@blamejs/exceptd-skills 0.13.88 → 0.13.90

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +8 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +2067 -0
  6. package/data/atlas-ttps.json +9 -1
  7. package/data/attack-techniques.json +13 -0
  8. package/data/cve-catalog.json +518 -1
  9. package/data/cwe-catalog.json +8 -2
  10. package/data/framework-control-gaps.json +40 -0
  11. package/data/zeroday-lessons.json +250 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/data/_indexes/chains.json CHANGED
@@ -30015,6 +30015,1956 @@
30015
30015
  ]
30016
30016
  }
30017
30017
  },
30018
+ "CVE-2026-24213": {
30019
+ "name": "NVIDIA Triton DALI Backend Out-of-Bounds Read",
30020
+ "rwep": 11,
30021
+ "cvss": 9.8,
30022
+ "cisa_kev": false,
30023
+ "epss_score": null,
30024
+ "referencing_skills": [
30025
+ "kernel-lpe-triage",
30026
+ "ai-attack-surface",
30027
+ "compliance-theater",
30028
+ "attack-surface-pentest",
30029
+ "ot-ics-security",
30030
+ "coordinated-vuln-disclosure",
30031
+ "sector-energy"
30032
+ ],
30033
+ "chain": {
30034
+ "cwes": [
30035
+ {
30036
+ "id": "CWE-1037",
30037
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
30038
+ "category": "Hardware / Side Channel"
30039
+ },
30040
+ {
30041
+ "id": "CWE-1039",
30042
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
30043
+ "category": "AI/ML"
30044
+ },
30045
+ {
30046
+ "id": "CWE-125",
30047
+ "name": "Out-of-bounds Read",
30048
+ "category": "Memory Safety"
30049
+ },
30050
+ {
30051
+ "id": "CWE-1357",
30052
+ "name": "Reliance on Insufficiently Trustworthy Component",
30053
+ "category": "Supply Chain"
30054
+ },
30055
+ {
30056
+ "id": "CWE-1395",
30057
+ "name": "Dependency on Vulnerable Third-Party Component",
30058
+ "category": "Supply Chain"
30059
+ },
30060
+ {
30061
+ "id": "CWE-1426",
30062
+ "name": "Improper Validation of Generative AI Output",
30063
+ "category": "AI/ML"
30064
+ },
30065
+ {
30066
+ "id": "CWE-22",
30067
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
30068
+ "category": "Path/Resource"
30069
+ },
30070
+ {
30071
+ "id": "CWE-269",
30072
+ "name": "Improper Privilege Management",
30073
+ "category": "Authorization"
30074
+ },
30075
+ {
30076
+ "id": "CWE-287",
30077
+ "name": "Improper Authentication",
30078
+ "category": "Authentication"
30079
+ },
30080
+ {
30081
+ "id": "CWE-306",
30082
+ "name": "Missing Authentication for Critical Function",
30083
+ "category": "Authentication"
30084
+ },
30085
+ {
30086
+ "id": "CWE-352",
30087
+ "name": "Cross-Site Request Forgery (CSRF)",
30088
+ "category": "Session"
30089
+ },
30090
+ {
30091
+ "id": "CWE-362",
30092
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
30093
+ "category": "Concurrency"
30094
+ },
30095
+ {
30096
+ "id": "CWE-416",
30097
+ "name": "Use After Free",
30098
+ "category": "Memory Safety"
30099
+ },
30100
+ {
30101
+ "id": "CWE-434",
30102
+ "name": "Unrestricted Upload of File with Dangerous Type",
30103
+ "category": "File Handling"
30104
+ },
30105
+ {
30106
+ "id": "CWE-672",
30107
+ "name": "Operation on a Resource after Expiration or Release",
30108
+ "category": "Memory Safety"
30109
+ },
30110
+ {
30111
+ "id": "CWE-732",
30112
+ "name": "Incorrect Permission Assignment for Critical Resource",
30113
+ "category": "Authorization"
30114
+ },
30115
+ {
30116
+ "id": "CWE-78",
30117
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
30118
+ "category": "Injection"
30119
+ },
30120
+ {
30121
+ "id": "CWE-787",
30122
+ "name": "Out-of-bounds Write",
30123
+ "category": "Memory Safety"
30124
+ },
30125
+ {
30126
+ "id": "CWE-79",
30127
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
30128
+ "category": "Injection"
30129
+ },
30130
+ {
30131
+ "id": "CWE-798",
30132
+ "name": "Use of Hard-coded Credentials",
30133
+ "category": "Credentials"
30134
+ },
30135
+ {
30136
+ "id": "CWE-89",
30137
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
30138
+ "category": "Injection"
30139
+ },
30140
+ {
30141
+ "id": "CWE-918",
30142
+ "name": "Server-Side Request Forgery (SSRF)",
30143
+ "category": "Network"
30144
+ },
30145
+ {
30146
+ "id": "CWE-94",
30147
+ "name": "Improper Control of Generation of Code (Code Injection)",
30148
+ "category": "Injection"
30149
+ }
30150
+ ],
30151
+ "atlas": [
30152
+ {
30153
+ "id": "AML.T0010",
30154
+ "name": "ML Supply Chain Compromise",
30155
+ "tactic": "Initial Access"
30156
+ },
30157
+ {
30158
+ "id": "AML.T0016",
30159
+ "name": "Obtain Capabilities: Develop Capabilities",
30160
+ "tactic": "Resource Development"
30161
+ },
30162
+ {
30163
+ "id": "AML.T0017",
30164
+ "name": "Discover ML Model Ontology",
30165
+ "tactic": "Discovery"
30166
+ },
30167
+ {
30168
+ "id": "AML.T0018",
30169
+ "name": "Backdoor ML Model",
30170
+ "tactic": "Persistence"
30171
+ },
30172
+ {
30173
+ "id": "AML.T0020",
30174
+ "name": "Poison Training Data",
30175
+ "tactic": "ML Attack Staging"
30176
+ },
30177
+ {
30178
+ "id": "AML.T0043",
30179
+ "name": "Craft Adversarial Data",
30180
+ "tactic": "ML Attack Staging"
30181
+ },
30182
+ {
30183
+ "id": "AML.T0051",
30184
+ "name": "LLM Prompt Injection",
30185
+ "tactic": "Execution"
30186
+ },
30187
+ {
30188
+ "id": "AML.T0054",
30189
+ "name": "LLM Jailbreak",
30190
+ "tactic": "Defense Evasion"
30191
+ },
30192
+ {
30193
+ "id": "AML.T0096",
30194
+ "name": "AI API as Covert C2 Channel",
30195
+ "tactic": "Command and Control"
30196
+ }
30197
+ ],
30198
+ "d3fend": [
30199
+ {
30200
+ "id": "D3-ASLR",
30201
+ "name": "Address Space Layout Randomization",
30202
+ "tactic": "Harden"
30203
+ },
30204
+ {
30205
+ "id": "D3-CSPP",
30206
+ "name": "Client-server Payload Profiling",
30207
+ "tactic": "Detect"
30208
+ },
30209
+ {
30210
+ "id": "D3-EAL",
30211
+ "name": "Executable Allowlisting",
30212
+ "tactic": "Harden"
30213
+ },
30214
+ {
30215
+ "id": "D3-IOPR",
30216
+ "name": "Input/Output Profiling Resource",
30217
+ "tactic": "Detect"
30218
+ },
30219
+ {
30220
+ "id": "D3-NTA",
30221
+ "name": "Network Traffic Analysis",
30222
+ "tactic": "Detect"
30223
+ },
30224
+ {
30225
+ "id": "D3-PHRA",
30226
+ "name": "Process Hardware Resource Access",
30227
+ "tactic": "Isolate"
30228
+ },
30229
+ {
30230
+ "id": "D3-PSEP",
30231
+ "name": "Process Segment Execution Prevention",
30232
+ "tactic": "Harden"
30233
+ }
30234
+ ],
30235
+ "framework_gaps": [
30236
+ {
30237
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
30238
+ "framework": "ALL",
30239
+ "control_name": "AI Pipeline Integrity"
30240
+ },
30241
+ {
30242
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
30243
+ "framework": "ALL",
30244
+ "control_name": "Prompt Injection as Access Control Failure"
30245
+ },
30246
+ {
30247
+ "id": "CIS-Controls-v8-Control7",
30248
+ "framework": "CIS Controls v8",
30249
+ "control_name": "Continuous Vulnerability Management"
30250
+ },
30251
+ {
30252
+ "id": "CMMC-2.0-Level-2",
30253
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
30254
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
30255
+ },
30256
+ {
30257
+ "id": "FedRAMP-Rev5-Moderate",
