@blamejs/exceptd-skills 0.13.87 → 0.13.88
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +4 -0
- package/data/_indexes/_meta.json +9 -9
- package/data/_indexes/activity-feed.json +2 -2
- package/data/_indexes/catalog-summaries.json +2 -2
- package/data/_indexes/chains.json +1155 -0
- package/data/atlas-ttps.json +9 -0
- package/data/attack-techniques.json +9 -0
- package/data/cve-catalog.json +321 -0
- package/data/cwe-catalog.json +3 -0
- package/data/framework-control-gaps.json +24 -0
- package/data/zeroday-lessons.json +150 -0
- package/manifest.json +44 -44
- package/package.json +2 -2
- package/sbom.cdx.json +25 -25
|
@@ -28929,6 +28929,1092 @@
|
|
|
28929
28929
|
]
|
|
28930
28930
|
}
|
|
28931
28931
|
},
|
|
28932
|
+
"CVE-2024-11392": {
|
|
28933
|
+
"name": "Hugging Face Transformers MobileViTV2 Deserialization Remote Code Execution",
|
|
28934
|
+
"rwep": 33,
|
|
28935
|
+
"cvss": 8.8,
|
|
28936
|
+
"cisa_kev": false,
|
|
28937
|
+
"epss_score": null,
|
|
28938
|
+
"referencing_skills": [
|
|
28939
|
+
"kernel-lpe-triage",
|
|
28940
|
+
"ai-attack-surface",
|
|
28941
|
+
"compliance-theater",
|
|
28942
|
+
"attack-surface-pentest",
|
|
28943
|
+
"ot-ics-security",
|
|
28944
|
+
"coordinated-vuln-disclosure",
|
|
28945
|
+
"sector-energy"
|
|
28946
|
+
],
|
|
28947
|
+
"chain": {
|
|
28948
|
+
"cwes": [
|
|
28949
|
+
{
|
|
28950
|
+
"id": "CWE-1037",
|
|
28951
|
+
"name": "Processor Optimization Removal or Modification of Security-critical Code",
|
|
28952
|
+
"category": "Hardware / Side Channel"
|
|
28953
|
+
},
|
|
28954
|
+
{
|
|
28955
|
+
"id": "CWE-1039",
|
|
28956
|
+
"name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
|
|
28957
|
+
"category": "AI/ML"
|
|
28958
|
+
},
|
|
28959
|
+
{
|
|
28960
|
+
"id": "CWE-125",
|
|
28961
|
+
"name": "Out-of-bounds Read",
|
|
28962
|
+
"category": "Memory Safety"
|
|
28963
|
+
},
|
|
28964
|
+
{
|
|
28965
|
+
"id": "CWE-1357",
|
|
28966
|
+
"name": "Reliance on Insufficiently Trustworthy Component",
|
|
28967
|
+
"category": "Supply Chain"
|
|
28968
|
+
},
|
|
28969
|
+
{
|
|
28970
|
+
"id": "CWE-1395",
|
|
28971
|
+
"name": "Dependency on Vulnerable Third-Party Component",
|
|
28972
|
+
"category": "Supply Chain"
|
|
28973
|
+
},
|
|
28974
|
+
{
|
|
28975
|
+
"id": "CWE-1426",
|
|
28976
|
+
"name": "Improper Validation of Generative AI Output",
|
|
28977
|
+
"category": "AI/ML"
|
|
28978
|
+
},
|
|
28979
|
+
{
|
|
28980
|
+
"id": "CWE-22",
|
|
28981
|
+
"name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
|
|
28982
|
+
"category": "Path/Resource"
|
|
28983
|
+
},
|
|
28984
|
+
{
|
|
28985
|
+
"id": "CWE-269",
|
|
28986
|
+
"name": "Improper Privilege Management",
|
|
28987
|
+
"category": "Authorization"
|
|
28988
|
+
},
|
|
28989
|
+
{
|
|
28990
|
+
"id": "CWE-287",
|
|
28991
|
+
"name": "Improper Authentication",
|
|
28992
|
+
"category": "Authentication"
|
|
28993
|
+
},
|
|
28994
|
+
{
|
|
28995
|
+
"id": "CWE-306",
|
|
28996
|
+
"name": "Missing Authentication for Critical Function",
|
|
28997
|
+
"category": "Authentication"
|
|
28998
|
+
},
|
|
28999
|
+
{
|
|
29000
|
+
"id": "CWE-352",
|
|
29001
|
+
"name": "Cross-Site Request Forgery (CSRF)",
|
|
29002
|
+
"category": "Session"
|
|
29003
|
+
},
|
|
29004
|
+
{
|
|
29005
|
+
"id": "CWE-362",
|
|
29006
|
+
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
|
|
29007
|
+
"category": "Concurrency"
|
|
29008
|
+
},
|
|
29009
|
+
{
|
|
29010
|
+
"id": "CWE-416",
|
|
29011
|
+
"name": "Use After Free",
|
|
29012
|
+
"category": "Memory Safety"
|
|
29013
|
+
},
|
|
29014
|
+
{
|
|
29015
|
+
"id": "CWE-434",
|
|
29016
|
+
"name": "Unrestricted Upload of File with Dangerous Type",
|
|
29017
|
+
"category": "File Handling"
|
|
29018
|
+
},
|
|
29019
|
+
{
|
|
29020
|
+
"id": "CWE-672",
|
|
29021
|
+
"name": "Operation on a Resource after Expiration or Release",
|
|
29022
|
+
"category": "Memory Safety"
|
|
29023
|
+
},
|
|
29024
|
+
{
|
|
29025
|
+
"id": "CWE-732",
|
|
29026
|
+
"name": "Incorrect Permission Assignment for Critical Resource",
|
|
29027
|
+
"category": "Authorization"
|
|
29028
|
+
},
|
|
29029
|
+
{
|
|
29030
|
+
"id": "CWE-78",
|
|
29031
|
+
"name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
|
|
29032
|
+
"category": "Injection"
|
|
29033
|
+
},
|
|
29034
|
+
{
|
|
29035
|
+
"id": "CWE-787",
|
|
29036
|
+
"name": "Out-of-bounds Write",
|
|
29037
|
+
"category": "Memory Safety"
|
|
29038
|
+
},
|
|
29039
|
+
{
|
|
29040
|
+
"id": "CWE-79",
|
|
29041
|
+
"name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
|
|
29042
|
+
"category": "Injection"
|
|
29043
|
+
},
|
|
29044
|
+
{
|
|
29045
|
+
"id": "CWE-798",
|
|
29046
|
+
"name": "Use of Hard-coded Credentials",
|
|
29047
|
+
"category": "Credentials"
|
|
29048
|
+
},
|
|
29049
|
+
{
|
|
29050
|
+
"id": "CWE-89",
|
|
29051
|
+
"name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
|
|
29052
|
+
"category": "Injection"
|
|
29053
|
+
},
|
|
29054
|
+
{
|
|
29055
|
+
"id": "CWE-918",
|
|
29056
|
+
"name": "Server-Side Request Forgery (SSRF)",
|
|
29057
|
+
"category": "Network"
|
|
29058
|
+
},
|
|
29059
|
+
{
|
|
29060
|
+
"id": "CWE-94",
|
|
29061
|
+
"name": "Improper Control of Generation of Code (Code Injection)",
|
|
29062
|
+
"category": "Injection"
|
|
29063
|
+
}
|
|
29064
|
+
],
|
|
29065
|
+
"atlas": [
|
|
29066
|
+
{
|
|
29067
|
+
"id": "AML.T0010",
|
|
29068
|
+
"name": "ML Supply Chain Compromise",
|
|
29069
|
+
"tactic": "Initial Access"
|
|
29070
|
+
},
|
|
29071
|
+
{
|
|
29072
|
+
"id": "AML.T0016",
|
|
29073
|
+
"name": "Obtain Capabilities: Develop Capabilities",
|
|
29074
|
+
"tactic": "Resource Development"
|
|
29075
|
+
},
|
|
29076
|
+
{
|
|
29077
|
+
"id": "AML.T0017",
|
|
29078
|
+
"name": "Discover ML Model Ontology",
|
|
29079
|
+
"tactic": "Discovery"
|
|
29080
|
+
},
|
|
29081
|
+
{
|
|
29082
|
+
"id": "AML.T0018",
|
