@blamejs/exceptd-skills 0.13.86 → 0.13.87

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +912 -0
  6. package/data/atlas-ttps.json +4 -0
  7. package/data/attack-techniques.json +6 -0
  8. package/data/cve-catalog.json +213 -0
  9. package/data/cwe-catalog.json +3 -0
  10. package/data/framework-control-gaps.json +16 -0
  11. package/data/zeroday-lessons.json +100 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/data/_indexes/chains.json CHANGED
@@ -28065,6 +28065,870 @@
28065
28065
  ]
28066
28066
  }
28067
28067
  },
28068
+ "CVE-2024-1561": {
28069
+ "name": "Gradio /component_server Local File Read (Hugging Face Spaces Secret Theft)",
28070
+ "rwep": 31,
28071
+ "cvss": 7.5,
28072
+ "cisa_kev": false,
28073
+ "epss_score": null,
28074
+ "referencing_skills": [
28075
+ "kernel-lpe-triage",
28076
+ "ai-attack-surface",
28077
+ "compliance-theater",
28078
+ "ai-c2-detection",
28079
+ "attack-surface-pentest",
28080
+ "dlp-gap-analysis",
28081
+ "ot-ics-security",
28082
+ "coordinated-vuln-disclosure",
28083
+ "sector-energy"
28084
+ ],
28085
+ "chain": {
28086
+ "cwes": [
28087
+ {
28088
+ "id": "CWE-1037",
28089
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
28090
+ "category": "Hardware / Side Channel"
28091
+ },
28092
+ {
28093
+ "id": "CWE-1039",
28094
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
28095
+ "category": "AI/ML"
28096
+ },
28097
+ {
28098
+ "id": "CWE-125",
28099
+ "name": "Out-of-bounds Read",
28100
+ "category": "Memory Safety"
28101
+ },
28102
+ {
28103
+ "id": "CWE-1357",
28104
+ "name": "Reliance on Insufficiently Trustworthy Component",
28105
+ "category": "Supply Chain"
28106
+ },
28107
+ {
28108
+ "id": "CWE-1395",
28109
+ "name": "Dependency on Vulnerable Third-Party Component",
28110
+ "category": "Supply Chain"
28111
+ },
28112
+ {
28113
+ "id": "CWE-1426",
28114
+ "name": "Improper Validation of Generative AI Output",
28115
+ "category": "AI/ML"
28116
+ },
28117
+ {
28118
+ "id": "CWE-200",
28119
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
28120
+ "category": "Information Exposure"
28121
+ },
28122
+ {
28123
+ "id": "CWE-22",
28124
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
28125
+ "category": "Path/Resource"
28126
+ },
28127
+ {
28128
+ "id": "CWE-269",
28129
+ "name": "Improper Privilege Management",
28130
+ "category": "Authorization"
28131
+ },
28132
+ {
28133
+ "id": "CWE-287",
28134
+ "name": "Improper Authentication",
28135
+ "category": "Authentication"
28136
+ },
28137
+ {
28138
+ "id": "CWE-306",
28139
+ "name": "Missing Authentication for Critical Function",
28140
+ "category": "Authentication"
28141
+ },
28142
+ {
28143
+ "id": "CWE-352",
28144
+ "name": "Cross-Site Request Forgery (CSRF)",
28145
+ "category": "Session"
28146
+ },
28147
+ {
28148
+ "id": "CWE-362",
28149
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
28150
+ "category": "Concurrency"
28151
+ },
28152
+ {
28153
+ "id": "CWE-416",
28154
+ "name": "Use After Free",
28155
+ "category": "Memory Safety"
28156
+ },
28157
+ {
28158
+ "id": "CWE-434",
28159
+ "name": "Unrestricted Upload of File with Dangerous Type",
28160
+ "category": "File Handling"
28161
+ },
28162
+ {
28163
+ "id": "CWE-672",
28164
+ "name": "Operation on a Resource after Expiration or Release",
28165
+ "category": "Memory Safety"
28166
+ },
28167
+ {
28168
+ "id": "CWE-732",
28169
+ "name": "Incorrect Permission Assignment for Critical Resource",
28170
+ "category": "Authorization"
28171
+ },
28172
+ {
28173
+ "id": "CWE-78",
28174
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
28175
+ "category": "Injection"
28176
+ },
28177
+ {
28178
+ "id": "CWE-787",
28179
+ "name": "Out-of-bounds Write",
28180
+ "category": "Memory Safety"
28181
+ },
28182
+ {
28183
+ "id": "CWE-79",
28184
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
28185
+ "category": "Injection"
28186
+ },
28187
+ {
28188
+ "id": "CWE-798",
28189
+ "name": "Use of Hard-coded Credentials",
28190
+ "category": "Credentials"
28191
+ },
28192
+ {
28193
+ "id": "CWE-89",
28194
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
28195
+ "category": "Injection"
28196
+ },
28197
+ {
