@blamejs/exceptd-skills 0.13.87 → 0.13.89
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/data/_indexes/_meta.json +9 -9
- package/data/_indexes/activity-feed.json +2 -2
- package/data/_indexes/catalog-summaries.json +2 -2
- package/data/_indexes/chains.json +2310 -0
- package/data/atlas-ttps.json +16 -1
- package/data/attack-techniques.json +15 -0
- package/data/cve-catalog.json +632 -1
- package/data/cwe-catalog.json +7 -1
- package/data/framework-control-gaps.json +48 -0
- package/data/zeroday-lessons.json +300 -0
- package/manifest.json +44 -44
- package/package.json +2 -2
- package/sbom.cdx.json +25 -25
package/data/atlas-ttps.json
CHANGED
|
@@ -144,6 +144,9 @@
|
|
|
144
144
|
"last_verified": "2026-05-19",
|
|
145
145
|
"cve_refs": [
|
|
146
146
|
"CVE-2023-43654",
|
|
147
|
+
"CVE-2024-11392",
|
|
148
|
+
"CVE-2024-11393",
|
|
149
|
+
"CVE-2024-11394",
|
|
147
150
|
"CVE-2024-37032",
|
|
148
151
|
"CVE-2025-1550",
|
|
149
152
|
"CVE-2025-8747",
|
|
@@ -1265,6 +1268,9 @@
|
|
|
1265
1268
|
"exceptd_skills": [],
|
|
1266
1269
|
"last_verified": "2026-05-19",
|
|
1267
1270
|
"cve_refs": [
|
|
1271
|
+
"CVE-2024-11392",
|
|
1272
|
+
"CVE-2024-11393",
|
|
1273
|
+
"CVE-2024-11394",
|
|
1268
1274
|
"CVE-2025-1550",
|
|
1269
1275
|
"CVE-2025-8747",
|
|
1270
1276
|
"MAL-2024-PYPI-ULTRALYTICS-XMRIG"
|
|
@@ -1715,6 +1721,9 @@
|
|
|
1715
1721
|
"CVE-2024-42479",
|
|
1716
1722
|
"CVE-2025-64496",
|
|
1717
1723
|
"CVE-2026-0766",
|
|
1724
|
+
"CVE-2026-24213",
|
|
1725
|
+
"CVE-2026-24214",
|
|
1726
|
+
"CVE-2026-24215",
|
|
1718
1727
|
"CVE-2026-34159"
|
|
1719
1728
|
]
|
|
1720
1729
|
},
|
|
@@ -2803,6 +2812,9 @@
|
|
|
2803
2812
|
"is_subtechnique": true,
|
|
2804
2813
|
"cve_refs": [
|
|
2805
2814
|
"CVE-2022-1471",
|
|
2815
|
+
"CVE-2024-11392",
|
|
2816
|
+
"CVE-2024-11393",
|
|
2817
|
+
"CVE-2024-11394",
|
|
2806
2818
|
"CVE-2025-1550",
|
|
2807
2819
|
"CVE-2025-8747"
|
|
2808
2820
|
]
|
|
@@ -3038,7 +3050,10 @@
|
|
|
3038
3050
|
"ATLAS"
|
|
3039
3051
|
],
|
|
3040
3052
|
"stix_id": "attack-pattern--c54f84ef-93fd-560c-bbbb-5490753a2f97",
|
|
3041
|
-
"is_subtechnique": true
|
|
3053
|
+
"is_subtechnique": true,
|
|
3054
|
+
"cve_refs": [
|
|
3055
|
+
"CVE-2026-24215"
|
|
3056
|
+
]
|
|
3042
3057
|
},
|
|
3043
3058
|
"AML.T0034.002": {
|
|
3044
3059
|
"id": "AML.T0034.002",
|
|
@@ -272,6 +272,9 @@
|
|
|
272
272
|
"CVE-2022-1471",
|
|
273
273
|
"CVE-2023-43654",
|
|
274
274
|
"CVE-2023-48022",
|
|
275
|
+
"CVE-2024-11392",
|
|
276
|
+
"CVE-2024-11393",
|
|
277
|
+
"CVE-2024-11394",
|
|
275
278
|
"CVE-2024-37032",
|
|
276
279
|
"CVE-2024-42479",
|
|
277
280
|
"CVE-2024-50050",
|
|
@@ -293,6 +296,8 @@
|
|
|
293
296
|
"CVE-2026-22252",
|
|
294
297
|
"CVE-2026-22688",
|
|
295
298
|
"CVE-2026-22778",
|
|
299
|
+
"CVE-2026-24213",
|
|
300
|
+
"CVE-2026-24214",
|
|
296
301
|
"CVE-2026-25592",
|
|
297
302
|
"CVE-2026-26015",
|
|
298
303
|
"CVE-2026-30615",
|
|
@@ -988,6 +993,9 @@
|
|
|
988
993
|
"CVE-2026-23760",
|
|
989
994
|
"CVE-2026-24206",
|
|
990
995
|
"CVE-2026-24207",
|
|
996
|
+
"CVE-2026-24213",
|
|
997
|
+
"CVE-2026-24214",
|
|
998
|
+
"CVE-2026-24215",
|
|
991
999
|
"CVE-2026-25108",
|
|
992
1000
|
"CVE-2026-26015",
|
|
993
1001
|
"CVE-2026-30616",
|
|
@@ -1084,6 +1092,9 @@
|
|
|
1084
1092
|
"name": "Supply Chain Compromise: Software Supply Chain",
|
|
1085
1093
|
"version": "v19",
|
|
1086
1094
|
"cve_refs": [
|
|
1095
|
+
"CVE-2024-11392",
|
|
1096
|
+
"CVE-2024-11393",
|
|
1097
|
+
"CVE-2024-11394",
|
|
1087
1098
|
"CVE-2024-3094",
|
|
1088
1099
|
"CVE-2025-1550",
|
|
1089
1100
|
"CVE-2025-8747",
|
|
@@ -2735,6 +2746,7 @@
|
|
|
2735
2746
|
"notes": "Added v0.13.17 to support DoS-class KEV bulk imports.",
|
|
2736
2747
|
"cve_refs": [
|
|
2737
2748
|
"CVE-2025-6543",
|
|
2749
|
+
"CVE-2026-24215",
|
|
2738
2750
|
"CVE-2026-45498"
|
|
2739
