6 +56817,7 @@
54631
56817
  "CVE-2026-24858",
54632
56818
  "CVE-2026-25108",
54633
56819
  "CVE-2026-25592",
56820
+ "CVE-2026-26015",
54634
56821
  "CVE-2026-3055",
54635
56822
  "CVE-2026-30615",
54636
56823
  "CVE-2026-30616",
@@ -54658,6 +56845,7 @@
54658
56845
  "CVE-2026-46300",
54659
56846
  "CVE-2026-46333",
54660
56847
  "CVE-2026-5281",
56848
+ "CVE-2026-9082",
54661
56849
  "MAL-2026-3083",
54662
56850
  "MAL-2026-NODE-IPC-STEALER",
54663
56851
  "MAL-2026-SHAI-HULUD-OSS"
@@ -54878,10 +57066,13 @@
54878
57066
  "CVE-2023-43472",
54879
57067
  "CVE-2024-3094",
54880
57068
  "CVE-2024-3154",
57069
+ "CVE-2024-50050",
54881
57070
  "CVE-2025-0133",
54882
57071
  "CVE-2025-10585",
54883
57072
  "CVE-2025-1094",
54884
57073
  "CVE-2025-14174",
57074
+ "CVE-2025-23254",
57075
+ "CVE-2025-30165",
54885
57076
  "CVE-2025-34291",
54886
57077
  "CVE-2025-38352",
54887
57078
  "CVE-2025-43300",
@@ -54889,10 +57080,12 @@
54889
57080
  "CVE-2025-49844",
54890
57081
  "CVE-2025-53773",
54891
57082
  "CVE-2025-54136",
57083
+ "CVE-2025-60455",
54892
57084
  "CVE-2025-6965",
54893
57085
  "CVE-2026-22252",
54894
57086
  "CVE-2026-22688",
54895
57087
  "CVE-2026-25592",
57088
+ "CVE-2026-26015",
54896
57089
  "CVE-2026-30615",
54897
57090
  "CVE-2026-30616",
54898
57091
  "CVE-2026-30617",
@@ -54908,6 +57101,7 @@
54908
57101
  "CVE-2026-45498",
54909
57102
  "CVE-2026-46300",
54910
57103
  "CVE-2026-46333",
57104
+ "CVE-2026-9082",
54911
57105
  "MAL-2026-3083",
54912
57106
  "MAL-2026-NODE-IPC-STEALER",
54913
57107
  "MAL-2026-SHAI-HULUD-OSS"
@@ -55158,21 +57352,26 @@
55158
57352
  "CVE-2023-43472",
55159
57353
  "CVE-2024-3094",
55160
57354
  "CVE-2024-40635",
57355
+ "CVE-2024-50050",
55161
57356
  "CVE-2025-0133",
55162
57357
  "CVE-2025-1094",
55163
57358
  "CVE-2025-11837",
55164
57359
  "CVE-2025-14847",
55165
57360
  "CVE-2025-22226",
57361
+ "CVE-2025-23254",
57362
+ "CVE-2025-30165",
55166
57363
  "CVE-2025-34291",
55167
57364
  "CVE-2025-49596",
55168
57365
  "CVE-2025-53767",
55169
57366
  "CVE-2025-53773",
55170
57367
  "CVE-2025-54136",
57368
+ "CVE-2025-60455",
55171
57369
  "CVE-2025-6965",
55172
57370
  "CVE-2026-22252",
55173
57371
  "CVE-2026-22688",
55174
57372
  "CVE-2026-22778",
55175
57373
  "CVE-2026-25592",
57374
+ "CVE-2026-26015",
55176
57375
  "CVE-2026-30615",
55177
57376
  "CVE-2026-30616",
55178
57377
  "CVE-2026-30617",