30258
+ "framework": "FedRAMP Rev 5 Moderate",
30259
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
30260
+ },
30261
+ {
30262
+ "id": "IEC-62443-3-3",
30263
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
30264
+ "control_name": "System security requirements and security levels"
30265
+ },
30266
+ {
30267
+ "id": "ISO-27001-2022-A.8.28",
30268
+ "framework": "ISO/IEC 27001:2022",
30269
+ "control_name": "Secure coding"
30270
+ },
30271
+ {
30272
+ "id": "ISO-27001-2022-A.8.8",
30273
+ "framework": "ISO/IEC 27001:2022",
30274
+ "control_name": "Management of technical vulnerabilities"
30275
+ },
30276
+ {
30277
+ "id": "ISO-IEC-23894-2023-clause-7",
30278
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
30279
+ "control_name": "AI risk management process"
30280
+ },
30281
+ {
30282
+ "id": "NERC-CIP-007-6-R4",
30283
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
30284
+ "control_name": "Security event monitoring"
30285
+ },
30286
+ {
30287
+ "id": "NIS2-Art21-patch-management",
30288
+ "framework": "EU NIS2 Directive",
30289
+ "control_name": "Vulnerability handling and disclosure"
30290
+ },
30291
+ {
30292
+ "id": "NIST-800-115",
30293
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
30294
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
30295
+ },
30296
+ {
30297
+ "id": "NIST-800-218-SSDF",
30298
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
30299
+ "control_name": "Secure Software Development Framework"
30300
+ },
30301
+ {
30302
+ "id": "NIST-800-53-AC-2",
30303
+ "framework": "NIST SP 800-53 Rev 5",
30304
+ "control_name": "Account Management"
30305
+ },
30306
+ {
30307
+ "id": "NIST-800-53-SC-8",
30308
+ "framework": "NIST SP 800-53 Rev 5",
30309
+ "control_name": "Transmission Confidentiality and Integrity"
30310
+ },
30311
+ {
30312
+ "id": "NIST-800-53-SI-2",
30313
+ "framework": "NIST SP 800-53 Rev 5",
30314
+ "control_name": "Flaw Remediation"
30315
+ },
30316
+ {
30317
+ "id": "NIST-800-53-SI-3",
30318
+ "framework": "NIST SP 800-53 Rev 5",
30319
+ "control_name": "Malicious Code Protection"
30320
+ },
30321
+ {
30322
+ "id": "NIST-800-82r3",
30323
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
30324
+ "control_name": "Guide to Operational Technology (OT) Security"
30325
+ },
30326
+ {
30327
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
30328
+ "framework": "OWASP Top 10 for LLM Applications 2025",
30329
+ "control_name": "Prompt Injection"
30330
+ },
30331
+ {
30332
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
30333
+ "framework": "OWASP Top 10 for LLM Applications 2025",
30334
+ "control_name": "Sensitive Information Disclosure"
30335
+ },
30336
+ {
30337
+ "id": "OWASP-Pen-Testing-Guide-v5",
30338
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
30339
+ "control_name": "Web application penetration testing methodology"
30340
+ },
30341
+ {
30342
+ "id": "PCI-DSS-4.0-6.3.3",
30343
+ "framework": "PCI DSS 4.0",
30344
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
30345
+ },
30346
+ {
30347
+ "id": "PTES-Pre-engagement",
30348
+ "framework": "Penetration Testing Execution Standard (PTES)",
30349
+ "control_name": "Pre-engagement Interactions"
30350
+ },
30351
+ {
30352
+ "id": "SOC2-CC6-logical-access",
30353
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
30354
+ "control_name": "Logical and Physical Access Controls"
30355
+ },
30356
+ {
30357
+ "id": "SOC2-CC9-vendor-management",
30358
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
30359
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
30360
+ }
30361
+ ],
30362
+ "attack_refs": [
30363
+ "T0855",
30364
+ "T0883",
30365
+ "T1059",
30366
+ "T1068",
30367
+ "T1078",
30368
+ "T1133",
30369
+ "T1190",
30370
+ "T1548.001",
30371
+ "T1566"
30372
+ ],
30373
+ "rfc_refs": [
30374
+ "RFC-4301",
30375
+ "RFC-4303",
30376
+ "RFC-7296"
30377
+ ]
30378
+ }
30379
+ },
30380
+ "CVE-2026-24214": {
30381
+ "name": "NVIDIA Triton DALI Backend Integer Overflow",
30382
+ "rwep": 11,
30383
+ "cvss": 9.8,
30384
+ "cisa_kev": false,
30385
+ "epss_score": null,
30386
+ "referencing_skills": [
30387
+ "kernel-lpe-triage",
30388
+ "ai-attack-surface",
30389
+ "compliance-theater",
30390
+ "attack-surface-pentest",
30391
+ "ot-ics-security",
30392
+ "coordinated-vuln-disclosure",
30393
+ "sector-energy"
30394
+ ],
30395
+ "chain": {
30396
+ "cwes": [
30397
+ {
30398
+ "id": "CWE-1037",
30399
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
30400
+ "category": "Hardware / Side Channel"
30401
+ },
30402
+ {
30403
+ "id": "CWE-1039",
30404
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
30405
+ "category": "AI/ML"
30406
+ },
30407
+ {
30408
+ "id": "CWE-125",
30409
+ "name": "Out-of-bounds Read",
30410
+ "category": "Memory Safety"
30411
+ },
30412
+ {
30413
+ "id": "CWE-1357",
30414
+ "name": "Reliance on Insufficiently Trustworthy Component",
30415
+ "category": "Supply Chain"
30416
+ },
30417
+ {
30418
+ "id": "CWE-1395",
30419
+ "name": "Dependency on Vulnerable Third-Party Component",
30420
+ "category": "Supply Chain"
30421
+ },
30422
+ {
30423
+ "id": "CWE-1426",
30424
+ "name": "Improper Validation of Generative AI Output",
30425
+ "category": "AI/ML"
30426
+ },
30427
+ {
30428
+ "id": "CWE-22",
30429
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
30430
+ "category": "Path/Resource"
30431
+ },
30432
+ {
30433
+ "id": "CWE-269",
30434
+ "name": "Improper Privilege Management",
30435
+ "category": "Authorization"
30436
+ },
30437
+ {
30438
+ "id": "CWE-287",
30439
+ "name": "Improper Authentication",
30440
+ "category": "Authentication"
30441
+ },
30442
+ {
30443
+ "id": "CWE-306",
30444
+ "name": "Missing Authentication for Critical Function",
30445
+ "category": "Authentication"
30446
+ },
30447
+ {
30448
+ "id": "CWE-352",
30449
+ "name": "Cross-Site Request Forgery (CSRF)",
30450
+ "category": "Session"
30451
+ },
30452
+ {
30453
+ "id": "CWE-362",
30454
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
30455
+ "category": "Concurrency"
30456
+ },
30457
+ {
30458
+ "id": "CWE-416",
30459
+ "name": "Use After Free",
30460
+ "category": "Memory Safety"
30461
+ },
30462
+ {
30463
+ "id": "CWE-434",
30464
+ "name": "Unrestricted Upload of File with Dangerous Type",
30465
+ "category": "File Handling"
30466
+ },
30467
+ {
30468
+ "id": "CWE-672",
30469
+ "name": "Operation on a Resource after Expiration or Release",
30470
+ "category": "Memory Safety"
30471
+ },
30472
+ {
30473
+ "id": "CWE-732",
30474
+ "name": "Incorrect Permission Assignment for Critical Resource",
30475
+ "category": "Authorization"
30476
+ },
30477
+ {
30478
+ "id": "CWE-78",
30479
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
30480
+ "category": "Injection"
30481
+ },
30482
+ {
30483
+ "id": "CWE-787",
30484
+ "name": "Out-of-bounds Write",
30485
+ "category": "Memory Safety"
30486
+ },
30487
+ {
30488
+ "id": "CWE-79",
30489
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
30490
+ "category": "Injection"
30491
+ },
30492
+ {
30493
+ "id": "CWE-798",
30494
+ "name": "Use of Hard-coded Credentials",