2751
|
],
|
|
2740
2752
|
"description_full": "Adversaries may perform Endpoint Denial of Service (DoS) attacks to degrade or block the availability of services to users. Endpoint DoS can be performed by exhausting the system resources those services are hosted on or exploiting the system to cause a persistent crash condition. Example services include websites, email services, DNS, and web-based applications. Adversaries have been observed conducting DoS attacks for political purposes(Citation: FireEye OpPoisonedHandover February 2016) and to support other malicious activities, including distraction(Citation: FSISAC FraudNetDoS September 2012), hacktivism, and extortion.(Citation: Symantec DDoS October 2014) An Endpoint DoS denies the availability of a service without saturating the network used to provide access to the service. Adversaries can target various layers of the application stack that is hosted on the system used to provide the service. These layers include the Operating Systems (OS), server applications such as web servers, DNS servers, databases, and the (typically web-based) applications that sit on top of them. Attacking each layer requires different techniques that take advantage of bottlenecks that are unique to the respective components. A DoS attack may be generated by a single system or multiple systems spread across the internet, which is commonly referred to as a distributed DoS (DDoS). To perform DoS attacks against endpoint resources, several aspects apply to multiple methods, including IP address spoofing and botnets. Adversaries may use the original IP address of an attacking system, or spoof the source IP address to make the attack traffic more difficult to trace back to the attacking system or to enable reflection. This can increase the difficulty defenders have in defending against the attack by reducing or eliminating the effectiveness of filtering by the source address on network defense devices. Botnets are commonly used to conduct DDoS attacks against networks and services. Large botnets can generate a significant amount of traffic from systems spread across the global internet. Adversaries may have the resources to build out and control their own botnet infrastructure or may rent time on an existing botnet to conduct an attack. In some of the worst cases for DDoS, so many systems are used to generate requests that each one only needs to send out a small amount of traffic to produce enough volume to exhaust the target's resources. In such circumstances, distinguishing DDoS traffic from legitimate clients becomes exceedingly difficult. Botnets have been used in some of the most high-profile DDoS attacks, such as the 2012 series of incidents that targeted major US banks.(Citation: USNYAG IranianBotnet March 2016) In cases where traffic manipulation is used, there may be points in the global network (such as high traffic gateway routers) where packets can be altered and cause legitimate clients to execute code that directs network packets toward a target in high volume. This type of capability was previously used for the purposes of web censorship where client HTTP traffic was modified to include a reference to JavaScript that generated the DDoS code to overwhelm target web servers.(Citation: ArsTechnica Great Firewall of China) For attacks attempting to saturate the providing network, see [Network Denial of Service](https://attack.mitre.org/techniques/T1498).",
|
|
@@ -4259,6 +4271,9 @@
|
|
|
4259
4271
|
"stix_id": "attack-pattern--8c32eb4d-805f-4fc5-bf60-c4d476c131b5",
|
|
4260
4272
|
"is_subtechnique": false,
|
|
4261
4273
|
"cve_refs": [
|
|
4274
|
+
"CVE-2024-11392",
|
|
4275
|
+
"CVE-2024-11393",
|
|
4276
|
+
"CVE-2024-11394",
|
|
4262
4277
|
"CVE-2025-1550",
|
|
4263
4278
|
"CVE-2025-8747"
|
|
4264
4279
|
]
|