28198
+ "id": "CWE-918",
28199
+ "name": "Server-Side Request Forgery (SSRF)",
28200
+ "category": "Network"
28201
+ },
28202
+ {
28203
+ "id": "CWE-94",
28204
+ "name": "Improper Control of Generation of Code (Code Injection)",
28205
+ "category": "Injection"
28206
+ }
28207
+ ],
28208
+ "atlas": [
28209
+ {
28210
+ "id": "AML.T0010",
28211
+ "name": "ML Supply Chain Compromise",
28212
+ "tactic": "Initial Access"
28213
+ },
28214
+ {
28215
+ "id": "AML.T0016",
28216
+ "name": "Obtain Capabilities: Develop Capabilities",
28217
+ "tactic": "Resource Development"
28218
+ },
28219
+ {
28220
+ "id": "AML.T0017",
28221
+ "name": "Discover ML Model Ontology",
28222
+ "tactic": "Discovery"
28223
+ },
28224
+ {
28225
+ "id": "AML.T0018",
28226
+ "name": "Backdoor ML Model",
28227
+ "tactic": "Persistence"
28228
+ },
28229
+ {
28230
+ "id": "AML.T0020",
28231
+ "name": "Poison Training Data",
28232
+ "tactic": "ML Attack Staging"
28233
+ },
28234
+ {
28235
+ "id": "AML.T0043",
28236
+ "name": "Craft Adversarial Data",
28237
+ "tactic": "ML Attack Staging"
28238
+ },
28239
+ {
28240
+ "id": "AML.T0051",
28241
+ "name": "LLM Prompt Injection",
28242
+ "tactic": "Execution"
28243
+ },
28244
+ {
28245
+ "id": "AML.T0054",
28246
+ "name": "LLM Jailbreak",
28247
+ "tactic": "Defense Evasion"
28248
+ },
28249
+ {
28250
+ "id": "AML.T0096",
28251
+ "name": "AI API as Covert C2 Channel",
28252
+ "tactic": "Command and Control"
28253
+ }
28254
+ ],
28255
+ "d3fend": [
28256
+ {
28257
+ "id": "D3-ASLR",
28258
+ "name": "Address Space Layout Randomization",
28259
+ "tactic": "Harden"
28260
+ },
28261
+ {
28262
+ "id": "D3-CA",
28263
+ "name": "Certificate Analysis",
28264
+ "tactic": "Detect"
28265
+ },
28266
+ {
28267
+ "id": "D3-CSPP",
28268
+ "name": "Client-server Payload Profiling",
28269
+ "tactic": "Detect"
28270
+ },
28271
+ {
28272
+ "id": "D3-DA",
28273
+ "name": "Domain Analysis",
28274
+ "tactic": "Detect"
28275
+ },
28276
+ {
28277
+ "id": "D3-EAL",
28278
+ "name": "Executable Allowlisting",
28279
+ "tactic": "Harden"
28280
+ },
28281
+ {
28282
+ "id": "D3-IOPR",
28283
+ "name": "Input/Output Profiling Resource",
28284
+ "tactic": "Detect"
28285
+ },
28286
+ {
28287
+ "id": "D3-NI",
28288
+ "name": "Network Isolation",
28289
+ "tactic": "Isolate"
28290
+ },
28291
+ {
28292
+ "id": "D3-NTA",
28293
+ "name": "Network Traffic Analysis",
28294
+ "tactic": "Detect"
28295
+ },
28296
+ {
28297
+ "id": "D3-NTPM",
28298
+ "name": "Network Traffic Policy Mapping",
28299
+ "tactic": "Model"
28300
+ },
28301
+ {
28302
+ "id": "D3-PHRA",
28303
+ "name": "Process Hardware Resource Access",
28304
+ "tactic": "Isolate"
28305
+ },
28306
+ {
28307
+ "id": "D3-PSEP",
28308
+ "name": "Process Segment Execution Prevention",
28309
+ "tactic": "Harden"
28310
+ }
28311
+ ],
28312
+ "framework_gaps": [
28313
+ {
28314
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
28315
+ "framework": "ALL",
28316
+ "control_name": "AI Pipeline Integrity"
28317
+ },
28318
+ {
28319
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
28320
+ "framework": "ALL",
28321
+ "control_name": "Prompt Injection as Access Control Failure"
28322
+ },
28323
+ {
28324
+ "id": "CIS-Controls-v8-Control7",
28325
+ "framework": "CIS Controls v8",
28326
+ "control_name": "Continuous Vulnerability Management"
28327
+ },
28328
+ {
28329
+ "id": "CMMC-2.0-Level-2",
28330
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
28331
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
28332
+ },
28333
+ {
28334
+ "id": "FedRAMP-Rev5-Moderate",
28335
+ "framework": "FedRAMP Rev 5 Moderate",
28336
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
28337
+ },
28338
+ {
28339
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
28340
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
28341
+ "control_name": "Access control standard (technical safeguards)"
28342
+ },
28343
+ {
28344
+ "id": "IEC-62443-3-3",
28345
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
28346
+ "control_name": "System security requirements and security levels"
28347
+ },
28348
+ {
28349
+ "id": "ISO-27001-2022-A.8.16",
28350
+ "framework": "ISO/IEC 27001:2022",