|
29083
|
+
"name": "Backdoor ML Model",
|
|
29084
|
+
"tactic": "Persistence"
|
|
29085
|
+
},
|
|
29086
|
+
{
|
|
29087
|
+
"id": "AML.T0020",
|
|
29088
|
+
"name": "Poison Training Data",
|
|
29089
|
+
"tactic": "ML Attack Staging"
|
|
29090
|
+
},
|
|
29091
|
+
{
|
|
29092
|
+
"id": "AML.T0043",
|
|
29093
|
+
"name": "Craft Adversarial Data",
|
|
29094
|
+
"tactic": "ML Attack Staging"
|
|
29095
|
+
},
|
|
29096
|
+
{
|
|
29097
|
+
"id": "AML.T0051",
|
|
29098
|
+
"name": "LLM Prompt Injection",
|
|
29099
|
+
"tactic": "Execution"
|
|
29100
|
+
},
|
|
29101
|
+
{
|
|
29102
|
+
"id": "AML.T0054",
|
|
29103
|
+
"name": "LLM Jailbreak",
|
|
29104
|
+
"tactic": "Defense Evasion"
|
|
29105
|
+
},
|
|
29106
|
+
{
|
|
29107
|
+
"id": "AML.T0096",
|
|
29108
|
+
"name": "AI API as Covert C2 Channel",
|
|
29109
|
+
"tactic": "Command and Control"
|
|
29110
|
+
}
|
|
29111
|
+
],
|
|
29112
|
+
"d3fend": [
|
|
29113
|
+
{
|
|
29114
|
+
"id": "D3-ASLR",
|
|
29115
|
+
"name": "Address Space Layout Randomization",
|
|
29116
|
+
"tactic": "Harden"
|
|
29117
|
+
},
|
|
29118
|
+
{
|
|
29119
|
+
"id": "D3-CSPP",
|
|
29120
|
+
"name": "Client-server Payload Profiling",
|
|
29121
|
+
"tactic": "Detect"
|
|
29122
|
+
},
|
|
29123
|
+
{
|
|
29124
|
+
"id": "D3-EAL",
|
|
29125
|
+
"name": "Executable Allowlisting",
|
|
29126
|
+
"tactic": "Harden"
|
|
29127
|
+
},
|
|
29128
|
+
{
|
|
29129
|
+
"id": "D3-IOPR",
|
|
29130
|
+
"name": "Input/Output Profiling Resource",
|
|
29131
|
+
"tactic": "Detect"
|
|
29132
|
+
},
|
|
29133
|
+
{
|
|
29134
|
+
"id": "D3-NTA",
|
|
29135
|
+
"name": "Network Traffic Analysis",
|
|
29136
|
+
"tactic": "Detect"
|
|
29137
|
+
},
|
|
29138
|
+
{
|
|
29139
|
+
"id": "D3-PHRA",
|
|
29140
|
+
"name": "Process Hardware Resource Access",
|
|
29141
|
+
"tactic": "Isolate"
|
|
29142
|
+
},
|
|
29143
|
+
{
|
|
29144
|
+
"id": "D3-PSEP",
|
|
29145
|
+
"name": "Process Segment Execution Prevention",
|
|
29146
|
+
"tactic": "Harden"
|
|
29147
|
+
}
|
|
29148
|
+
],
|
|
29149
|
+
"framework_gaps": [
|
|
29150
|
+
{
|
|
29151
|
+
"id": "ALL-AI-PIPELINE-INTEGRITY",
|
|
29152
|
+
"framework": "ALL",
|
|
29153
|
+
"control_name": "AI Pipeline Integrity"
|
|
29154
|
+
},
|
|
29155
|
+
{
|
|
29156
|
+
"id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
|
|
29157
|
+
"framework": "ALL",
|
|
29158
|
+
"control_name": "Prompt Injection as Access Control Failure"
|
|
29159
|
+
},
|
|
29160
|
+
{
|
|
29161
|
+
"id": "CIS-Controls-v8-Control7",
|
|
29162
|
+
"framework": "CIS Controls v8",
|
|
29163
|
+
"control_name": "Continuous Vulnerability Management"
|
|
29164
|
+
},
|
|
29165
|
+
{
|
|
29166
|
+
"id": "CMMC-2.0-Level-2",
|
|
29167
|
+
"framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
|
|
29168
|
+
"control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
|
|
29169
|
+
},
|
|
29170
|
+
{
|
|
29171
|
+
"id": "FedRAMP-Rev5-Moderate",
|
|
29172
|
+
"framework": "FedRAMP Rev 5 Moderate",
|
|
29173
|
+
"control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
|
|
29174
|
+
},
|
|
29175
|
+
{
|
|
29176
|
+
"id": "IEC-62443-3-3",
|
|
29177
|
+
"framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
|
|
29178
|
+
"control_name": "System security requirements and security levels"
|
|
29179
|
+
},
|
|
29180
|
+
{
|
|
29181
|
+
"id": "ISO-27001-2022-A.8.28",
|
|
29182
|
+
"framework": "ISO/IEC 27001:2022",
|
|
29183
|
+
"control_name": "Secure coding"
|
|
29184
|
+
},
|
|
29185
|
+
{
|
|
29186
|
+
"id": "ISO-27001-2022-A.8.8",
|
|
29187
|
+
"framework": "ISO/IEC 27001:2022",
|
|
29188
|
+
"control_name": "Management of technical vulnerabilities"
|
|
29189
|
+
},
|
|
29190
|
+
{
|
|
29191
|
+
"id": "ISO-IEC-23894-2023-clause-7",
|
|
29192
|
+
"framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
|
|
29193
|
+
"control_name": "AI risk management process"
|
|
29194
|
+
},
|
|
29195
|
+
{
|
|
29196
|
+
"id": "NERC-CIP-007-6-R4",
|
|
29197
|
+
"framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
|
|
29198
|
+
"control_name": "Security event monitoring"
|
|
29199
|
+
},
|
|
29200
|
+
{
|
|
29201
|
+
"id": "NIS2-Art21-patch-management",
|
|
29202
|
+
"framework": "EU NIS2 Directive",
|
|
29203
|
+
"control_name": "Vulnerability handling and disclosure"
|
|
29204
|
+
},
|
|
29205
|
+
{
|
|
29206
|
+
"id": "NIST-800-115",
|
|
29207
|
+
"framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
|
|
29208
|
+
"control_name": "Technical Guide to Information Security Testing and Assessment"
|
|
29209
|
+
},
|
|
29210
|
+
{
|
|
29211
|
+
"id": "NIST-800-218-SSDF",
|
|
29212
|
+
"framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
|
|
29213
|
+
"control_name": "Secure Software Development Framework"
|
|
29214
|
+
},
|
|
29215
|
+
{
|
|
29216
|
+
"id": "NIST-800-53-AC-2",
|
|
29217
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
29218
|
+
"control_name": "Account Management"
|
|
29219
|
+
},
|
|
29220
|
+
{
|
|
29221
|
+
"id": "NIST-800-53-SC-8",
|
|
29222
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
29223
|
+
"control_name": "Transmission Confidentiality and Integrity"
|
|
29224
|
+
},
|
|
29225
|
+
{
|
|
29226
|
+
"id": "NIST-800-53-SI-2",
|
|
29227
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
29228
|
+
"control_name": "Flaw Remediation"
|
|
29229
|
+
},
|
|
29230
|
+
{
|
|
29231
|
+
"id": "NIST-800-53-SI-3",
|
|
29232
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
29233
|
+
"control_name": "Malicious Code Protection"
|
|
29234
|
+
},
|
|
29235
|
+
{
|
|
29236
|
+
"id": "NIST-800-82r3",
|
|
29237
|
+
"framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
|
|
29238
|
+
"control_name": "Guide to Operational Technology (OT) Security"
|
|
29239
|
+
},
|
|
29240
|
+
{
|
|
29241
|
+
"id": "OWASP-LLM-Top-10-2025-LLM01",
|
|
29242
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
29243
|
+
"control_name": "Prompt Injection"
