@blamejs/exceptd-skills 0.13.83 → 0.13.85

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +8 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +2138 -0
  6. package/data/atlas-ttps.json +7 -1
  7. package/data/attack-techniques.json +9 -0
  8. package/data/cve-catalog.json +523 -1
  9. package/data/cwe-catalog.json +7 -0
  10. package/data/framework-control-gaps.json +40 -0
  11. package/data/zeroday-lessons.json +250 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/data/_indexes/chains.json CHANGED
@@ -25321,6 +25321,2026 @@
25321
25321
  ]
25322
25322
  }
25323
25323
  },
25324
+ "CVE-2024-42479": {
25325
+ "name": "llama.cpp RPC Backend SET_TENSOR Out-of-Bounds Write RCE",
25326
+ "rwep": 29,
25327
+ "cvss": 9.8,
25328
+ "cisa_kev": false,
25329
+ "epss_score": null,
25330
+ "referencing_skills": [
25331
+ "kernel-lpe-triage",
25332
+ "ai-attack-surface",
25333
+ "compliance-theater",
25334
+ "ai-c2-detection",
25335
+ "attack-surface-pentest",
25336
+ "dlp-gap-analysis",
25337
+ "ot-ics-security",
25338
+ "coordinated-vuln-disclosure",
25339
+ "sector-energy"
25340
+ ],
25341
+ "chain": {
25342
+ "cwes": [
25343
+ {
25344
+ "id": "CWE-1037",
25345
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
25346
+ "category": "Hardware / Side Channel"
25347
+ },
25348
+ {
25349
+ "id": "CWE-1039",
25350
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
25351
+ "category": "AI/ML"
25352
+ },
25353
+ {
25354
+ "id": "CWE-125",
25355
+ "name": "Out-of-bounds Read",
25356
+ "category": "Memory Safety"
25357
+ },
25358
+ {
25359
+ "id": "CWE-1357",
25360
+ "name": "Reliance on Insufficiently Trustworthy Component",
25361
+ "category": "Supply Chain"
25362
+ },
25363
+ {
25364
+ "id": "CWE-1395",
25365
+ "name": "Dependency on Vulnerable Third-Party Component",
25366
+ "category": "Supply Chain"
25367
+ },
25368
+ {
25369
+ "id": "CWE-1426",
25370
+ "name": "Improper Validation of Generative AI Output",
25371
+ "category": "AI/ML"
25372
+ },
25373
+ {
25374
+ "id": "CWE-200",
25375
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
25376
+ "category": "Information Exposure"
25377
+ },
25378
+ {
25379
+ "id": "CWE-22",
25380
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
25381
+ "category": "Path/Resource"
25382
+ },
25383
+ {
25384
+ "id": "CWE-269",
25385
+ "name": "Improper Privilege Management",
25386
+ "category": "Authorization"
25387
+ },
25388
+ {
25389
+ "id": "CWE-287",
25390
+ "name": "Improper Authentication",
25391
+ "category": "Authentication"
25392
+ },
25393
+ {
25394
+ "id": "CWE-306",
25395
+ "name": "Missing Authentication for Critical Function",
25396
+ "category": "Authentication"
25397
+ },
25398
+ {
25399
+ "id": "CWE-352",
25400
+ "name": "Cross-Site Request Forgery (CSRF)",
25401
+ "category": "Session"
25402
+ },
25403
+ {
25404
+ "id": "CWE-362",
25405
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
25406
+ "category": "Concurrency"
25407
+ },
25408
+ {
25409
+ "id": "CWE-416",
25410
+ "name": "Use After Free",
25411
+ "category": "Memory Safety"
25412
+ },
25413
+ {
25414
+ "id": "CWE-434",
25415
+ "name": "Unrestricted Upload of File with Dangerous Type",
25416
+ "category": "File Handling"
25417
+ },
25418
+ {
25419
+ "id": "CWE-672",
25420
+ "name": "Operation on a Resource after Expiration or Release",
25421
+ "category": "Memory Safety"
25422
+ },
25423
+ {
25424
+ "id": "CWE-732",
25425
+ "name": "Incorrect Permission Assignment for Critical Resource",
25426
+ "category": "Authorization"
25427
+ },
25428
+ {
25429
+ "id": "CWE-78",
25430
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
25431
+ "category": "Injection"
25432
+ },
25433
+ {
25434
+ "id": "CWE-787",
25435
+ "name": "Out-of-bounds Write",
25436
+ "category": "Memory Safety"
25437
+ },
25438
+ {
25439
+ "id": "CWE-79",
25440
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
25441
+ "category": "Injection"
25442
+ },
25443
+ {
25444
+ "id": "CWE-798",
25445
+ "name": "Use of Hard-coded Credentials",
25446
+ "category": "Credentials"
25447
+ },
25448
+ {
25449
+ "id": "CWE-89",
25450
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
25451
+ "category": "Injection"
25452
+ },
25453
+ {
25454
+ "id": "CWE-918",
25455
+ "name": "Server-Side Request Forgery (SSRF)",
25456
+ "category": "Network"
25457
+ },
25458
+ {
25459
+ "id": "CWE-94",
25460
+ "name": "Improper Control of Generation of Code (Code Injection)",
25461
+ "category": "Injection"
25462
+ }
25463
+ ],
25464
+ "atlas": [
25465
+ {
25466
+ "id": "AML.T0010",
25467
+ "name": "ML Supply Chain Compromise",
25468
+ "tactic": "Initial Access"
25469
+ },
25470
+ {
25471
+ "id": "AML.T0016",
25472
+ "name": "Obtain Capabilities: Develop Capabilities",
25473
+ "tactic": "Resource Development"
25474
+ },
25475
+ {
25476
+ "id": "AML.T0017",
25477
+ "name": "Discover ML Model Ontology",
25478
+ "tactic": "Discovery"
25479
+ },
25480
+ {
25481
+ "id": "AML.T0018",
25482
+ "name": "Backdoor ML Model",
25483
+ "tactic": "Persistence"
25484
+ },
25485
+ {
25486
+ "id": "AML.T0020",
25487
+ "name": "Poison Training Data",
25488
+ "tactic": "ML Attack Staging"
25489
+ },
25490
+ {
25491
+ "id": "AML.T0043",
25492
+ "name": "Craft Adversarial Data",
25493
+ "tactic": "ML Attack Staging"
25494
+ },
25495
+ {
25496
+ "id": "AML.T0051",
25497
+ "name": "LLM Prompt Injection",
25498
+ "tactic": "Execution"
25499
+ },
25500
+ {
25501
+ "id": "AML.T0054",
25502
+ "name": "LLM Jailbreak",
25503
+ "tactic": "Defense Evasion"
25504
+ },
25505
+ {
25506
+ "id": "AML.T0096",
25507
+ "name": "AI API as Covert C2 Channel",
25508
+ "tactic": "Command and Control"
25509
+ }
25510
+ ],
25511
+ "d3fend": [
25512
+ {
25513
+ "id": "D3-ASLR",
25514
+ "name": "Address Space Layout Randomization",
25515
+ "tactic": "Harden"
25516
+ },
25517
+ {
25518
+ "id": "D3-CA",
25519
+ "name": "Certificate Analysis",
25520
+ "tactic": "Detect"
25521
+ },
25522
+ {
25523
+ "id": "D3-CSPP",
25524
+ "name": "Client-server Payload Profiling",
25525
+ "tactic": "Detect"
25526
+ },
25527
+ {
25528
+ "id": "D3-DA",
25529
+ "name": "Domain Analysis",
25530
+ "tactic": "Detect"
25531
+ },
25532
+ {
25533
+ "id": "D3-EAL",
25534
+ "name": "Executable Allowlisting",
25535
+ "tactic": "Harden"
25536
+ },
25537
+ {
25538
+ "id": "D3-IOPR",
25539
+ "name": "Input/Output Profiling Resource",
25540
+ "tactic": "Detect"
25541
+ },
25542
+ {
25543
+ "id": "D3-NI",
25544
+ "name": "Network Isolation",
25545
+ "tactic": "Isolate"
25546
+ },
25547
+ {
25548
+ "id": "D3-NTA",
25549
+ "name": "Network Traffic Analysis",
25550
+ "tactic": "Detect"
25551
+ },
25552
+ {
25553
+ "id": "D3-NTPM",
25554
+ "name": "Network Traffic Policy Mapping",
25555
+ "tactic": "Model"
25556
+ },
25557
+ {
25558
+ "id": "D3-PHRA",
25559
+ "name": "Process Hardware Resource Access",
25560
+ "tactic": "Isolate"
25561
+ },
25562
+ {
25563
+ "id": "D3-PSEP",
25564
+ "name": "Process Segment Execution Prevention",
25565
+ "tactic": "Harden"
25566
+ }
25567
+ ],
25568
+ "framework_gaps": [
25569
+ {
25570
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
25571
+ "framework": "ALL",
25572
+ "control_name": "AI Pipeline Integrity"
25573
+ },
25574
+ {
25575
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
25576
+ "framework": "ALL",
25577
+ "control_name": "Prompt Injection as Access Control Failure"
25578
+ },
25579
+ {
25580
+ "id": "CIS-Controls-v8-Control7",
25581
+ "framework": "CIS Controls v8",
25582
+ "control_name": "Continuous Vulnerability Management"
25583
+ },
25584
+ {
25585
+ "id": "CMMC-2.0-Level-2",
25586
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
25587
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
25588
+ },
25589
+ {
25590
+ "id": "FedRAMP-Rev5-Moderate",
25591
+ "framework": "FedRAMP Rev 5 Moderate",
25592
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
25593
+ },
25594
+ {
25595
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
25596
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
25597
+ "control_name": "Access control standard (technical safeguards)"
25598
+ },
25599
+ {
25600
+ "id": "IEC-62443-3-3",
25601
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
25602
+ "control_name": "System security requirements and security levels"
25603
+ },
25604
+ {
25605
+ "id": "ISO-27001-2022-A.8.16",
25606
+ "framework": "ISO/IEC 27001:2022",
25607
+ "control_name": "Monitoring activities"
25608
+ },
25609
+ {
25610
+ "id": "ISO-27001-2022-A.8.28",
25611
+ "framework": "ISO/IEC 27001:2022",
25612
+ "control_name": "Secure coding"
25613
+ },
25614
+ {
25615
+ "id": "ISO-27001-2022-A.8.8",
25616
+ "framework": "ISO/IEC 27001:2022",
25617
+ "control_name": "Management of technical vulnerabilities"
25618
+ },
25619
+ {
25620
+ "id": "ISO-IEC-23894-2023-clause-7",
25621
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
25622
+ "control_name": "AI risk management process"
25623
+ },
25624
+ {
25625
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
25626
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
25627
+ "control_name": "AI risk assessment"
25628
+ },
25629
+ {
25630
+ "id": "NERC-CIP-007-6-R4",
25631
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
25632
+ "control_name": "Security event monitoring"
25633
+ },
25634
+ {
25635
+ "id": "NIS2-Art21-patch-management",
25636
+ "framework": "EU NIS2 Directive",
25637
+ "control_name": "Vulnerability handling and disclosure"
25638
+ },
25639
+ {
25640
+ "id": "NIST-800-115",
25641
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
25642
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
25643
+ },
25644
+ {
25645