30495
+ "category": "Credentials"
30496
+ },
30497
+ {
30498
+ "id": "CWE-89",
30499
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
30500
+ "category": "Injection"
30501
+ },
30502
+ {
30503
+ "id": "CWE-918",
30504
+ "name": "Server-Side Request Forgery (SSRF)",
30505
+ "category": "Network"
30506
+ },
30507
+ {
30508
+ "id": "CWE-94",
30509
+ "name": "Improper Control of Generation of Code (Code Injection)",
30510
+ "category": "Injection"
30511
+ }
30512
+ ],
30513
+ "atlas": [
30514
+ {
30515
+ "id": "AML.T0010",
30516
+ "name": "ML Supply Chain Compromise",
30517
+ "tactic": "Initial Access"
30518
+ },
30519
+ {
30520
+ "id": "AML.T0016",
30521
+ "name": "Obtain Capabilities: Develop Capabilities",
30522
+ "tactic": "Resource Development"
30523
+ },
30524
+ {
30525
+ "id": "AML.T0017",
30526
+ "name": "Discover ML Model Ontology",
30527
+ "tactic": "Discovery"
30528
+ },
30529
+ {
30530
+ "id": "AML.T0018",
30531
+ "name": "Backdoor ML Model",
30532
+ "tactic": "Persistence"
30533
+ },
30534
+ {
30535
+ "id": "AML.T0020",
30536
+ "name": "Poison Training Data",
30537
+ "tactic": "ML Attack Staging"
30538
+ },
30539
+ {
30540
+ "id": "AML.T0043",
30541
+ "name": "Craft Adversarial Data",
30542
+ "tactic": "ML Attack Staging"
30543
+ },
30544
+ {
30545
+ "id": "AML.T0051",
30546
+ "name": "LLM Prompt Injection",
30547
+ "tactic": "Execution"
30548
+ },
30549
+ {
30550
+ "id": "AML.T0054",
30551
+ "name": "LLM Jailbreak",
30552
+ "tactic": "Defense Evasion"
30553
+ },
30554
+ {
30555
+ "id": "AML.T0096",
30556
+ "name": "AI API as Covert C2 Channel",
30557
+ "tactic": "Command and Control"
30558
+ }
30559
+ ],
30560
+ "d3fend": [
30561
+ {
30562
+ "id": "D3-ASLR",
30563
+ "name": "Address Space Layout Randomization",
30564
+ "tactic": "Harden"
30565
+ },
30566
+ {
30567
+ "id": "D3-CSPP",
30568
+ "name": "Client-server Payload Profiling",
30569
+ "tactic": "Detect"
30570
+ },
30571
+ {
30572
+ "id": "D3-EAL",
30573
+ "name": "Executable Allowlisting",
30574
+ "tactic": "Harden"
30575
+ },
30576
+ {
30577
+ "id": "D3-IOPR",
30578
+ "name": "Input/Output Profiling Resource",
30579
+ "tactic": "Detect"
30580
+ },
30581
+ {
30582
+ "id": "D3-NTA",
30583
+ "name": "Network Traffic Analysis",
30584
+ "tactic": "Detect"
30585
+ },
30586
+ {
30587
+ "id": "D3-PHRA",
30588
+ "name": "Process Hardware Resource Access",
30589
+ "tactic": "Isolate"
30590
+ },
30591
+ {
30592
+ "id": "D3-PSEP",
30593
+ "name": "Process Segment Execution Prevention",
30594
+ "tactic": "Harden"
30595
+ }
30596
+ ],
30597
+ "framework_gaps": [
30598
+ {
30599
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
30600
+ "framework": "ALL",
30601
+ "control_name": "AI Pipeline Integrity"
30602
+ },
30603
+ {
30604
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
30605
+ "framework": "ALL",
30606
+ "control_name": "Prompt Injection as Access Control Failure"
30607
+ },
30608
+ {
30609
+ "id": "CIS-Controls-v8-Control7",
30610
+ "framework": "CIS Controls v8",
30611
+ "control_name": "Continuous Vulnerability Management"
30612
+ },
30613
+ {
30614
+ "id": "CMMC-2.0-Level-2",
30615
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
30616
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
30617
+ },
30618
+ {
30619
+ "id": "FedRAMP-Rev5-Moderate",
30620
+ "framework": "FedRAMP Rev 5 Moderate",
30621
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
30622
+ },
30623
+ {
30624
+ "id": "IEC-62443-3-3",
30625
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
30626
+ "control_name": "System security requirements and security levels"
30627
+ },
30628
+ {
30629
+ "id": "ISO-27001-2022-A.8.28",
30630
+ "framework": "ISO/IEC 27001:2022",
30631
+ "control_name": "Secure coding"
30632
+ },
30633
+ {
30634
+ "id": "ISO-27001-2022-A.8.8",
30635
+ "framework": "ISO/IEC 27001:2022",
30636
+ "control_name": "Management of technical vulnerabilities"
30637
+ },
30638
+ {
30639
+ "id": "ISO-IEC-23894-2023-clause-7",
30640
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
30641
+ "control_name": "AI risk management process"
30642
+ },
30643
+ {
30644
+ "id": "NERC-CIP-007-6-R4",
30645
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
30646
+ "control_name": "Security event monitoring"
30647
+ },
30648
+ {
30649
+ "id": "NIS2-Art21-patch-management",
30650
+ "framework": "EU NIS2 Directive",
30651
+ "control_name": "Vulnerability handling and disclosure"
30652
+ },
30653
+ {
30654
+ "id": "NIST-800-115",
30655
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
30656
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
30657
+ },
30658
+ {
30659
+ "id": "NIST-800-218-SSDF",
30660
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
30661
+ "control_name": "Secure Software Development Framework"
30662
+ },
30663
+ {
30664
+ "id": "NIST-800-53-AC-2",
30665
+ "framework": "NIST SP 800-53 Rev 5",
30666
+ "control_name": "Account Management"
30667
+ },
30668
+ {
30669
+ "id": "NIST-800-53-SC-8",
30670
+ "framework": "NIST SP 800-53 Rev 5",
30671
+ "control_name": "Transmission Confidentiality and Integrity"
30672
+ },
30673
+ {
30674
+ "id": "NIST-800-53-SI-2",
30675
+ "framework": "NIST SP 800-53 Rev 5",
30676
+ "control_name": "Flaw Remediation"
30677
+ },
30678
+ {
30679
+ "id": "NIST-800-53-SI-3",
30680
+ "framework": "NIST SP 800-53 Rev 5",
30681
+ "control_name": "Malicious Code Protection"
30682
+ },
30683
+ {
30684
+ "id": "NIST-800-82r3",
30685
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
30686
+ "control_name": "Guide to Operational Technology (OT) Security"
30687
+ },
30688
+ {
30689
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
30690
+ "framework": "OWASP Top 10 for LLM Applications 2025",
30691
+ "control_name": "Prompt Injection"
30692
+ },
30693
+ {
30694
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
30695
+ "framework": "OWASP Top 10 for LLM Applications 2025",
30696
+ "control_name": "Sensitive Information Disclosure"
30697
+ },
30698
+ {
30699
+ "id": "OWASP-Pen-Testing-Guide-v5",
30700
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
30701
+ "control_name": "Web application penetration testing methodology"
30702
+ },
30703
+ {
30704
+ "id": "PCI-DSS-4.0-6.3.3",
30705
+ "framework": "PCI DSS 4.0",
30706
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
30707
+ },
30708
+ {
30709
+ "id": "PTES-Pre-engagement",
30710
+ "framework": "Penetration Testing Execution Standard (PTES)",
30711
+ "control_name": "Pre-engagement Interactions"
30712
+ },
30713
+ {
30714
+ "id": "SOC2-CC6-logical-access",
30715
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
30716
+ "control_name": "Logical and Physical Access Controls"
30717
+ },
30718
+ {
30719
+ "id": "SOC2-CC9-vendor-management",
30720
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
30721
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
30722
+ }
30723
+ ],
30724
+ "attack_refs": [
30725
+ "T0855",
30726
+ "T0883",
30727
+ "T1059",
30728
+ "T1068",
30729
+ "T1078",
30730
+ "T1133",
30731
+ "T1190",
30732
+ "T1548.001",
30733
+ "T1566"
30734
+ ],
30735
+ "rfc_refs": [
