@blamejs/exceptd-skills 0.13.83 → 0.13.84

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +1368 -0
  6. package/data/atlas-ttps.json +4 -1
  7. package/data/attack-techniques.json +5 -0
  8. package/data/cve-catalog.json +313 -1
  9. package/data/cwe-catalog.json +4 -0
  10. package/data/framework-control-gaps.json +24 -0
  11. package/data/zeroday-lessons.json +150 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/data/_indexes/chains.json CHANGED
@@ -25321,6 +25321,1302 @@
25321
25321
  ]
25322
25322
  }
25323
25323
  },
25324
+ "CVE-2024-42479": {
25325
+ "name": "llama.cpp RPC Backend SET_TENSOR Out-of-Bounds Write RCE",
25326
+ "rwep": 29,
25327
+ "cvss": 9.8,
25328
+ "cisa_kev": false,
25329
+ "epss_score": null,
25330
+ "referencing_skills": [
25331
+ "kernel-lpe-triage",
25332
+ "ai-attack-surface",
25333
+ "compliance-theater",
25334
+ "ai-c2-detection",
25335
+ "attack-surface-pentest",
25336
+ "dlp-gap-analysis",
25337
+ "ot-ics-security",
25338
+ "coordinated-vuln-disclosure",
25339
+ "sector-energy"
25340
+ ],
25341
+ "chain": {
25342
+ "cwes": [
25343
+ {
25344
+ "id": "CWE-1037",
25345
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
25346
+ "category": "Hardware / Side Channel"
25347
+ },
25348
+ {
25349
+ "id": "CWE-1039",
25350
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
25351
+ "category": "AI/ML"
25352
+ },
25353
+ {
25354
+ "id": "CWE-125",
25355
+ "name": "Out-of-bounds Read",
25356
+ "category": "Memory Safety"
25357
+ },
25358
+ {
25359
+ "id": "CWE-1357",
25360
+ "name": "Reliance on Insufficiently Trustworthy Component",
25361
+ "category": "Supply Chain"
25362
+ },
25363
+ {
25364
+ "id": "CWE-1395",
25365
+ "name": "Dependency on Vulnerable Third-Party Component",
25366
+ "category": "Supply Chain"
25367
+ },
25368
+ {
25369
+ "id": "CWE-1426",
25370
+ "name": "Improper Validation of Generative AI Output",
25371
+ "category": "AI/ML"
25372
+ },
25373
+ {
25374
+ "id": "CWE-200",
25375
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
25376
+ "category": "Information Exposure"
25377
+ },
25378
+ {
25379
+ "id": "CWE-22",
25380
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
25381
+ "category": "Path/Resource"
25382
+ },
25383
+ {
25384
+ "id": "CWE-269",
25385
+ "name": "Improper Privilege Management",
25386
+ "category": "Authorization"
25387
+ },
25388
+ {
25389
+ "id": "CWE-287",
25390
+ "name": "Improper Authentication",
25391
+ "category": "Authentication"
25392
+ },
25393
+ {
25394
+ "id": "CWE-306",
25395
+ "name": "Missing Authentication for Critical Function",
25396
+ "category": "Authentication"
25397
+ },
25398
+ {
25399
+ "id": "CWE-352",
25400
+ "name": "Cross-Site Request Forgery (CSRF)",
25401
+ "category": "Session"
25402
+ },
25403
+ {
25404
+ "id": "CWE-362",
25405
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
25406
+ "category": "Concurrency"
25407
+ },
25408
+ {
25409
+ "id": "CWE-416",
25410
+ "name": "Use After Free",
25411
+ "category": "Memory Safety"
25412
+ },
25413
+ {
25414
+ "id": "CWE-434",
25415
+ "name": "Unrestricted Upload of File with Dangerous Type",
25416
+ "category": "File Handling"
25417
+ },
25418
+ {
25419
+ "id": "CWE-672",
25420
+ "name": "Operation on a Resource after Expiration or Release",
25421
+ "category": "Memory Safety"
25422
+ },
25423
+ {
25424
+ "id": "CWE-732",
25425
+ "name": "Incorrect Permission Assignment for Critical Resource",
25426
+ "category": "Authorization"
25427
+ },
25428
+ {
25429
+ "id": "CWE-78",
25430
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
25431
+ "category": "Injection"
25432
+ },
25433
+ {
25434
+ "id": "CWE-787",
25435
+ "name": "Out-of-bounds Write",
25436
+ "category": "Memory Safety"
25437
+ },
25438
+ {
25439
+ "id": "CWE-79",
25440
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
25441
+ "category": "Injection"
25442
+ },
25443
+ {
25444
+ "id": "CWE-798",
25445
+ "name": "Use of Hard-coded Credentials",
25446
+ "category": "Credentials"
25447
+ },
25448
+ {
25449
+ "id": "CWE-89",
25450
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
25451
+ "category": "Injection"
25452
+ },
25453
+ {
25454
+ "id": "CWE-918",
25455
+ "name": "Server-Side Request Forgery (SSRF)",
25456
+ "category": "Network"
25457
+ },
25458
+ {
25459
+ "id": "CWE-94",
25460
+ "name": "Improper Control of Generation of Code (Code Injection)",
25461
+ "category": "Injection"
25462
+ }
25463
+ ],
25464
+ "atlas": [
25465
+ {
25466
+ "id": "AML.T0010",
25467
+ "name": "ML Supply Chain Compromise",
25468
+ "tactic": "Initial Access"
25469
+ },
25470
+ {
25471
+ "id": "AML.T0016",
25472
+ "name": "Obtain Capabilities: Develop Capabilities",
25473
+ "tactic": "Resource Development"
25474
+ },
25475
+ {
25476
+ "id": "AML.T0017",
25477
+ "name": "Discover ML Model Ontology",
25478
+ "tactic": "Discovery"
25479
+ },
25480
+ {
25481
+ "id": "AML.T0018",
25482
+ "name": "Backdoor ML Model",
25483
+ "tactic": "Persistence"
25484
+ },
25485
+ {
25486
+ "id": "AML.T0020",
25487
+ "name": "Poison Training Data",
25488
+ "tactic": "ML Attack Staging"
25489
+ },
25490
+ {
25491
+ "id": "AML.T0043",
25492
+ "name": "Craft Adversarial Data",
25493
+ "tactic": "ML Attack Staging"
25494
+ },
25495
+ {
25496
+ "id": "AML.T0051",
25497
+ "name": "LLM Prompt Injection",
25498
+ "tactic": "Execution"
25499
+ },
25500
+ {
25501
+ "id": "AML.T0054",
25502
+ "name": "LLM Jailbreak",
25503
+ "tactic": "Defense Evasion"
25504
+ },
25505
+ {
25506
+ "id": "AML.T0096",
25507
+ "name": "AI API as Covert C2 Channel",
25508
+ "tactic": "Command and Control"
25509
+ }
25510
+ ],
25511
+ "d3fend": [
25512
+ {
25513
+ "id": "D3-ASLR",
25514
+ "name": "Address Space Layout Randomization",
25515
+ "tactic": "Harden"
25516
+ },
25517
+ {
25518
+ "id": "D3-CA",
25519
+ "name": "Certificate Analysis",
25520
+ "tactic": "Detect"
25521
+ },
25522
+ {
25523
+ "id": "D3-CSPP",
25524
+ "name": "Client-server Payload Profiling",
25525
+ "tactic": "Detect"
25526
+ },
25527
+ {
25528
+ "id": "D3-DA",
25529
+ "name": "Domain Analysis",
25530
+ "tactic": "Detect"
25531
+ },
25532
+ {
25533
+ "id": "D3-EAL",
25534
+ "name": "Executable Allowlisting",
25535
+ "tactic": "Harden"
25536
+ },
25537
+ {
25538
+ "id": "D3-IOPR",