+ "id": "NIST-800-218-SSDF",
25646
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
25647
+ "control_name": "Secure Software Development Framework"
25648
+ },
25649
+ {
25650
+ "id": "NIST-800-53-AC-2",
25651
+ "framework": "NIST SP 800-53 Rev 5",
25652
+ "control_name": "Account Management"
25653
+ },
25654
+ {
25655
+ "id": "NIST-800-53-SC-28",
25656
+ "framework": "NIST SP 800-53 Rev 5",
25657
+ "control_name": "Protection of Information at Rest"
25658
+ },
25659
+ {
25660
+ "id": "NIST-800-53-SC-7",
25661
+ "framework": "NIST SP 800-53 Rev 5",
25662
+ "control_name": "Boundary Protection"
25663
+ },
25664
+ {
25665
+ "id": "NIST-800-53-SC-8",
25666
+ "framework": "NIST SP 800-53 Rev 5",
25667
+ "control_name": "Transmission Confidentiality and Integrity"
25668
+ },
25669
+ {
25670
+ "id": "NIST-800-53-SI-2",
25671
+ "framework": "NIST SP 800-53 Rev 5",
25672
+ "control_name": "Flaw Remediation"
25673
+ },
25674
+ {
25675
+ "id": "NIST-800-53-SI-3",
25676
+ "framework": "NIST SP 800-53 Rev 5",
25677
+ "control_name": "Malicious Code Protection"
25678
+ },
25679
+ {
25680
+ "id": "NIST-800-82r3",
25681
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
25682
+ "control_name": "Guide to Operational Technology (OT) Security"
25683
+ },
25684
+ {
25685
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
25686
+ "framework": "OWASP Top 10 for LLM Applications 2025",
25687
+ "control_name": "Prompt Injection"
25688
+ },
25689
+ {
25690
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
25691
+ "framework": "OWASP Top 10 for LLM Applications 2025",
25692
+ "control_name": "Sensitive Information Disclosure"
25693
+ },
25694
+ {
25695
+ "id": "OWASP-Pen-Testing-Guide-v5",
25696
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
25697
+ "control_name": "Web application penetration testing methodology"
25698
+ },
25699
+ {
25700
+ "id": "PCI-DSS-4.0-6.3.3",
25701
+ "framework": "PCI DSS 4.0",
25702
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
25703
+ },
25704
+ {
25705
+ "id": "PTES-Pre-engagement",
25706
+ "framework": "Penetration Testing Execution Standard (PTES)",
25707
+ "control_name": "Pre-engagement Interactions"
25708
+ },
25709
+ {
25710
+ "id": "SOC2-CC6-logical-access",
25711
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
25712
+ "control_name": "Logical and Physical Access Controls"
25713
+ },
25714
+ {
25715
+ "id": "SOC2-CC7-anomaly-detection",
25716
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
25717
+ "control_name": "System Operations — Threat and Vulnerability Management"
25718
+ },
25719
+ {
25720
+ "id": "SOC2-CC9-vendor-management",
25721
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
25722
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
25723
+ }
25724
+ ],
25725
+ "attack_refs": [
25726
+ "T0855",
25727
+ "T0883",
25728
+ "T1041",
25729
+ "T1059",
25730
+ "T1068",
25731
+ "T1071",
25732
+ "T1078",
25733
+ "T1102",
25734
+ "T1133",
25735
+ "T1190",
25736
+ "T1213",
25737
+ "T1530",
25738
+ "T1548.001",
25739
+ "T1566",
25740
+ "T1567",
25741
+ "T1568"
25742
+ ],
25743
+ "rfc_refs": [
25744
+ "RFC-4301",
25745
+ "RFC-4303",
25746
+ "RFC-7296",
25747
+ "RFC-8446",
25748
+ "RFC-9000",
25749
+ "RFC-9114",
25750
+ "RFC-9180",
25751
+ "RFC-9421",
25752
+ "RFC-9458"
25753
+ ]
25754
+ }
25755
+ },
25756
+ "CVE-2024-42478": {
25757
+ "name": "llama.cpp RPC Backend GET_TENSOR Out-of-Bounds Read",
25758
+ "rwep": 29,
25759
+ "cvss": 9.8,
25760
+ "cisa_kev": false,
25761
+ "epss_score": null,
25762
+ "referencing_skills": [
25763
+ "kernel-lpe-triage",
25764
+ "ai-attack-surface",
25765
+ "compliance-theater",
25766
+ "ai-c2-detection",
25767
+ "attack-surface-pentest",
25768
+ "dlp-gap-analysis",
25769
+ "ot-ics-security",
25770
+ "coordinated-vuln-disclosure",
25771
+ "sector-energy"
25772
+ ],
25773
+ "chain": {
25774
+ "cwes": [
25775
+ {
25776
+ "id": "CWE-1037",
25777
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
25778
+ "category": "Hardware / Side Channel"
25779
+ },
25780
+ {
25781
+ "id": "CWE-1039",
25782
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
25783
+ "category": "AI/ML"
25784
+ },
25785
+ {
25786
+ "id": "CWE-125",
25787
+ "name": "Out-of-bounds Read",
25788
+ "category": "Memory Safety"
25789
+ },
25790
+ {
25791
+ "id": "CWE-1357",
25792
+ "name": "Reliance on Insufficiently Trustworthy Component",
25793
+ "category": "Supply Chain"
25794
+ },
25795
+ {
25796
+ "id": "CWE-1395",
25797
+ "name": "Dependency on Vulnerable Third-Party Component",
25798
+ "category": "Supply Chain"
25799
+ },
25800
+ {
25801
+ "id": "CWE-1426",
25802
+ "name": "Improper Validation of Generative AI Output",
25803
+ "category": "AI/ML"
25804
+ },
25805
+ {
25806
+ "id": "CWE-200",
25807
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
25808
+ "category": "Information Exposure"
25809
+ },
25810
+ {
25811
+ "id": "CWE-22",
25812
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
25813
+ "category": "Path/Resource"
25814
+ },
25815
+ {
25816
+ "id": "CWE-269",
25817
+ "name": "Improper Privilege Management",
25818
+ "category": "Authorization"
25819
+ },
25820
+ {
25821
+ "id": "CWE-287",
25822
+ "name": "Improper Authentication",
25823
+ "category": "Authentication"
25824
+ },
25825
+ {
25826
+ "id": "CWE-306",
25827
+ "name": "Missing Authentication for Critical Function",
25828
+ "category": "Authentication"
25829
+ },
25830
+ {
25831
+ "id": "CWE-352",
25832
+ "name": "Cross-Site Request Forgery (CSRF)",
25833
+ "category": "Session"
25834
+ },
25835
+ {
25836
+ "id": "CWE-362",
25837
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
25838
+ "category": "Concurrency"
25839
+ },
25840
+ {
25841
+ "id": "CWE-416",
25842
+ "name": "Use After Free",
25843
+ "category": "Memory Safety"
25844
+ },
25845
+ {
25846
+ "id": "CWE-434",
25847
+ "name": "Unrestricted Upload of File with Dangerous Type",
25848
+ "category": "File Handling"
25849
+ },
25850
+ {
25851
+ "id": "CWE-672",
25852
+ "name": "Operation on a Resource after Expiration or Release",
25853
+ "category": "Memory Safety"
25854
+ },
25855
+ {
25856
+ "id": "CWE-732",
25857
+ "name": "Incorrect Permission Assignment for Critical Resource",
25858
+ "category": "Authorization"
25859
+ },
25860
+ {
25861
+ "id": "CWE-78",
25862
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
25863
+ "category": "Injection"
25864
+ },
25865
+ {
25866
+ "id": "CWE-787",
25867
+ "name": "Out-of-bounds Write",
25868
+ "category": "Memory Safety"
25869
+ },
25870
+ {
25871
+ "id": "CWE-79",
25872
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
25873
+ "category": "Injection"
25874
+ },
25875
+ {
25876
+ "id": "CWE-798",
25877
+ "name": "Use of Hard-coded Credentials",
25878
+ "category": "Credentials"
25879
+ },
25880
+ {
25881
+ "id": "CWE-89",
25882
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
25883
+ "category": "Injection"
25884
+ },
25885
+ {
25886
+ "id": "CWE-918",
25887
+ "name": "Server-Side Request Forgery (SSRF)",
25888
+ "category": "Network"
25889
+ },
25890
+ {
25891
+ "id": "CWE-94",
25892
+ "name": "Improper Control of Generation of Code (Code Injection)",
25893
+ "category": "Injection"
25894
+ }
25895
+ ],
25896
+ "atlas": [
25897
+ {
25898
+ "id": "AML.T0010",
25899
+ "name": "ML Supply Chain Compromise",
25900
+ "tactic": "Initial Access"
25901
+ },
25902
+ {
25903
+ "id": "AML.T0016",
25904
+ "name": "Obtain Capabilities: Develop Capabilities",
25905
+ "tactic": "Resource Development"
25906
+ },
25907
+ {
25908
+ "id": "AML.T0017",
25909
+ "name": "Discover ML Model Ontology",
25910
+ "tactic": "Discovery"
25911
+ },
25912
+ {
25913
+ "id": "AML.T0018",
25914
+ "name": "Backdoor ML Model",
25915
+ "tactic": "Persistence"
25916
+ },
25917
+ {
25918
+ "id": "AML.T0020",
25919
+ "name": "Poison Training Data",
25920
+ "tactic": "ML Attack Staging"
25921
+ },
25922
+ {
25923
+ "id": "AML.T0043",
25924
+ "name": "Craft Adversarial Data",
25925
+ "tactic": "ML Attack Staging"
25926
+ },
25927
+ {
25928
+ "id": "AML.T0051",
25929
+ "name": "LLM Prompt Injection",
25930
+ "tactic": "Execution"
25931
+ },
25932
+ {
25933
+ "id": "AML.T0054",
25934
+ "name": "LLM Jailbreak",
25935
+ "tactic": "Defense Evasion"
25936
+ },
25937
+ {
25938
+ "id": "AML.T0096",
25939
+ "name": "AI API as Covert C2 Channel",
25940
+ "tactic": "Command and Control"
25941
+ }
25942
+ ],
25943
+ "d3fend": [
25944
+ {
25945
+ "id": "D3-ASLR",
25946
+ "name": "Address Space Layout Randomization",
25947
+ "tactic": "Harden"
25948
+ },
25949
+ {
25950
+ "id": "D3-CA",
25951
+ "name": "Certificate Analysis",
25952
+ "tactic": "Detect"
25953
+ },
25954
+ {
25955
+ "id": "D3-CSPP",
25956
+ "name": "Client-server Payload Profiling",
25957
+ "tactic": "Detect"
25958
+ },
25959
+ {
25960
+ "id": "D3-DA",
25961
+ "name": "Domain Analysis",
25962
+ "tactic": "Detect"
25963
+ },
25964
+ {
25965
+ "id": "D3-EAL",
25966
+ "name": "Executable Allowlisting",
25967
+ "tactic": "Harden"
25968
+ },
25969
+ {
25970
+ "id": "D3-IOPR",
25971
+ "name": "Input/Output Profiling Resource",
25972
+ "tactic": "Detect"
25973
+ },
25974
+ {
25975
+ "id": "D3-NI",
25976
+ "name": "Network Isolation",
25977
+ "tactic": "Isolate"
25978
+ },
25979
+ {
25980
+ "id": "D3-NTA",
25981
+ "name": "Network Traffic Analysis",
25982
+ "tactic": "Detect"
25983
+ },
25984
+ {
25985
+ "id": "D3-NTPM",
25986
+ "name": "Network Traffic Policy Mapping",
25987
+ "tactic": "Model"
25988
+ },
25989
+ {
25990
+ "id": "D3-PHRA",
25991
+ "name": "Process Hardware Resource Access",
25992
+ "tactic": "Isolate"
25993
+ },
25994
+ {
25995
+ "id": "D3-PSEP",
25996