30736
+ "RFC-4301",
30737
+ "RFC-4303",
30738
+ "RFC-7296"
30739
+ ]
30740
+ }
30741
+ },
30742
+ "CVE-2026-24215": {
30743
+ "name": "NVIDIA Triton DALI Backend Uncontrolled Resource Consumption (DoS)",
30744
+ "rwep": 5,
30745
+ "cvss": 7.5,
30746
+ "cisa_kev": false,
30747
+ "epss_score": null,
30748
+ "referencing_skills": [
30749
+ "kernel-lpe-triage",
30750
+ "ai-attack-surface",
30751
+ "compliance-theater",
30752
+ "attack-surface-pentest",
30753
+ "ot-ics-security",
30754
+ "coordinated-vuln-disclosure",
30755
+ "sector-energy"
30756
+ ],
30757
+ "chain": {
30758
+ "cwes": [
30759
+ {
30760
+ "id": "CWE-1037",
30761
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
30762
+ "category": "Hardware / Side Channel"
30763
+ },
30764
+ {
30765
+ "id": "CWE-1039",
30766
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
30767
+ "category": "AI/ML"
30768
+ },
30769
+ {
30770
+ "id": "CWE-125",
30771
+ "name": "Out-of-bounds Read",
30772
+ "category": "Memory Safety"
30773
+ },
30774
+ {
30775
+ "id": "CWE-1357",
30776
+ "name": "Reliance on Insufficiently Trustworthy Component",
30777
+ "category": "Supply Chain"
30778
+ },
30779
+ {
30780
+ "id": "CWE-1395",
30781
+ "name": "Dependency on Vulnerable Third-Party Component",
30782
+ "category": "Supply Chain"
30783
+ },
30784
+ {
30785
+ "id": "CWE-1426",
30786
+ "name": "Improper Validation of Generative AI Output",
30787
+ "category": "AI/ML"
30788
+ },
30789
+ {
30790
+ "id": "CWE-22",
30791
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
30792
+ "category": "Path/Resource"
30793
+ },
30794
+ {
30795
+ "id": "CWE-269",
30796
+ "name": "Improper Privilege Management",
30797
+ "category": "Authorization"
30798
+ },
30799
+ {
30800
+ "id": "CWE-287",
30801
+ "name": "Improper Authentication",
30802
+ "category": "Authentication"
30803
+ },
30804
+ {
30805
+ "id": "CWE-306",
30806
+ "name": "Missing Authentication for Critical Function",
30807
+ "category": "Authentication"
30808
+ },
30809
+ {
30810
+ "id": "CWE-352",
30811
+ "name": "Cross-Site Request Forgery (CSRF)",
30812
+ "category": "Session"
30813
+ },
30814
+ {
30815
+ "id": "CWE-362",
30816
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
30817
+ "category": "Concurrency"
30818
+ },
30819
+ {
30820
+ "id": "CWE-416",
30821
+ "name": "Use After Free",
30822
+ "category": "Memory Safety"
30823
+ },
30824
+ {
30825
+ "id": "CWE-434",
30826
+ "name": "Unrestricted Upload of File with Dangerous Type",
30827
+ "category": "File Handling"
30828
+ },
30829
+ {
30830
+ "id": "CWE-672",
30831
+ "name": "Operation on a Resource after Expiration or Release",
30832
+ "category": "Memory Safety"
30833
+ },
30834
+ {
30835
+ "id": "CWE-732",
30836
+ "name": "Incorrect Permission Assignment for Critical Resource",
30837
+ "category": "Authorization"
30838
+ },
30839
+ {
30840
+ "id": "CWE-78",
30841
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
30842
+ "category": "Injection"
30843
+ },
30844
+ {
30845
+ "id": "CWE-787",
30846
+ "name": "Out-of-bounds Write",
30847
+ "category": "Memory Safety"
30848
+ },
30849
+ {
30850
+ "id": "CWE-79",
30851
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
30852
+ "category": "Injection"
30853
+ },
30854
+ {
30855
+ "id": "CWE-798",
30856
+ "name": "Use of Hard-coded Credentials",
30857
+ "category": "Credentials"
30858
+ },
30859
+ {
30860
+ "id": "CWE-89",
30861
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
30862
+ "category": "Injection"
30863
+ },
30864
+ {
30865
+ "id": "CWE-918",
30866
+ "name": "Server-Side Request Forgery (SSRF)",
30867
+ "category": "Network"
30868
+ },
30869
+ {
30870
+ "id": "CWE-94",
30871
+ "name": "Improper Control of Generation of Code (Code Injection)",
30872
+ "category": "Injection"
30873
+ }
30874
+ ],
30875
+ "atlas": [
30876
+ {
30877
+ "id": "AML.T0010",
30878
+ "name": "ML Supply Chain Compromise",
30879
+ "tactic": "Initial Access"
30880
+ },
30881
+ {
30882
+ "id": "AML.T0016",
30883
+ "name": "Obtain Capabilities: Develop Capabilities",
30884
+ "tactic": "Resource Development"
30885
+ },
30886
+ {
30887
+ "id": "AML.T0017",
30888
+ "name": "Discover ML Model Ontology",
30889
+ "tactic": "Discovery"
30890
+ },
30891
+ {
30892
+ "id": "AML.T0018",
30893
+ "name": "Backdoor ML Model",
30894
+ "tactic": "Persistence"
30895
+ },
30896
+ {
30897
+ "id": "AML.T0020",
30898
+ "name": "Poison Training Data",
30899
+ "tactic": "ML Attack Staging"
30900
+ },
30901
+ {
30902
+ "id": "AML.T0043",
30903
+ "name": "Craft Adversarial Data",
30904
+ "tactic": "ML Attack Staging"
30905
+ },
30906
+ {
30907
+ "id": "AML.T0051",
30908
+ "name": "LLM Prompt Injection",
30909
+ "tactic": "Execution"
30910
+ },
30911
+ {
30912
+ "id": "AML.T0054",
30913
+ "name": "LLM Jailbreak",
30914
+ "tactic": "Defense Evasion"
30915
+ },
30916
+ {
30917
+ "id": "AML.T0096",
30918
+ "name": "AI API as Covert C2 Channel",
30919
+ "tactic": "Command and Control"
30920
+ }
30921
+ ],
30922
+ "d3fend": [
30923
+ {
30924
+ "id": "D3-ASLR",
30925
+ "name": "Address Space Layout Randomization",
30926
+ "tactic": "Harden"
30927
+ },
30928
+ {
30929
+ "id": "D3-CSPP",
30930
+ "name": "Client-server Payload Profiling",
30931
+ "tactic": "Detect"
30932
+ },
30933
+ {
30934
+ "id": "D3-EAL",
30935
+ "name": "Executable Allowlisting",
30936
+ "tactic": "Harden"
30937
+ },
30938
+ {
30939
+ "id": "D3-IOPR",
30940
+ "name": "Input/Output Profiling Resource",
30941
+ "tactic": "Detect"
30942
+ },
30943
+ {
30944
+ "id": "D3-NTA",
30945
+ "name": "Network Traffic Analysis",
30946
+ "tactic": "Detect"
30947
+ },
30948
+ {
30949
+ "id": "D3-PHRA",
30950
+ "name": "Process Hardware Resource Access",
30951
+ "tactic": "Isolate"
30952
+ },
30953
+ {
30954
+ "id": "D3-PSEP",
30955
+ "name": "Process Segment Execution Prevention",
30956
+ "tactic": "Harden"
30957
+ }
30958
+ ],
30959
+ "framework_gaps": [
30960
+ {
30961
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
30962
+ "framework": "ALL",
30963
+ "control_name": "AI Pipeline Integrity"
30964
+ },
30965
+ {
30966
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
30967
+ "framework": "ALL",
30968
+ "control_name": "Prompt Injection as Access Control Failure"
30969
+ },
30970
+ {
30971
+ "id": "CIS-Controls-v8-Control7",
30972
+ "framework": "CIS Controls v8",
30973
+ "control_name": "Continuous Vulnerability Management"
30974
+ },
30975
+ {
30976
+ "id": "CMMC-2.0-Level-2",
30977
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
30978
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
30979
+ },
30980
+ {
30981
+ "id": "FedRAMP-Rev5-Moderate",
30982
+ "framework": "FedRAMP Rev 5 Moderate",
30983
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
30984
+ },
30985
+ {
30986
+ "id": "IEC-62443-3-3",
30987
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
30988
+ "control_name": "System security requirements and security levels"
30989
+ },
30990
+ {
30991
+ "id": "ISO-27001-2022-A.8.28",
30992
+ "framework": "ISO/IEC 27001:2022",
30993
+ "control_name": "Secure coding"
30994
+ },
30995
+ {
30996