25539
+ "name": "Input/Output Profiling Resource",
25540
+ "tactic": "Detect"
25541
+ },
25542
+ {
25543
+ "id": "D3-NI",
25544
+ "name": "Network Isolation",
25545
+ "tactic": "Isolate"
25546
+ },
25547
+ {
25548
+ "id": "D3-NTA",
25549
+ "name": "Network Traffic Analysis",
25550
+ "tactic": "Detect"
25551
+ },
25552
+ {
25553
+ "id": "D3-NTPM",
25554
+ "name": "Network Traffic Policy Mapping",
25555
+ "tactic": "Model"
25556
+ },
25557
+ {
25558
+ "id": "D3-PHRA",
25559
+ "name": "Process Hardware Resource Access",
25560
+ "tactic": "Isolate"
25561
+ },
25562
+ {
25563
+ "id": "D3-PSEP",
25564
+ "name": "Process Segment Execution Prevention",
25565
+ "tactic": "Harden"
25566
+ }
25567
+ ],
25568
+ "framework_gaps": [
25569
+ {
25570
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
25571
+ "framework": "ALL",
25572
+ "control_name": "AI Pipeline Integrity"
25573
+ },
25574
+ {
25575
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
25576
+ "framework": "ALL",
25577
+ "control_name": "Prompt Injection as Access Control Failure"
25578
+ },
25579
+ {
25580
+ "id": "CIS-Controls-v8-Control7",
25581
+ "framework": "CIS Controls v8",
25582
+ "control_name": "Continuous Vulnerability Management"
25583
+ },
25584
+ {
25585
+ "id": "CMMC-2.0-Level-2",
25586
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
25587
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
25588
+ },
25589
+ {
25590
+ "id": "FedRAMP-Rev5-Moderate",
25591
+ "framework": "FedRAMP Rev 5 Moderate",
25592
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
25593
+ },
25594
+ {
25595
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
25596
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
25597
+ "control_name": "Access control standard (technical safeguards)"
25598
+ },
25599
+ {
25600
+ "id": "IEC-62443-3-3",
25601
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
25602
+ "control_name": "System security requirements and security levels"
25603
+ },
25604
+ {
25605
+ "id": "ISO-27001-2022-A.8.16",
25606
+ "framework": "ISO/IEC 27001:2022",
25607
+ "control_name": "Monitoring activities"
25608
+ },
25609
+ {
25610
+ "id": "ISO-27001-2022-A.8.28",
25611
+ "framework": "ISO/IEC 27001:2022",
25612
+ "control_name": "Secure coding"
25613
+ },
25614
+ {
25615
+ "id": "ISO-27001-2022-A.8.8",
25616
+ "framework": "ISO/IEC 27001:2022",
25617
+ "control_name": "Management of technical vulnerabilities"
25618
+ },
25619
+ {
25620
+ "id": "ISO-IEC-23894-2023-clause-7",
25621
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
25622
+ "control_name": "AI risk management process"
25623
+ },
25624
+ {
25625
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
25626
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
25627
+ "control_name": "AI risk assessment"
25628
+ },
25629
+ {
25630
+ "id": "NERC-CIP-007-6-R4",
25631
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
25632
+ "control_name": "Security event monitoring"
25633
+ },
25634
+ {
25635
+ "id": "NIS2-Art21-patch-management",
25636
+ "framework": "EU NIS2 Directive",
25637
+ "control_name": "Vulnerability handling and disclosure"
25638
+ },
25639
+ {
25640
+ "id": "NIST-800-115",
25641
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
25642
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
25643
+ },
25644
+ {
25645
+ "id": "NIST-800-218-SSDF",
25646
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
25647
+ "control_name": "Secure Software Development Framework"
25648
+ },
25649
+ {
25650
+ "id": "NIST-800-53-AC-2",
25651
+ "framework": "NIST SP 800-53 Rev 5",
25652
+ "control_name": "Account Management"
25653
+ },
25654
+ {
25655
+ "id": "NIST-800-53-SC-28",
25656
+ "framework": "NIST SP 800-53 Rev 5",
25657
+ "control_name": "Protection of Information at Rest"
25658
+ },
25659
+ {
25660
+ "id": "NIST-800-53-SC-7",
25661
+ "framework": "NIST SP 800-53 Rev 5",
25662
+ "control_name": "Boundary Protection"
25663
+ },
25664
+ {
25665
+ "id": "NIST-800-53-SC-8",
25666
+ "framework": "NIST SP 800-53 Rev 5",
25667
+ "control_name": "Transmission Confidentiality and Integrity"
25668
+ },
25669
+ {
25670
+ "id": "NIST-800-53-SI-2",
25671
+ "framework": "NIST SP 800-53 Rev 5",
25672
+ "control_name": "Flaw Remediation"
25673
+ },
25674
+ {
25675
+ "id": "NIST-800-53-SI-3",
25676
+ "framework": "NIST SP 800-53 Rev 5",
25677
+ "control_name": "Malicious Code Protection"
25678
+ },
25679
+ {
25680
+ "id": "NIST-800-82r3",
25681
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
25682
+ "control_name": "Guide to Operational Technology (OT) Security"
25683
+ },
25684
+ {
25685
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
25686
+ "framework": "OWASP Top 10 for LLM Applications 2025",
25687
+ "control_name": "Prompt Injection"
25688
+ },
25689
+ {
25690
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
25691
+ "framework": "OWASP Top 10 for LLM Applications 2025",
25692
+ "control_name": "Sensitive Information Disclosure"
25693
+ },
25694
+ {
25695
+ "id": "OWASP-Pen-Testing-Guide-v5",
25696
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
25697
+ "control_name": "Web application penetration testing methodology"
25698
+ },
25699
+ {
25700
+ "id": "PCI-DSS-4.0-6.3.3",
25701
+ "framework": "PCI DSS 4.0",
25702
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
25703
+ },
25704
+ {
25705
+ "id": "PTES-Pre-engagement",
25706
+ "framework": "Penetration Testing Execution Standard (PTES)",
25707
+ "control_name": "Pre-engagement Interactions"
25708
+ },
25709
+ {
25710
+ "id": "SOC2-CC6-logical-access",
25711
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
25712
+ "control_name": "Logical and Physical Access Controls"
25713
+ },
25714
+ {
25715
+ "id": "SOC2-CC7-anomaly-detection",
25716
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
25717
+ "control_name": "System Operations — Threat and Vulnerability Management"
25718
+ },
25719
+ {
25720
+ "id": "SOC2-CC9-vendor-management",
25721
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
25722
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
25723
+ }
25724
+ ],
25725
+ "attack_refs": [
25726
+ "T0855",
25727
+ "T0883",
25728
+ "T1041",
25729
+ "T1059",
25730
+ "T1068",
25731
+ "T1071",
25732