+ "name": "Process Segment Execution Prevention",
25997
+ "tactic": "Harden"
25998
+ }
25999
+ ],
26000
+ "framework_gaps": [
26001
+ {
26002
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
26003
+ "framework": "ALL",
26004
+ "control_name": "AI Pipeline Integrity"
26005
+ },
26006
+ {
26007
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
26008
+ "framework": "ALL",
26009
+ "control_name": "Prompt Injection as Access Control Failure"
26010
+ },
26011
+ {
26012
+ "id": "CIS-Controls-v8-Control7",
26013
+ "framework": "CIS Controls v8",
26014
+ "control_name": "Continuous Vulnerability Management"
26015
+ },
26016
+ {
26017
+ "id": "CMMC-2.0-Level-2",
26018
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
26019
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
26020
+ },
26021
+ {
26022
+ "id": "FedRAMP-Rev5-Moderate",
26023
+ "framework": "FedRAMP Rev 5 Moderate",
26024
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
26025
+ },
26026
+ {
26027
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
26028
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
26029
+ "control_name": "Access control standard (technical safeguards)"
26030
+ },
26031
+ {
26032
+ "id": "IEC-62443-3-3",
26033
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
26034
+ "control_name": "System security requirements and security levels"
26035
+ },
26036
+ {
26037
+ "id": "ISO-27001-2022-A.8.16",
26038
+ "framework": "ISO/IEC 27001:2022",
26039
+ "control_name": "Monitoring activities"
26040
+ },
26041
+ {
26042
+ "id": "ISO-27001-2022-A.8.28",
26043
+ "framework": "ISO/IEC 27001:2022",
26044
+ "control_name": "Secure coding"
26045
+ },
26046
+ {
26047
+ "id": "ISO-27001-2022-A.8.8",
26048
+ "framework": "ISO/IEC 27001:2022",
26049
+ "control_name": "Management of technical vulnerabilities"
26050
+ },
26051
+ {
26052
+ "id": "ISO-IEC-23894-2023-clause-7",
26053
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
26054
+ "control_name": "AI risk management process"
26055
+ },
26056
+ {
26057
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
26058
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
26059
+ "control_name": "AI risk assessment"
26060
+ },
26061
+ {
26062
+ "id": "NERC-CIP-007-6-R4",
26063
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
26064
+ "control_name": "Security event monitoring"
26065
+ },
26066
+ {
26067
+ "id": "NIS2-Art21-patch-management",
26068
+ "framework": "EU NIS2 Directive",
26069
+ "control_name": "Vulnerability handling and disclosure"
26070
+ },
26071
+ {
26072
+ "id": "NIST-800-115",
26073
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
26074
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
26075
+ },
26076
+ {
26077
+ "id": "NIST-800-218-SSDF",
26078
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
26079
+ "control_name": "Secure Software Development Framework"
26080
+ },
26081
+ {
26082
+ "id": "NIST-800-53-AC-2",
26083
+ "framework": "NIST SP 800-53 Rev 5",
26084
+ "control_name": "Account Management"
26085
+ },
26086
+ {
26087
+ "id": "NIST-800-53-SC-28",
26088
+ "framework": "NIST SP 800-53 Rev 5",
26089
+ "control_name": "Protection of Information at Rest"
26090
+ },
26091
+ {
26092
+ "id": "NIST-800-53-SC-7",
26093
+ "framework": "NIST SP 800-53 Rev 5",
26094
+ "control_name": "Boundary Protection"
26095
+ },
26096
+ {
26097
+ "id": "NIST-800-53-SC-8",
26098
+ "framework": "NIST SP 800-53 Rev 5",
26099
+ "control_name": "Transmission Confidentiality and Integrity"
26100
+ },
26101
+ {
26102
+ "id": "NIST-800-53-SI-2",
26103
+ "framework": "NIST SP 800-53 Rev 5",
26104
+ "control_name": "Flaw Remediation"
26105
+ },
26106
+ {
26107
+ "id": "NIST-800-53-SI-3",
26108
+ "framework": "NIST SP 800-53 Rev 5",
26109
+ "control_name": "Malicious Code Protection"
26110
+ },
26111
+ {
26112
+ "id": "NIST-800-82r3",
26113
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
26114
+ "control_name": "Guide to Operational Technology (OT) Security"
26115
+ },
26116
+ {
26117
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
26118
+ "framework": "OWASP Top 10 for LLM Applications 2025",
26119
+ "control_name": "Prompt Injection"
26120
+ },
26121
+ {
26122
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
26123
+ "framework": "OWASP Top 10 for LLM Applications 2025",
26124
+ "control_name": "Sensitive Information Disclosure"
26125
+ },
26126
+ {
26127
+ "id": "OWASP-Pen-Testing-Guide-v5",
26128
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
26129
+ "control_name": "Web application penetration testing methodology"
26130
+ },
26131
+ {
26132
+ "id": "PCI-DSS-4.0-6.3.3",
26133
+ "framework": "PCI DSS 4.0",
26134
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
26135
+ },
26136
+ {
26137
+ "id": "PTES-Pre-engagement",
26138
+ "framework": "Penetration Testing Execution Standard (PTES)",
26139
+ "control_name": "Pre-engagement Interactions"
26140
+ },
26141
+ {
26142
+ "id": "SOC2-CC6-logical-access",
26143
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
26144
+ "control_name": "Logical and Physical Access Controls"
26145
+ },
26146
+ {
26147
+ "id": "SOC2-CC7-anomaly-detection",
26148
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
26149
+ "control_name": "System Operations — Threat and Vulnerability Management"
26150
+ },
26151
+ {
26152
+ "id": "SOC2-CC9-vendor-management",
26153
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
26154
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
26155
+ }
26156
+ ],
26157
+ "attack_refs": [
26158
+ "T0855",
26159
+ "T0883",
26160
+ "T1041",
26161
+ "T1059",
26162
+ "T1068",
26163
+ "T1071",
26164
+ "T1078",
26165
+ "T1102",
26166
+ "T1133",
26167
+ "T1190",
26168
+ "T1213",
26169
+ "T1530",
26170
+ "T1548.001",
26171
+ "T1566",
26172
+ "T1567",
26173
+ "T1568"
26174
+ ],
26175
+ "rfc_refs": [
26176
+ "RFC-4301",
26177
+ "RFC-4303",
26178
+ "RFC-7296",
26179
+ "RFC-8446",
26180
+ "RFC-9000",
26181
+ "RFC-9114",
26182
+ "RFC-9180",
26183
+ "RFC-9421",
26184
+ "RFC-9458"
26185
+ ]
26186
+ }
26187
+ },
26188
+ "CVE-2026-34159": {
26189
+ "name": "llama.cpp RPC Backend GRAPH_COMPUTE deserialize_tensor Bounds Bypass RCE",
26190
+ "rwep": 29,
26191
+ "cvss": 9.8,
26192
+ "cisa_kev": false,
26193
+ "epss_score": null,
26194
+ "referencing_skills": [
26195
+ "kernel-lpe-triage",
26196
+ "ai-attack-surface",
26197
+ "compliance-theater",
26198
+ "ai-c2-detection",
26199
+ "attack-surface-pentest",
26200
+ "dlp-gap-analysis",
26201
+ "ot-ics-security",
26202
+ "coordinated-vuln-disclosure",
26203
+ "sector-energy"
26204
+ ],
26205
+ "chain": {
26206
+ "cwes": [
26207
+ {
26208
+ "id": "CWE-1037",
26209
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
26210
+ "category": "Hardware / Side Channel"
26211
+ },
26212
+ {
26213
+ "id": "CWE-1039",
26214
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
26215
+ "category": "AI/ML"
26216
+ },
26217
+ {
26218
+ "id": "CWE-125",
26219
+ "name": "Out-of-bounds Read",
26220
+ "category": "Memory Safety"
26221
+ },
26222
+ {
26223
+ "id": "CWE-1357",
26224
+ "name": "Reliance on Insufficiently Trustworthy Component",
26225
+ "category": "Supply Chain"
26226
+ },
26227
+ {
26228
+ "id": "CWE-1395",
26229
+ "name": "Dependency on Vulnerable Third-Party Component",
26230
+ "category": "Supply Chain"
26231
+ },
26232
+ {
26233
+ "id": "CWE-1426",
26234
+ "name": "Improper Validation of Generative AI Output",
26235
+ "category": "AI/ML"
26236
+ },
26237
+ {
26238
+ "id": "CWE-200",
26239
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
26240
+ "category": "Information Exposure"
26241
+ },
26242
+ {
26243
+ "id": "CWE-22",
26244
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
26245
+ "category": "Path/Resource"
26246
+ },
26247
+ {
26248
+ "id": "CWE-269",
26249
+ "name": "Improper Privilege Management",
26250
+ "category": "Authorization"
26251
+ },
26252
+ {
26253
+ "id": "CWE-287",
26254
+ "name": "Improper Authentication",
26255
+ "category": "Authentication"
26256
+ },
26257
+ {
26258
+ "id": "CWE-306",
26259
+ "name": "Missing Authentication for Critical Function",
26260
+ "category": "Authentication"
26261
+ },
26262
+ {
26263
+ "id": "CWE-352",
26264
+ "name": "Cross-Site Request Forgery (CSRF)",
26265
+ "category": "Session"
26266
+ },
26267
+ {
26268
+ "id": "CWE-362",
26269
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
26270
+ "category": "Concurrency"
26271
+ },
26272
+ {
26273
+ "id": "CWE-416",
26274
+ "name": "Use After Free",
26275
+ "category": "Memory Safety"
26276
+ },
26277
+ {
26278
+ "id": "CWE-434",
26279
+ "name": "Unrestricted Upload of File with Dangerous Type",
26280
+ "category": "File Handling"
26281
+ },
26282
+ {
26283
+ "id": "CWE-672",
26284
+ "name": "Operation on a Resource after Expiration or Release",
26285
+ "category": "Memory Safety"
26286
+ },
26287
+ {
26288
+ "id": "CWE-732",
26289
+ "name": "Incorrect Permission Assignment for Critical Resource",
26290
+ "category": "Authorization"
26291
+ },
26292
+ {
26293
+ "id": "CWE-78",
26294
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
26295
+ "category": "Injection"
26296
+ },
26297
+ {
26298
+ "id": "CWE-787",
26299
+ "name": "Out-of-bounds Write",
26300
+ "category": "Memory Safety"
26301
+ },
26302
+ {
26303
+ "id": "CWE-79",
26304
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
26305
+ "category": "Injection"
26306
+ },
26307
+ {
26308
+ "id": "CWE-798",
26309
+ "name": "Use of Hard-coded Credentials",
26310
+ "category": "Credentials"
26311
+ },
26312
+ {
26313
+ "id": "CWE-89",
26314
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
26315