|
|
29244
|
+
},
|
|
29245
|
+
{
|
|
29246
|
+
"id": "OWASP-LLM-Top-10-2025-LLM02",
|
|
29247
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
29248
|
+
"control_name": "Sensitive Information Disclosure"
|
|
29249
|
+
},
|
|
29250
|
+
{
|
|
29251
|
+
"id": "OWASP-Pen-Testing-Guide-v5",
|
|
29252
|
+
"framework": "OWASP Web Security Testing Guide v5 (WSTG)",
|
|
29253
|
+
"control_name": "Web application penetration testing methodology"
|
|
29254
|
+
},
|
|
29255
|
+
{
|
|
29256
|
+
"id": "PCI-DSS-4.0-6.3.3",
|
|
29257
|
+
"framework": "PCI DSS 4.0",
|
|
29258
|
+
"control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
|
|
29259
|
+
},
|
|
29260
|
+
{
|
|
29261
|
+
"id": "PTES-Pre-engagement",
|
|
29262
|
+
"framework": "Penetration Testing Execution Standard (PTES)",
|
|
29263
|
+
"control_name": "Pre-engagement Interactions"
|
|
29264
|
+
},
|
|
29265
|
+
{
|
|
29266
|
+
"id": "SOC2-CC6-logical-access",
|
|
29267
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
29268
|
+
"control_name": "Logical and Physical Access Controls"
|
|
29269
|
+
},
|
|
29270
|
+
{
|
|
29271
|
+
"id": "SOC2-CC9-vendor-management",
|
|
29272
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
29273
|
+
"control_name": "Risk Mitigation — Vendor and Business Partner Risk"
|
|
29274
|
+
}
|
|
29275
|
+
],
|
|
29276
|
+
"attack_refs": [
|
|
29277
|
+
"T0855",
|
|
29278
|
+
"T0883",
|
|
29279
|
+
"T1059",
|
|
29280
|
+
"T1068",
|
|
29281
|
+
"T1078",
|
|
29282
|
+
"T1133",
|
|
29283
|
+
"T1190",
|
|
29284
|
+
"T1548.001",
|
|
29285
|
+
"T1566"
|
|
29286
|
+
],
|
|
29287
|
+
"rfc_refs": [
|
|
29288
|
+
"RFC-4301",
|
|
29289
|
+
"RFC-4303",
|
|
29290
|
+
"RFC-7296"
|
|
29291
|
+
]
|
|
29292
|
+
}
|
|
29293
|
+
},
|
|
29294
|
+
"CVE-2024-11393": {
|
|
29295
|
+
"name": "Hugging Face Transformers MaskFormer Deserialization Remote Code Execution",
|
|
29296
|
+
"rwep": 33,
|
|
29297
|
+
"cvss": 8.8,
|
|
29298
|
+
"cisa_kev": false,
|
|
29299
|
+
"epss_score": null,
|
|
29300
|
+
"referencing_skills": [
|
|
29301
|
+
"kernel-lpe-triage",
|
|
29302
|
+
"ai-attack-surface",
|
|
29303
|
+
"compliance-theater",
|
|
29304
|
+
"attack-surface-pentest",
|
|
29305
|
+
"ot-ics-security",
|
|
29306
|
+
"coordinated-vuln-disclosure",
|
|
29307
|
+
"sector-energy"
|
|
29308
|
+
],
|
|
29309
|
+
"chain": {
|
|
29310
|
+
"cwes": [
|
|
29311
|
+
{
|
|
29312
|
+
"id": "CWE-1037",
|
|
29313
|
+
"name": "Processor Optimization Removal or Modification of Security-critical Code",
|
|
29314
|
+
"category": "Hardware / Side Channel"
|
|
29315
|
+
},
|
|
29316
|
+
{
|
|
29317
|
+
"id": "CWE-1039",
|
|
29318
|
+
"name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
|
|
29319
|
+
"category": "AI/ML"
|
|
29320
|
+
},
|
|
29321
|
+
{
|
|
29322
|
+
"id": "CWE-125",
|
|
29323
|
+
"name": "Out-of-bounds Read",
|
|
29324
|
+
"category": "Memory Safety"
|
|
29325
|
+
},
|
|
29326
|
+
{
|
|
29327
|
+
"id": "CWE-1357",
|
|
29328
|
+
"name": "Reliance on Insufficiently Trustworthy Component",
|
|
29329
|
+
"category": "Supply Chain"
|
|
29330
|
+
},
|
|
29331
|
+
{
|
|
29332
|
+
"id": "CWE-1395",
|
|
29333
|
+
"name": "Dependency on Vulnerable Third-Party Component",
|
|
29334
|
+
"category": "Supply Chain"
|
|
29335
|
+
},
|
|
29336
|
+
{
|
|
29337
|
+
"id": "CWE-1426",
|
|
29338
|
+
"name": "Improper Validation of Generative AI Output",
|
|
29339
|
+
"category": "AI/ML"
|
|
29340
|
+
},
|
|
29341
|
+
{
|
|
29342
|
+
"id": "CWE-22",
|
|
29343
|
+
"name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
|
|
29344
|
+
"category": "Path/Resource"
|
|
29345
|
+
},
|
|
29346
|
+
{
|
|
29347
|
+
"id": "CWE-269",
|
|
29348
|
+
"name": "Improper Privilege Management",
|
|
29349
|
+
"category": "Authorization"
|
|
29350
|
+
},
|
|
29351
|
+
{
|
|
29352
|
+
"id": "CWE-287",
|
|
29353
|
+
"name": "Improper Authentication",
|
|
29354
|
+
"category": "Authentication"
|
|
29355
|
+
},
|
|
29356
|
+
{
|
|
29357
|
+
"id": "CWE-306",
|
|
29358
|
+
"name": "Missing Authentication for Critical Function",
|
|
29359
|
+
"category": "Authentication"
|
|
29360
|
+
},
|
|
29361
|
+
{
|
|
29362
|
+
"id": "CWE-352",
|
|
29363
|
+
"name": "Cross-Site Request Forgery (CSRF)",
|
|
29364
|
+
"category": "Session"
|
|
29365
|
+
},
|
|
29366
|
+
{
|
|
29367
|
+
"id": "CWE-362",
|
|
29368
|
+
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
|
|
29369
|
+
"category": "Concurrency"
|
|
29370
|
+
},
|
|
29371
|
+
{
|
|
29372
|
+
"id": "CWE-416",
|
|
29373
|
+
"name": "Use After Free",
|
|
29374
|
+
"category": "Memory Safety"
|
|
29375
|
+
},
|
|
29376
|
+
{
|
|
29377
|
+
"id": "CWE-434",
|
|
29378
|
+
"name": "Unrestricted Upload of File with Dangerous Type",
|
|
29379
|
+
"category": "File Handling"
|
|
29380
|
+
},
|
|
29381
|
+
{
|
|
29382
|
+
"id": "CWE-672",
|
|
29383
|
+
"name": "Operation on a Resource after Expiration or Release",
|
|
29384
|
+
"category": "Memory Safety"
|
|
29385
|
+
},
|
|
29386
|
+
{
|
|
29387
|
+
"id": "CWE-732",
|
|
29388
|
+
"name": "Incorrect Permission Assignment for Critical Resource",
|
|
29389
|
+
"category": "Authorization"
|
|
29390
|
+
},
|
|
29391
|
+
{
|
|
29392
|
+
"id": "CWE-78",
|
|
29393
|
+
"name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
|
|
29394
|
+
"category": "Injection"
|
|
29395
|
+
},
|
|
29396
|
+
{
|
|
29397
|
+
"id": "CWE-787",
|
|
29398
|
+
"name": "Out-of-bounds Write",
|
|
29399
|
+
"category": "Memory Safety"
|
|
29400
|
+
},
|
|
29401
|
+
{
|
|
29402
|
+
"id": "CWE-79",
|
|
29403
|
+
"name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
|
|
29404
|
+
"category": "Injection"
|
|
29405
|
+
},
|
|
29406
|
+
{
|
|
29407
|
+
"id": "CWE-798",
|
|
29408
|
+
"name": "Use of Hard-coded Credentials",
|
|
29409
|
+
"category": "Credentials"
|
|
29410
|
+
},
|
|
29411
|
+
{
|
|
29412
|
+
"id": "CWE-89",
|
|
29413
|
+