28351
+ "control_name": "Monitoring activities"
28352
+ },
28353
+ {
28354
+ "id": "ISO-27001-2022-A.8.28",
28355
+ "framework": "ISO/IEC 27001:2022",
28356
+ "control_name": "Secure coding"
28357
+ },
28358
+ {
28359
+ "id": "ISO-27001-2022-A.8.8",
28360
+ "framework": "ISO/IEC 27001:2022",
28361
+ "control_name": "Management of technical vulnerabilities"
28362
+ },
28363
+ {
28364
+ "id": "ISO-IEC-23894-2023-clause-7",
28365
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
28366
+ "control_name": "AI risk management process"
28367
+ },
28368
+ {
28369
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
28370
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
28371
+ "control_name": "AI risk assessment"
28372
+ },
28373
+ {
28374
+ "id": "NERC-CIP-007-6-R4",
28375
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
28376
+ "control_name": "Security event monitoring"
28377
+ },
28378
+ {
28379
+ "id": "NIS2-Art21-patch-management",
28380
+ "framework": "EU NIS2 Directive",
28381
+ "control_name": "Vulnerability handling and disclosure"
28382
+ },
28383
+ {
28384
+ "id": "NIST-800-115",
28385
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
28386
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
28387
+ },
28388
+ {
28389
+ "id": "NIST-800-218-SSDF",
28390
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
28391
+ "control_name": "Secure Software Development Framework"
28392
+ },
28393
+ {
28394
+ "id": "NIST-800-53-AC-2",
28395
+ "framework": "NIST SP 800-53 Rev 5",
28396
+ "control_name": "Account Management"
28397
+ },
28398
+ {
28399
+ "id": "NIST-800-53-SC-28",
28400
+ "framework": "NIST SP 800-53 Rev 5",
28401
+ "control_name": "Protection of Information at Rest"
28402
+ },
28403
+ {
28404
+ "id": "NIST-800-53-SC-7",
28405
+ "framework": "NIST SP 800-53 Rev 5",
28406
+ "control_name": "Boundary Protection"
28407
+ },
28408
+ {
28409
+ "id": "NIST-800-53-SC-8",
28410
+ "framework": "NIST SP 800-53 Rev 5",
28411
+ "control_name": "Transmission Confidentiality and Integrity"
28412
+ },
28413
+ {
28414
+ "id": "NIST-800-53-SI-2",
28415
+ "framework": "NIST SP 800-53 Rev 5",
28416
+ "control_name": "Flaw Remediation"
28417
+ },
28418
+ {
28419
+ "id": "NIST-800-53-SI-3",
28420
+ "framework": "NIST SP 800-53 Rev 5",
28421
+ "control_name": "Malicious Code Protection"
28422
+ },
28423
+ {
28424
+ "id": "NIST-800-82r3",
28425
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
28426
+ "control_name": "Guide to Operational Technology (OT) Security"
28427
+ },
28428
+ {
28429
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
28430
+ "framework": "OWASP Top 10 for LLM Applications 2025",
28431
+ "control_name": "Prompt Injection"
28432
+ },
28433
+ {
28434
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
28435
+ "framework": "OWASP Top 10 for LLM Applications 2025",
28436
+ "control_name": "Sensitive Information Disclosure"
28437
+ },
28438
+ {
28439
+ "id": "OWASP-Pen-Testing-Guide-v5",
28440
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
28441
+ "control_name": "Web application penetration testing methodology"
28442
+ },
28443
+ {
28444
+ "id": "PCI-DSS-4.0-6.3.3",
28445
+ "framework": "PCI DSS 4.0",
28446
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
28447
+ },
28448
+ {
28449
+ "id": "PTES-Pre-engagement",
28450
+ "framework": "Penetration Testing Execution Standard (PTES)",
28451
+ "control_name": "Pre-engagement Interactions"
28452
+ },
28453
+ {
28454
+ "id": "SOC2-CC6-logical-access",
28455
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
28456
+ "control_name": "Logical and Physical Access Controls"
28457
+ },
28458
+ {
28459
+ "id": "SOC2-CC7-anomaly-detection",
28460
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
28461
+ "control_name": "System Operations — Threat and Vulnerability Management"
28462
+ },
28463
+ {
28464
+ "id": "SOC2-CC9-vendor-management",
28465
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
28466
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
28467
+ }
28468
+ ],
28469
+ "attack_refs": [
28470
+ "T0855",
28471
+ "T0883",
28472
+ "T1041",
28473
+ "T1059",
28474
+ "T1068",
28475