+ "T1078",
25733
+ "T1102",
25734
+ "T1133",
25735
+ "T1190",
25736
+ "T1213",
25737
+ "T1530",
25738
+ "T1548.001",
25739
+ "T1566",
25740
+ "T1567",
25741
+ "T1568"
25742
+ ],
25743
+ "rfc_refs": [
25744
+ "RFC-4301",
25745
+ "RFC-4303",
25746
+ "RFC-7296",
25747
+ "RFC-8446",
25748
+ "RFC-9000",
25749
+ "RFC-9114",
25750
+ "RFC-9180",
25751
+ "RFC-9421",
25752
+ "RFC-9458"
25753
+ ]
25754
+ }
25755
+ },
25756
+ "CVE-2024-42478": {
25757
+ "name": "llama.cpp RPC Backend GET_TENSOR Out-of-Bounds Read",
25758
+ "rwep": 29,
25759
+ "cvss": 9.8,
25760
+ "cisa_kev": false,
25761
+ "epss_score": null,
25762
+ "referencing_skills": [
25763
+ "kernel-lpe-triage",
25764
+ "ai-attack-surface",
25765
+ "compliance-theater",
25766
+ "ai-c2-detection",
25767
+ "attack-surface-pentest",
25768
+ "dlp-gap-analysis",
25769
+ "ot-ics-security",
25770
+ "coordinated-vuln-disclosure",
25771
+ "sector-energy"
25772
+ ],
25773
+ "chain": {
25774
+ "cwes": [
25775
+ {
25776
+ "id": "CWE-1037",
25777
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
25778
+ "category": "Hardware / Side Channel"
25779
+ },
25780
+ {
25781
+ "id": "CWE-1039",
25782
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
25783
+ "category": "AI/ML"
25784
+ },
25785
+ {
25786
+ "id": "CWE-125",
25787
+ "name": "Out-of-bounds Read",
25788
+ "category": "Memory Safety"
25789
+ },
25790
+ {
25791
+ "id": "CWE-1357",
25792
+ "name": "Reliance on Insufficiently Trustworthy Component",
25793
+ "category": "Supply Chain"
25794
+ },
25795
+ {
25796
+ "id": "CWE-1395",
25797
+ "name": "Dependency on Vulnerable Third-Party Component",
25798
+ "category": "Supply Chain"
25799
+ },
25800
+ {
25801
+ "id": "CWE-1426",
25802
+ "name": "Improper Validation of Generative AI Output",
25803
+ "category": "AI/ML"
25804
+ },
25805
+ {
25806
+ "id": "CWE-200",
25807
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
25808
+ "category": "Information Exposure"
25809
+ },
25810
+ {
25811
+ "id": "CWE-22",
25812
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
25813
+ "category": "Path/Resource"
25814
+ },
25815
+ {
25816
+ "id": "CWE-269",
25817
+ "name": "Improper Privilege Management",
25818
+ "category": "Authorization"
25819
+ },
25820
+ {
25821
+ "id": "CWE-287",
25822
+ "name": "Improper Authentication",
25823
+ "category": "Authentication"
25824
+ },
25825
+ {
25826
+ "id": "CWE-306",
25827
+ "name": "Missing Authentication for Critical Function",
25828
+ "category": "Authentication"
25829
+ },
25830
+ {
25831
+ "id": "CWE-352",
25832
+ "name": "Cross-Site Request Forgery (CSRF)",
25833
+ "category": "Session"
25834
+ },
25835
+ {
25836
+ "id": "CWE-362",
25837
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
25838
+ "category": "Concurrency"
25839
+ },
25840
+ {
25841
+ "id": "CWE-416",
25842
+ "name": "Use After Free",
25843
+ "category": "Memory Safety"
25844
+ },
25845
+ {
25846
+ "id": "CWE-434",
25847
+ "name": "Unrestricted Upload of File with Dangerous Type",
25848
+ "category": "File Handling"
25849
+ },
25850
+ {
25851
+ "id": "CWE-672",
25852
+ "name": "Operation on a Resource after Expiration or Release",
25853
+ "category": "Memory Safety"
25854
+ },
25855
+ {
25856
+ "id": "CWE-732",
25857
+ "name": "Incorrect Permission Assignment for Critical Resource",
25858
+ "category": "Authorization"
25859
+ },
25860
+ {
25861
+ "id": "CWE-78",
25862
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
25863
+ "category": "Injection"
25864
+ },
25865
+ {
25866
+ "id": "CWE-787",
25867
+ "name": "Out-of-bounds Write",
25868
+ "category": "Memory Safety"
25869
+ },
25870
+ {
25871
+ "id": "CWE-79",
25872
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
25873
+ "category": "Injection"
25874
+ },
25875
+ {
25876
+ "id": "CWE-798",
25877
+ "name": "Use of Hard-coded Credentials",
25878
+ "category": "Credentials"
25879
+ },
25880
+ {
25881
+ "id": "CWE-89",
25882
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
25883
+ "category": "Injection"
25884
+ },
25885
+ {
25886
+ "id": "CWE-918",
25887
+ "name": "Server-Side Request Forgery (SSRF)",
25888
+ "category": "Network"
25889
+ },
25890
+ {
25891
+ "id": "CWE-94",
25892
+ "name": "Improper Control of Generation of Code (Code Injection)",
25893
+ "category": "Injection"
25894
+ }
25895
+ ],
25896
+ "atlas": [
25897
+ {
25898
+ "id": "AML.T0010",
25899
+ "name": "ML Supply Chain Compromise",
25900
+ "tactic": "Initial Access"
25901
+ },
25902
+ {
25903
+ "id": "AML.T0016",
25904
+ "name": "Obtain Capabilities: Develop Capabilities",
25905
+ "tactic": "Resource Development"
25906
+ },
25907
+ {
25908
+ "id": "AML.T0017",
25909
+ "name": "Discover ML Model Ontology",
25910
+ "tactic": "Discovery"
25911
+ },
25912
+ {
25913
+ "id": "AML.T0018",
25914
+ "name": "Backdoor ML Model",
25915
+ "tactic": "Persistence"
25916
+ },
25917
+ {
25918
+ "id": "AML.T0020",
25919
+ "name": "Poison Training Data",
25920
+ "tactic": "ML Attack Staging"
25921
+ },
25922
+ {
25923
+ "id": "AML.T0043",
25924
+ "name": "Craft Adversarial Data",
25925
+ "tactic": "ML Attack Staging"
25926
+ },
25927
+ {
25928
+ "id": "AML.T0051",
25929
+ "name": "LLM Prompt Injection",
25930
+ "tactic": "Execution"
25931
+ },
25932
+ {
25933
+ "id": "AML.T0054",
25934
+ "name": "LLM Jailbreak",
25935
+ "tactic": "Defense Evasion"
25936
+ },
25937
+ {
25938
+ "id": "AML.T0096",
25939
+ "name": "AI API as Covert C2 Channel",
25940
+ "tactic": "Command and Control"
25941
+ }
25942
+ ],
25943
+ "d3fend": [
25944
+ {
25945
+ "id": "D3-ASLR",
25946
+ "name": "Address Space Layout Randomization",
25947
+ "tactic": "Harden"
25948
+ },
25949
+ {
25950
+ "id": "D3-CA",
25951
+ "name": "Certificate Analysis",
25952
+ "tactic": "Detect"
25953
+ },
25954
+ {
25955
+ "id": "D3-CSPP",
25956
+ "name": "Client-server Payload Profiling",
25957
+ "tactic": "Detect"
25958
+ },
25959
+ {
25960
+ "id": "D3-DA",
25961
+ "name": "Domain Analysis",
25962
+ "tactic": "Detect"
25963
+ },
25964
+ {
25965
+ "id": "D3-EAL",
25966
+ "name": "Executable Allowlisting",
25967
+ "tactic": "Harden"
25968
+ },
25969
+ {
25970
+ "id": "D3-IOPR",
25971
+ "name": "Input/Output Profiling Resource",
25972
+ "tactic": "Detect"
25973
+ },
25974
+ {
25975
+ "id": "D3-NI",
25976