"name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
|
|
29414
|
+
"category": "Injection"
|
|
29415
|
+
},
|
|
29416
|
+
{
|
|
29417
|
+
"id": "CWE-918",
|
|
29418
|
+
"name": "Server-Side Request Forgery (SSRF)",
|
|
29419
|
+
"category": "Network"
|
|
29420
|
+
},
|
|
29421
|
+
{
|
|
29422
|
+
"id": "CWE-94",
|
|
29423
|
+
"name": "Improper Control of Generation of Code (Code Injection)",
|
|
29424
|
+
"category": "Injection"
|
|
29425
|
+
}
|
|
29426
|
+
],
|
|
29427
|
+
"atlas": [
|
|
29428
|
+
{
|
|
29429
|
+
"id": "AML.T0010",
|
|
29430
|
+
"name": "ML Supply Chain Compromise",
|
|
29431
|
+
"tactic": "Initial Access"
|
|
29432
|
+
},
|
|
29433
|
+
{
|
|
29434
|
+
"id": "AML.T0016",
|
|
29435
|
+
"name": "Obtain Capabilities: Develop Capabilities",
|
|
29436
|
+
"tactic": "Resource Development"
|
|
29437
|
+
},
|
|
29438
|
+
{
|
|
29439
|
+
"id": "AML.T0017",
|
|
29440
|
+
"name": "Discover ML Model Ontology",
|
|
29441
|
+
"tactic": "Discovery"
|
|
29442
|
+
},
|
|
29443
|
+
{
|
|
29444
|
+
"id": "AML.T0018",
|
|
29445
|
+
"name": "Backdoor ML Model",
|
|
29446
|
+
"tactic": "Persistence"
|
|
29447
|
+
},
|
|
29448
|
+
{
|
|
29449
|
+
"id": "AML.T0020",
|
|
29450
|
+
"name": "Poison Training Data",
|
|
29451
|
+
"tactic": "ML Attack Staging"
|
|
29452
|
+
},
|
|
29453
|
+
{
|
|
29454
|
+
"id": "AML.T0043",
|
|
29455
|
+
"name": "Craft Adversarial Data",
|
|
29456
|
+
"tactic": "ML Attack Staging"
|
|
29457
|
+
},
|
|
29458
|
+
{
|
|
29459
|
+
"id": "AML.T0051",
|
|
29460
|
+
"name": "LLM Prompt Injection",
|
|
29461
|
+
"tactic": "Execution"
|
|
29462
|
+
},
|
|
29463
|
+
{
|
|
29464
|
+
"id": "AML.T0054",
|
|
29465
|
+
"name": "LLM Jailbreak",
|
|
29466
|
+
"tactic": "Defense Evasion"
|
|
29467
|
+
},
|
|
29468
|
+
{
|
|
29469
|
+
"id": "AML.T0096",
|
|
29470
|
+
"name": "AI API as Covert C2 Channel",
|
|
29471
|
+
"tactic": "Command and Control"
|
|
29472
|
+
}
|
|
29473
|
+
],
|
|
29474
|
+
"d3fend": [
|
|
29475
|
+
{
|
|
29476
|
+
"id": "D3-ASLR",
|
|
29477
|
+
"name": "Address Space Layout Randomization",
|
|
29478
|
+
"tactic": "Harden"
|
|
29479
|
+
},
|
|
29480
|
+
{
|
|
29481
|
+
"id": "D3-CSPP",
|
|
29482
|
+
"name": "Client-server Payload Profiling",
|
|
29483
|
+
"tactic": "Detect"
|
|
29484
|
+
},
|
|
29485
|
+
{
|
|
29486
|
+
"id": "D3-EAL",
|
|
29487
|
+
"name": "Executable Allowlisting",
|
|
29488
|
+
"tactic": "Harden"
|
|
29489
|
+
},
|
|
29490
|
+
{
|
|
29491
|
+
"id": "D3-IOPR",
|
|
29492
|
+
"name": "Input/Output Profiling Resource",
|
|
29493
|
+
"tactic": "Detect"
|
|
29494
|
+
},
|
|
29495
|
+
{
|
|
29496
|
+
"id": "D3-NTA",
|
|
29497
|
+
"name": "Network Traffic Analysis",
|
|
29498
|
+
"tactic": "Detect"
|
|
29499
|
+
},
|
|
29500
|
+
{
|
|
29501
|
+
"id": "D3-PHRA",
|
|
29502
|
+
"name": "Process Hardware Resource Access",
|
|
29503
|
+
"tactic": "Isolate"
|
|
29504
|
+
},
|
|
29505
|
+
{
|
|
29506
|
+
"id": "D3-PSEP",
|
|
29507
|
+
"name": "Process Segment Execution Prevention",
|
|
29508
|
+
"tactic": "Harden"
|
|
29509
|
+
}
|
|
29510
|
+
],
|
|
29511
|
+
"framework_gaps": [
|
|
29512
|
+
{
|
|
29513
|
+
"id": "ALL-AI-PIPELINE-INTEGRITY",
|
|
29514
|
+
"framework": "ALL",
|
|
29515
|
+
"control_name": "AI Pipeline Integrity"
|
|
29516
|
+
},
|
|
29517
|
+
{
|
|
29518
|
+
"id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
|
|
29519
|
+
"framework": "ALL",
|
|
29520
|
+
"control_name": "Prompt Injection as Access Control Failure"
|
|
29521
|
+
},
|
|
29522
|
+
{
|
|
29523
|
+
"id": "CIS-Controls-v8-Control7",
|
|
29524
|
+
"framework": "CIS Controls v8",
|
|
29525
|
+
"control_name": "Continuous Vulnerability Management"
|
|
29526
|
+
},
|
|
29527
|
+
{
|
|
29528
|
+
"id": "CMMC-2.0-Level-2",
|
|
29529
|
+
"framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
|
|
29530
|
+
"control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
|
|
29531
|
+
},
|
|
29532
|
+
{
|
|
29533
|
+
"id": "FedRAMP-Rev5-Moderate",
|
|
29534
|
+
"framework": "FedRAMP Rev 5 Moderate",
|
|
29535
|
+
"control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
|
|
29536
|
+
},
|
|
29537
|
+
{
|
|
29538
|
+
"id": "IEC-62443-3-3",
|
|
29539
|
+
"framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
|
|
29540
|
+
"control_name": "System security requirements and security levels"
|
|
29541
|
+
},
|
|
29542
|
+
{
|
|
29543
|
+
"id": "ISO-27001-2022-A.8.28",
|
|
29544
|
+
"framework": "ISO/IEC 27001:2022",
|
|
29545
|
+
"control_name": "Secure coding"
|
|
29546
|
+
},
|
|
29547
|
+
{
|
|
29548
|
+
"id": "ISO-27001-2022-A.8.8",
|
|
29549
|
+
"framework": "ISO/IEC 27001:2022",
|
|
29550
|
+
"control_name": "Management of technical vulnerabilities"
|
|
29551
|
+
},
|
|
29552
|
+
{
|
|
29553
|
+
"id": "ISO-IEC-23894-2023-clause-7",
|
|
29554
|
+
"framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
|
|
29555
|
+
"control_name": "AI risk management process"
|
|
29556
|
+
},
|
|
29557
|
+
{
|
|
29558
|
+
"id": "NERC-CIP-007-6-R4",
|
|
29559
|
+
"framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
|
|
29560
|
+
"control_name": "Security event monitoring"
|
|
29561
|
+
},
|
|
29562
|
+
{
|
|
29563
|
+
"id": "NIS2-Art21-patch-management",
|
|
29564
|
+
"framework": "EU NIS2 Directive",
|
|
29565
|
+
"control_name": "Vulnerability handling and disclosure"
|
|
29566
|
+
},
|
|
29567
|
+
{
|
|
29568
|
+
"id": "NIST-800-115",
|
|
29569
|
+
"framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
|
|
29570
|
+
"control_name": "Technical Guide to Information Security Testing and Assessment"
|
|
29571
|
+
},
|
|
29572
|
+
{
|
|
29573
|
+
"id": "NIST-800-218-SSDF",
|
|
29574
|
+
"framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
|
|
29575
|
+
"control_name": "Secure Software Development Framework"
|
|
29576
|
+
},
|
|
29577
|
+
{
|
|
29578
|
+
"id": "NIST-800-53-AC-2",
|
|
29579
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
29580
|