+ "T1071",
28476
+ "T1078",
28477
+ "T1102",
28478
+ "T1133",
28479
+ "T1190",
28480
+ "T1213",
28481
+ "T1530",
28482
+ "T1548.001",
28483
+ "T1566",
28484
+ "T1567",
28485
+ "T1568"
28486
+ ],
28487
+ "rfc_refs": [
28488
+ "RFC-4301",
28489
+ "RFC-4303",
28490
+ "RFC-7296",
28491
+ "RFC-8446",
28492
+ "RFC-9000",
28493
+ "RFC-9114",
28494
+ "RFC-9180",
28495
+ "RFC-9421",
28496
+ "RFC-9458"
28497
+ ]
28498
+ }
28499
+ },
28500
+ "CVE-2023-51449": {
28501
+ "name": "Gradio /file Route Path Traversal and SSRF Arbitrary File Read",
28502
+ "rwep": 31,
28503
+ "cvss": 7.5,
28504
+ "cisa_kev": false,
28505
+ "epss_score": null,
28506
+ "referencing_skills": [
28507
+ "kernel-lpe-triage",
28508
+ "ai-attack-surface",
28509
+ "compliance-theater",
28510
+ "ai-c2-detection",
28511
+ "attack-surface-pentest",
28512
+ "dlp-gap-analysis",
28513
+ "ot-ics-security",
28514
+ "coordinated-vuln-disclosure",
28515
+ "sector-energy"
28516
+ ],
28517
+ "chain": {
28518
+ "cwes": [
28519
+ {
28520
+ "id": "CWE-1037",
28521
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
28522
+ "category": "Hardware / Side Channel"
28523
+ },
28524
+ {
28525
+ "id": "CWE-1039",
28526
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
28527
+ "category": "AI/ML"
28528
+ },
28529
+ {
28530
+ "id": "CWE-125",
28531
+ "name": "Out-of-bounds Read",
28532
+ "category": "Memory Safety"
28533
+ },
28534
+ {
28535
+ "id": "CWE-1357",
28536
+ "name": "Reliance on Insufficiently Trustworthy Component",
28537
+ "category": "Supply Chain"
28538
+ },
28539
+ {
28540
+ "id": "CWE-1395",
28541
+ "name": "Dependency on Vulnerable Third-Party Component",
28542
+ "category": "Supply Chain"
28543
+ },
28544
+ {
28545
+ "id": "CWE-1426",
28546
+ "name": "Improper Validation of Generative AI Output",
28547
+ "category": "AI/ML"
28548
+ },
28549
+ {
28550
+ "id": "CWE-200",
28551
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
28552
+ "category": "Information Exposure"
28553
+ },
28554
+ {
28555
+ "id": "CWE-22",
28556
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
28557
+ "category": "Path/Resource"
28558
+ },
28559
+ {
28560
+ "id": "CWE-269",
28561
+ "name": "Improper Privilege Management",
28562
+ "category": "Authorization"
28563
+ },
28564
+ {
28565
+ "id": "CWE-287",
28566
+ "name": "Improper Authentication",
28567
+ "category": "Authentication"
28568
+ },
28569
+ {
28570
+ "id": "CWE-306",
28571
+ "name": "Missing Authentication for Critical Function",
28572
+ "category": "Authentication"
28573
+ },
28574
+ {
28575
+ "id": "CWE-352",
28576
+ "name": "Cross-Site Request Forgery (CSRF)",
28577
+ "category": "Session"
28578
+ },
28579
+ {
28580
+ "id": "CWE-362",
28581
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
28582
+ "category": "Concurrency"
28583
+ },
28584
+ {
28585
+ "id": "CWE-416",
28586
+ "name": "Use After Free",
28587
+ "category": "Memory Safety"
28588
+ },
28589
+ {
28590
+ "id": "CWE-434",
28591
+ "name": "Unrestricted Upload of File with Dangerous Type",
28592
+ "category": "File Handling"
28593
+ },
28594
+ {
28595
+ "id": "CWE-672",
28596
+ "name": "Operation on a Resource after Expiration or Release",
28597
+ "category": "Memory Safety"
28598
+ },
28599
+ {
28600
+ "id": "CWE-732",
28601
+ "name": "Incorrect Permission Assignment for Critical Resource",
28602
+ "category": "Authorization"
28603
+ },
28604
+ {
28605
+ "id": "CWE-78",
28606
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
28607
+ "category": "Injection"
28608
+ },
28609
+ {
28610
+ "id": "CWE-787",
28611
+ "name": "Out-of-bounds Write",
28612
+ "category": "Memory Safety"
28613
+ },
28614
+ {
28615
+ "id": "CWE-79",
28616
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
28617
+ "category": "Injection"
28618
+ },
28619
+ {
28620
+ "id": "CWE-798",
28621
+ "name": "Use of Hard-coded Credentials",
28622
+ "category": "Credentials"
28623
+ },
28624
+ {
28625
+ "id": "CWE-89",
28626
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
28627
+ "category": "Injection"
28628
+ },
28629
+ {
28630
+ "id": "CWE-918",
28631
+ "name": "Server-Side Request Forgery (SSRF)",
28632
+ "category": "Network"
28633
+ },
28634