+ "category": "Injection"
26316
+ },
26317
+ {
26318
+ "id": "CWE-918",
26319
+ "name": "Server-Side Request Forgery (SSRF)",
26320
+ "category": "Network"
26321
+ },
26322
+ {
26323
+ "id": "CWE-94",
26324
+ "name": "Improper Control of Generation of Code (Code Injection)",
26325
+ "category": "Injection"
26326
+ }
26327
+ ],
26328
+ "atlas": [
26329
+ {
26330
+ "id": "AML.T0010",
26331
+ "name": "ML Supply Chain Compromise",
26332
+ "tactic": "Initial Access"
26333
+ },
26334
+ {
26335
+ "id": "AML.T0016",
26336
+ "name": "Obtain Capabilities: Develop Capabilities",
26337
+ "tactic": "Resource Development"
26338
+ },
26339
+ {
26340
+ "id": "AML.T0017",
26341
+ "name": "Discover ML Model Ontology",
26342
+ "tactic": "Discovery"
26343
+ },
26344
+ {
26345
+ "id": "AML.T0018",
26346
+ "name": "Backdoor ML Model",
26347
+ "tactic": "Persistence"
26348
+ },
26349
+ {
26350
+ "id": "AML.T0020",
26351
+ "name": "Poison Training Data",
26352
+ "tactic": "ML Attack Staging"
26353
+ },
26354
+ {
26355
+ "id": "AML.T0043",
26356
+ "name": "Craft Adversarial Data",
26357
+ "tactic": "ML Attack Staging"
26358
+ },
26359
+ {
26360
+ "id": "AML.T0051",
26361
+ "name": "LLM Prompt Injection",
26362
+ "tactic": "Execution"
26363
+ },
26364
+ {
26365
+ "id": "AML.T0054",
26366
+ "name": "LLM Jailbreak",
26367
+ "tactic": "Defense Evasion"
26368
+ },
26369
+ {
26370
+ "id": "AML.T0096",
26371
+ "name": "AI API as Covert C2 Channel",
26372
+ "tactic": "Command and Control"
26373
+ }
26374
+ ],
26375
+ "d3fend": [
26376
+ {
26377
+ "id": "D3-ASLR",
26378
+ "name": "Address Space Layout Randomization",
26379
+ "tactic": "Harden"
26380
+ },
26381
+ {
26382
+ "id": "D3-CA",
26383
+ "name": "Certificate Analysis",
26384
+ "tactic": "Detect"
26385
+ },
26386
+ {
26387
+ "id": "D3-CSPP",
26388
+ "name": "Client-server Payload Profiling",
26389
+ "tactic": "Detect"
26390
+ },
26391
+ {
26392
+ "id": "D3-DA",
26393
+ "name": "Domain Analysis",
26394
+ "tactic": "Detect"
26395
+ },
26396
+ {
26397
+ "id": "D3-EAL",
26398
+ "name": "Executable Allowlisting",
26399
+ "tactic": "Harden"
26400
+ },
26401
+ {
26402
+ "id": "D3-IOPR",
26403
+ "name": "Input/Output Profiling Resource",
26404
+ "tactic": "Detect"
26405
+ },
26406
+ {
26407
+ "id": "D3-NI",
26408
+ "name": "Network Isolation",
26409
+ "tactic": "Isolate"
26410
+ },
26411
+ {
26412
+ "id": "D3-NTA",
26413
+ "name": "Network Traffic Analysis",
26414
+ "tactic": "Detect"
26415
+ },
26416
+ {
26417
+ "id": "D3-NTPM",
26418
+ "name": "Network Traffic Policy Mapping",
26419
+ "tactic": "Model"
26420
+ },
26421
+ {
26422
+ "id": "D3-PHRA",
26423
+ "name": "Process Hardware Resource Access",
26424
+ "tactic": "Isolate"
26425
+ },
26426
+ {
26427
+ "id": "D3-PSEP",
26428
+ "name": "Process Segment Execution Prevention",
26429
+ "tactic": "Harden"
26430
+ }
26431
+ ],
26432
+ "framework_gaps": [
26433
+ {
26434
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
26435
+ "framework": "ALL",
26436
+ "control_name": "AI Pipeline Integrity"
26437
+ },
26438
+ {
26439
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
26440
+ "framework": "ALL",
26441
+ "control_name": "Prompt Injection as Access Control Failure"
26442
+ },
26443
+ {
26444
+ "id": "CIS-Controls-v8-Control7",
26445
+ "framework": "CIS Controls v8",
26446
+ "control_name": "Continuous Vulnerability Management"
26447
+ },
26448
+ {
26449
+ "id": "CMMC-2.0-Level-2",
26450
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
26451
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
26452
+ },
26453
+ {
26454
+ "id": "FedRAMP-Rev5-Moderate",
26455
+ "framework": "FedRAMP Rev 5 Moderate",
26456
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
26457
+ },
26458
+ {
26459
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
26460
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
26461
+ "control_name": "Access control standard (technical safeguards)"
26462
+ },
26463
+ {
26464
+ "id": "IEC-62443-3-3",
26465
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
26466
+ "control_name": "System security requirements and security levels"
26467
+ },
26468
+ {
26469
+ "id": "ISO-27001-2022-A.8.16",
26470
+ "framework": "ISO/IEC 27001:2022",
26471
+ "control_name": "Monitoring activities"
26472
+ },
26473
+ {
26474
+ "id": "ISO-27001-2022-A.8.28",
26475
+ "framework": "ISO/IEC 27001:2022",
26476
+ "control_name": "Secure coding"
26477
+ },
26478
+ {
26479
+ "id": "ISO-27001-2022-A.8.8",
26480
+ "framework": "ISO/IEC 27001:2022",
26481
+ "control_name": "Management of technical vulnerabilities"
26482
+ },
26483
+ {
26484
+ "id": "ISO-IEC-23894-2023-clause-7",
26485
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
26486
+ "control_name": "AI risk management process"
26487
+ },
26488
+ {
26489
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
26490
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
26491
+ "control_name": "AI risk assessment"
26492
+ },
26493
+ {
26494
+ "id": "NERC-CIP-007-6-R4",
26495
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
26496
+ "control_name": "Security event monitoring"
26497
+ },
26498
+ {
26499
+ "id": "NIS2-Art21-patch-management",
26500
+ "framework": "EU NIS2 Directive",
26501
+ "control_name": "Vulnerability handling and disclosure"
26502
+ },
26503
+ {
26504
+ "id": "NIST-800-115",
26505
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
26506
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
26507
+ },
26508
+ {
26509
+ "id": "NIST-800-218-SSDF",
26510
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
26511
+ "control_name": "Secure Software Development Framework"
26512
+ },
26513
+ {
26514
+ "id": "NIST-800-53-AC-2",
26515
+ "framework": "NIST SP 800-53 Rev 5",
26516
+ "control_name": "Account Management"
26517
+ },
26518
+ {
26519
+ "id": "NIST-800-53-SC-28",
26520
+ "framework": "NIST SP 800-53 Rev 5",
26521
+ "control_name": "Protection of Information at Rest"
26522
+ },
26523
+ {
26524
+ "id": "NIST-800-53-SC-7",
26525
+ "framework": "NIST SP 800-53 Rev 5",
26526
+ "control_name": "Boundary Protection"
26527
+ },
26528
+ {
26529
+ "id": "NIST-800-53-SC-8",
26530
+ "framework": "NIST SP 800-53 Rev 5",
26531
+ "control_name": "Transmission Confidentiality and Integrity"
26532
+ },
26533
+ {
26534
+ "id": "NIST-800-53-SI-2",
26535
+ "framework": "NIST SP 800-53 Rev 5",
26536
+ "control_name": "Flaw Remediation"
26537
+ },
26538
+ {
26539
+ "id": "NIST-800-53-SI-3",
26540
+ "framework": "NIST SP 800-53 Rev 5",
26541
+ "control_name": "Malicious Code Protection"
26542
+ },
26543
+ {
26544
+ "id": "NIST-800-82r3",
26545
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
26546
+ "control_name": "Guide to Operational Technology (OT) Security"
26547
+ },
26548
+ {
26549
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
26550
+ "framework": "OWASP Top 10 for LLM Applications 2025",
26551
+ "control_name": "Prompt Injection"
26552
+ },
26553
+ {
26554
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
26555
+ "framework": "OWASP Top 10 for LLM Applications 2025",
26556
+ "control_name": "Sensitive Information Disclosure"
26557
+ },
26558
+ {
26559
+ "id": "OWASP-Pen-Testing-Guide-v5",
26560
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
26561
+ "control_name": "Web application penetration testing methodology"
26562
+ },
26563
+ {
26564
+ "id": "PCI-DSS-4.0-6.3.3",
26565
+ "framework": "PCI DSS 4.0",
26566
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
26567
+ },
26568
+ {
26569
+ "id": "PTES-Pre-engagement",
26570
+ "framework": "Penetration Testing Execution Standard (PTES)",
26571
+ "control_name": "Pre-engagement Interactions"
26572
+ },
26573
+ {
26574
+ "id": "SOC2-CC6-logical-access",
26575
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
26576
+ "control_name": "Logical and Physical Access Controls"
26577
+ },
26578
+ {
26579
+ "id": "SOC2-CC7-anomaly-detection",
26580
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
26581
+ "control_name": "System Operations — Threat and Vulnerability Management"
26582
+ },
26583
+ {
26584
+ "id": "SOC2-CC9-vendor-management",
26585
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
26586
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
26587
+ }
26588
+ ],
26589
+ "attack_refs": [
26590
+ "T0855",
26591
+ "T0883",
26592
+ "T1041",
26593
+ "T1059",
26594
+ "T1068",
26595
+ "T1071",
26596
+ "T1078",
26597
+ "T1102",
26598
+ "T1133",
26599
+ "T1190",
26600
+ "T1213",
26601
+ "T1530",
26602
+ "T1548.001",
26603
+ "T1566",
26604
+ "T1567",
26605
+ "T1568"
26606
+ ],
26607
+ "rfc_refs": [
26608
+ "RFC-4301",
26609
+ "RFC-4303",
26610
+ "RFC-7296",
26611
+ "RFC-8446",
26612
+ "RFC-9000",
26613
+ "RFC-9114",
26614
+ "RFC-9180",
26615
+ "RFC-9421",
26616
+ "RFC-9458"
26617
+ ]
26618
+ }
26619
+ },
26620
+ "CVE-2023-43654": {
26621
+ "name": "PyTorch TorchServe Management API SSRF to Remote Code Execution (ShellTorch)",
26622
+ "rwep": 31,
26623
+ "cvss": 9.8,
26624
+ "cisa_kev": false,
26625
+ "epss_score": null,
26626
+ "referencing_skills": [
26627
+ "kernel-lpe-triage",
26628
+ "ai-attack-surface",
26629
+ "compliance-theater",
26630
+ "attack-surface-pentest",
26631
+ "ot-ics-security",
26632
+ "coordinated-vuln-disclosure",
26633
+ "sector-energy"
26634
+ ],
26635
+ "chain": {
26636
+ "cwes": [
26637
+ {
26638
+ "id": "CWE-1037",
26639
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
26640
+ "category": "Hardware / Side Channel"
26641
+ },
26642
+ {
26643
+ "id": "CWE-1039",
26644
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
26645
+ "category": "AI/ML"
26646
+ },
26647
+ {
26648
+ "id": "CWE-125",