+ "name": "Network Isolation",
25977
+ "tactic": "Isolate"
25978
+ },
25979
+ {
25980
+ "id": "D3-NTA",
25981
+ "name": "Network Traffic Analysis",
25982
+ "tactic": "Detect"
25983
+ },
25984
+ {
25985
+ "id": "D3-NTPM",
25986
+ "name": "Network Traffic Policy Mapping",
25987
+ "tactic": "Model"
25988
+ },
25989
+ {
25990
+ "id": "D3-PHRA",
25991
+ "name": "Process Hardware Resource Access",
25992
+ "tactic": "Isolate"
25993
+ },
25994
+ {
25995
+ "id": "D3-PSEP",
25996
+ "name": "Process Segment Execution Prevention",
25997
+ "tactic": "Harden"
25998
+ }
25999
+ ],
26000
+ "framework_gaps": [
26001
+ {
26002
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
26003
+ "framework": "ALL",
26004
+ "control_name": "AI Pipeline Integrity"
26005
+ },
26006
+ {
26007
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
26008
+ "framework": "ALL",
26009
+ "control_name": "Prompt Injection as Access Control Failure"
26010
+ },
26011
+ {
26012
+ "id": "CIS-Controls-v8-Control7",
26013
+ "framework": "CIS Controls v8",
26014
+ "control_name": "Continuous Vulnerability Management"
26015
+ },
26016
+ {
26017
+ "id": "CMMC-2.0-Level-2",
26018
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
26019
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
26020
+ },
26021
+ {
26022
+ "id": "FedRAMP-Rev5-Moderate",
26023
+ "framework": "FedRAMP Rev 5 Moderate",
26024
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
26025
+ },
26026
+ {
26027
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
26028
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
26029
+ "control_name": "Access control standard (technical safeguards)"
26030
+ },
26031
+ {
26032
+ "id": "IEC-62443-3-3",
26033
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
26034
+ "control_name": "System security requirements and security levels"
26035
+ },
26036
+ {
26037
+ "id": "ISO-27001-2022-A.8.16",
26038
+ "framework": "ISO/IEC 27001:2022",
26039
+ "control_name": "Monitoring activities"
26040
+ },
26041
+ {
26042
+ "id": "ISO-27001-2022-A.8.28",
26043
+ "framework": "ISO/IEC 27001:2022",
26044
+ "control_name": "Secure coding"
26045
+ },
26046
+ {
26047
+ "id": "ISO-27001-2022-A.8.8",
26048
+ "framework": "ISO/IEC 27001:2022",
26049
+ "control_name": "Management of technical vulnerabilities"
26050
+ },
26051
+ {
26052
+ "id": "ISO-IEC-23894-2023-clause-7",
26053
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
26054
+ "control_name": "AI risk management process"
26055
+ },
26056
+ {
26057
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
26058
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
26059
+ "control_name": "AI risk assessment"
26060
+ },
26061
+ {
26062
+ "id": "NERC-CIP-007-6-R4",
26063
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
26064
+ "control_name": "Security event monitoring"
26065
+ },
26066
+ {
26067
+ "id": "NIS2-Art21-patch-management",
26068
+ "framework": "EU NIS2 Directive",
26069
+ "control_name": "Vulnerability handling and disclosure"
26070
+ },
26071
+ {
26072
+ "id": "NIST-800-115",
26073
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
26074
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
26075
+ },
26076
+ {
26077
+ "id": "NIST-800-218-SSDF",
26078
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
26079
+ "control_name": "Secure Software Development Framework"
26080
+ },
26081
+ {
26082
+ "id": "NIST-800-53-AC-2",
26083
+ "framework": "NIST SP 800-53 Rev 5",
26084
+ "control_name": "Account Management"
26085
+ },
26086
+ {
26087
+ "id": "NIST-800-53-SC-28",
26088
+ "framework": "NIST SP 800-53 Rev 5",
26089
+ "control_name": "Protection of Information at Rest"
26090
+ },
26091
+ {
26092
+ "id": "NIST-800-53-SC-7",
26093
+ "framework": "NIST SP 800-53 Rev 5",
26094
+ "control_name": "Boundary Protection"
26095
+ },
26096
+ {
26097
+ "id": "NIST-800-53-SC-8",
26098
+ "framework": "NIST SP 800-53 Rev 5",
26099
+ "control_name": "Transmission Confidentiality and Integrity"
26100
+ },
26101
+ {
26102
+ "id": "NIST-800-53-SI-2",
26103
+ "framework": "NIST SP 800-53 Rev 5",
26104
+ "control_name": "Flaw Remediation"
26105
+ },
26106
+ {
26107
+ "id": "NIST-800-53-SI-3",
26108
+ "framework": "NIST SP 800-53 Rev 5",
26109
+ "control_name": "Malicious Code Protection"
26110
+ },
26111
+ {
26112
+ "id": "NIST-800-82r3",
26113
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
26114
+ "control_name": "Guide to Operational Technology (OT) Security"
26115
+ },
26116
+ {
26117
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
26118
+ "framework": "OWASP Top 10 for LLM Applications 2025",
26119
+ "control_name": "Prompt Injection"
26120
+ },
26121
+ {
26122
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
26123
+ "framework": "OWASP Top 10 for LLM Applications 2025",
26124
+ "control_name": "Sensitive Information Disclosure"
26125
+ },
26126
+ {
26127
+ "id": "OWASP-Pen-Testing-Guide-v5",
26128
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
26129
+ "control_name": "Web application penetration testing methodology"
26130
+ },
26131
+ {
26132
+ "id": "PCI-DSS-4.0-6.3.3",
26133
+ "framework": "PCI DSS 4.0",
26134
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
26135
+ },
26136
+ {
26137
+ "id": "PTES-Pre-engagement",
26138
+ "framework": "Penetration Testing Execution Standard (PTES)",
26139
+ "control_name": "Pre-engagement Interactions"
26140
+ },
26141
+ {
26142
+ "id": "SOC2-CC6-logical-access",
26143
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
26144
+ "control_name": "Logical and Physical Access Controls"
26145
+ },
26146
+ {
26147
+ "id": "SOC2-CC7-anomaly-detection",
26148
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
26149
+ "control_name": "System Operations — Threat and Vulnerability Management"
26150
+ },
26151
+ {
26152
+ "id": "SOC2-CC9-vendor-management",
26153
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
26154
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
26155
+ }
26156
+ ],
26157
+ "attack_refs": [
26158
+ "T0855",
26159
+ "T0883",
26160
+ "T1041",
26161
+ "T1059",
26162
+ "T1068",
26163
+ "T1071",
26164
+ "T1078",
26165
+ "T1102",
26166
+ "T1133",
26167
+ "T1190",
26168
+ "T1213",
26169
+ "T1530",
26170
+ "T1548.001",
26171
+ "T1566",