+ "id": "ISO-27001-2022-A.8.8",
30997
+ "framework": "ISO/IEC 27001:2022",
30998
+ "control_name": "Management of technical vulnerabilities"
30999
+ },
31000
+ {
31001
+ "id": "ISO-IEC-23894-2023-clause-7",
31002
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
31003
+ "control_name": "AI risk management process"
31004
+ },
31005
+ {
31006
+ "id": "NERC-CIP-007-6-R4",
31007
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
31008
+ "control_name": "Security event monitoring"
31009
+ },
31010
+ {
31011
+ "id": "NIS2-Art21-patch-management",
31012
+ "framework": "EU NIS2 Directive",
31013
+ "control_name": "Vulnerability handling and disclosure"
31014
+ },
31015
+ {
31016
+ "id": "NIST-800-115",
31017
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
31018
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
31019
+ },
31020
+ {
31021
+ "id": "NIST-800-218-SSDF",
31022
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
31023
+ "control_name": "Secure Software Development Framework"
31024
+ },
31025
+ {
31026
+ "id": "NIST-800-53-AC-2",
31027
+ "framework": "NIST SP 800-53 Rev 5",
31028
+ "control_name": "Account Management"
31029
+ },
31030
+ {
31031
+ "id": "NIST-800-53-SC-8",
31032
+ "framework": "NIST SP 800-53 Rev 5",
31033
+ "control_name": "Transmission Confidentiality and Integrity"
31034
+ },
31035
+ {
31036
+ "id": "NIST-800-53-SI-2",
31037
+ "framework": "NIST SP 800-53 Rev 5",
31038
+ "control_name": "Flaw Remediation"
31039
+ },
31040
+ {
31041
+ "id": "NIST-800-53-SI-3",
31042
+ "framework": "NIST SP 800-53 Rev 5",
31043
+ "control_name": "Malicious Code Protection"
31044
+ },
31045
+ {
31046
+ "id": "NIST-800-82r3",
31047
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
31048
+ "control_name": "Guide to Operational Technology (OT) Security"
31049
+ },
31050
+ {
31051
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
31052
+ "framework": "OWASP Top 10 for LLM Applications 2025",
31053
+ "control_name": "Prompt Injection"
31054
+ },
31055
+ {
31056
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
31057
+ "framework": "OWASP Top 10 for LLM Applications 2025",
31058
+ "control_name": "Sensitive Information Disclosure"
31059
+ },
31060
+ {
31061
+ "id": "OWASP-Pen-Testing-Guide-v5",
31062
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
31063
+ "control_name": "Web application penetration testing methodology"
31064
+ },
31065
+ {
31066
+ "id": "PCI-DSS-4.0-6.3.3",
31067
+ "framework": "PCI DSS 4.0",
31068
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
31069
+ },
31070
+ {
31071
+ "id": "PTES-Pre-engagement",
31072
+ "framework": "Penetration Testing Execution Standard (PTES)",
31073
+ "control_name": "Pre-engagement Interactions"
31074
+ },
31075
+ {
31076
+ "id": "SOC2-CC6-logical-access",
31077
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
31078
+ "control_name": "Logical and Physical Access Controls"
31079
+ },
31080
+ {
31081
+ "id": "SOC2-CC9-vendor-management",
31082
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
31083
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
31084
+ }
31085
+ ],
31086
+ "attack_refs": [
31087
+ "T0855",
31088
+ "T0883",
31089
+ "T1059",
31090
+ "T1068",
31091
+ "T1078",
31092
+ "T1133",
31093
+ "T1190",
31094
+ "T1548.001",
31095
+ "T1566"
31096
+ ],
31097
+ "rfc_refs": [
31098
+ "RFC-4301",
31099
+ "RFC-4303",
31100
+ "RFC-7296"
31101
+ ]
31102
+ }
31103
+ },
31104
+ "CVE-2025-32444": {
31105
+ "name": "vLLM Mooncake Integration ZeroMQ Deserialization RCE",
31106
+ "rwep": 31,
31107
+ "cvss": 9.8,
31108
+ "cisa_kev": false,
31109
+ "epss_score": null,
31110
+ "referencing_skills": [
31111
+ "kernel-lpe-triage",
31112
+ "ai-attack-surface",
31113
+ "compliance-theater",
31114
+ "ai-c2-detection",
31115
+ "attack-surface-pentest",
31116
+ "dlp-gap-analysis",
31117
+ "ot-ics-security",
31118
+ "coordinated-vuln-disclosure",
31119
+ "sector-energy"
31120
+ ],
31121
+ "chain": {
31122
+ "cwes": [
31123
+ {
31124
+ "id": "CWE-1037",
31125
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
31126
+ "category": "Hardware / Side Channel"
31127
+ },
31128
+ {
31129
+ "id": "CWE-1039",
31130
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
31131
+ "category": "AI/ML"
31132
+ },
31133
+ {
31134
+ "id": "CWE-125",
31135
+ "name": "Out-of-bounds Read",
31136
+ "category": "Memory Safety"
31137
+ },
31138
+ {
31139
+ "id": "CWE-1357",
31140
+ "name": "Reliance on Insufficiently Trustworthy Component",
31141
+ "category": "Supply Chain"
31142
+ },
31143
+ {
31144
+ "id": "CWE-1395",
31145
+ "name": "Dependency on Vulnerable Third-Party Component",
31146
+ "category": "Supply Chain"
31147
+ },
31148
+ {
31149
+ "id": "CWE-1426",
31150
+ "name": "Improper Validation of Generative AI Output",
31151
+ "category": "AI/ML"
31152
+ },
31153
+ {
31154
+ "id": "CWE-200",
31155
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
31156
+ "category": "Information Exposure"
31157
+ },
31158
+ {
31159
+ "id": "CWE-22",
31160
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
31161
+ "category": "Path/Resource"
31162
+ },
31163
+ {
31164
+ "id": "CWE-269",
31165
+ "name": "Improper Privilege Management",
31166
+ "category": "Authorization"
31167
+ },
31168
+ {
31169
+ "id": "CWE-287",
31170
+ "name": "Improper Authentication",
31171
+ "category": "Authentication"
31172
+ },
31173
+ {
31174
+ "id": "CWE-306",
31175
+ "name": "Missing Authentication for Critical Function",
31176
+ "category": "Authentication"
31177
+ },
31178
+ {
31179
+ "id": "CWE-352",
31180
+ "name": "Cross-Site Request Forgery (CSRF)",
31181
+ "category": "Session"
31182
+ },
31183
+ {
31184
+ "id": "CWE-362",
31185
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
31186
+ "category": "Concurrency"
31187
+ },
31188
+ {
31189
+ "id": "CWE-416",
31190
+ "name": "Use After Free",
31191
+ "category": "Memory Safety"
31192
+ },
31193
+ {
31194
+ "id": "CWE-434",
31195
+ "name": "Unrestricted Upload of File with Dangerous Type",
31196
+ "category": "File Handling"
31197
+ },
31198
+ {
31199
+ "id": "CWE-672",
31200
+ "name": "Operation on a Resource after Expiration or Release",
31201
+ "category": "Memory Safety"
31202
+ },
31203
+ {
31204
+ "id": "CWE-732",
31205
+ "name": "Incorrect Permission Assignment for Critical Resource",
31206
+ "category": "Authorization"
31207
+ },
31208
+ {
31209
+ "id": "CWE-78",
31210
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
31211
+ "category": "Injection"
31212
+ },
31213
+ {
31214
+ "id": "CWE-787",
31215
+ "name": "Out-of-bounds Write",
31216
+ "category": "Memory Safety"
31217
+ },
31218
+ {
31219
+ "id": "CWE-79",
31220
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
31221
+ "category": "Injection"
31222
+ },
31223
+ {
31224
+ "id": "CWE-798",
31225
+ "name": "Use of Hard-coded Credentials",
31226
+ "category": "Credentials"
31227
+ },
31228
+ {
31229
+ "id": "CWE-89",
31230
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
31231
+ "category": "Injection"
31232
+ },
31233
+ {
31234
+ "id": "CWE-918",
31235
+ "name": "Server-Side Request Forgery (SSRF)",