26649
+ "name": "Out-of-bounds Read",
26650
+ "category": "Memory Safety"
26651
+ },
26652
+ {
26653
+ "id": "CWE-1357",
26654
+ "name": "Reliance on Insufficiently Trustworthy Component",
26655
+ "category": "Supply Chain"
26656
+ },
26657
+ {
26658
+ "id": "CWE-1395",
26659
+ "name": "Dependency on Vulnerable Third-Party Component",
26660
+ "category": "Supply Chain"
26661
+ },
26662
+ {
26663
+ "id": "CWE-1426",
26664
+ "name": "Improper Validation of Generative AI Output",
26665
+ "category": "AI/ML"
26666
+ },
26667
+ {
26668
+ "id": "CWE-22",
26669
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
26670
+ "category": "Path/Resource"
26671
+ },
26672
+ {
26673
+ "id": "CWE-269",
26674
+ "name": "Improper Privilege Management",
26675
+ "category": "Authorization"
26676
+ },
26677
+ {
26678
+ "id": "CWE-287",
26679
+ "name": "Improper Authentication",
26680
+ "category": "Authentication"
26681
+ },
26682
+ {
26683
+ "id": "CWE-306",
26684
+ "name": "Missing Authentication for Critical Function",
26685
+ "category": "Authentication"
26686
+ },
26687
+ {
26688
+ "id": "CWE-352",
26689
+ "name": "Cross-Site Request Forgery (CSRF)",
26690
+ "category": "Session"
26691
+ },
26692
+ {
26693
+ "id": "CWE-362",
26694
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
26695
+ "category": "Concurrency"
26696
+ },
26697
+ {
26698
+ "id": "CWE-416",
26699
+ "name": "Use After Free",
26700
+ "category": "Memory Safety"
26701
+ },
26702
+ {
26703
+ "id": "CWE-434",
26704
+ "name": "Unrestricted Upload of File with Dangerous Type",
26705
+ "category": "File Handling"
26706
+ },
26707
+ {
26708
+ "id": "CWE-672",
26709
+ "name": "Operation on a Resource after Expiration or Release",
26710
+ "category": "Memory Safety"
26711
+ },
26712
+ {
26713
+ "id": "CWE-732",
26714
+ "name": "Incorrect Permission Assignment for Critical Resource",
26715
+ "category": "Authorization"
26716
+ },
26717
+ {
26718
+ "id": "CWE-78",
26719
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
26720
+ "category": "Injection"
26721
+ },
26722
+ {
26723
+ "id": "CWE-787",
26724
+ "name": "Out-of-bounds Write",
26725
+ "category": "Memory Safety"
26726
+ },
26727
+ {
26728
+ "id": "CWE-79",
26729
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
26730
+ "category": "Injection"
26731
+ },
26732
+ {
26733
+ "id": "CWE-798",
26734
+ "name": "Use of Hard-coded Credentials",
26735
+ "category": "Credentials"
26736
+ },
26737
+ {
26738
+ "id": "CWE-89",
26739
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
26740
+ "category": "Injection"
26741
+ },
26742
+ {
26743
+ "id": "CWE-918",
26744
+ "name": "Server-Side Request Forgery (SSRF)",
26745
+ "category": "Network"
26746
+ },
26747
+ {
26748
+ "id": "CWE-94",
26749
+ "name": "Improper Control of Generation of Code (Code Injection)",
26750
+ "category": "Injection"
26751
+ }
26752
+ ],
26753
+ "atlas": [
26754
+ {
26755
+ "id": "AML.T0010",
26756
+ "name": "ML Supply Chain Compromise",
26757
+ "tactic": "Initial Access"
26758
+ },
26759
+ {
26760
+ "id": "AML.T0016",
26761
+ "name": "Obtain Capabilities: Develop Capabilities",
26762
+ "tactic": "Resource Development"
26763
+ },
26764
+ {
26765
+ "id": "AML.T0017",
26766
+ "name": "Discover ML Model Ontology",
26767
+ "tactic": "Discovery"
26768
+ },
26769
+ {
26770
+ "id": "AML.T0018",
26771
+ "name": "Backdoor ML Model",
26772
+ "tactic": "Persistence"
26773
+ },
26774
+ {
26775
+ "id": "AML.T0020",
26776
+ "name": "Poison Training Data",
26777
+ "tactic": "ML Attack Staging"
26778
+ },
26779
+ {
26780
+ "id": "AML.T0043",
26781
+ "name": "Craft Adversarial Data",
26782
+ "tactic": "ML Attack Staging"
26783
+ },
26784
+ {
26785
+ "id": "AML.T0051",
26786
+ "name": "LLM Prompt Injection",
26787
+ "tactic": "Execution"
26788
+ },
26789
+ {
26790
+ "id": "AML.T0054",
26791
+ "name": "LLM Jailbreak",
26792
+ "tactic": "Defense Evasion"
26793
+ },
26794
+ {
26795
+ "id": "AML.T0096",
26796
+ "name": "AI API as Covert C2 Channel",
26797
+ "tactic": "Command and Control"
26798
+ }
26799
+ ],
26800
+ "d3fend": [
26801
+ {
26802
+ "id": "D3-ASLR",
26803
+ "name": "Address Space Layout Randomization",
26804
+ "tactic": "Harden"
26805
+ },
26806
+ {
26807
+ "id": "D3-CSPP",
26808
+ "name": "Client-server Payload Profiling",
26809
+ "tactic": "Detect"
26810
+ },
26811
+ {
26812
+ "id": "D3-EAL",
26813
+ "name": "Executable Allowlisting",
26814
+ "tactic": "Harden"
26815
+ },
26816
+ {
26817
+ "id": "D3-IOPR",
26818
+ "name": "Input/Output Profiling Resource",
26819
+ "tactic": "Detect"
26820
+ },
26821
+ {
26822
+ "id": "D3-NTA",
26823
+ "name": "Network Traffic Analysis",
26824
+ "tactic": "Detect"
26825
+ },
26826
+ {
26827
+ "id": "D3-PHRA",
26828
+ "name": "Process Hardware Resource Access",
26829
+ "tactic": "Isolate"
26830
+ },
26831
+ {
26832
+ "id": "D3-PSEP",
26833
+ "name": "Process Segment Execution Prevention",
26834
+ "tactic": "Harden"
26835
+ }
26836
+ ],
26837
+ "framework_gaps": [
26838
+ {
26839
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
26840
+ "framework": "ALL",
26841
+ "control_name": "AI Pipeline Integrity"
26842
+ },
26843
+ {
26844
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
26845
+ "framework": "ALL",
26846
+ "control_name": "Prompt Injection as Access Control Failure"
26847
+ },
26848
+ {
26849
+ "id": "CIS-Controls-v8-Control7",
26850
+ "framework": "CIS Controls v8",
26851
+ "control_name": "Continuous Vulnerability Management"
26852
+ },
26853
+ {
26854
+ "id": "CMMC-2.0-Level-2",
26855
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
26856
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
26857
+ },
26858
+ {
26859
+ "id": "FedRAMP-Rev5-Moderate",
26860
+ "framework": "FedRAMP Rev 5 Moderate",
26861
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
26862
+ },
26863
+ {
26864
+ "id": "IEC-62443-3-3",
26865
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
26866
+ "control_name": "System security requirements and security levels"
26867
+ },
26868
+ {
26869
+ "id": "ISO-27001-2022-A.8.28",
26870
+ "framework": "ISO/IEC 27001:2022",
26871
+ "control_name": "Secure coding"
26872
+ },
26873
+ {
26874
+ "id": "ISO-27001-2022-A.8.8",
26875
+ "framework": "ISO/IEC 27001:2022",
26876
+ "control_name": "Management of technical vulnerabilities"
26877
+ },
26878
+ {
26879
+ "id": "ISO-IEC-23894-2023-clause-7",
26880
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
26881
+ "control_name": "AI risk management process"
26882
+ },
26883
+ {
26884
+ "id": "NERC-CIP-007-6-R4",
26885
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
26886
+ "control_name": "Security event monitoring"
26887
+ },
26888
+ {
26889
+ "id": "NIS2-Art21-patch-management",
26890
+ "framework": "EU NIS2 Directive",
26891
+ "control_name": "Vulnerability handling and disclosure"
26892
+ },
26893
+ {
26894
+ "id": "NIST-800-115",
26895
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
26896
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
26897
+ },
26898
+ {
26899
+ "id": "NIST-800-218-SSDF",
26900
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
26901
+ "control_name": "Secure Software Development Framework"
26902
+ },
26903
+ {
26904
+ "id": "NIST-800-53-AC-2",
26905
+ "framework": "NIST SP 800-53 Rev 5",
26906
+ "control_name": "Account Management"
26907
+ },
26908
+ {
26909
+ "id": "NIST-800-53-SC-8",
26910
+ "framework": "NIST SP 800-53 Rev 5",
26911
+ "control_name": "Transmission Confidentiality and Integrity"
26912
+ },
26913
+ {
26914
+ "id": "NIST-800-53-SI-2",
26915
+ "framework": "NIST SP 800-53 Rev 5",
26916
+ "control_name": "Flaw Remediation"
26917
+ },
26918
+ {
26919
+ "id": "NIST-800-53-SI-3",
26920
+ "framework": "NIST SP 800-53 Rev 5",
26921
+ "control_name": "Malicious Code Protection"
26922
+ },
26923
+ {
26924
+ "id": "NIST-800-82r3",
26925
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
26926
+ "control_name": "Guide to Operational Technology (OT) Security"
26927
+ },
26928
+ {
26929
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
26930
+ "framework": "OWASP Top 10 for LLM Applications 2025",
26931
+ "control_name": "Prompt Injection"
26932
+ },
26933
+ {
26934
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
26935
+ "framework": "OWASP Top 10 for LLM Applications 2025",
26936
+ "control_name": "Sensitive Information Disclosure"
26937
+ },
26938
+ {
26939
+ "id": "OWASP-Pen-Testing-Guide-v5",
26940
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
26941
+ "control_name": "Web application penetration testing methodology"
26942
+ },
26943
+ {
26944
+ "id": "PCI-DSS-4.0-6.3.3",
26945
+ "framework": "PCI DSS 4.0",
26946
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
26947
+ },
26948
+ {
26949
+ "id": "PTES-Pre-engagement",
26950
+ "framework": "Penetration Testing Execution Standard (PTES)",
26951
+ "control_name": "Pre-engagement Interactions"
26952
+ },
26953
+ {
26954
+ "id": "SOC2-CC6-logical-access",
26955
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
26956
+ "control_name": "Logical and Physical Access Controls"
26957
+ },
26958
+ {
26959
+ "id": "SOC2-CC9-vendor-management",
26960
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
26961
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
26962
+ }
26963
+ ],
26964
+ "attack_refs": [
26965
+ "T0855",
26966
+ "T0883",
26967
+ "T1059",
26968
+ "T1068",
26969
+ "T1078",
26970
+ "T1133",
26971
+ "T1190",
26972
+ "T1548.001",
26973
+ "T1566"
26974
+ ],
26975
+ "rfc_refs": [
26976
+ "RFC-4301",
26977
+ "RFC-4303",
26978
+ "RFC-7296"
26979
+ ]
26980
+ }
26981
+ },
26982
+ "CVE-2022-1471": {
26983