26172
+ "T1567",
26173
+ "T1568"
26174
+ ],
26175
+ "rfc_refs": [
26176
+ "RFC-4301",
26177
+ "RFC-4303",
26178
+ "RFC-7296",
26179
+ "RFC-8446",
26180
+ "RFC-9000",
26181
+ "RFC-9114",
26182
+ "RFC-9180",
26183
+ "RFC-9421",
26184
+ "RFC-9458"
26185
+ ]
26186
+ }
26187
+ },
26188
+ "CVE-2026-34159": {
26189
+ "name": "llama.cpp RPC Backend GRAPH_COMPUTE deserialize_tensor Bounds Bypass RCE",
26190
+ "rwep": 29,
26191
+ "cvss": 9.8,
26192
+ "cisa_kev": false,
26193
+ "epss_score": null,
26194
+ "referencing_skills": [
26195
+ "kernel-lpe-triage",
26196
+ "ai-attack-surface",
26197
+ "compliance-theater",
26198
+ "ai-c2-detection",
26199
+ "attack-surface-pentest",
26200
+ "dlp-gap-analysis",
26201
+ "ot-ics-security",
26202
+ "coordinated-vuln-disclosure",
26203
+ "sector-energy"
26204
+ ],
26205
+ "chain": {
26206
+ "cwes": [
26207
+ {
26208
+ "id": "CWE-1037",
26209
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
26210
+ "category": "Hardware / Side Channel"
26211
+ },
26212
+ {
26213
+ "id": "CWE-1039",
26214
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
26215
+ "category": "AI/ML"
26216
+ },
26217
+ {
26218
+ "id": "CWE-125",
26219
+ "name": "Out-of-bounds Read",
26220
+ "category": "Memory Safety"
26221
+ },
26222
+ {
26223
+ "id": "CWE-1357",
26224
+ "name": "Reliance on Insufficiently Trustworthy Component",
26225
+ "category": "Supply Chain"
26226
+ },
26227
+ {
26228
+ "id": "CWE-1395",
26229
+ "name": "Dependency on Vulnerable Third-Party Component",
26230
+ "category": "Supply Chain"
26231
+ },
26232
+ {
26233
+ "id": "CWE-1426",
26234
+ "name": "Improper Validation of Generative AI Output",
26235
+ "category": "AI/ML"
26236
+ },
26237
+ {
26238
+ "id": "CWE-200",
26239
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
26240
+ "category": "Information Exposure"
26241
+ },
26242
+ {
26243
+ "id": "CWE-22",
26244
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
26245
+ "category": "Path/Resource"
26246
+ },
26247
+ {
26248
+ "id": "CWE-269",
26249
+ "name": "Improper Privilege Management",
26250
+ "category": "Authorization"
26251
+ },
26252
+ {
26253
+ "id": "CWE-287",
26254
+ "name": "Improper Authentication",
26255
+ "category": "Authentication"
26256
+ },
26257
+ {
26258
+ "id": "CWE-306",
26259
+ "name": "Missing Authentication for Critical Function",
26260
+ "category": "Authentication"
26261
+ },
26262
+ {
26263
+ "id": "CWE-352",
26264
+ "name": "Cross-Site Request Forgery (CSRF)",
26265
+ "category": "Session"
26266
+ },
26267
+ {
26268
+ "id": "CWE-362",
26269
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
26270
+ "category": "Concurrency"
26271
+ },
26272
+ {
26273
+ "id": "CWE-416",
26274
+ "name": "Use After Free",
26275
+ "category": "Memory Safety"
26276
+ },
26277
+ {
26278
+ "id": "CWE-434",
26279
+ "name": "Unrestricted Upload of File with Dangerous Type",
26280
+ "category": "File Handling"
26281
+ },
26282
+ {
26283
+ "id": "CWE-672",
26284
+ "name": "Operation on a Resource after Expiration or Release",
26285
+ "category": "Memory Safety"
26286
+ },
26287
+ {
26288
+ "id": "CWE-732",
26289
+ "name": "Incorrect Permission Assignment for Critical Resource",
26290
+ "category": "Authorization"
26291
+ },
26292
+ {
26293
+ "id": "CWE-78",
26294
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
26295
+ "category": "Injection"
26296
+ },
26297
+ {
26298
+ "id": "CWE-787",
26299
+ "name": "Out-of-bounds Write",
26300
+ "category": "Memory Safety"
26301
+ },
26302
+ {
26303
+ "id": "CWE-79",
26304
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
26305
+ "category": "Injection"
26306
+ },
26307
+ {
26308
+ "id": "CWE-798",
26309
+ "name": "Use of Hard-coded Credentials",
26310
+ "category": "Credentials"
26311
+ },
26312
+ {
26313
+ "id": "CWE-89",
26314
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
26315
+ "category": "Injection"
26316
+ },
26317
+ {
26318
+ "id": "CWE-918",
26319
+ "name": "Server-Side Request Forgery (SSRF)",
26320
+ "category": "Network"
26321
+ },
26322
+ {
26323
+ "id": "CWE-94",
26324
+ "name": "Improper Control of Generation of Code (Code Injection)",
26325
+ "category": "Injection"
26326
+ }
26327
+ ],
26328
+ "atlas": [
26329
+ {
26330
+ "id": "AML.T0010",
26331
+ "name": "ML Supply Chain Compromise",
26332
+ "tactic": "Initial Access"
26333
+ },
26334
+ {
26335
+ "id": "AML.T0016",
26336
+ "name": "Obtain Capabilities: Develop Capabilities",
26337
+ "tactic": "Resource Development"
26338
+ },
26339
+ {
26340
+ "id": "AML.T0017",
26341
+ "name": "Discover ML Model Ontology",
26342
+ "tactic": "Discovery"
26343
+ },
26344
+ {
26345
+ "id": "AML.T0018",
26346
+ "name": "Backdoor ML Model",
26347
+ "tactic": "Persistence"
26348
+ },
26349
+ {
26350
+ "id": "AML.T0020",
26351
+ "name": "Poison Training Data",
26352
+ "tactic": "ML Attack Staging"
26353
+ },
26354
+ {
26355
+ "id": "AML.T0043",
26356
+ "name": "Craft Adversarial Data",
26357
+ "tactic": "ML Attack Staging"
26358
+ },
26359
+ {
26360
+ "id": "AML.T0051",
26361
+ "name": "LLM Prompt Injection",
26362
+ "tactic": "Execution"
26363
+ },
26364
+ {
26365
+ "id": "AML.T0054",
26366
+ "name": "LLM Jailbreak",
26367
+ "tactic": "Defense Evasion"
26368
+ },
26369
+ {
26370
+ "id": "AML.T0096",
26371
+ "name": "AI API as Covert C2 Channel",
26372
+ "tactic": "Command and Control"
26373
+ }
26374
+ ],
26375
+ "d3fend": [
26376
+ {
26377
+ "id": "D3-ASLR",
26378
+ "name": "Address Space Layout Randomization",
26379
+ "tactic": "Harden"
26380
+ },
26381
+ {
26382
+ "id": "D3-CA",
26383
+ "name": "Certificate Analysis",
26384
+ "tactic": "Detect"
26385
+ },
26386
+ {
26387
+ "id": "D3-CSPP",
26388
+ "name": "Client-server Payload Profiling",
26389
+ "tactic": "Detect"
26390
+ },
26391
+ {
26392
+ "id": "D3-DA",
26393
+ "name": "Domain Analysis",
26394
+ "tactic": "Detect"
26395
+ },
26396
+ {
26397
+ "id": "D3-EAL",
26398
+ "name": "Executable Allowlisting",
26399
+ "tactic": "Harden"
26400
+ },
26401
+ {
26402
+ "id": "D3-IOPR",
26403
+ "name": "Input/Output Profiling Resource",
26404
+ "tactic": "Detect"
26405
+ },
26406
+ {
26407
+ "id": "D3-NI",
26408
+ "name": "Network Isolation",
26409
+ "tactic": "Isolate"
26410
+ },
26411
+ {
26412
+ "id": "D3-NTA",
26413