+ {
28635
+ "id": "CWE-94",
28636
+ "name": "Improper Control of Generation of Code (Code Injection)",
28637
+ "category": "Injection"
28638
+ }
28639
+ ],
28640
+ "atlas": [
28641
+ {
28642
+ "id": "AML.T0010",
28643
+ "name": "ML Supply Chain Compromise",
28644
+ "tactic": "Initial Access"
28645
+ },
28646
+ {
28647
+ "id": "AML.T0016",
28648
+ "name": "Obtain Capabilities: Develop Capabilities",
28649
+ "tactic": "Resource Development"
28650
+ },
28651
+ {
28652
+ "id": "AML.T0017",
28653
+ "name": "Discover ML Model Ontology",
28654
+ "tactic": "Discovery"
28655
+ },
28656
+ {
28657
+ "id": "AML.T0018",
28658
+ "name": "Backdoor ML Model",
28659
+ "tactic": "Persistence"
28660
+ },
28661
+ {
28662
+ "id": "AML.T0020",
28663
+ "name": "Poison Training Data",
28664
+ "tactic": "ML Attack Staging"
28665
+ },
28666
+ {
28667
+ "id": "AML.T0043",
28668
+ "name": "Craft Adversarial Data",
28669
+ "tactic": "ML Attack Staging"
28670
+ },
28671
+ {
28672
+ "id": "AML.T0051",
28673
+ "name": "LLM Prompt Injection",
28674
+ "tactic": "Execution"
28675
+ },
28676
+ {
28677
+ "id": "AML.T0054",
28678
+ "name": "LLM Jailbreak",
28679
+ "tactic": "Defense Evasion"
28680
+ },
28681
+ {
28682
+ "id": "AML.T0096",
28683
+ "name": "AI API as Covert C2 Channel",
28684
+ "tactic": "Command and Control"
28685
+ }
28686
+ ],
28687
+ "d3fend": [
28688
+ {
28689
+ "id": "D3-ASLR",
28690
+ "name": "Address Space Layout Randomization",
28691
+ "tactic": "Harden"
28692
+ },
28693
+ {
28694
+ "id": "D3-CA",
28695
+ "name": "Certificate Analysis",
28696
+ "tactic": "Detect"
28697
+ },
28698
+ {
28699
+ "id": "D3-CSPP",
28700
+ "name": "Client-server Payload Profiling",
28701
+ "tactic": "Detect"
28702
+ },
28703
+ {
28704
+ "id": "D3-DA",
28705
+ "name": "Domain Analysis",
28706
+ "tactic": "Detect"
28707
+ },
28708
+ {
28709
+ "id": "D3-EAL",
28710
+ "name": "Executable Allowlisting",
28711
+ "tactic": "Harden"
28712
+ },
28713
+ {
28714
+ "id": "D3-IOPR",
28715
+ "name": "Input/Output Profiling Resource",
28716
+ "tactic": "Detect"
28717
+ },
28718
+ {
28719
+ "id": "D3-NI",
28720
+ "name": "Network Isolation",
28721
+ "tactic": "Isolate"
28722
+ },
28723
+ {
28724
+ "id": "D3-NTA",
28725
+ "name": "Network Traffic Analysis",
28726
+ "tactic": "Detect"
28727
+ },
28728
+ {
28729
+ "id": "D3-NTPM",
28730
+ "name": "Network Traffic Policy Mapping",
28731
+ "tactic": "Model"
28732
+ },
28733
+ {
28734
+ "id": "D3-PHRA",
28735
+ "name": "Process Hardware Resource Access",
28736
+ "tactic": "Isolate"
28737
+ },
28738
+ {
28739
+ "id": "D3-PSEP",
28740
+ "name": "Process Segment Execution Prevention",
28741
+ "tactic": "Harden"
28742
+ }
28743
+ ],
28744
+ "framework_gaps": [
28745
+ {
28746
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
28747
+ "framework": "ALL",
28748
+ "control_name": "AI Pipeline Integrity"
28749
+ },
28750
+ {
28751
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
28752
+ "framework": "ALL",
28753
+ "control_name": "Prompt Injection as Access Control Failure"
28754
+ },
28755
+ {
28756
+ "id": "CIS-Controls-v8-Control7",
28757
+ "framework": "CIS Controls v8",
28758
+ "control_name": "Continuous Vulnerability Management"
28759
+ },
28760
+ {
28761
+ "id": "CMMC-2.0-Level-2",
28762
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
28763
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
28764
+ },
28765
+ {
28766
+ "id": "FedRAMP-Rev5-Moderate",
28767
+ "framework": "FedRAMP Rev 5 Moderate",
28768
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
28769
+ },
28770
+ {
28771
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
28772
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
28773
+ "control_name": "Access control standard (technical safeguards)"
28774
+ },
28775
+ {
28776
+ "id": "IEC-62443-3-3",
28777
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
28778
+ "control_name": "System security requirements and security levels"
28779
+ },
28780
+ {
28781
+ "id": "ISO-27001-2022-A.8.16",
28782
+ "framework": "ISO/IEC 27001:2022",
28783
+ "control_name": "Monitoring activities"
28784
+ },
28785
+ {
28786
+ "id": "ISO-27001-2022-A.8.28",
28787