+
"control_name": "Account Management"
|
|
29581
|
+
},
|
|
29582
|
+
{
|
|
29583
|
+
"id": "NIST-800-53-SC-8",
|
|
29584
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
29585
|
+
"control_name": "Transmission Confidentiality and Integrity"
|
|
29586
|
+
},
|
|
29587
|
+
{
|
|
29588
|
+
"id": "NIST-800-53-SI-2",
|
|
29589
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
29590
|
+
"control_name": "Flaw Remediation"
|
|
29591
|
+
},
|
|
29592
|
+
{
|
|
29593
|
+
"id": "NIST-800-53-SI-3",
|
|
29594
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
29595
|
+
"control_name": "Malicious Code Protection"
|
|
29596
|
+
},
|
|
29597
|
+
{
|
|
29598
|
+
"id": "NIST-800-82r3",
|
|
29599
|
+
"framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
|
|
29600
|
+
"control_name": "Guide to Operational Technology (OT) Security"
|
|
29601
|
+
},
|
|
29602
|
+
{
|
|
29603
|
+
"id": "OWASP-LLM-Top-10-2025-LLM01",
|
|
29604
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
29605
|
+
"control_name": "Prompt Injection"
|
|
29606
|
+
},
|
|
29607
|
+
{
|
|
29608
|
+
"id": "OWASP-LLM-Top-10-2025-LLM02",
|
|
29609
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
29610
|
+
"control_name": "Sensitive Information Disclosure"
|
|
29611
|
+
},
|
|
29612
|
+
{
|
|
29613
|
+
"id": "OWASP-Pen-Testing-Guide-v5",
|
|
29614
|
+
"framework": "OWASP Web Security Testing Guide v5 (WSTG)",
|
|
29615
|
+
"control_name": "Web application penetration testing methodology"
|
|
29616
|
+
},
|
|
29617
|
+
{
|
|
29618
|
+
"id": "PCI-DSS-4.0-6.3.3",
|
|
29619
|
+
"framework": "PCI DSS 4.0",
|
|
29620
|
+
"control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
|
|
29621
|
+
},
|
|
29622
|
+
{
|
|
29623
|
+
"id": "PTES-Pre-engagement",
|
|
29624
|
+
"framework": "Penetration Testing Execution Standard (PTES)",
|
|
29625
|
+
"control_name": "Pre-engagement Interactions"
|
|
29626
|
+
},
|
|
29627
|
+
{
|
|
29628
|
+
"id": "SOC2-CC6-logical-access",
|
|
29629
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
29630
|
+
"control_name": "Logical and Physical Access Controls"
|
|
29631
|
+
},
|
|
29632
|
+
{
|
|
29633
|
+
"id": "SOC2-CC9-vendor-management",
|
|
29634
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
29635
|
+
"control_name": "Risk Mitigation — Vendor and Business Partner Risk"
|
|
29636
|
+
}
|
|
29637
|
+
],
|
|
29638
|
+
"attack_refs": [
|
|
29639
|
+
"T0855",
|
|
29640
|
+
"T0883",
|
|
29641
|
+
"T1059",
|
|
29642
|
+
"T1068",
|
|
29643
|
+
"T1078",
|
|
29644
|
+
"T1133",
|
|
29645
|
+
"T1190",
|
|
29646
|
+
"T1548.001",
|
|
29647
|
+
"T1566"
|
|
29648
|
+
],
|
|
29649
|
+
"rfc_refs": [
|
|
29650
|
+
"RFC-4301",
|
|
29651
|
+
"RFC-4303",
|
|
29652
|
+
"RFC-7296"
|
|
29653
|
+
]
|
|
29654
|
+
}
|
|
29655
|
+
},
|
|
29656
|
+
"CVE-2024-11394": {
|
|
29657
|
+
"name": "Hugging Face Transformers Trax Deserialization Remote Code Execution",
|
|
29658
|
+
"rwep": 33,
|
|
29659
|
+
"cvss": 8.8,
|
|
29660
|
+
"cisa_kev": false,
|
|
29661
|
+
"epss_score": null,
|
|
29662
|
+
"referencing_skills": [
|
|
29663
|
+
"kernel-lpe-triage",
|
|
29664
|
+
"ai-attack-surface",
|
|
29665
|
+
"compliance-theater",
|
|
29666
|
+
"attack-surface-pentest",
|
|
29667
|
+
"ot-ics-security",
|
|
29668
|
+
"coordinated-vuln-disclosure",
|
|
29669
|
+
"sector-energy"
|
|
29670
|
+
],
|
|
29671
|
+
"chain": {
|
|
29672
|
+
"cwes": [
|
|
29673
|
+
{
|
|
29674
|
+
"id": "CWE-1037",
|
|
29675
|
+
"name": "Processor Optimization Removal or Modification of Security-critical Code",
|
|
29676
|
+
"category": "Hardware / Side Channel"
|
|
29677
|
+
},
|
|
29678
|
+
{
|
|
29679
|
+
"id": "CWE-1039",
|
|
29680
|
+
"name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
|
|
29681
|
+
"category": "AI/ML"
|
|
29682
|
+
},
|
|
29683
|
+
{
|
|
29684
|
+
"id": "CWE-125",
|
|
29685
|
+
"name": "Out-of-bounds Read",
|
|
29686
|
+
"category": "Memory Safety"
|
|
29687
|
+
},
|
|
29688
|
+
{
|
|
29689
|
+
"id": "CWE-1357",
|
|
29690
|
+
"name": "Reliance on Insufficiently Trustworthy Component",
|
|
29691
|
+
"category": "Supply Chain"
|
|
29692
|
+
},
|
|
29693
|
+
{
|
|
29694
|
+
"id": "CWE-1395",
|
|
29695
|
+
"name": "Dependency on Vulnerable Third-Party Component",
|
|
29696
|
+
"category": "Supply Chain"
|
|
29697
|
+
},
|
|
29698
|
+
{
|
|
29699
|
+
"id": "CWE-1426",
|
|
29700
|
+
"name": "Improper Validation of Generative AI Output",
|
|
29701
|
+
"category": "AI/ML"
|
|
29702
|
+
},
|
|
29703
|
+
{
|
|
29704
|
+
"id": "CWE-22",
|
|
29705
|
+
"name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
|
|
29706
|
+
"category": "Path/Resource"
|
|
29707
|
+
},
|
|
29708
|
+
{
|
|
29709
|
+
"id": "CWE-269",
|
|
29710
|
+
"name": "Improper Privilege Management",
|
|
29711
|
+
"category": "Authorization"
|
|
29712
|
+
},
|
|
29713
|
+
{
|
|
29714
|
+
"id": "CWE-287",
|
|
29715
|
+
"name": "Improper Authentication",
|
|
29716
|
+
"category": "Authentication"
|
|
29717
|
+
},
|
|
29718
|
+
{
|
|
29719
|
+
"id": "CWE-306",
|
|
29720
|
+
"name": "Missing Authentication for Critical Function",
|
|
29721
|
+
"category": "Authentication"
|
|
29722
|
+
},
|
|
29723
|
+
{
|
|
29724
|
+
"id": "CWE-352",
|
|
29725
|
+
"name": "Cross-Site Request Forgery (CSRF)",
|
|
29726
|
+
"category": "Session"
|
|
29727
|
+
},
|
|
29728
|
+
{
|
|
29729
|
+
"id": "CWE-362",
|
|
29730
|
+
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
|
|
29731
|
+
"category": "Concurrency"
|
|
29732
|
+
},
|
|
29733
|
+
{
|
|
29734
|
+
"id": "CWE-416",
|
|
29735
|
+
"name": "Use After Free",
|
|
29736
|
+
"category": "Memory Safety"
|
|
29737
|
+
},
|
|
29738
|
+
{
|
|
29739
|
+
"id": "CWE-434",
|
|
29740
|
+
"name": "Unrestricted Upload of File with Dangerous Type",
|
|
29741
|
+
"category": "File Handling"
|
|
29742
|
+
},
|
|
29743
|
+
{
|
|
29744
|
+
"id": "CWE-672",
|
|
29745
|
+
"name": "Operation on a Resource after Expiration or Release",