+ "name": "Network Traffic Analysis",
26414
+ "tactic": "Detect"
26415
+ },
26416
+ {
26417
+ "id": "D3-NTPM",
26418
+ "name": "Network Traffic Policy Mapping",
26419
+ "tactic": "Model"
26420
+ },
26421
+ {
26422
+ "id": "D3-PHRA",
26423
+ "name": "Process Hardware Resource Access",
26424
+ "tactic": "Isolate"
26425
+ },
26426
+ {
26427
+ "id": "D3-PSEP",
26428
+ "name": "Process Segment Execution Prevention",
26429
+ "tactic": "Harden"
26430
+ }
26431
+ ],
26432
+ "framework_gaps": [
26433
+ {
26434
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
26435
+ "framework": "ALL",
26436
+ "control_name": "AI Pipeline Integrity"
26437
+ },
26438
+ {
26439
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
26440
+ "framework": "ALL",
26441
+ "control_name": "Prompt Injection as Access Control Failure"
26442
+ },
26443
+ {
26444
+ "id": "CIS-Controls-v8-Control7",
26445
+ "framework": "CIS Controls v8",
26446
+ "control_name": "Continuous Vulnerability Management"
26447
+ },
26448
+ {
26449
+ "id": "CMMC-2.0-Level-2",
26450
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
26451
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
26452
+ },
26453
+ {
26454
+ "id": "FedRAMP-Rev5-Moderate",
26455
+ "framework": "FedRAMP Rev 5 Moderate",
26456
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
26457
+ },
26458
+ {
26459
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
26460
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
26461
+ "control_name": "Access control standard (technical safeguards)"
26462
+ },
26463
+ {
26464
+ "id": "IEC-62443-3-3",
26465
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
26466
+ "control_name": "System security requirements and security levels"
26467
+ },
26468
+ {
26469
+ "id": "ISO-27001-2022-A.8.16",
26470
+ "framework": "ISO/IEC 27001:2022",
26471
+ "control_name": "Monitoring activities"
26472
+ },
26473
+ {
26474
+ "id": "ISO-27001-2022-A.8.28",
26475
+ "framework": "ISO/IEC 27001:2022",
26476
+ "control_name": "Secure coding"
26477
+ },
26478
+ {
26479
+ "id": "ISO-27001-2022-A.8.8",
26480
+ "framework": "ISO/IEC 27001:2022",
26481
+ "control_name": "Management of technical vulnerabilities"
26482
+ },
26483
+ {
26484
+ "id": "ISO-IEC-23894-2023-clause-7",
26485
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
26486
+ "control_name": "AI risk management process"
26487
+ },
26488
+ {
26489
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
26490
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
26491
+ "control_name": "AI risk assessment"
26492
+ },
26493
+ {
26494
+ "id": "NERC-CIP-007-6-R4",
26495
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
26496
+ "control_name": "Security event monitoring"
26497
+ },
26498
+ {
26499
+ "id": "NIS2-Art21-patch-management",
26500
+ "framework": "EU NIS2 Directive",
26501
+ "control_name": "Vulnerability handling and disclosure"
26502
+ },
26503
+ {
26504
+ "id": "NIST-800-115",
26505
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
26506
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
26507
+ },
26508
+ {
26509
+ "id": "NIST-800-218-SSDF",
26510
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
26511
+ "control_name": "Secure Software Development Framework"
26512
+ },
26513
+ {
26514
+ "id": "NIST-800-53-AC-2",
26515
+ "framework": "NIST SP 800-53 Rev 5",
26516
+ "control_name": "Account Management"
26517
+ },
26518
+ {
26519
+ "id": "NIST-800-53-SC-28",
26520
+ "framework": "NIST SP 800-53 Rev 5",
26521
+ "control_name": "Protection of Information at Rest"
26522
+ },
26523
+ {
26524
+ "id": "NIST-800-53-SC-7",
26525
+ "framework": "NIST SP 800-53 Rev 5",
26526
+ "control_name": "Boundary Protection"
26527
+ },
26528
+ {
26529
+ "id": "NIST-800-53-SC-8",
26530
+ "framework": "NIST SP 800-53 Rev 5",
26531
+ "control_name": "Transmission Confidentiality and Integrity"
26532
+ },
26533
+ {
26534
+ "id": "NIST-800-53-SI-2",
26535
+ "framework": "NIST SP 800-53 Rev 5",
26536
+ "control_name": "Flaw Remediation"
26537
+ },
26538
+ {
26539
+ "id": "NIST-800-53-SI-3",
26540
+ "framework": "NIST SP 800-53 Rev 5",
26541
+ "control_name": "Malicious Code Protection"
26542
+ },
26543
+ {
26544
+ "id": "NIST-800-82r3",
26545
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
26546
+ "control_name": "Guide to Operational Technology (OT) Security"
26547
+ },
26548
+ {
26549
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
26550
+ "framework": "OWASP Top 10 for LLM Applications 2025",
26551
+ "control_name": "Prompt Injection"
26552
+ },
26553
+ {
26554
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
26555
+ "framework": "OWASP Top 10 for LLM Applications 2025",
26556
+ "control_name": "Sensitive Information Disclosure"
26557
+ },
26558
+ {
26559
+ "id": "OWASP-Pen-Testing-Guide-v5",
26560
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
26561
+ "control_name": "Web application penetration testing methodology"
26562
+ },
26563
+ {
26564
+ "id": "PCI-DSS-4.0-6.3.3",
26565
+ "framework": "PCI DSS 4.0",
26566
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
26567
+ },
26568
+ {
26569
+ "id": "PTES-Pre-engagement",
26570
+ "framework": "Penetration Testing Execution Standard (PTES)",
26571
+ "control_name": "Pre-engagement Interactions"
26572
+ },
26573
+ {
26574
+ "id": "SOC2-CC6-logical-access",
26575
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
26576
+ "control_name": "Logical and Physical Access Controls"
26577
+ },
26578
+ {
26579
+ "id": "SOC2-CC7-anomaly-detection",
26580
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
26581
+ "control_name": "System Operations — Threat and Vulnerability Management"
26582
+ },
26583
+ {
26584
+ "id": "SOC2-CC9-vendor-management",
26585
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
26586
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
26587
+ }
26588
+ ],
26589
+ "attack_refs": [
26590
+ "T0855",
26591
+ "T0883",
26592
+ "T1041",
26593
+ "T1059",
26594
+ "T1068",
26595
+ "T1071",
26596
+ "T1078",
26597
+ "T1102",
26598
+ "T1133",
26599
+ "T1190",
26600
+ "T1213",
26601
+ "T1530",
26602
+ "T1548.001",
26603
+ "T1566",
26604
+ "T1567",
26605
+ "T1568"
26606
+ ],
26607
+ "rfc_refs": [
26608
+ "RFC-4301",
26609
+ "RFC-4303",
26610