31236
+ "category": "Network"
31237
+ },
31238
+ {
31239
+ "id": "CWE-94",
31240
+ "name": "Improper Control of Generation of Code (Code Injection)",
31241
+ "category": "Injection"
31242
+ }
31243
+ ],
31244
+ "atlas": [
31245
+ {
31246
+ "id": "AML.T0010",
31247
+ "name": "ML Supply Chain Compromise",
31248
+ "tactic": "Initial Access"
31249
+ },
31250
+ {
31251
+ "id": "AML.T0016",
31252
+ "name": "Obtain Capabilities: Develop Capabilities",
31253
+ "tactic": "Resource Development"
31254
+ },
31255
+ {
31256
+ "id": "AML.T0017",
31257
+ "name": "Discover ML Model Ontology",
31258
+ "tactic": "Discovery"
31259
+ },
31260
+ {
31261
+ "id": "AML.T0018",
31262
+ "name": "Backdoor ML Model",
31263
+ "tactic": "Persistence"
31264
+ },
31265
+ {
31266
+ "id": "AML.T0020",
31267
+ "name": "Poison Training Data",
31268
+ "tactic": "ML Attack Staging"
31269
+ },
31270
+ {
31271
+ "id": "AML.T0043",
31272
+ "name": "Craft Adversarial Data",
31273
+ "tactic": "ML Attack Staging"
31274
+ },
31275
+ {
31276
+ "id": "AML.T0051",
31277
+ "name": "LLM Prompt Injection",
31278
+ "tactic": "Execution"
31279
+ },
31280
+ {
31281
+ "id": "AML.T0054",
31282
+ "name": "LLM Jailbreak",
31283
+ "tactic": "Defense Evasion"
31284
+ },
31285
+ {
31286
+ "id": "AML.T0096",
31287
+ "name": "AI API as Covert C2 Channel",
31288
+ "tactic": "Command and Control"
31289
+ }
31290
+ ],
31291
+ "d3fend": [
31292
+ {
31293
+ "id": "D3-ASLR",
31294
+ "name": "Address Space Layout Randomization",
31295
+ "tactic": "Harden"
31296
+ },
31297
+ {
31298
+ "id": "D3-CA",
31299
+ "name": "Certificate Analysis",
31300
+ "tactic": "Detect"
31301
+ },
31302
+ {
31303
+ "id": "D3-CSPP",
31304
+ "name": "Client-server Payload Profiling",
31305
+ "tactic": "Detect"
31306
+ },
31307
+ {
31308
+ "id": "D3-DA",
31309
+ "name": "Domain Analysis",
31310
+ "tactic": "Detect"
31311
+ },
31312
+ {
31313
+ "id": "D3-EAL",
31314
+ "name": "Executable Allowlisting",
31315
+ "tactic": "Harden"
31316
+ },
31317
+ {
31318
+ "id": "D3-IOPR",
31319
+ "name": "Input/Output Profiling Resource",
31320
+ "tactic": "Detect"
31321
+ },
31322
+ {
31323
+ "id": "D3-NI",
31324
+ "name": "Network Isolation",
31325
+ "tactic": "Isolate"
31326
+ },
31327
+ {
31328
+ "id": "D3-NTA",
31329
+ "name": "Network Traffic Analysis",
31330
+ "tactic": "Detect"
31331
+ },
31332
+ {
31333
+ "id": "D3-NTPM",
31334
+ "name": "Network Traffic Policy Mapping",
31335
+ "tactic": "Model"
31336
+ },
31337
+ {
31338
+ "id": "D3-PHRA",
31339
+ "name": "Process Hardware Resource Access",
31340
+ "tactic": "Isolate"
31341
+ },
31342
+ {
31343
+ "id": "D3-PSEP",
31344
+ "name": "Process Segment Execution Prevention",
31345
+ "tactic": "Harden"
31346
+ }
31347
+ ],
31348
+ "framework_gaps": [
31349
+ {
31350
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
31351
+ "framework": "ALL",
31352
+ "control_name": "AI Pipeline Integrity"
31353
+ },
31354
+ {
31355
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
31356
+ "framework": "ALL",
31357
+ "control_name": "Prompt Injection as Access Control Failure"
31358
+ },
31359
+ {
31360
+ "id": "CIS-Controls-v8-Control7",
31361
+ "framework": "CIS Controls v8",
31362
+ "control_name": "Continuous Vulnerability Management"
31363
+ },
31364
+ {
31365
+ "id": "CMMC-2.0-Level-2",
31366
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
31367
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
31368
+ },
31369
+ {
31370
+ "id": "FedRAMP-Rev5-Moderate",
31371
+ "framework": "FedRAMP Rev 5 Moderate",
31372
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
31373
+ },
31374
+ {
31375
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
31376
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
31377
+ "control_name": "Access control standard (technical safeguards)"
31378
+ },
31379
+ {
31380
+ "id": "IEC-62443-3-3",
31381
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
31382
+ "control_name": "System security requirements and security levels"
31383
+ },
31384
+ {
31385
+ "id": "ISO-27001-2022-A.8.16",
31386
+ "framework": "ISO/IEC 27001:2022",
31387
+ "control_name": "Monitoring activities"
31388
+ },
31389
+ {
31390
+ "id": "ISO-27001-2022-A.8.28",
31391
+ "framework": "ISO/IEC 27001:2022",
31392
+ "control_name": "Secure coding"
31393
+ },
31394
+ {
31395
+ "id": "ISO-27001-2022-A.8.8",
31396
+ "framework": "ISO/IEC 27001:2022",
31397
+ "control_name": "Management of technical vulnerabilities"
31398
+ },
31399
+ {
31400
+ "id": "ISO-IEC-23894-2023-clause-7",
31401
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
31402
+ "control_name": "AI risk management process"
31403
+ },
31404
+ {
31405
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
31406
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
31407
+ "control_name": "AI risk assessment"
31408
+ },
31409
+ {
31410
+ "id": "NERC-CIP-007-6-R4",
31411
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
31412
+ "control_name": "Security event monitoring"
31413
+ },
31414
+ {
31415
+ "id": "NIS2-Art21-patch-management",
31416
+ "framework": "EU NIS2 Directive",
31417
+ "control_name": "Vulnerability handling and disclosure"
31418
+ },
31419
+ {
31420
+ "id": "NIST-800-115",
31421
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
31422
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
31423
+ },
31424
+ {
31425
+ "id": "NIST-800-218-SSDF",
31426
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
31427
+ "control_name": "Secure Software Development Framework"
31428
+ },
31429
+ {
31430
+ "id": "NIST-800-53-AC-2",
31431
+ "framework": "NIST SP 800-53 Rev 5",
31432
+ "control_name": "Account Management"
31433
+ },
31434
+ {
31435
+ "id": "NIST-800-53-SC-28",
31436
+ "framework": "NIST SP 800-53 Rev 5",
31437
+ "control_name": "Protection of Information at Rest"
31438
+ },
31439
+ {
31440
+ "id": "NIST-800-53-SC-7",
31441
+ "framework": "NIST SP 800-53 Rev 5",
31442
+ "control_name": "Boundary Protection"
31443
+ },
31444
+ {
31445
+ "id": "NIST-800-53-SC-8",
31446
+ "framework": "NIST SP 800-53 Rev 5",
31447
+ "control_name": "Transmission Confidentiality and Integrity"
31448
+ },
31449
+ {
31450
+ "id": "NIST-800-53-SI-2",
31451
+ "framework": "NIST SP 800-53 Rev 5",
31452
+ "control_name": "Flaw Remediation"
31453
+ },
31454
+ {
31455
+ "id": "NIST-800-53-SI-3",
31456
+ "framework": "NIST SP 800-53 Rev 5",
31457
+ "control_name": "Malicious Code Protection"
31458
+ },
31459
+ {
31460
+ "id": "NIST-800-82r3",
31461
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
31462
+ "control_name": "Guide to Operational Technology (OT) Security"
31463
+ },
31464
+ {
31465
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
31466
+ "framework": "OWASP Top 10 for LLM Applications 2025",
31467
+ "control_name": "Prompt Injection"
31468
+ },
31469
+ {
31470
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
31471
+ "framework": "OWASP Top 10 for LLM Applications 2025",
31472
+ "control_name": "Sensitive Information Disclosure"
31473
+ },
31474
+ {
31475
+ "id": "OWASP-Pen-Testing-Guide-v5",
31476