+ "framework": "ISO/IEC 27001:2022",
28788
+ "control_name": "Secure coding"
28789
+ },
28790
+ {
28791
+ "id": "ISO-27001-2022-A.8.8",
28792
+ "framework": "ISO/IEC 27001:2022",
28793
+ "control_name": "Management of technical vulnerabilities"
28794
+ },
28795
+ {
28796
+ "id": "ISO-IEC-23894-2023-clause-7",
28797
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
28798
+ "control_name": "AI risk management process"
28799
+ },
28800
+ {
28801
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
28802
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
28803
+ "control_name": "AI risk assessment"
28804
+ },
28805
+ {
28806
+ "id": "NERC-CIP-007-6-R4",
28807
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
28808
+ "control_name": "Security event monitoring"
28809
+ },
28810
+ {
28811
+ "id": "NIS2-Art21-patch-management",
28812
+ "framework": "EU NIS2 Directive",
28813
+ "control_name": "Vulnerability handling and disclosure"
28814
+ },
28815
+ {
28816
+ "id": "NIST-800-115",
28817
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
28818
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
28819
+ },
28820
+ {
28821
+ "id": "NIST-800-218-SSDF",
28822
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
28823
+ "control_name": "Secure Software Development Framework"
28824
+ },
28825
+ {
28826
+ "id": "NIST-800-53-AC-2",
28827
+ "framework": "NIST SP 800-53 Rev 5",
28828
+ "control_name": "Account Management"
28829
+ },
28830
+ {
28831
+ "id": "NIST-800-53-SC-28",
28832
+ "framework": "NIST SP 800-53 Rev 5",
28833
+ "control_name": "Protection of Information at Rest"
28834
+ },
28835
+ {
28836
+ "id": "NIST-800-53-SC-7",
28837
+ "framework": "NIST SP 800-53 Rev 5",
28838
+ "control_name": "Boundary Protection"
28839
+ },
28840
+ {
28841
+ "id": "NIST-800-53-SC-8",
28842
+ "framework": "NIST SP 800-53 Rev 5",
28843
+ "control_name": "Transmission Confidentiality and Integrity"
28844
+ },
28845
+ {
28846
+ "id": "NIST-800-53-SI-2",
28847
+ "framework": "NIST SP 800-53 Rev 5",
28848
+ "control_name": "Flaw Remediation"
28849
+ },
28850
+ {
28851
+ "id": "NIST-800-53-SI-3",
28852
+ "framework": "NIST SP 800-53 Rev 5",
28853
+ "control_name": "Malicious Code Protection"
28854
+ },
28855
+ {
28856
+ "id": "NIST-800-82r3",
28857
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
28858
+ "control_name": "Guide to Operational Technology (OT) Security"
28859
+ },
28860
+ {
28861
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
28862
+ "framework": "OWASP Top 10 for LLM Applications 2025",
28863
+ "control_name": "Prompt Injection"
28864
+ },
28865
+ {
28866
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
28867
+ "framework": "OWASP Top 10 for LLM Applications 2025",
28868
+ "control_name": "Sensitive Information Disclosure"
28869
+ },
28870
+ {
28871
+ "id": "OWASP-Pen-Testing-Guide-v5",
28872
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
28873
+ "control_name": "Web application penetration testing methodology"
28874
+ },
28875
+ {
28876
+ "id": "PCI-DSS-4.0-6.3.3",
28877
+ "framework": "PCI DSS 4.0",
28878
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
28879
+ },
28880
+ {
28881
+ "id": "PTES-Pre-engagement",
28882
+ "framework": "Penetration Testing Execution Standard (PTES)",
28883
+ "control_name": "Pre-engagement Interactions"
28884
+ },
28885
+ {
28886
+ "id": "SOC2-CC6-logical-access",
28887
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
28888
+ "control_name": "Logical and Physical Access Controls"
28889
+ },
28890
+ {
28891
+ "id": "SOC2-CC7-anomaly-detection",
28892
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
28893
+ "control_name": "System Operations — Threat and Vulnerability Management"
28894
+ },
28895
+ {
28896
+ "id": "SOC2-CC9-vendor-management",
28897
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
28898
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
28899
+ }
28900
+ ],
28901
+ "attack_refs": [
28902
+ "T0855",
28903
+ "T0883",
28904
+ "T1041",
28905
+ "T1059",
28906
+ "T1068",
28907
+ "T1071",
28908
+ "T1078",
28909
+ "T1102",
28910
+ "T1133",
28911
+ "T1190",
28912
+ "T1213",
28913
+ "T1530",
28914