|
|
29746
|
+
"category": "Memory Safety"
|
|
29747
|
+
},
|
|
29748
|
+
{
|
|
29749
|
+
"id": "CWE-732",
|
|
29750
|
+
"name": "Incorrect Permission Assignment for Critical Resource",
|
|
29751
|
+
"category": "Authorization"
|
|
29752
|
+
},
|
|
29753
|
+
{
|
|
29754
|
+
"id": "CWE-78",
|
|
29755
|
+
"name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
|
|
29756
|
+
"category": "Injection"
|
|
29757
|
+
},
|
|
29758
|
+
{
|
|
29759
|
+
"id": "CWE-787",
|
|
29760
|
+
"name": "Out-of-bounds Write",
|
|
29761
|
+
"category": "Memory Safety"
|
|
29762
|
+
},
|
|
29763
|
+
{
|
|
29764
|
+
"id": "CWE-79",
|
|
29765
|
+
"name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
|
|
29766
|
+
"category": "Injection"
|
|
29767
|
+
},
|
|
29768
|
+
{
|
|
29769
|
+
"id": "CWE-798",
|
|
29770
|
+
"name": "Use of Hard-coded Credentials",
|
|
29771
|
+
"category": "Credentials"
|
|
29772
|
+
},
|
|
29773
|
+
{
|
|
29774
|
+
"id": "CWE-89",
|
|
29775
|
+
"name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
|
|
29776
|
+
"category": "Injection"
|
|
29777
|
+
},
|
|
29778
|
+
{
|
|
29779
|
+
"id": "CWE-918",
|
|
29780
|
+
"name": "Server-Side Request Forgery (SSRF)",
|
|
29781
|
+
"category": "Network"
|
|
29782
|
+
},
|
|
29783
|
+
{
|
|
29784
|
+
"id": "CWE-94",
|
|
29785
|
+
"name": "Improper Control of Generation of Code (Code Injection)",
|
|
29786
|
+
"category": "Injection"
|
|
29787
|
+
}
|
|
29788
|
+
],
|
|
29789
|
+
"atlas": [
|
|
29790
|
+
{
|
|
29791
|
+
"id": "AML.T0010",
|
|
29792
|
+
"name": "ML Supply Chain Compromise",
|
|
29793
|
+
"tactic": "Initial Access"
|
|
29794
|
+
},
|
|
29795
|
+
{
|
|
29796
|
+
"id": "AML.T0016",
|
|
29797
|
+
"name": "Obtain Capabilities: Develop Capabilities",
|
|
29798
|
+
"tactic": "Resource Development"
|
|
29799
|
+
},
|
|
29800
|
+
{
|
|
29801
|
+
"id": "AML.T0017",
|
|
29802
|
+
"name": "Discover ML Model Ontology",
|
|
29803
|
+
"tactic": "Discovery"
|
|
29804
|
+
},
|
|
29805
|
+
{
|
|
29806
|
+
"id": "AML.T0018",
|
|
29807
|
+
"name": "Backdoor ML Model",
|
|
29808
|
+
"tactic": "Persistence"
|
|
29809
|
+
},
|
|
29810
|
+
{
|
|
29811
|
+
"id": "AML.T0020",
|
|
29812
|
+
"name": "Poison Training Data",
|
|
29813
|
+
"tactic": "ML Attack Staging"
|
|
29814
|
+
},
|
|
29815
|
+
{
|
|
29816
|
+
"id": "AML.T0043",
|
|
29817
|
+
"name": "Craft Adversarial Data",
|
|
29818
|
+
"tactic": "ML Attack Staging"
|
|
29819
|
+
},
|
|
29820
|
+
{
|
|
29821
|
+
"id": "AML.T0051",
|
|
29822
|
+
"name": "LLM Prompt Injection",
|
|
29823
|
+
"tactic": "Execution"
|
|
29824
|
+
},
|
|
29825
|
+
{
|
|
29826
|
+
"id": "AML.T0054",
|
|
29827
|
+
"name": "LLM Jailbreak",
|
|
29828
|
+
"tactic": "Defense Evasion"
|
|
29829
|
+
},
|
|
29830
|
+
{
|
|
29831
|
+
"id": "AML.T0096",
|
|
29832
|
+
"name": "AI API as Covert C2 Channel",
|
|
29833
|
+
"tactic": "Command and Control"
|
|
29834
|
+
}
|
|
29835
|
+
],
|
|
29836
|
+
"d3fend": [
|
|
29837
|
+
{
|
|
29838
|
+
"id": "D3-ASLR",
|
|
29839
|
+
"name": "Address Space Layout Randomization",
|
|
29840
|
+
"tactic": "Harden"
|
|
29841
|
+
},
|
|
29842
|
+
{
|
|
29843
|
+
"id": "D3-CSPP",
|
|
29844
|
+
"name": "Client-server Payload Profiling",
|
|
29845
|
+
"tactic": "Detect"
|
|
29846
|
+
},
|
|
29847
|
+
{
|
|
29848
|
+
"id": "D3-EAL",
|
|
29849
|
+
"name": "Executable Allowlisting",
|
|
29850
|
+
"tactic": "Harden"
|
|
29851
|
+
},
|
|
29852
|
+
{
|
|
29853
|
+
"id": "D3-IOPR",
|
|
29854
|
+
"name": "Input/Output Profiling Resource",
|
|
29855
|
+
"tactic": "Detect"
|
|
29856
|
+
},
|
|
29857
|
+
{
|
|
29858
|
+
"id": "D3-NTA",
|
|
29859
|
+
"name": "Network Traffic Analysis",
|
|
29860
|
+
"tactic": "Detect"
|
|
29861
|
+
},
|
|
29862
|
+
{
|
|
29863
|
+
"id": "D3-PHRA",
|
|
29864
|
+
"name": "Process Hardware Resource Access",
|
|
29865
|
+
"tactic": "Isolate"
|
|
29866
|
+
},
|
|
29867
|
+
{
|
|
29868
|
+
"id": "D3-PSEP",
|
|
29869
|
+
"name": "Process Segment Execution Prevention",
|
|
29870
|
+
"tactic": "Harden"
|
|
29871
|
+
}
|
|
29872
|
+
],
|
|
29873
|
+
"framework_gaps": [
|
|
29874
|
+
{
|
|
29875
|
+
"id": "ALL-AI-PIPELINE-INTEGRITY",
|
|
29876
|
+
"framework": "ALL",
|
|
29877
|
+
"control_name": "AI Pipeline Integrity"
|
|
29878
|
+
},
|
|
29879
|
+
{
|
|
29880
|
+
"id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
|
|
29881
|
+
"framework": "ALL",
|
|
29882
|
+
"control_name": "Prompt Injection as Access Control Failure"
|
|
29883
|
+
},
|
|
29884
|
+
{
|
|
29885
|
+
"id": "CIS-Controls-v8-Control7",
|
|
29886
|
+
"framework": "CIS Controls v8",
|
|
29887
|
+
"control_name": "Continuous Vulnerability Management"
|
|
29888
|
+
},
|
|
29889
|
+
{
|
|
29890
|
+
"id": "CMMC-2.0-Level-2",
|
|
29891
|
+
"framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
|
|
29892
|
+
"control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
|
|
29893
|
+
},
|
|
29894
|
+
{
|
|
29895
|
+
"id": "FedRAMP-Rev5-Moderate",
|
|
29896
|
+
"framework": "FedRAMP Rev 5 Moderate",
|
|
29897
|
+
"control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
|
|
29898
|
+
},
|
|
29899
|
+
{
|
|
29900
|
+
"id": "IEC-62443-3-3",
|
|
29901
|
+
"framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
|
|
29902
|
+
"control_name": "System security requirements and security levels"
|
|
29903
|
+
},
|
|
29904
|
+
{
|
|
29905
|
+
"id": "ISO-27001-2022-A.8.28",
|
|
29906
|
+
"framework": "ISO/IEC 27001:2022",
|
|
29907
|
+
"control_name": "Secure coding"
|
|
29908
|
+
},
|
|
29909
|
+
{
|
|
29910
|
+
"id": "ISO-27001-2022-A.8.8",
|
|
29911
|
+
"framework": "ISO/IEC 27001:2022",
|
|
29912
|
+
"control_name": "Management of technical vulnerabilities"
|
|
29913
|
+
},
|
|
29914
|
+
{
|
|
29915
|
+
"id": "ISO-IEC-23894-2023-clause-7",
|
|
29916
|
+
"framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
|
|
29917
|
+
"control_name": "AI risk management process"