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
31477
+ "control_name": "Web application penetration testing methodology"
31478
+ },
31479
+ {
31480
+ "id": "PCI-DSS-4.0-6.3.3",
31481
+ "framework": "PCI DSS 4.0",
31482
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
31483
+ },
31484
+ {
31485
+ "id": "PTES-Pre-engagement",
31486
+ "framework": "Penetration Testing Execution Standard (PTES)",
31487
+ "control_name": "Pre-engagement Interactions"
31488
+ },
31489
+ {
31490
+ "id": "SOC2-CC6-logical-access",
31491
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
31492
+ "control_name": "Logical and Physical Access Controls"
31493
+ },
31494
+ {
31495
+ "id": "SOC2-CC7-anomaly-detection",
31496
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
31497
+ "control_name": "System Operations — Threat and Vulnerability Management"
31498
+ },
31499
+ {
31500
+ "id": "SOC2-CC9-vendor-management",
31501
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
31502
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
31503
+ }
31504
+ ],
31505
+ "attack_refs": [
31506
+ "T0855",
31507
+ "T0883",
31508
+ "T1041",
31509
+ "T1059",
31510
+ "T1068",
31511
+ "T1071",
31512
+ "T1078",
31513
+ "T1102",
31514
+ "T1133",
31515
+ "T1190",
31516
+ "T1213",
31517
+ "T1530",
31518
+ "T1548.001",
31519
+ "T1566",
31520
+ "T1567",
31521
+ "T1568"
31522
+ ],
31523
+ "rfc_refs": [
31524
+ "RFC-4301",
31525
+ "RFC-4303",
31526
+ "RFC-7296",
31527
+ "RFC-8446",
31528
+ "RFC-9000",
31529
+ "RFC-9114",
31530
+ "RFC-9180",
31531
+ "RFC-9421",
31532
+ "RFC-9458"
31533
+ ]
31534
+ }
31535
+ },
31536
+ "CVE-2025-30202": {
31537
+ "name": "vLLM Distributed XPUB ZeroMQ Socket All-Interface Exposure",
31538
+ "rwep": 27,
31539
+ "cvss": 7.5,
31540
+ "cisa_kev": false,
31541
+ "epss_score": null,
31542
+ "referencing_skills": [
31543
+ "kernel-lpe-triage",
31544
+ "ai-attack-surface",
31545
+ "compliance-theater",
31546
+ "ai-c2-detection",
31547
+ "attack-surface-pentest",
31548
+ "dlp-gap-analysis",
31549
+ "ot-ics-security",
31550
+ "coordinated-vuln-disclosure",
31551
+ "sector-energy"
31552
+ ],
31553
+ "chain": {
31554
+ "cwes": [
31555
+ {
31556
+ "id": "CWE-1037",
31557
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
31558
+ "category": "Hardware / Side Channel"
31559
+ },
31560
+ {
31561
+ "id": "CWE-1039",
31562
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
31563
+ "category": "AI/ML"
31564
+ },
31565
+ {
31566
+ "id": "CWE-125",
31567
+ "name": "Out-of-bounds Read",
31568
+ "category": "Memory Safety"
31569
+ },
31570
+ {
31571
+ "id": "CWE-1357",
31572
+ "name": "Reliance on Insufficiently Trustworthy Component",
31573
+ "category": "Supply Chain"
31574
+ },
31575
+ {
31576
+ "id": "CWE-1395",
31577
+ "name": "Dependency on Vulnerable Third-Party Component",
31578
+ "category": "Supply Chain"
31579
+ },
31580
+ {
31581
+ "id": "CWE-1426",
31582
+ "name": "Improper Validation of Generative AI Output",
31583
+ "category": "AI/ML"
31584
+ },
31585
+ {
31586
+ "id": "CWE-200",
31587
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
31588
+ "category": "Information Exposure"
31589
+ },
31590
+ {
31591
+ "id": "CWE-22",
31592
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
31593
+ "category": "Path/Resource"
31594
+ },
31595
+ {
31596
+ "id": "CWE-269",
31597
+ "name": "Improper Privilege Management",
31598
+ "category": "Authorization"
31599
+ },
31600
+ {
31601
+ "id": "CWE-287",
31602
+ "name": "Improper Authentication",
31603
+ "category": "Authentication"
31604
+ },
31605
+ {
31606
+ "id": "CWE-306",
31607
+ "name": "Missing Authentication for Critical Function",
31608
+ "category": "Authentication"
31609
+ },
31610
+ {
31611
+ "id": "CWE-352",
31612
+ "name": "Cross-Site Request Forgery (CSRF)",
31613
+ "category": "Session"
31614
+ },
31615
+ {
31616
+ "id": "CWE-362",
31617
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
31618
+ "category": "Concurrency"
31619
+ },
31620
+ {
31621
+ "id": "CWE-416",
31622
+ "name": "Use After Free",
31623
+ "category": "Memory Safety"
31624
+ },
31625
+ {
31626
+ "id": "CWE-434",
31627
+ "name": "Unrestricted Upload of File with Dangerous Type",
31628
+ "category": "File Handling"
31629
+ },
31630
+ {
31631
+ "id": "CWE-672",
31632
+ "name": "Operation on a Resource after Expiration or Release",
31633
+ "category": "Memory Safety"
31634
+ },
31635
+ {
31636
+ "id": "CWE-732",
31637
+ "name": "Incorrect Permission Assignment for Critical Resource",
31638
+ "category": "Authorization"
31639
+ },
31640
+ {
31641
+ "id": "CWE-78",
31642
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
31643
+ "category": "Injection"
31644
+ },
31645
+ {
31646
+ "id": "CWE-787",
31647
+ "name": "Out-of-bounds Write",
31648
+ "category": "Memory Safety"
31649
+ },
31650
+ {
31651
+ "id": "CWE-79",
31652
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
31653
+ "category": "Injection"
31654
+ },
31655
+ {
31656
+ "id": "CWE-798",
31657
+ "name": "Use of Hard-coded Credentials",
31658
+ "category": "Credentials"
31659
+ },
31660
+ {
31661
+ "id": "CWE-89",
31662
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
31663
+ "category": "Injection"
31664
+ },
31665
+ {
31666
+ "id": "CWE-918",
31667
+ "name": "Server-Side Request Forgery (SSRF)",
31668
+ "category": "Network"
31669
+ },
31670
+ {
31671
+ "id": "CWE-94",
31672
+ "name": "Improper Control of Generation of Code (Code Injection)",
31673
+ "category": "Injection"
31674
+ }
31675
+ ],
31676
+ "atlas": [
31677
+ {
31678
+ "id": "AML.T0010",
31679
+ "name": "ML Supply Chain Compromise",
31680
+ "tactic": "Initial Access"
31681
+ },
31682
+ {
31683
+ "id": "AML.T0016",
31684
+ "name": "Obtain Capabilities: Develop Capabilities",
31685
+ "tactic": "Resource Development"
31686
+ },
31687
+ {
31688
+ "id": "AML.T0017",
31689
+ "name": "Discover ML Model Ontology",
31690
+ "tactic": "Discovery"
31691
+ },
31692
+ {
31693
+ "id": "AML.T0018",
31694
+ "name": "Backdoor ML Model",
31695
+ "tactic": "Persistence"
31696
+ },
31697
+ {
31698
+ "id": "AML.T0020",
31699
+ "name": "Poison Training Data",
31700
+ "tactic": "ML Attack Staging"
31701
+ },
31702
+ {
31703
+ "id": "AML.T0043",
31704
+ "name": "Craft Adversarial Data",
31705
+ "tactic": "ML Attack Staging"
31706
+ },
31707
+ {
31708
+ "id": "AML.T0051",
31709
+ "name": "LLM Prompt Injection",
31710
+ "tactic": "Execution"
31711
+ },
31712
+ {
31713
+ "id": "AML.T0054",
31714
+ "name": "LLM Jailbreak",
31715
+ "tactic": "Defense Evasion"
31716
+ },
31717
+ {
31718
+ "id": "AML.T0096",
31719
+ "name": "AI API as Covert C2 Channel",
31720
+ "tactic": "Command and Control"
31721
+ }
31722
+ ],
31723
+ "d3fend": [
31724
+ {
31725
+ "id": "D3-ASLR",
31726
+ "name": "Address Space Layout Randomization",
31727
+ "tactic": "Harden"
31728
+ },
31729
+ {
31730
+ "id": "D3-CA",
31731
+ "name": "Certificate Analysis",
31732
+ "tactic": "Detect"
31733
+ },
31734
+ {
31735
+ "id": "D3-CSPP",
31736
+ "name": "Client-server Payload Profiling",
31737
+ "tactic": "Detect"
31738
+ },
31739
+ {
31740
+ "id": "D3-DA",
31741
+ "name": "Domain Analysis",