+ "name": "SnakeYAML Constructor Unsafe Deserialization RCE (ShellTorch chain)",
26984
+ "rwep": 29,
26985
+ "cvss": 9.8,
26986
+ "cisa_kev": false,
26987
+ "epss_score": null,
26988
+ "referencing_skills": [
26989
+ "kernel-lpe-triage",
26990
+ "ai-attack-surface",
26991
+ "compliance-theater",
26992
+ "attack-surface-pentest",
26993
+ "ot-ics-security",
26994
+ "coordinated-vuln-disclosure",
26995
+ "sector-energy"
26996
+ ],
26997
+ "chain": {
26998
+ "cwes": [
26999
+ {
27000
+ "id": "CWE-1037",
27001
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
27002
+ "category": "Hardware / Side Channel"
27003
+ },
27004
+ {
27005
+ "id": "CWE-1039",
27006
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
27007
+ "category": "AI/ML"
27008
+ },
27009
+ {
27010
+ "id": "CWE-125",
27011
+ "name": "Out-of-bounds Read",
27012
+ "category": "Memory Safety"
27013
+ },
27014
+ {
27015
+ "id": "CWE-1357",
27016
+ "name": "Reliance on Insufficiently Trustworthy Component",
27017
+ "category": "Supply Chain"
27018
+ },
27019
+ {
27020
+ "id": "CWE-1395",
27021
+ "name": "Dependency on Vulnerable Third-Party Component",
27022
+ "category": "Supply Chain"
27023
+ },
27024
+ {
27025
+ "id": "CWE-1426",
27026
+ "name": "Improper Validation of Generative AI Output",
27027
+ "category": "AI/ML"
27028
+ },
27029
+ {
27030
+ "id": "CWE-22",
27031
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
27032
+ "category": "Path/Resource"
27033
+ },
27034
+ {
27035
+ "id": "CWE-269",
27036
+ "name": "Improper Privilege Management",
27037
+ "category": "Authorization"
27038
+ },
27039
+ {
27040
+ "id": "CWE-287",
27041
+ "name": "Improper Authentication",
27042
+ "category": "Authentication"
27043
+ },
27044
+ {
27045
+ "id": "CWE-306",
27046
+ "name": "Missing Authentication for Critical Function",
27047
+ "category": "Authentication"
27048
+ },
27049
+ {
27050
+ "id": "CWE-352",
27051
+ "name": "Cross-Site Request Forgery (CSRF)",
27052
+ "category": "Session"
27053
+ },
27054
+ {
27055
+ "id": "CWE-362",
27056
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
27057
+ "category": "Concurrency"
27058
+ },
27059
+ {
27060
+ "id": "CWE-416",
27061
+ "name": "Use After Free",
27062
+ "category": "Memory Safety"
27063
+ },
27064
+ {
27065
+ "id": "CWE-434",
27066
+ "name": "Unrestricted Upload of File with Dangerous Type",
27067
+ "category": "File Handling"
27068
+ },
27069
+ {
27070
+ "id": "CWE-672",
27071
+ "name": "Operation on a Resource after Expiration or Release",
27072
+ "category": "Memory Safety"
27073
+ },
27074
+ {
27075
+ "id": "CWE-732",
27076
+ "name": "Incorrect Permission Assignment for Critical Resource",
27077
+ "category": "Authorization"
27078
+ },
27079
+ {
27080
+ "id": "CWE-78",
27081
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
27082
+ "category": "Injection"
27083
+ },
27084
+ {
27085
+ "id": "CWE-787",
27086
+ "name": "Out-of-bounds Write",
27087
+ "category": "Memory Safety"
27088
+ },
27089
+ {
27090
+ "id": "CWE-79",
27091
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
27092
+ "category": "Injection"
27093
+ },
27094
+ {
27095
+ "id": "CWE-798",
27096
+ "name": "Use of Hard-coded Credentials",
27097
+ "category": "Credentials"
27098
+ },
27099
+ {
27100
+ "id": "CWE-89",
27101
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
27102
+ "category": "Injection"
27103
+ },
27104
+ {
27105
+ "id": "CWE-918",
27106
+ "name": "Server-Side Request Forgery (SSRF)",
27107
+ "category": "Network"
27108
+ },
27109
+ {
27110
+ "id": "CWE-94",
27111
+ "name": "Improper Control of Generation of Code (Code Injection)",
27112
+ "category": "Injection"
27113
+ }
27114
+ ],
27115
+ "atlas": [
27116
+ {
27117
+ "id": "AML.T0010",
27118
+ "name": "ML Supply Chain Compromise",
27119
+ "tactic": "Initial Access"
27120
+ },
27121
+ {
27122
+ "id": "AML.T0016",
27123
+ "name": "Obtain Capabilities: Develop Capabilities",
27124
+ "tactic": "Resource Development"
27125
+ },
27126
+ {
27127
+ "id": "AML.T0017",
27128
+ "name": "Discover ML Model Ontology",
27129
+ "tactic": "Discovery"
27130
+ },
27131
+ {
27132
+ "id": "AML.T0018",
27133
+ "name": "Backdoor ML Model",
27134
+ "tactic": "Persistence"
27135
+ },
27136
+ {
27137
+ "id": "AML.T0020",
27138
+ "name": "Poison Training Data",
27139
+ "tactic": "ML Attack Staging"
27140
+ },
27141
+ {
27142
+ "id": "AML.T0043",
27143
+ "name": "Craft Adversarial Data",
27144
+ "tactic": "ML Attack Staging"
27145
+ },
27146
+ {
27147
+ "id": "AML.T0051",
27148
+ "name": "LLM Prompt Injection",
27149
+ "tactic": "Execution"
27150
+ },
27151
+ {
27152
+ "id": "AML.T0054",
27153
+ "name": "LLM Jailbreak",
27154
+ "tactic": "Defense Evasion"
27155
+ },
27156
+ {
27157
+ "id": "AML.T0096",
27158
+ "name": "AI API as Covert C2 Channel",
27159
+ "tactic": "Command and Control"
27160
+ }
27161
+ ],
27162
+ "d3fend": [
27163
+ {
27164
+ "id": "D3-ASLR",
27165
+ "name": "Address Space Layout Randomization",
27166
+ "tactic": "Harden"
27167
+ },
27168
+ {
27169
+ "id": "D3-CSPP",
27170
+ "name": "Client-server Payload Profiling",
27171
+ "tactic": "Detect"
27172
+ },
27173
+ {
27174
+ "id": "D3-EAL",
27175
+ "name": "Executable Allowlisting",
27176
+ "tactic": "Harden"
27177
+ },
27178
+ {
27179
+ "id": "D3-IOPR",
27180
+ "name": "Input/Output Profiling Resource",
27181
+ "tactic": "Detect"
27182
+ },
27183
+ {
27184
+ "id": "D3-NTA",
27185
+ "name": "Network Traffic Analysis",
27186
+ "tactic": "Detect"
27187
+ },
27188
+ {
27189
+ "id": "D3-PHRA",
27190
+ "name": "Process Hardware Resource Access",
27191
+ "tactic": "Isolate"
27192
+ },
27193
+ {
27194
+ "id": "D3-PSEP",
27195
+ "name": "Process Segment Execution Prevention",
27196
+ "tactic": "Harden"
27197
+ }
27198
+ ],
27199
+ "framework_gaps": [
27200
+ {
27201
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
27202
+ "framework": "ALL",
27203
+ "control_name": "AI Pipeline Integrity"
27204
+ },
27205
+ {
27206
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
27207
+ "framework": "ALL",
27208
+ "control_name": "Prompt Injection as Access Control Failure"
27209
+ },
27210
+ {
27211
+ "id": "CIS-Controls-v8-Control7",
27212
+ "framework": "CIS Controls v8",
27213
+ "control_name": "Continuous Vulnerability Management"
27214
+ },
27215
+ {
27216
+ "id": "CMMC-2.0-Level-2",
27217
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
27218
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
27219
+ },
27220
+ {
27221
+ "id": "FedRAMP-Rev5-Moderate",
27222
+ "framework": "FedRAMP Rev 5 Moderate",
27223
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
27224
+ },
27225
+ {
27226
+ "id": "IEC-62443-3-3",
27227
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
27228
+ "control_name": "System security requirements and security levels"
27229
+ },
27230
+ {
27231
+ "id": "ISO-27001-2022-A.8.28",
27232
+ "framework": "ISO/IEC 27001:2022",
27233
+ "control_name": "Secure coding"
27234
+ },
27235
+ {
27236
+ "id": "ISO-27001-2022-A.8.8",
27237
+ "framework": "ISO/IEC 27001:2022",
27238
+ "control_name": "Management of technical vulnerabilities"
27239
+ },
27240
+ {
27241
+ "id": "ISO-IEC-23894-2023-clause-7",
27242
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
27243
+ "control_name": "AI risk management process"
27244
+ },
27245
+ {
27246
+ "id": "NERC-CIP-007-6-R4",
27247
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
27248
+ "control_name": "Security event monitoring"
27249
+ },
27250
+ {
27251
+ "id": "NIS2-Art21-patch-management",
27252
+ "framework": "EU NIS2 Directive",
27253
+ "control_name": "Vulnerability handling and disclosure"
27254
+ },
27255
+ {
27256
+ "id": "NIST-800-115",
27257
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
27258
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
27259
+ },
27260
+ {
27261
+ "id": "NIST-800-218-SSDF",
27262
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
27263
+ "control_name": "Secure Software Development Framework"
27264
+ },
27265
+ {
27266
+ "id": "NIST-800-53-AC-2",
27267
+ "framework": "NIST SP 800-53 Rev 5",
27268
+ "control_name": "Account Management"
27269
+ },
27270
+ {
27271
+ "id": "NIST-800-53-SC-8",
27272
+ "framework": "NIST SP 800-53 Rev 5",
27273
+ "control_name": "Transmission Confidentiality and Integrity"
27274
+ },
27275
+ {
27276
+ "id": "NIST-800-53-SI-2",
27277
+ "framework": "NIST SP 800-53 Rev 5",
27278
+ "control_name": "Flaw Remediation"
27279
+ },
27280
+ {
27281
+ "id": "NIST-800-53-SI-3",
27282
+ "framework": "NIST SP 800-53 Rev 5",
27283
+ "control_name": "Malicious Code Protection"
27284
+ },
27285
+ {
27286
+ "id": "NIST-800-82r3",
27287
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
27288
+ "control_name": "Guide to Operational Technology (OT) Security"
27289
+ },
27290
+ {
27291
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
27292
+ "framework": "OWASP Top 10 for LLM Applications 2025",
27293
+ "control_name": "Prompt Injection"
27294
+ },
27295
+ {
27296
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
27297
+ "framework": "OWASP Top 10 for LLM Applications 2025",
27298
+ "control_name": "Sensitive Information Disclosure"
27299
+ },
27300
+ {
27301
+ "id": "OWASP-Pen-Testing-Guide-v5",
27302
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
27303
+ "control_name": "Web application penetration testing methodology"
27304
+ },
27305
+ {
27306
+ "id": "PCI-DSS-4.0-6.3.3",
27307
+ "framework": "PCI DSS 4.0",
27308
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
27309
+ },
27310
+ {
27311
+ "id": "PTES-Pre-engagement",
27312
+ "framework": "Penetration Testing Execution Standard (PTES)",
27313