|
|
29918
|
+
},
|
|
29919
|
+
{
|
|
29920
|
+
"id": "NERC-CIP-007-6-R4",
|
|
29921
|
+
"framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
|
|
29922
|
+
"control_name": "Security event monitoring"
|
|
29923
|
+
},
|
|
29924
|
+
{
|
|
29925
|
+
"id": "NIS2-Art21-patch-management",
|
|
29926
|
+
"framework": "EU NIS2 Directive",
|
|
29927
|
+
"control_name": "Vulnerability handling and disclosure"
|
|
29928
|
+
},
|
|
29929
|
+
{
|
|
29930
|
+
"id": "NIST-800-115",
|
|
29931
|
+
"framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
|
|
29932
|
+
"control_name": "Technical Guide to Information Security Testing and Assessment"
|
|
29933
|
+
},
|
|
29934
|
+
{
|
|
29935
|
+
"id": "NIST-800-218-SSDF",
|
|
29936
|
+
"framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
|
|
29937
|
+
"control_name": "Secure Software Development Framework"
|
|
29938
|
+
},
|
|
29939
|
+
{
|
|
29940
|
+
"id": "NIST-800-53-AC-2",
|
|
29941
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
29942
|
+
"control_name": "Account Management"
|
|
29943
|
+
},
|
|
29944
|
+
{
|
|
29945
|
+
"id": "NIST-800-53-SC-8",
|
|
29946
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
29947
|
+
"control_name": "Transmission Confidentiality and Integrity"
|
|
29948
|
+
},
|
|
29949
|
+
{
|
|
29950
|
+
"id": "NIST-800-53-SI-2",
|
|
29951
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
29952
|
+
"control_name": "Flaw Remediation"
|
|
29953
|
+
},
|
|
29954
|
+
{
|
|
29955
|
+
"id": "NIST-800-53-SI-3",
|
|
29956
|
+
"framework": "NIST SP 800-53 Rev 5",
|
|
29957
|
+
"control_name": "Malicious Code Protection"
|
|
29958
|
+
},
|
|
29959
|
+
{
|
|
29960
|
+
"id": "NIST-800-82r3",
|
|
29961
|
+
"framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
|
|
29962
|
+
"control_name": "Guide to Operational Technology (OT) Security"
|
|
29963
|
+
},
|
|
29964
|
+
{
|
|
29965
|
+
"id": "OWASP-LLM-Top-10-2025-LLM01",
|
|
29966
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
29967
|
+
"control_name": "Prompt Injection"
|
|
29968
|
+
},
|
|
29969
|
+
{
|
|
29970
|
+
"id": "OWASP-LLM-Top-10-2025-LLM02",
|
|
29971
|
+
"framework": "OWASP Top 10 for LLM Applications 2025",
|
|
29972
|
+
"control_name": "Sensitive Information Disclosure"
|
|
29973
|
+
},
|
|
29974
|
+
{
|
|
29975
|
+
"id": "OWASP-Pen-Testing-Guide-v5",
|
|
29976
|
+
"framework": "OWASP Web Security Testing Guide v5 (WSTG)",
|
|
29977
|
+
"control_name": "Web application penetration testing methodology"
|
|
29978
|
+
},
|
|
29979
|
+
{
|
|
29980
|
+
"id": "PCI-DSS-4.0-6.3.3",
|
|
29981
|
+
"framework": "PCI DSS 4.0",
|
|
29982
|
+
"control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
|
|
29983
|
+
},
|
|
29984
|
+
{
|
|
29985
|
+
"id": "PTES-Pre-engagement",
|
|
29986
|
+
"framework": "Penetration Testing Execution Standard (PTES)",
|
|
29987
|
+
"control_name": "Pre-engagement Interactions"
|
|
29988
|
+
},
|
|
29989
|
+
{
|
|
29990
|
+
"id": "SOC2-CC6-logical-access",
|
|
29991
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
29992
|
+
"control_name": "Logical and Physical Access Controls"
|
|
29993
|
+
},
|
|
29994
|
+
{
|
|
29995
|
+
"id": "SOC2-CC9-vendor-management",
|
|
29996
|
+
"framework": "SOC 2 (AICPA Trust Services Criteria)",
|
|
29997
|
+
"control_name": "Risk Mitigation — Vendor and Business Partner Risk"
|
|
29998
|
+
}
|
|
29999
|
+
],
|
|
30000
|
+
"attack_refs": [
|
|
30001
|
+
"T0855",
|
|
30002
|
+
"T0883",
|
|
30003
|
+
"T1059",
|
|
30004
|
+
"T1068",
|
|
30005
|
+
"T1078",
|
|
30006
|
+
"T1133",
|
|
30007
|
+
"T1190",
|
|
30008
|
+
"T1548.001",
|
|
30009
|
+
"T1566"
|
|
30010
|
+
],
|
|
30011
|
+
"rfc_refs": [
|
|
30012
|
+
"RFC-4301",
|
|
30013
|
+
"RFC-4303",
|
|
30014
|
+
"RFC-7296"
|
|
30015
|
+
]
|
|
30016
|
+
}
|
|
30017
|
+
},
|
|
28932
30018
|
"CVE-2026-41091": {
|
|
28933
30019
|
"name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
|
|
28934
30020
|
"rwep": 45,
|
|
@@ -55310,6 +56396,9 @@
|
|
|
55310
56396
|
"CVE-2023-48022",
|
|
55311
56397
|
"CVE-2023-51449",
|
|
55312
56398
|
"CVE-2024-0132",
|
|
56399
|
+
"CVE-2024-11392",
|
|
56400
|
+
"CVE-2024-11393",
|
|
56401
|
+
"CVE-2024-11394",
|
|
55313
56402
|
"CVE-2024-1561",
|
|
55314
56403
|
"CVE-2024-3094",
|
|
55315
56404
|
"CVE-2024-3154",
|
|
@@ -55692,6 +56781,9 @@
|
|
|
55692
56781
|
"CVE-2023-48022",
|
|
55693
56782
|
"CVE-2023-51449",
|
|
55694
56783
|
"CVE-2024-0132",
|
|
56784
|
+
"CVE-2024-11392",
|
|
56785
|
+
"CVE-2024-11393",
|
|
56786
|
+
"CVE-2024-11394",
|
|
55695
56787
|
"CVE-2024-1561",
|
|
55696
56788
|
"CVE-2024-37032",
|
|
55697
56789
|
"CVE-2024-39722",
|
|
@@ -55865,6 +56957,9 @@
|
|
|
55865
56957
|
"CVE-2023-48022",
|
|
55866
56958
|
"CVE-2023-51449",
|
|
55867
56959
|
"CVE-2024-0132",
|
|
56960
|
+
"CVE-2024-11392",
|
|
56961
|
+
"CVE-2024-11393",
|
|
56962
|
+
"CVE-2024-11394",
|
|
55868
56963
|
"CVE-2024-1561",
|
|
55869
56964
|
"CVE-2024-37032",
|
|
55870
56965
|
"CVE-2024-39722",
|
|
@@ -56052,6 +57147,9 @@
|
|
|
56052
57147
|
"CVE-2023-48022",
|
|
56053
57148
|
"CVE-2023-51449",
|
|
56054
57149
|
"CVE-2024-0132",
|
|
57150
|
+
"CVE-2024-11392",
|
|
57151
|
+
"CVE-2024-11393",
|
|
57152
|
+
"CVE-2024-11394",
|
|
56055
57153
|
"CVE-2024-1561",
|
|
56056
57154
|
"CVE-2024-37032",
|
|
56057
57155
|
"CVE-2024-39722",
|
|
@@ -56343,6 +57441,9 @@
|
|
|
56343
57441
|
"CVE-2023-48022",
|
|
56344
57442
|
"CVE-2023-51449",
|
|
56345
57443
|
"CVE-2024-0132",
|
|
57444
|
+
"CVE-2024-11392",
|
|
57445
|
+
"CVE-2024-11393",
|
|
57446
|
+
"CVE-2024-11394",
|
|
56346
57447
|
"CVE-2024-1561",
|
|
56347
57448
|
"CVE-2024-3094",
|
|
56348
57449
|
"CVE-2024-3154",
|
|
@@ -56592,6 +57693,9 @@
|
|
|
56592
57693
|
"CVE-2024-0132",
|
|
56593
57694
|
"CVE-2024-0769",
|
|
56594
57695
|
"CVE-2024-11182",
|
|
57696
|
+
"CVE-2024-11392",
|
|
57697
|
+
"CVE-2024-11393",
|
|
57698
|
+
"CVE-2024-11394",
|