+ "RFC-7296",
26611
+ "RFC-8446",
26612
+ "RFC-9000",
26613
+ "RFC-9114",
26614
+ "RFC-9180",
26615
+ "RFC-9421",
26616
+ "RFC-9458"
26617
+ ]
26618
+ }
26619
+ },
25324
26620
  "CVE-2026-41091": {
25325
26621
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
25326
26622
  "rwep": 45,
@@ -51701,6 +52997,8 @@
51701
52997
  "CVE-2024-0132",
51702
52998
  "CVE-2024-3094",
51703
52999
  "CVE-2024-3154",
53000
+ "CVE-2024-42478",
53001
+ "CVE-2024-42479",
51704
53002
  "CVE-2024-50050",
51705
53003
  "CVE-2025-0133",
51706
53004
  "CVE-2025-10585",
@@ -51735,6 +53033,7 @@
51735
53033
  "CVE-2026-30624",
51736
53034
  "CVE-2026-30625",
51737
53035
  "CVE-2026-31431",
53036
+ "CVE-2026-34159",
51738
53037
  "CVE-2026-34926",
51739
53038
  "CVE-2026-39884",
51740
53039
  "CVE-2026-40933",
@@ -52072,6 +53371,8 @@
52072
53371
  "CVE-2023-43472",
52073
53372
  "CVE-2023-48022",
52074
53373
  "CVE-2024-0132",
53374
+ "CVE-2024-42478",
53375
+ "CVE-2024-42479",
52075
53376
  "CVE-2024-50050",
52076
53377
  "CVE-2025-0133",
52077
53378
  "CVE-2025-10585",
@@ -52103,6 +53404,7 @@
52103
53404
  "CVE-2026-30624",
52104
53405
  "CVE-2026-30625",
52105
53406
  "CVE-2026-31431",
53407
+ "CVE-2026-34159",
52106
53408
  "CVE-2026-34926",
52107
53409
  "CVE-2026-39884",
52108
53410
  "CVE-2026-40933",
@@ -52236,6 +53538,8 @@
52236
53538
  "CVE-2023-43472",
52237
53539
  "CVE-2023-48022",
52238
53540
  "CVE-2024-0132",
53541
+ "CVE-2024-42478",
53542
+ "CVE-2024-42479",
52239
53543
  "CVE-2024-50050",
52240
53544
  "CVE-2025-0133",
52241
53545
  "CVE-2025-10585",
@@ -52267,6 +53571,7 @@
52267
53571
  "CVE-2026-30624",
52268
53572
  "CVE-2026-30625",
52269
53573
  "CVE-2026-31431",
53574
+ "CVE-2026-34159",
52270
53575
  "CVE-2026-34926",
52271
53576
  "CVE-2026-39884",
52272
53577
  "CVE-2026-40933",
@@ -52414,6 +53719,8 @@
52414
53719
  "CVE-2023-43472",
52415
53720
  "CVE-2023-48022",
52416
53721
  "CVE-2024-0132",
53722
+ "CVE-2024-42478",
53723
+ "CVE-2024-42479",
52417
53724
  "CVE-2024-50050",
52418
53725
  "CVE-2025-0133",
52419
53726
  "CVE-2025-10585",
@@ -52445,6 +53752,7 @@
52445
53752
  "CVE-2026-30624",
52446
53753
  "CVE-2026-30625",
52447
53754
  "CVE-2026-31431",
53755
+ "CVE-2026-34159",
52448
53756
  "CVE-2026-34926",
52449
53757
  "CVE-2026-39884",
52450
53758
  "CVE-2026-40933",
@@ -52698,6 +54006,8 @@
52698
54006
  "CVE-2024-0132",
52699
54007
  "CVE-2024-3094",
52700
54008
  "CVE-2024-3154",
54009
+ "CVE-2024-42478",
54010
+ "CVE-2024-42479",
52701
54011
  "CVE-2024-50050",
52702
54012
  "CVE-2025-0133",
52703
54013
  "CVE-2025-1094",
@@ -52731,6 +54041,7 @@
52731
54041
  "CVE-2026-30625",
52732
54042
  "CVE-2026-32202",
52733
54043
  "CVE-2026-33825",
54044
+ "CVE-2026-34159",
52734
54045
  "CVE-2026-39884",
52735
54046
  "CVE-2026-40933",
52736
54047
  "CVE-2026-42208",
@@ -52943,6 +54254,8 @@
52943
54254
  "CVE-2024-27443",
52944
54255
  "CVE-2024-37079",
52945
54256
  "CVE-2024-42009",
54257
+ "CVE-2024-42478",
54258
+ "CVE-2024-42479",
52946
54259
  "CVE-2024-43468",
52947
54260
  "CVE-2024-50050",
52948
54261
  "CVE-2024-54085",
@@ -53152,6 +54465,7 @@
53152
54465
  "CVE-2026-33017",
53153
54466
  "CVE-2026-33634",
53154
54467
  "CVE-2026-33825",
54468
+ "CVE-2026-34159",
53155
54469
  "CVE-2026-34197",
53156
54470
  "CVE-2026-34621",
53157
54471
  "CVE-2026-34926",
@@ -53395,6 +54709,8 @@
53395
54709
  "CVE-2024-3094",
53396
54710
  "CVE-2024-3154",
53397
54711
  "CVE-2024-40635",
54712
+ "CVE-2024-42478",
54713
+ "CVE-2024-42479",
53398
54714
  "CVE-2025-0133",
53399
54715
  "CVE-2025-1094",
53400
54716
  "CVE-2025-14847",
@@ -53406,6 +54722,7 @@
53406
54722
  "CVE-2025-6965",
53407
54723
  "CVE-2026-30615",
53408
54724
  "CVE-2026-30623",
54725
+ "CVE-2026-34159",
53409
54726
  "CVE-2026-39884",
53410
54727
  "CVE-2026-42208",
53411
54728
  "CVE-2026-42897",
@@ -53753,6 +55070,8 @@
53753
55070
  "CVE-2024-0132",
53754
55071
  "CVE-2024-3094",
53755
55072
  "CVE-2024-3154",
55073
+ "CVE-2024-42478",
55074
+ "CVE-2024-42479",
53756
55075
  "CVE-2024-50050",
53757
55076
  "CVE-2025-0133",
53758
55077
  "CVE-2025-10585",
@@ -53787,6 +55106,7 @@
53787
55106
  "CVE-2026-30624",
53788
55107
  "CVE-2026-30625",
53789
55108
  "CVE-2026-31431",
55109
+ "CVE-2026-34159",
53790
55110
  "CVE-2026-34926",
53791
55111
  "CVE-2026-39884",
53792
55112
  "CVE-2026-40933",
@@ -54356,6 +55676,8 @@
54356
55676
  "CVE-2024-0132",
54357
55677
  "CVE-2024-3094",
54358
55678
  "CVE-2024-3154",
55679
+ "CVE-2024-42478",
55680
+ "CVE-2024-42479",
54359
55681
  "CVE-2024-50050",
54360
55682
  "CVE-2025-0133",
54361
55683
  "CVE-2025-10585",
@@ -54390,6 +55712,7 @@
54390
55712
  "CVE-2026-30624",
54391
55713
  "CVE-2026-30625",
54392
55714
  "CVE-2026-31431",
55715
+ "CVE-2026-34159",
54393
55716
  "CVE-2026-34926",
54394
55717
  "CVE-2026-39884",
54395
55718
  "CVE-2026-40933",
@@ -54596,6 +55919,8 @@
54596
55919
  "CVE-2023-48022",
54597
55920
  "CVE-2024-0132",
54598
55921
  "CVE-2024-3094",
55922
+ "CVE-2024-42478",
55923
+ "CVE-2024-42479",
54599
55924
  "CVE-2024-50050",
54600
55925
  "CVE-2025-10585",
54601
55926
  "CVE-2025-1094",
@@ -54626,6 +55951,7 @@
54626
55951
  "CVE-2026-30624",
54627
55952
  "CVE-2026-30625",
54628
55953
  "CVE-2026-31431",
55954
+ "CVE-2026-34159",
54629
55955
  "CVE-2026-34926",
54630
55956
  "CVE-2026-39884",
54631
55957
  "CVE-2026-40933",
@@ -55264,6 +56590,8 @@
55264
56590
  "CVE-2024-0132",
55265
56591
  "CVE-2024-3094",
55266
56592
  "CVE-2024-3154",
56593
+ "CVE-2024-42478",
56594
+ "CVE-2024-42479",
55267
56595
  "CVE-2024-50050",
55268
56596
  "CVE-2025-0133",
55269
56597
  "CVE-2025-10585",
@@ -55298,6 +56626,7 @@
55298
56626
  "CVE-2026-30624",
55299
56627
  "CVE-2026-30625",
55300
56628
  "CVE-2026-31431",
56629
+ "CVE-2026-34159",
55301
56630
  "CVE-2026-34926",
55302
56631
  "CVE-2026-39884",
55303
56632
  "CVE-2026-40933",
@@ -55516,6 +56845,8 @@
55516
56845
  "CVE-2024-27443",
55517
56846
  "CVE-2024-37079",
55518
56847
  "CVE-2024-42009",
56848
+ "CVE-2024-42478",
56849
+ "CVE-2024-42479",
55519
56850
  "CVE-2024-43468",
55520
56851
  "CVE-2024-50050",
55521
56852
  "CVE-2024-54085",
@@ -55725,6 +57056,7 @@
55725
57056
  "CVE-2026-33017",
55726
57057
  "CVE-2026-33634",
55727
57058