+ "control_name": "Pre-engagement Interactions"
27314
+ },
27315
+ {
27316
+ "id": "SOC2-CC6-logical-access",
27317
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
27318
+ "control_name": "Logical and Physical Access Controls"
27319
+ },
27320
+ {
27321
+ "id": "SOC2-CC9-vendor-management",
27322
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
27323
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
27324
+ }
27325
+ ],
27326
+ "attack_refs": [
27327
+ "T0855",
27328
+ "T0883",
27329
+ "T1059",
27330
+ "T1068",
27331
+ "T1078",
27332
+ "T1133",
27333
+ "T1190",
27334
+ "T1548.001",
27335
+ "T1566"
27336
+ ],
27337
+ "rfc_refs": [
27338
+ "RFC-4301",
27339
+ "RFC-4303",
27340
+ "RFC-7296"
27341
+ ]
27342
+ }
27343
+ },
25324
27344
  "CVE-2026-41091": {
25325
27345
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
25326
27346
  "rwep": 45,
@@ -51696,11 +53716,15 @@
51696
53716
  },
51697
53717
  "related_cves": [
51698
53718
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
53719
+ "CVE-2022-1471",
51699
53720
  "CVE-2023-43472",
53721
+ "CVE-2023-43654",
51700
53722
  "CVE-2023-48022",
51701
53723
  "CVE-2024-0132",
51702
53724
  "CVE-2024-3094",
51703
53725
  "CVE-2024-3154",
53726
+ "CVE-2024-42478",
53727
+ "CVE-2024-42479",
51704
53728
  "CVE-2024-50050",
51705
53729
  "CVE-2025-0133",
51706
53730
  "CVE-2025-10585",
@@ -51735,6 +53759,7 @@
51735
53759
  "CVE-2026-30624",
51736
53760
  "CVE-2026-30625",
51737
53761
  "CVE-2026-31431",
53762
+ "CVE-2026-34159",
51738
53763
  "CVE-2026-34926",
51739
53764
  "CVE-2026-39884",
51740
53765
  "CVE-2026-40933",
@@ -52069,9 +54094,13 @@
52069
54094
  ]
52070
54095
  },
52071
54096
  "related_cves": [
54097
+ "CVE-2022-1471",
52072
54098
  "CVE-2023-43472",
54099
+ "CVE-2023-43654",
52073
54100
  "CVE-2023-48022",
52074
54101
  "CVE-2024-0132",
54102
+ "CVE-2024-42478",
54103
+ "CVE-2024-42479",
52075
54104
  "CVE-2024-50050",
52076
54105
  "CVE-2025-0133",
52077
54106
  "CVE-2025-10585",
@@ -52103,6 +54132,7 @@
52103
54132
  "CVE-2026-30624",
52104
54133
  "CVE-2026-30625",
52105
54134
  "CVE-2026-31431",
54135
+ "CVE-2026-34159",
52106
54136
  "CVE-2026-34926",
52107
54137
  "CVE-2026-39884",
52108
54138
  "CVE-2026-40933",
@@ -52233,9 +54263,13 @@
52233
54263
  ]
52234
54264
  },
52235
54265
  "related_cves": [
54266
+ "CVE-2022-1471",
52236
54267
  "CVE-2023-43472",
54268
+ "CVE-2023-43654",
52237
54269
  "CVE-2023-48022",
52238
54270
  "CVE-2024-0132",
54271
+ "CVE-2024-42478",
54272
+ "CVE-2024-42479",
52239
54273
  "CVE-2024-50050",
52240
54274
  "CVE-2025-0133",
52241
54275
  "CVE-2025-10585",
@@ -52267,6 +54301,7 @@
52267
54301
  "CVE-2026-30624",
52268
54302
  "CVE-2026-30625",
52269
54303
  "CVE-2026-31431",
54304
+ "CVE-2026-34159",
52270
54305
  "CVE-2026-34926",
52271
54306
  "CVE-2026-39884",
52272
54307
  "CVE-2026-40933",
@@ -52411,9 +54446,13 @@
52411
54446
  ]
52412
54447
  },
52413
54448
  "related_cves": [
54449
+ "CVE-2022-1471",
52414
54450
  "CVE-2023-43472",
54451
+ "CVE-2023-43654",
52415
54452
  "CVE-2023-48022",
52416
54453
  "CVE-2024-0132",
54454
+ "CVE-2024-42478",
54455
+ "CVE-2024-42479",
52417
54456
  "CVE-2024-50050",
52418
54457
  "CVE-2025-0133",
52419
54458
  "CVE-2025-10585",
@@ -52445,6 +54484,7 @@
52445
54484
  "CVE-2026-30624",
52446
54485
  "CVE-2026-30625",
52447
54486
  "CVE-2026-31431",
54487
+ "CVE-2026-34159",
52448
54488
  "CVE-2026-34926",
52449
54489
  "CVE-2026-39884",
52450
54490
  "CVE-2026-40933",
@@ -52693,11 +54733,15 @@
52693
54733
  "related_cves": [
52694
54734
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
52695
54735
  "BUG-2026-NIGHTMARE-ECLIPSE-UNDEFEND",
54736
+ "CVE-2022-1471",
52696
54737
  "CVE-2023-43472",
54738
+ "CVE-2023-43654",
52697
54739
  "CVE-2023-48022",
52698
54740
  "CVE-2024-0132",
52699
54741
  "CVE-2024-3094",
52700
54742
  "CVE-2024-3154",
54743
+ "CVE-2024-42478",
54744
+ "CVE-2024-42479",
52701
54745
  "CVE-2024-50050",
52702
54746
  "CVE-2025-0133",
52703
54747
  "CVE-2025-1094",
@@ -52731,6 +54775,7 @@
52731
54775
  "CVE-2026-30625",
52732
54776
  "CVE-2026-32202",
52733
54777
  "CVE-2026-33825",
54778
+ "CVE-2026-34159",
52734
54779
  "CVE-2026-39884",
52735
54780
  "CVE-2026-40933",
52736
54781
  "CVE-2026-42208",
@@ -52915,6 +54960,7 @@
52915
54960
  "CVE-2021-39935",
52916
54961
  "CVE-2021-43226",
52917
54962
  "CVE-2021-43798",
54963
+ "CVE-2022-1471",
52918
54964
  "CVE-2022-20775",
52919
54965
  "CVE-2022-37055",
52920
54966
  "CVE-2022-40799",
@@ -52930,6 +54976,7 @@
52930
54976
  "CVE-2023-39780",
52931
54977
  "CVE-2023-41974",
52932
54978
  "CVE-2023-43000",
54979
+ "CVE-2023-43654",
52933
54980
  "CVE-2023-48022",
52934
54981
  "CVE-2023-50224",
52935
54982
  "CVE-2023-52163",
@@ -52943,6 +54990,8 @@
52943
54990
  "CVE-2024-27443",
52944
54991
  "CVE-2024-37079",
52945
54992
  "CVE-2024-42009",
54993
+ "CVE-2024-42478",
54994
+ "CVE-2024-42479",
52946
54995
  "CVE-2024-43468",
52947
54996
  "CVE-2024-50050",
52948
54997
  "CVE-2024-54085",
@@ -53152,6 +55201,7 @@
53152
55201
  "CVE-2026-33017",
53153
55202
  "CVE-2026-33634",
53154
55203
  "CVE-2026-33825",
55204
+ "CVE-2026-34159",
53155
55205
  "CVE-2026-34197",
53156
55206
  "CVE-2026-34621",
53157
55207
  "CVE-2026-34926",
@@ -53395,6 +55445,8 @@
53395
55445
  "CVE-2024-3094",
53396
55446
  "CVE-2024-3154",
53397
55447
  "CVE-2024-40635",
55448
+ "CVE-2024-42478",
55449
+ "CVE-2024-42479",
53398
55450
  "CVE-2025-0133",
53399
55451
  "CVE-2025-1094",
53400
55452
  "CVE-2025-14847",
@@ -53406,6 +55458,7 @@
53406
55458
  "CVE-2025-6965",
53407
55459
  "CVE-2026-30615",
53408
55460
  "CVE-2026-30623",
55461
+ "CVE-2026-34159",
53409
55462
  "CVE-2026-39884",
53410
55463
  "CVE-2026-42208",
53411
55464
  "CVE-2026-42897",
@@ -53748,11 +55801,15 @@
53748
55801
  },
53749
55802
  "related_cves": [
53750
55803
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
55804
+ "CVE-2022-1471",
53751
55805
  "CVE-2023-43472",
55806
+ "CVE-2023-43654",
53752
55807
  "CVE-2023-48022",
53753
55808
  "CVE-2024-0132",
53754
55809
  "CVE-2024-3094",
53755
55810
  "CVE-2024-3154",
55811
+ "CVE-2024-42478",
55812
+ "CVE-2024-42479",
53756
55813
  "CVE-2024-50050",
53757
55814
  "CVE-2025-0133",
53758
55815
  "CVE-2025-10585",
@@ -53787,6 +55844,7 @@
53787
55844
  "CVE-2026-30624",
53788
55845
  "CVE-2026-30625",
53789
55846
  "CVE-2026-31431",
55847
+ "CVE-2026-34159",
53790
55848
  "CVE-2026-34926",
53791
55849
  "CVE-2026-39884",
53792
55850
  "CVE-2026-40933",
@@ -54351,11 +56409,15 @@
54351
56409
  },
54352
56410
  "related_cves": [
54353
56411
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
56412
+ "CVE-2022-1471",
54354
56413
  "CVE-2023-43472",
56414
+ "CVE-2023-43654",
54355
56415
  "CVE-2023-48022",
54356
56416
  "CVE-2024-0132",
54357
56417
  "CVE-2024-3094",
54358
56418
  "CVE-2024-3154",
56419
+ "CVE-2024-42478",
56420
+ "CVE-2024-42479",
54359
56421
  "CVE-2024-50050",
54360
56422
  "CVE-2025-0133",
54361
56423
  "CVE-2025-10585",
@@ -54390,6 +56452,7 @@
54390
56452
  "CVE-2026-30624",
54391
56453
  "CVE-2026-30625",
54392
56454
  "CVE-2026-31431",
56455
+ "CVE-2026-34159",
54393
56456
  "CVE-2026-34926",
54394
56457
  "CVE-2026-39884",
54395
56458
  "CVE-2026-40933",
@@ -54593,9 +56656,13 @@
54593
56656
  ]
54594
56657
  },
54595
56658
  "related_cves": [
56659
+ "CVE-2022-1471",
56660
+ "CVE-2023-43654",
54596
56661
  "CVE-2023-48022",
54597
56662
  "CVE-2024-0132",
54598
56663
  "CVE-2024-3094",
56664
+ "CVE-2024-42478",
56665
+ "CVE-2024-42479",
54599
56666
  "CVE-2024-50050",
54600
56667
  "CVE-2025-10585",
54601
56668
  "CVE-2025-1094",
@@ -54626,6 +56693,7 @@
54626
56693
  "CVE-2026-30624",
54627
56694
  "CVE-2026-30625",
54628
56695
  "CVE-2026-31431",
56696
+ "CVE-2026-34159",
54629
56697
  "CVE-2026-34926",
54630
56698
  "CVE-2026-39884",
54631
56699
  "CVE-2026-40933",
@@ -55259,11 +57327,15 @@
55259
57327
  },
55260
57328
  "related_cves": [
55261
57329
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
57330
+ "CVE-2022-1471",
55262
57331
  "CVE-2023-43472",
57332
+ "CVE-2023-43654",
55263
57333
  "CVE-2023-48022",
55264
57334
  "CVE-2024-0132",
55265
57335
  "CVE-2024-3094",
55266
57336
  "CVE-2024-3154",
57337
+ "CVE-2024-42478",
57338
+ "CVE-2024-42479",
55267
57339
  "CVE-2024-50050",
55268
57340
  "CVE-2025-0133",
55269
57341
  "CVE-2025-10585",
@@ -55298,6 +57370,7 @@
55298
57370
  "CVE-2026-30624",
55299
57371
  "CVE-2026-30625",
55300
57372
  "CVE-2026-31431",
57373
+ "CVE-2026-34159",
55301
57374
  "CVE-2026-34926",
55302
57375
  "CVE-2026-39884",
55303
57376
  "CVE-2026-40933",
@@ -55488,6 +57561,7 @@
55488
57561
  "CVE-2021-39935",
55489
57562
  "CVE-2021-43226",
55490
57563
  "CVE-2021-43798",
57564
+ "CVE-2022-1471",
55491
57565
  "CVE-2022-20775",
55492
57566
  "CVE-2022-37055",
55493
57567
  "CVE-2022-40799",
@@ -55503,6 +57577,7 @@
55503
57577
  "CVE-2023-39780",
55504
57578
  "CVE-2023-41974",
55505
57579
  "CVE-2023-43000",
57580
+ "CVE-2023-43654",
55506
57581
  "CVE-2023-48022",
55507
57582
  "CVE-2023-50224",
55508
57583
  "CVE-2023-52163",
@@ -55516,6 +57591,8 @@
55516
57591
  "CVE-2024-27443",
55517
57592
  "CVE-2024-37079",
55518
57593
  "CVE-2024-42009",
57594
+ "CVE-2024-42478",
57595
+ "CVE-2024-42479",
55519
57596
  "CVE-2024-43468",
55520
57597
  "CVE-2024-50050",
55521
57598
  "CVE-2024-54085",
@@ -55725,6 +57802,7 @@
55725
57802
  "CVE-2026-33017",
55726
57803
  "CVE-2026-33634",
55727
57804
  "CVE-2026-33825",
57805
+ "CVE-2026-34159",
55728
57806
  "CVE-2026-34197",
55729
57807
  "CVE-2026-34621",
55730
57808
  "CVE-2026-34926",
@@ -55912,6 +57990,7 @@
55912
57990