|
56595
57699
|
"CVE-2024-12987",
|
|
56596
57700
|
"CVE-2024-1561",
|
|
56597
57701
|
"CVE-2024-1708",
|
|
@@ -57421,6 +58525,9 @@
|
|
|
57421
58525
|
"CVE-2023-48022",
|
|
57422
58526
|
"CVE-2023-51449",
|
|
57423
58527
|
"CVE-2024-0132",
|
|
58528
|
+
"CVE-2024-11392",
|
|
58529
|
+
"CVE-2024-11393",
|
|
58530
|
+
"CVE-2024-11394",
|
|
57424
58531
|
"CVE-2024-1561",
|
|
57425
58532
|
"CVE-2024-3094",
|
|
57426
58533
|
"CVE-2024-3154",
|
|
@@ -58033,6 +59140,9 @@
|
|
|
58033
59140
|
"CVE-2023-48022",
|
|
58034
59141
|
"CVE-2023-51449",
|
|
58035
59142
|
"CVE-2024-0132",
|
|
59143
|
+
"CVE-2024-11392",
|
|
59144
|
+
"CVE-2024-11393",
|
|
59145
|
+
"CVE-2024-11394",
|
|
58036
59146
|
"CVE-2024-1561",
|
|
58037
59147
|
"CVE-2024-3094",
|
|
58038
59148
|
"CVE-2024-3154",
|
|
@@ -58283,6 +59393,9 @@
|
|
|
58283
59393
|
"CVE-2023-48022",
|
|
58284
59394
|
"CVE-2023-51449",
|
|
58285
59395
|
"CVE-2024-0132",
|
|
59396
|
+
"CVE-2024-11392",
|
|
59397
|
+
"CVE-2024-11393",
|
|
59398
|
+
"CVE-2024-11394",
|
|
58286
59399
|
"CVE-2024-1561",
|
|
58287
59400
|
"CVE-2024-3094",
|
|
58288
59401
|
"CVE-2024-37032",
|
|
@@ -58959,6 +60072,9 @@
|
|
|
58959
60072
|
"CVE-2023-48022",
|
|
58960
60073
|
"CVE-2023-51449",
|
|
58961
60074
|
"CVE-2024-0132",
|
|
60075
|
+
"CVE-2024-11392",
|
|
60076
|
+
"CVE-2024-11393",
|
|
60077
|
+
"CVE-2024-11394",
|
|
58962
60078
|
"CVE-2024-1561",
|
|
58963
60079
|
"CVE-2024-3094",
|
|
58964
60080
|
"CVE-2024-3154",
|
|
@@ -59215,6 +60331,9 @@
|
|
|
59215
60331
|
"CVE-2024-0132",
|
|
59216
60332
|
"CVE-2024-0769",
|
|
59217
60333
|
"CVE-2024-11182",
|
|
60334
|
+
"CVE-2024-11392",
|
|
60335
|
+
"CVE-2024-11393",
|
|
60336
|
+
"CVE-2024-11394",
|
|
59218
60337
|
"CVE-2024-12987",
|
|
59219
60338
|
"CVE-2024-1561",
|
|
59220
60339
|
"CVE-2024-1708",
|
|
@@ -59648,6 +60767,9 @@
|
|
|
59648
60767
|
"CVE-2024-0132",
|
|
59649
60768
|
"CVE-2024-0769",
|
|
59650
60769
|
"CVE-2024-11182",
|
|
60770
|
+
"CVE-2024-11392",
|
|
60771
|
+
"CVE-2024-11393",
|
|
60772
|
+
"CVE-2024-11394",
|
|
59651
60773
|
"CVE-2024-12987",
|
|
59652
60774
|
"CVE-2024-1561",
|
|
59653
60775
|
"CVE-2024-1708",
|
|
@@ -60110,6 +61232,9 @@
|
|
|
60110
61232
|
"CVE-2023-48022",
|
|
60111
61233
|
"CVE-2023-51449",
|
|
60112
61234
|
"CVE-2024-0132",
|
|
61235
|
+
"CVE-2024-11392",
|
|
61236
|
+
"CVE-2024-11393",
|
|
61237
|
+
"CVE-2024-11394",
|
|
60113
61238
|
"CVE-2024-1561",
|
|
60114
61239
|
"CVE-2024-3094",
|
|
60115
61240
|
"CVE-2024-3154",
|
|
@@ -60918,6 +62043,9 @@
|
|
|
60918
62043
|
"CVE-2024-0132",
|
|
60919
62044
|
"CVE-2024-0769",
|
|
60920
62045
|
"CVE-2024-11182",
|
|
62046
|
+
"CVE-2024-11392",
|
|
62047
|
+
"CVE-2024-11393",
|
|
62048
|
+
"CVE-2024-11394",
|
|
60921
62049
|
"CVE-2024-12987",
|
|
60922
62050
|
"CVE-2024-1561",
|
|
60923
62051
|
"CVE-2024-1708",
|
|
@@ -61444,6 +62572,9 @@
|
|
|
61444
62572
|
"CVE-2023-48022",
|
|
61445
62573
|
"CVE-2023-51449",
|
|
61446
62574
|
"CVE-2024-0132",
|
|
62575
|
+
"CVE-2024-11392",
|
|
62576
|
+
"CVE-2024-11393",
|
|
62577
|
+
"CVE-2024-11394",
|
|
61447
62578
|
"CVE-2024-1561",
|
|
61448
62579
|
"CVE-2024-3094",
|
|
61449
62580
|
"CVE-2024-3154",
|
|
@@ -61778,6 +62909,9 @@
|
|
|
61778
62909
|
"CVE-2024-0132",
|
|
61779
62910
|
"CVE-2024-0769",
|
|
61780
62911
|
"CVE-2024-11182",
|
|
62912
|
+
"CVE-2024-11392",
|
|
62913
|
+
"CVE-2024-11393",
|
|
62914
|
+
"CVE-2024-11394",
|
|
61781
62915
|
"CVE-2024-12987",
|
|
61782
62916
|
"CVE-2024-1561",
|
|
61783
62917
|
"CVE-2024-1708",
|
|
@@ -62323,6 +63457,9 @@
|
|
|
62323
63457
|
"CVE-2023-48022",
|
|
62324
63458
|
"CVE-2023-51449",
|
|
62325
63459
|
"CVE-2024-0132",
|
|
63460
|
+
"CVE-2024-11392",
|
|
63461
|
+
"CVE-2024-11393",
|
|
63462
|
+
"CVE-2024-11394",
|
|
62326
63463
|
"CVE-2024-1561",
|
|
62327
63464
|
"CVE-2024-3094",
|
|
62328
63465
|
"CVE-2024-3154",
|
|
@@ -63270,6 +64407,9 @@
|
|
|
63270
64407
|
"CVE-2023-48022",
|
|
63271
64408
|
"CVE-2023-51449",
|
|
63272
64409
|
"CVE-2024-0132",
|
|
64410
|
+
"CVE-2024-11392",
|
|
64411
|
+
"CVE-2024-11393",
|
|
64412
|
+
"CVE-2024-11394",
|
|
63273
64413
|
"CVE-2024-1561",
|
|
63274
64414
|
"CVE-2024-3094",
|
|
63275
64415
|
"CVE-2024-3154",
|
|
@@ -63381,6 +64521,9 @@
|
|
|
63381
64521
|
"CVE-2023-48022",
|
|
63382
64522
|
"CVE-2023-51449",
|
|
63383
64523
|
"CVE-2024-0132",
|
|
64524
|
+
"CVE-2024-11392",
|
|
64525
|
+
"CVE-2024-11393",
|
|
64526
|
+
"CVE-2024-11394",
|
|
63384
64527
|
"CVE-2024-1561",
|
|
63385
64528
|
"CVE-2024-37032",
|
|
63386
64529
|
"CVE-2024-39722",
|
|
@@ -63562,6 +64705,9 @@
|
|
|
63562
64705
|
"CVE-2023-48022",
|
|
63563
64706
|
"CVE-2023-51449",
|
|
63564
64707
|
"CVE-2024-0132",
|
|
64708
|
+
"CVE-2024-11392",
|
|
64709
|
+
"CVE-2024-11393",
|
|
64710
|
+
"CVE-2024-11394",
|
|
63565
64711
|
"CVE-2024-1561",
|
|
63566
64712
|
"CVE-2024-37032",
|
|
63567
64713
|
"CVE-2024-39722",
|
|
@@ -63994,6 +65140,9 @@
|
|
|
63994
65140
|
"CVE-2023-52163",
|
|
63995
65141
|
"CVE-2024-0769",
|
|
63996
65142
|
"CVE-2024-11182",
|
|
65143
|
+
"CVE-2024-11392",
|
|
65144
|
+
"CVE-2024-11393",
|
|
65145
|
+
"CVE-2024-11394",
|
|
63997
65146
|
"CVE-2024-12987",
|
|
63998
65147
|
"CVE-2024-1561",
|
|
63999
65148
|
"CVE-2024-1708",
|
|
@@ -64446,6 +65595,9 @@
|
|
|
64446
65595
|
"CVE-2023-48022",
|
|
64447
65596
|
"CVE-2023-51449",
|
|
64448
65597
|
"CVE-2024-0132",
|
|
65598
|
+
"CVE-2024-11392",
|
|
65599
|
+
"CVE-2024-11393",
|
|
65600
|
+
"CVE-2024-11394",
|
|
64449
65601
|
"CVE-2024-1561",
|
|
64450
65602
|
"CVE-2024-3094",
|
|
64451
65603
|
"CVE-2024-3154",
|
|
@@ -64750,6 +65902,9 @@
|
|
|
64750
65902
|
"CVE-2023-48022",
|
|
64751
65903
|
"CVE-2023-51449",
|
|
64752
65904
|
"CVE-2024-0132",
|
|
65905
|
+
"CVE-2024-11392",
|
|
65906
|
+
"CVE-2024-11393",
|
|
65907
|
+
"CVE-2024-11394",
|
|
64753
65908
|
"CVE-2024-1561",
|
|
64754
65909
|
"CVE-2024-3094",
|
|
64755
65910
|
"CVE-2024-37032",
|