+ "T1548.001",
28915
+ "T1566",
28916
+ "T1567",
28917
+ "T1568"
28918
+ ],
28919
+ "rfc_refs": [
28920
+ "RFC-4301",
28921
+ "RFC-4303",
28922
+ "RFC-7296",
28923
+ "RFC-8446",
28924
+ "RFC-9000",
28925
+ "RFC-9114",
28926
+ "RFC-9180",
28927
+ "RFC-9421",
28928
+ "RFC-9458"
28929
+ ]
28930
+ }
28931
+ },
28068
28932
  "CVE-2026-41091": {
28069
28933
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
28070
28934
  "rwep": 45,
@@ -54444,7 +55308,9 @@
54444
55308
  "CVE-2023-43472",
54445
55309
  "CVE-2023-43654",
54446
55310
  "CVE-2023-48022",
55311
+ "CVE-2023-51449",
54447
55312
  "CVE-2024-0132",
55313
+ "CVE-2024-1561",
54448
55314
  "CVE-2024-3094",
54449
55315
  "CVE-2024-3154",
54450
55316
  "CVE-2024-37032",
@@ -54824,7 +55690,9 @@
54824
55690
  "CVE-2023-43472",
54825
55691
  "CVE-2023-43654",
54826
55692
  "CVE-2023-48022",
55693
+ "CVE-2023-51449",
54827
55694
  "CVE-2024-0132",
55695
+ "CVE-2024-1561",
54828
55696
  "CVE-2024-37032",
54829
55697
  "CVE-2024-39722",
54830
55698
  "CVE-2024-42478",
@@ -54995,7 +55863,9 @@
54995
55863
  "CVE-2023-43472",
54996
55864
  "CVE-2023-43654",
54997
55865
  "CVE-2023-48022",
55866
+ "CVE-2023-51449",
54998
55867
  "CVE-2024-0132",
55868
+ "CVE-2024-1561",
54999
55869
  "CVE-2024-37032",
55000
55870
  "CVE-2024-39722",
55001
55871
  "CVE-2024-42478",
@@ -55180,7 +56050,9 @@
55180
56050
  "CVE-2023-43472",
55181
56051
  "CVE-2023-43654",
55182
56052
  "CVE-2023-48022",
56053
+ "CVE-2023-51449",
55183
56054
  "CVE-2024-0132",
56055
+ "CVE-2024-1561",
55184
56056
  "CVE-2024-37032",
55185
56057
  "CVE-2024-39722",
55186
56058
  "CVE-2024-42478",
@@ -55469,7 +56341,9 @@
55469
56341
  "CVE-2023-43472",
55470
56342
  "CVE-2023-43654",
55471
56343
  "CVE-2023-48022",
56344
+ "CVE-2023-51449",
55472
56345
  "CVE-2024-0132",
56346
+ "CVE-2024-1561",
55473
56347
  "CVE-2024-3094",
55474
56348
  "CVE-2024-3154",
55475
56349
  "CVE-2024-37032",
@@ -55713,11 +56587,13 @@
55713
56587
  "CVE-2023-43654",
55714
56588
  "CVE-2023-48022",
55715
56589
  "CVE-2023-50224",
56590
+ "CVE-2023-51449",
55716
56591
  "CVE-2023-52163",
55717
56592
  "CVE-2024-0132",
55718
56593
  "CVE-2024-0769",
55719
56594
  "CVE-2024-11182",
55720
56595
  "CVE-2024-12987",
56596
+ "CVE-2024-1561",
55721
56597
  "CVE-2024-1708",
55722
56598
  "CVE-2024-21762",
55723
56599
  "CVE-2024-27199",
@@ -56177,7 +57053,9 @@
56177
57053
  "BUG-2026-NIGHTMARE-ECLIPSE-YELLOWKEY",
56178
57054
  "CVE-2023-43472",
56179
57055
  "CVE-2023-48022",
57056
+ "CVE-2023-51449",
56180
57057
  "CVE-2024-0132",
57058
+ "CVE-2024-1561",
56181
57059
  "CVE-2024-3094",
56182
57060
  "CVE-2024-3154",
56183
57061
  "CVE-2024-40635",
@@ -56541,7 +57419,9 @@
56541
57419
  "CVE-2023-43472",
56542
57420
  "CVE-2023-43654",
56543
57421
  "CVE-2023-48022",
57422
+ "CVE-2023-51449",
56544
57423
  "CVE-2024-0132",
57424
+ "CVE-2024-1561",
56545
57425
  "CVE-2024-3094",
56546
57426
  "CVE-2024-3154",
56547
57427
  "CVE-2024-37032",
@@ -57151,7 +58031,9 @@
57151
58031
  "CVE-2023-43472",
57152
58032
  "CVE-2023-43654",
57153
58033
  "CVE-2023-48022",
58034
+ "CVE-2023-51449",
57154
58035
  "CVE-2024-0132",
58036
+ "CVE-2024-1561",
57155
58037
  "CVE-2024-3094",
57156
58038
  "CVE-2024-3154",
57157
58039
  "CVE-2024-37032",
@@ -57399,7 +58281,9 @@
57399
58281
  "CVE-2022-1471",
57400
58282
  "CVE-2023-43654",
57401
58283
  "CVE-2023-48022",
58284
+ "CVE-2023-51449",
57402
58285
  "CVE-2024-0132",
58286
+ "CVE-2024-1561",
57403
58287
  "CVE-2024-3094",
57404
58288
  "CVE-2024-37032",
57405
58289
  "CVE-2024-39722",
@@ -58073,7 +58957,9 @@
58073
58957
  "CVE-2023-43472",
58074
58958
  "CVE-2023-43654",
58075
58959
  "CVE-2023-48022",
58960
+ "CVE-2023-51449",
58076
58961
  "CVE-2024-0132",
58962
+ "CVE-2024-1561",
58077
58963
  "CVE-2024-3094",
58078
58964
  "CVE-2024-3154",
58079
58965
  "CVE-2024-37032",
@@ -58324,11 +59210,13 @@
58324
59210
  "CVE-2023-43654",
58325
59211
  "CVE-2023-48022",
58326
59212
  "CVE-2023-50224",
59213
+ "CVE-2023-51449",
58327
59214
  "CVE-2023-52163",
58328
59215
  "CVE-2024-0132",
58329
59216
  "CVE-2024-0769",
58330
59217
  "CVE-2024-11182",
58331
59218
  "CVE-2024-12987",
59219