  "CVE-2021-39935",
55913
57991
  "CVE-2021-43226",
55914
57992
  "CVE-2021-43798",
57993
+ "CVE-2022-1471",
55915
57994
  "CVE-2022-20775",
55916
57995
  "CVE-2022-37055",
55917
57996
  "CVE-2022-40799",
@@ -55927,6 +58006,7 @@
55927
58006
  "CVE-2023-39780",
55928
58007
  "CVE-2023-41974",
55929
58008
  "CVE-2023-43000",
58009
+ "CVE-2023-43654",
55930
58010
  "CVE-2023-48022",
55931
58011
  "CVE-2023-50224",
55932
58012
  "CVE-2023-52163",
@@ -55940,6 +58020,8 @@
55940
58020
  "CVE-2024-27443",
55941
58021
  "CVE-2024-37079",
55942
58022
  "CVE-2024-42009",
58023
+ "CVE-2024-42478",
58024
+ "CVE-2024-42479",
55943
58025
  "CVE-2024-43468",
55944
58026
  "CVE-2024-50050",
55945
58027
  "CVE-2024-54085",
@@ -56149,6 +58231,7 @@
56149
58231
  "CVE-2026-33017",
56150
58232
  "CVE-2026-33634",
56151
58233
  "CVE-2026-33825",
58234
+ "CVE-2026-34159",
56152
58235
  "CVE-2026-34197",
56153
58236
  "CVE-2026-34621",
56154
58237
  "CVE-2026-34926",
@@ -56383,11 +58466,15 @@
56383
58466
  },
56384
58467
  "related_cves": [
56385
58468
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
58469
+ "CVE-2022-1471",
56386
58470
  "CVE-2023-43472",
58471
+ "CVE-2023-43654",
56387
58472
  "CVE-2023-48022",
56388
58473
  "CVE-2024-0132",
56389
58474
  "CVE-2024-3094",
56390
58475
  "CVE-2024-3154",
58476
+ "CVE-2024-42478",
58477
+ "CVE-2024-42479",
56391
58478
  "CVE-2024-50050",
56392
58479
  "CVE-2025-0133",
56393
58480
  "CVE-2025-10585",
@@ -56422,6 +58509,7 @@
56422
58509
  "CVE-2026-30624",
56423
58510
  "CVE-2026-30625",
56424
58511
  "CVE-2026-31431",
58512
+ "CVE-2026-34159",
56425
58513
  "CVE-2026-34926",
56426
58514
  "CVE-2026-39884",
56427
58515
  "CVE-2026-40933",
@@ -57164,6 +59252,7 @@
57164
59252
  "CVE-2021-39935",
57165
59253
  "CVE-2021-43226",
57166
59254
  "CVE-2021-43798",
59255
+ "CVE-2022-1471",
57167
59256
  "CVE-2022-20775",
57168
59257
  "CVE-2022-37055",
57169
59258
  "CVE-2022-40799",
@@ -57179,6 +59268,7 @@
57179
59268
  "CVE-2023-39780",
57180
59269
  "CVE-2023-41974",
57181
59270
  "CVE-2023-43000",
59271
+ "CVE-2023-43654",
57182
59272
  "CVE-2023-48022",
57183
59273
  "CVE-2023-50224",
57184
59274
  "CVE-2023-52163",
@@ -57192,6 +59282,8 @@
57192
59282
  "CVE-2024-27443",
57193
59283
  "CVE-2024-37079",
57194
59284
  "CVE-2024-42009",
59285
+ "CVE-2024-42478",
59286
+ "CVE-2024-42479",
57195
59287
  "CVE-2024-43468",
57196
59288
  "CVE-2024-50050",
57197
59289
  "CVE-2024-54085",
@@ -57401,6 +59493,7 @@
57401
59493
  "CVE-2026-33017",
57402
59494
  "CVE-2026-33634",
57403
59495
  "CVE-2026-33825",
59496
+ "CVE-2026-34159",
57404
59497
  "CVE-2026-34197",
57405
59498
  "CVE-2026-34621",
57406
59499
  "CVE-2026-34926",
@@ -57699,11 +59792,15 @@
57699
59792
  },
57700
59793
  "related_cves": [
57701
59794
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
59795
+ "CVE-2022-1471",
57702
59796
  "CVE-2023-43472",
59797
+ "CVE-2023-43654",
57703
59798
  "CVE-2023-48022",
57704
59799
  "CVE-2024-0132",
57705
59800
  "CVE-2024-3094",
57706
59801
  "CVE-2024-3154",
59802
+ "CVE-2024-42478",
59803
+ "CVE-2024-42479",
57707
59804
  "CVE-2024-50050",
57708
59805
  "CVE-2025-0133",
57709
59806
  "CVE-2025-10585",
@@ -57738,6 +59835,7 @@
57738
59835
  "CVE-2026-30624",
57739
59836
  "CVE-2026-30625",
57740
59837
  "CVE-2026-31431",
59838
+ "CVE-2026-34159",
57741
59839
  "CVE-2026-34926",
57742
59840
  "CVE-2026-39884",
57743
59841
  "CVE-2026-40933",
@@ -58005,6 +60103,7 @@
58005
60103
  "CVE-2021-39935",
58006
60104
  "CVE-2021-43226",
58007
60105
  "CVE-2021-43798",
60106
+ "CVE-2022-1471",
58008
60107
  "CVE-2022-20775",
58009
60108
  "CVE-2022-37055",
58010
60109
  "CVE-2022-40799",
@@ -58021,6 +60120,7 @@
58021
60120
  "CVE-2023-41974",
58022
60121
  "CVE-2023-43000",
58023
60122
  "CVE-2023-43472",
60123
+ "CVE-2023-43654",
58024
60124
  "CVE-2023-48022",
58025
60125
  "CVE-2023-50224",
58026
60126
  "CVE-2023-52163",
@@ -58036,6 +60136,8 @@
58036
60136
  "CVE-2024-3154",
58037
60137
  "CVE-2024-37079",
58038
60138
  "CVE-2024-42009",
60139
+ "CVE-2024-42478",
60140
+ "CVE-2024-42479",
58039
60141
  "CVE-2024-43468",
58040
60142
  "CVE-2024-50050",
58041
60143
  "CVE-2024-54085",
@@ -58250,6 +60352,7 @@
58250
60352
  "CVE-2026-33017",
58251
60353
  "CVE-2026-33634",
58252
60354
  "CVE-2026-33825",
60355
+ "CVE-2026-34159",
58253
60356
  "CVE-2026-34197",
58254
60357
  "CVE-2026-34621",
58255
60358
  "CVE-2026-34926",
@@ -58561,10 +60664,14 @@
58561
60664
  },
58562
60665
  "related_cves": [
58563
60666
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
60667
+ "CVE-2022-1471",
60668
+ "CVE-2023-43654",
58564
60669
  "CVE-2023-48022",
58565
60670
  "CVE-2024-0132",
58566
60671
  "CVE-2024-3094",
58567
60672
  "CVE-2024-3154",
60673
+ "CVE-2024-42478",
60674
+ "CVE-2024-42479",
58568
60675
  "CVE-2024-50050",
58569
60676
  "CVE-2025-10585",
58570
60677
  "CVE-2025-1094",
@@ -58596,6 +60703,7 @@
58596
60703
  "CVE-2026-30624",
58597
60704
  "CVE-2026-30625",
58598
60705
  "CVE-2026-31431",
60706
+ "CVE-2026-34159",
58599
60707
  "CVE-2026-34926",
58600
60708
  "CVE-2026-39884",
58601
60709
  "CVE-2026-40933",
@@ -59498,11 +61606,15 @@
59498
61606
  },
59499
61607
  "related_cves": [
59500
61608
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
61609
+ "CVE-2022-1471",
59501
61610
  "CVE-2023-43472",
61611
+ "CVE-2023-43654",
59502
61612
  "CVE-2023-48022",
59503
61613
  "CVE-2024-0132",
59504
61614
  "CVE-2024-3094",
59505
61615
  "CVE-2024-3154",
61616
+ "CVE-2024-42478",
61617
+ "CVE-2024-42479",
59506
61618
  "CVE-2024-50050",
59507
61619
  "CVE-2025-0133",
59508
61620
  "CVE-2025-10585",
@@ -59537,6 +61649,7 @@
59537
61649
  "CVE-2026-30624",
59538
61650
  "CVE-2026-30625",
59539
61651
  "CVE-2026-31431",
61652
+ "CVE-2026-34159",
59540
61653
  "CVE-2026-34926",
59541
61654
  "CVE-2026-39884",
59542
61655
  "CVE-2026-40933",
@@ -59601,8 +61714,12 @@
59601
61714
  "rfc_refs": []
59602
61715
  },
59603
61716
  "related_cves": [
61717
+ "CVE-2022-1471",
61718
+ "CVE-2023-43654",
59604
61719
  "CVE-2023-48022",
59605
61720
  "CVE-2024-0132",
61721
+ "CVE-2024-42478",
61722
+ "CVE-2024-42479",
59606
61723
  "CVE-2024-50050",
59607
61724
  "CVE-2025-10585",
59608
61725
  "CVE-2025-1094",
@@ -59631,6 +61748,7 @@
59631
61748
  "CVE-2026-30624",
59632
61749
  "CVE-2026-30625",
59633
61750
  "CVE-2026-31431",
61751
+ "CVE-2026-34159",
59634
61752
  "CVE-2026-34926",
59635
61753
  "CVE-2026-39884",
59636
61754
  "CVE-2026-40933",
@@ -59772,9 +61890,13 @@
59772
61890
  },
59773
61891
  "related_cves": [
59774
61892
  "BUG-2026-NIGHTMARE-ECLIPSE-UNDEFEND",
61893
+ "CVE-2022-1471",
59775
61894
  "CVE-2023-43472",
61895
+ "CVE-2023-43654",
59776
61896
  "CVE-2023-48022",
59777
61897
  "CVE-2024-0132",
61898
+ "CVE-2024-42478",
61899
+ "CVE-2024-42479",
59778
61900
  "CVE-2024-50050",
59779
61901
  "CVE-2025-0133",
59780
61902
  "CVE-2025-1094",
@@ -59806,6 +61928,7 @@
59806
61928
  "CVE-2026-30625",
59807
61929
  "CVE-2026-32202",
59808
61930
  "CVE-2026-33825",
61931
+ "CVE-2026-34159",
59809
61932
  "CVE-2026-39884",
59810
61933
  "CVE-2026-40933",
59811
61934
  "CVE-2026-42208"
@@ -60180,6 +62303,7 @@
60180
62303
  "CVE-2021-39935",
60181
62304
  "CVE-2021-43226",
60182
62305
  "CVE-2021-43798",
62306
+ "CVE-2022-1471",
60183
62307
  "CVE-2022-20775",
60184
62308
  "CVE-2022-37055",
60185
62309
  "CVE-2022-40799",
@@ -60194,6 +62318,7 @@
60194
62318
  "CVE-2023-39780",
60195
62319
  "CVE-2023-41974",
60196
62320
  "CVE-2023-43000",
62321
+ "CVE-2023-43654",
60197
62322
  "CVE-2023-50224",
60198
62323
  "CVE-2023-52163",
60199
62324
  "CVE-2024-0769",
@@ -60206,6 +62331,8 @@
60206
62331
  "CVE-2024-3094",
60207
62332
  "CVE-2024-37079",
60208
62333
  "CVE-2024-42009",
62334
+ "CVE-2024-42478",
62335
+ "CVE-2024-42479",
60209
62336
  "CVE-2024-43468",
60210
62337
  "CVE-2024-50050",
60211
62338
  "CVE-2024-54085",
@@ -60404,6 +62531,7 @@
60404
62531
  "CVE-2026-32201",
60405
62532
  "CVE-2026-33017",
60406
62533
  "CVE-2026-33634",
62534
+ "CVE-2026-34159",
60407
62535
  "CVE-2026-34197",
60408
62536
  "CVE-2026-34621",
60409
62537
  "CVE-2026-34926",
@@ -60638,11 +62766,15 @@
60638
62766
  },
60639
62767
  "related_cves": [
60640
62768
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
62769
+ "CVE-2022-1471",
60641
62770
  "CVE-2023-43472",
62771
+ "CVE-2023-43654",
60642
62772
  "CVE-2023-48022",
60643
62773
  "CVE-2024-0132",
60644
62774
  "CVE-2024-3094",
60645
62775
  "CVE-2024-3154",
62776
+ "CVE-2024-42478",
62777
+ "CVE-2024-42479",
60646
62778
  "CVE-2024-50050",
60647
62779
  "CVE-2025-0133",
60648
62780
  "CVE-2025-10585",
@@ -60677,6 +62809,7 @@
60677
62809
  "CVE-2026-30624",
60678
62810
  "CVE-2026-30625",
60679
62811
  "CVE-2026-31431",
62812
+ "CVE-2026-34159",
60680
62813
  "CVE-2026-34926",
60681
62814
  "CVE-2026-39884",
60682
62815
  "CVE-2026-40933",
@@ -60933,11 +63066,15 @@
60933
63066
  "related_cves": [
60934
63067
  "BUG-2026-NIGHTMARE-ECLIPSE-UNDEFEND",
60935
63068
  "BUG-2026-NIGHTMARE-ECLIPSE-YELLOWKEY",
63069
+ "CVE-2022-1471",
60936
63070
  "CVE-2023-43472",
63071
+ "CVE-2023-43654",
60937
63072
  "CVE-2023-48022",
60938
63073
  "CVE-2024-0132",
60939
63074
  "CVE-2024-3094",
60940
63075
  "CVE-2024-40635",
63076
+ "CVE-2024-42478",
63077
+ "CVE-2024-42479",
60941
63078
  "CVE-2024-50050",
60942
63079
  "CVE-2025-0133",
60943
63080
  "CVE-2025-1094",
@@ -60973,6 +63110,7 @@
60973
63110
  "CVE-2026-30625",
60974
63111
  "CVE-2026-32202",
60975
63112
  "CVE-2026-33825",
63113
+ "CVE-2026-34159",
60976
63114
  "CVE-2026-39884",
60977
63115
  "CVE-2026-40933",
60978
63116
  "CVE-2026-42208",