  "CVE-2026-33825",
57059
+ "CVE-2026-34159",
55728
57060
  "CVE-2026-34197",
55729
57061
  "CVE-2026-34621",
55730
57062
  "CVE-2026-34926",
@@ -55940,6 +57272,8 @@
55940
57272
  "CVE-2024-27443",
55941
57273
  "CVE-2024-37079",
55942
57274
  "CVE-2024-42009",
57275
+ "CVE-2024-42478",
57276
+ "CVE-2024-42479",
55943
57277
  "CVE-2024-43468",
55944
57278
  "CVE-2024-50050",
55945
57279
  "CVE-2024-54085",
@@ -56149,6 +57483,7 @@
56149
57483
  "CVE-2026-33017",
56150
57484
  "CVE-2026-33634",
56151
57485
  "CVE-2026-33825",
57486
+ "CVE-2026-34159",
56152
57487
  "CVE-2026-34197",
56153
57488
  "CVE-2026-34621",
56154
57489
  "CVE-2026-34926",
@@ -56388,6 +57723,8 @@
56388
57723
  "CVE-2024-0132",
56389
57724
  "CVE-2024-3094",
56390
57725
  "CVE-2024-3154",
57726
+ "CVE-2024-42478",
57727
+ "CVE-2024-42479",
56391
57728
  "CVE-2024-50050",
56392
57729
  "CVE-2025-0133",
56393
57730
  "CVE-2025-10585",
@@ -56422,6 +57759,7 @@
56422
57759
  "CVE-2026-30624",
56423
57760
  "CVE-2026-30625",
56424
57761
  "CVE-2026-31431",
57762
+ "CVE-2026-34159",
56425
57763
  "CVE-2026-34926",
56426
57764
  "CVE-2026-39884",
56427
57765
  "CVE-2026-40933",
@@ -57192,6 +58530,8 @@
57192
58530
  "CVE-2024-27443",
57193
58531
  "CVE-2024-37079",
57194
58532
  "CVE-2024-42009",
58533
+ "CVE-2024-42478",
58534
+ "CVE-2024-42479",
57195
58535
  "CVE-2024-43468",
57196
58536
  "CVE-2024-50050",
57197
58537
  "CVE-2024-54085",
@@ -57401,6 +58741,7 @@
57401
58741
  "CVE-2026-33017",
57402
58742
  "CVE-2026-33634",
57403
58743
  "CVE-2026-33825",
58744
+ "CVE-2026-34159",
57404
58745
  "CVE-2026-34197",
57405
58746
  "CVE-2026-34621",
57406
58747
  "CVE-2026-34926",
@@ -57704,6 +59045,8 @@
57704
59045
  "CVE-2024-0132",
57705
59046
  "CVE-2024-3094",
57706
59047
  "CVE-2024-3154",
59048
+ "CVE-2024-42478",
59049
+ "CVE-2024-42479",
57707
59050
  "CVE-2024-50050",
57708
59051
  "CVE-2025-0133",
57709
59052
  "CVE-2025-10585",
@@ -57738,6 +59081,7 @@
57738
59081
  "CVE-2026-30624",
57739
59082
  "CVE-2026-30625",
57740
59083
  "CVE-2026-31431",
59084
+ "CVE-2026-34159",
57741
59085
  "CVE-2026-34926",
57742
59086
  "CVE-2026-39884",
57743
59087
  "CVE-2026-40933",
@@ -58036,6 +59380,8 @@
58036
59380
  "CVE-2024-3154",
58037
59381
  "CVE-2024-37079",
58038
59382
  "CVE-2024-42009",
59383
+ "CVE-2024-42478",
59384
+ "CVE-2024-42479",
58039
59385
  "CVE-2024-43468",
58040
59386
  "CVE-2024-50050",
58041
59387
  "CVE-2024-54085",
@@ -58250,6 +59596,7 @@
58250
59596
  "CVE-2026-33017",
58251
59597
  "CVE-2026-33634",
58252
59598
  "CVE-2026-33825",
59599
+ "CVE-2026-34159",
58253
59600
  "CVE-2026-34197",
58254
59601
  "CVE-2026-34621",
58255
59602
  "CVE-2026-34926",
@@ -58565,6 +59912,8 @@
58565
59912
  "CVE-2024-0132",
58566
59913
  "CVE-2024-3094",
58567
59914
  "CVE-2024-3154",
59915
+ "CVE-2024-42478",
59916
+ "CVE-2024-42479",
58568
59917
  "CVE-2024-50050",
58569
59918
  "CVE-2025-10585",
58570
59919
  "CVE-2025-1094",
@@ -58596,6 +59945,7 @@
58596
59945
  "CVE-2026-30624",
58597
59946
  "CVE-2026-30625",
58598
59947
  "CVE-2026-31431",
59948
+ "CVE-2026-34159",
58599
59949
  "CVE-2026-34926",
58600
59950
  "CVE-2026-39884",
58601
59951
  "CVE-2026-40933",
@@ -59503,6 +60853,8 @@
59503
60853
  "CVE-2024-0132",
59504
60854
  "CVE-2024-3094",
59505
60855
  "CVE-2024-3154",
60856
+ "CVE-2024-42478",
60857
+ "CVE-2024-42479",
59506
60858
  "CVE-2024-50050",
59507
60859
  "CVE-2025-0133",
59508
60860
  "CVE-2025-10585",
@@ -59537,6 +60889,7 @@
59537
60889
  "CVE-2026-30624",
59538
60890
  "CVE-2026-30625",
59539
60891
  "CVE-2026-31431",
60892
+ "CVE-2026-34159",
59540
60893
  "CVE-2026-34926",
59541
60894
  "CVE-2026-39884",
59542
60895
  "CVE-2026-40933",
@@ -59603,6 +60956,8 @@
59603
60956
  "related_cves": [
59604
60957
  "CVE-2023-48022",
59605
60958
  "CVE-2024-0132",
60959
+ "CVE-2024-42478",
60960
+ "CVE-2024-42479",
59606
60961
  "CVE-2024-50050",
59607
60962
  "CVE-2025-10585",
59608
60963
  "CVE-2025-1094",
@@ -59631,6 +60986,7 @@
59631
60986
  "CVE-2026-30624",
59632
60987
  "CVE-2026-30625",
59633
60988
  "CVE-2026-31431",
60989
+ "CVE-2026-34159",
59634
60990
  "CVE-2026-34926",
59635
60991
  "CVE-2026-39884",
59636
60992
  "CVE-2026-40933",
@@ -59775,6 +61131,8 @@
59775
61131
  "CVE-2023-43472",
59776
61132
  "CVE-2023-48022",
59777
61133
  "CVE-2024-0132",
61134
+ "CVE-2024-42478",
61135
+ "CVE-2024-42479",
59778
61136
  "CVE-2024-50050",
59779
61137
  "CVE-2025-0133",
59780
61138
  "CVE-2025-1094",
@@ -59806,6 +61164,7 @@
59806
61164
  "CVE-2026-30625",
59807
61165
  "CVE-2026-32202",
59808
61166
  "CVE-2026-33825",
61167
+ "CVE-2026-34159",
59809
61168
  "CVE-2026-39884",
59810
61169
  "CVE-2026-40933",
59811
61170
  "CVE-2026-42208"
@@ -60206,6 +61565,8 @@
60206
61565
  "CVE-2024-3094",
60207
61566
  "CVE-2024-37079",
60208
61567
  "CVE-2024-42009",
61568
+ "CVE-2024-42478",
61569
+ "CVE-2024-42479",
60209
61570
  "CVE-2024-43468",
60210
61571
  "CVE-2024-50050",
60211
61572
  "CVE-2024-54085",
@@ -60404,6 +61765,7 @@
60404
61765
  "CVE-2026-32201",
60405
61766
  "CVE-2026-33017",
60406
61767
  "CVE-2026-33634",
61768
+ "CVE-2026-34159",
60407
61769
  "CVE-2026-34197",
60408
61770
  "CVE-2026-34621",
60409
61771
  "CVE-2026-34926",
@@ -60643,6 +62005,8 @@
60643
62005
  "CVE-2024-0132",
60644
62006
  "CVE-2024-3094",
60645
62007
  "CVE-2024-3154",
62008
+ "CVE-2024-42478",
62009
+ "CVE-2024-42479",
60646
62010
  "CVE-2024-50050",
60647
62011
  "CVE-2025-0133",
60648
62012
  "CVE-2025-10585",
@@ -60677,6 +62041,7 @@
60677
62041
  "CVE-2026-30624",
60678
62042
  "CVE-2026-30625",
60679
62043
  "CVE-2026-31431",
62044
+ "CVE-2026-34159",
60680
62045
  "CVE-2026-34926",
60681
62046
  "CVE-2026-39884",
60682
62047
  "CVE-2026-40933",
@@ -60938,6 +62303,8 @@
60938
62303
  "CVE-2024-0132",
60939
62304
  "CVE-2024-3094",
60940
62305
  "CVE-2024-40635",
62306
+ "CVE-2024-42478",
62307
+ "CVE-2024-42479",
60941
62308
  "CVE-2024-50050",
60942
62309
  "CVE-2025-0133",
60943
62310
  "CVE-2025-1094",
@@ -60973,6 +62340,7 @@
60973
62340
  "CVE-2026-30625",
60974
62341
  "CVE-2026-32202",
60975
62342
  "CVE-2026-33825",
62343
+ "CVE-2026-34159",
60976
62344
  "CVE-2026-39884",
60977
62345
  "CVE-2026-40933",
60978
62346
  "CVE-2026-42208",