+ "CVE-2024-1561",
58332
59220
  "CVE-2024-1708",
58333
59221
  "CVE-2024-21762",
58334
59222
  "CVE-2024-27199",
@@ -58755,11 +59643,13 @@
58755
59643
  "CVE-2023-43654",
58756
59644
  "CVE-2023-48022",
58757
59645
  "CVE-2023-50224",
59646
+ "CVE-2023-51449",
58758
59647
  "CVE-2023-52163",
58759
59648
  "CVE-2024-0132",
58760
59649
  "CVE-2024-0769",
58761
59650
  "CVE-2024-11182",
58762
59651
  "CVE-2024-12987",
59652
+ "CVE-2024-1561",
58763
59653
  "CVE-2024-1708",
58764
59654
  "CVE-2024-21762",
58765
59655
  "CVE-2024-27199",
@@ -59218,7 +60108,9 @@
59218
60108
  "CVE-2023-43472",
59219
60109
  "CVE-2023-43654",
59220
60110
  "CVE-2023-48022",
60111
+ "CVE-2023-51449",
59221
60112
  "CVE-2024-0132",
60113
+ "CVE-2024-1561",
59222
60114
  "CVE-2024-3094",
59223
60115
  "CVE-2024-3154",
59224
60116
  "CVE-2024-37032",
@@ -60021,11 +60913,13 @@
60021
60913
  "CVE-2023-43654",
60022
60914
  "CVE-2023-48022",
60023
60915
  "CVE-2023-50224",
60916
+ "CVE-2023-51449",
60024
60917
  "CVE-2023-52163",
60025
60918
  "CVE-2024-0132",
60026
60919
  "CVE-2024-0769",
60027
60920
  "CVE-2024-11182",
60028
60921
  "CVE-2024-12987",
60922
+ "CVE-2024-1561",
60029
60923
  "CVE-2024-1708",
60030
60924
  "CVE-2024-21762",
60031
60925
  "CVE-2024-27199",
@@ -60548,7 +61442,9 @@
60548
61442
  "CVE-2023-43472",
60549
61443
  "CVE-2023-43654",
60550
61444
  "CVE-2023-48022",
61445
+ "CVE-2023-51449",
60551
61446
  "CVE-2024-0132",
61447
+ "CVE-2024-1561",
60552
61448
  "CVE-2024-3094",
60553
61449
  "CVE-2024-3154",
60554
61450
  "CVE-2024-37032",
@@ -60877,11 +61773,13 @@
60877
61773
  "CVE-2023-43654",
60878
61774
  "CVE-2023-48022",
60879
61775
  "CVE-2023-50224",
61776
+ "CVE-2023-51449",
60880
61777
  "CVE-2023-52163",
60881
61778
  "CVE-2024-0132",
60882
61779
  "CVE-2024-0769",
60883
61780
  "CVE-2024-11182",
60884
61781
  "CVE-2024-12987",
61782
+ "CVE-2024-1561",
60885
61783
  "CVE-2024-1708",
60886
61784
  "CVE-2024-21762",
60887
61785
  "CVE-2024-27199",
@@ -61423,7 +62321,9 @@
61423
62321
  "CVE-2022-1471",
61424
62322
  "CVE-2023-43654",
61425
62323
  "CVE-2023-48022",
62324
+ "CVE-2023-51449",
61426
62325
  "CVE-2024-0132",
62326
+ "CVE-2024-1561",
61427
62327
  "CVE-2024-3094",
61428
62328
  "CVE-2024-3154",
61429
62329
  "CVE-2024-37032",
@@ -62368,7 +63268,9 @@
62368
63268
  "CVE-2023-43472",
62369
63269
  "CVE-2023-43654",
62370
63270
  "CVE-2023-48022",
63271
+ "CVE-2023-51449",
62371
63272
  "CVE-2024-0132",
63273
+ "CVE-2024-1561",
62372
63274
  "CVE-2024-3094",
62373
63275
  "CVE-2024-3154",
62374
63276
  "CVE-2024-37032",
@@ -62477,7 +63379,9 @@
62477
63379
  "CVE-2022-1471",
62478
63380
  "CVE-2023-43654",
62479
63381
  "CVE-2023-48022",
63382
+ "CVE-2023-51449",
62480
63383
  "CVE-2024-0132",
63384
+ "CVE-2024-1561",
62481
63385
  "CVE-2024-37032",
62482
63386
  "CVE-2024-39722",
62483
63387
  "CVE-2024-42478",
@@ -62656,7 +63560,9 @@
62656
63560
  "CVE-2023-43472",
62657
63561
  "CVE-2023-43654",
62658
63562
  "CVE-2023-48022",
63563
+ "CVE-2023-51449",
62659
63564
  "CVE-2024-0132",
63565
+ "CVE-2024-1561",
62660
63566
  "CVE-2024-37032",
62661
63567
  "CVE-2024-39722",
62662
63568
  "CVE-2024-42478",
@@ -63084,10 +63990,12 @@
63084
63990
  "CVE-2023-43000",
63085
63991
  "CVE-2023-43654",
63086
63992
  "CVE-2023-50224",
63993
+ "CVE-2023-51449",
63087
63994
  "CVE-2023-52163",
63088
63995
  "CVE-2024-0769",
63089
63996
  "CVE-2024-11182",
63090
63997
  "CVE-2024-12987",
63998
+ "CVE-2024-1561",
63091
63999
  "CVE-2024-1708",
63092
64000
  "CVE-2024-21762",
63093
64001
  "CVE-2024-27199",
@@ -63536,7 +64444,9 @@
63536
64444
  "CVE-2023-43472",
63537
64445
  "CVE-2023-43654",
63538
64446
  "CVE-2023-48022",
64447
+ "CVE-2023-51449",
63539
64448
  "CVE-2024-0132",
64449
+ "CVE-2024-1561",
63540
64450
  "CVE-2024-3094",
63541
64451
  "CVE-2024-3154",
63542
64452
  "CVE-2024-37032",
@@ -63838,7 +64748,9 @@
63838
64748
  "CVE-2023-43472",
63839
64749
  "CVE-2023-43654",
63840
64750
  "CVE-2023-48022",
64751
+ "CVE-2023-51449",
63841
64752
  "CVE-2024-0132",
64753
+ "CVE-2024-1561",
63842
64754
  "CVE-2024-3094",
63843
64755
  "CVE-2024-37032",
63844
64756
  "CVE-2024-39722",