31742
+ "tactic": "Detect"
31743
+ },
31744
+ {
31745
+ "id": "D3-EAL",
31746
+ "name": "Executable Allowlisting",
31747
+ "tactic": "Harden"
31748
+ },
31749
+ {
31750
+ "id": "D3-IOPR",
31751
+ "name": "Input/Output Profiling Resource",
31752
+ "tactic": "Detect"
31753
+ },
31754
+ {
31755
+ "id": "D3-NI",
31756
+ "name": "Network Isolation",
31757
+ "tactic": "Isolate"
31758
+ },
31759
+ {
31760
+ "id": "D3-NTA",
31761
+ "name": "Network Traffic Analysis",
31762
+ "tactic": "Detect"
31763
+ },
31764
+ {
31765
+ "id": "D3-NTPM",
31766
+ "name": "Network Traffic Policy Mapping",
31767
+ "tactic": "Model"
31768
+ },
31769
+ {
31770
+ "id": "D3-PHRA",
31771
+ "name": "Process Hardware Resource Access",
31772
+ "tactic": "Isolate"
31773
+ },
31774
+ {
31775
+ "id": "D3-PSEP",
31776
+ "name": "Process Segment Execution Prevention",
31777
+ "tactic": "Harden"
31778
+ }
31779
+ ],
31780
+ "framework_gaps": [
31781
+ {
31782
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
31783
+ "framework": "ALL",
31784
+ "control_name": "AI Pipeline Integrity"
31785
+ },
31786
+ {
31787
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
31788
+ "framework": "ALL",
31789
+ "control_name": "Prompt Injection as Access Control Failure"
31790
+ },
31791
+ {
31792
+ "id": "CIS-Controls-v8-Control7",
31793
+ "framework": "CIS Controls v8",
31794
+ "control_name": "Continuous Vulnerability Management"
31795
+ },
31796
+ {
31797
+ "id": "CMMC-2.0-Level-2",
31798
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
31799
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
31800
+ },
31801
+ {
31802
+ "id": "FedRAMP-Rev5-Moderate",
31803
+ "framework": "FedRAMP Rev 5 Moderate",
31804
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
31805
+ },
31806
+ {
31807
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
31808
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
31809
+ "control_name": "Access control standard (technical safeguards)"
31810
+ },
31811
+ {
31812
+ "id": "IEC-62443-3-3",
31813
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
31814
+ "control_name": "System security requirements and security levels"
31815
+ },
31816
+ {
31817
+ "id": "ISO-27001-2022-A.8.16",
31818
+ "framework": "ISO/IEC 27001:2022",
31819
+ "control_name": "Monitoring activities"
31820
+ },
31821
+ {
31822
+ "id": "ISO-27001-2022-A.8.28",
31823
+ "framework": "ISO/IEC 27001:2022",
31824
+ "control_name": "Secure coding"
31825
+ },
31826
+ {
31827
+ "id": "ISO-27001-2022-A.8.8",
31828
+ "framework": "ISO/IEC 27001:2022",
31829
+ "control_name": "Management of technical vulnerabilities"
31830
+ },
31831
+ {
31832
+ "id": "ISO-IEC-23894-2023-clause-7",
31833
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
31834
+ "control_name": "AI risk management process"
31835
+ },
31836
+ {
31837
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
31838
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
31839
+ "control_name": "AI risk assessment"
31840
+ },
31841
+ {
31842
+ "id": "NERC-CIP-007-6-R4",
31843
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
31844
+ "control_name": "Security event monitoring"
31845
+ },
31846
+ {
31847
+ "id": "NIS2-Art21-patch-management",
31848
+ "framework": "EU NIS2 Directive",
31849
+ "control_name": "Vulnerability handling and disclosure"
31850
+ },
31851
+ {
31852
+ "id": "NIST-800-115",
31853
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
31854
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
31855
+ },
31856
+ {
31857
+ "id": "NIST-800-218-SSDF",
31858
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
31859
+ "control_name": "Secure Software Development Framework"
31860
+ },
31861
+ {
31862
+ "id": "NIST-800-53-AC-2",
31863
+ "framework": "NIST SP 800-53 Rev 5",
31864
+ "control_name": "Account Management"
31865
+ },
31866
+ {
31867
+ "id": "NIST-800-53-SC-28",
31868
+ "framework": "NIST SP 800-53 Rev 5",
31869
+ "control_name": "Protection of Information at Rest"
31870
+ },
31871
+ {
31872
+ "id": "NIST-800-53-SC-7",
31873
+ "framework": "NIST SP 800-53 Rev 5",
31874
+ "control_name": "Boundary Protection"
31875
+ },
31876
+ {
31877
+ "id": "NIST-800-53-SC-8",
31878
+ "framework": "NIST SP 800-53 Rev 5",
31879
+ "control_name": "Transmission Confidentiality and Integrity"
31880
+ },
31881
+ {
31882
+ "id": "NIST-800-53-SI-2",
31883
+ "framework": "NIST SP 800-53 Rev 5",
31884
+ "control_name": "Flaw Remediation"
31885
+ },
31886
+ {
31887
+ "id": "NIST-800-53-SI-3",
31888
+ "framework": "NIST SP 800-53 Rev 5",
31889
+ "control_name": "Malicious Code Protection"
31890
+ },
31891
+ {
31892
+ "id": "NIST-800-82r3",
31893
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
31894
+ "control_name": "Guide to Operational Technology (OT) Security"
31895
+ },
31896
+ {
31897
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
31898
+ "framework": "OWASP Top 10 for LLM Applications 2025",
31899
+ "control_name": "Prompt Injection"
31900
+ },
31901
+ {
31902
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
31903
+ "framework": "OWASP Top 10 for LLM Applications 2025",
31904
+ "control_name": "Sensitive Information Disclosure"
31905
+ },
31906
+ {
31907
+ "id": "OWASP-Pen-Testing-Guide-v5",
31908
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
31909
+ "control_name": "Web application penetration testing methodology"
31910
+ },
31911
+ {
31912
+ "id": "PCI-DSS-4.0-6.3.3",
31913
+ "framework": "PCI DSS 4.0",
31914
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
31915
+ },
31916
+ {
31917
+ "id": "PTES-Pre-engagement",
31918
+ "framework": "Penetration Testing Execution Standard (PTES)",
31919
+ "control_name": "Pre-engagement Interactions"
31920
+ },
31921
+ {
31922
+ "id": "SOC2-CC6-logical-access",
31923
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
31924
+ "control_name": "Logical and Physical Access Controls"
31925
+ },
31926
+ {
31927
+ "id": "SOC2-CC7-anomaly-detection",
31928
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
31929
+ "control_name": "System Operations — Threat and Vulnerability Management"
31930
+ },
31931
+ {
31932
+ "id": "SOC2-CC9-vendor-management",
31933
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
31934
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
31935
+ }
31936
+ ],
31937
+ "attack_refs": [
31938
+ "T0855",
31939
+ "T0883",
31940
+ "T1041",
31941
+ "T1059",
31942
+ "T1068",
31943
+ "T1071",
31944
+ "T1078",
31945
+ "T1102",
31946
+ "T1133",
31947
+ "T1190",
31948
+ "T1213",
31949
+ "T1530",
31950
+ "T1548.001",
31951
+ "T1566",
31952
+ "T1567",
31953
+ "T1568"
31954
+ ],
31955
+ "rfc_refs": [
31956
+ "RFC-4301",
31957
+ "RFC-4303",
31958
+ "RFC-7296",
31959
+ "RFC-8446",
31960
+ "RFC-9000",
31961
+ "RFC-9114",
31962
+ "RFC-9180",
31963
+ "RFC-9421",
31964
+ "RFC-9458"
31965
+ ]
31966
+ }
31967
+ },
30018
31968
  "CVE-2026-41091": {
30019
31969
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
30020
31970
  "rwep": 45,
@@ -56415,6 +58365,8 @@
56415
58365
  "CVE-2025-23254",
56416
58366
  "CVE-2025-23266",
56417
58367
  "CVE-2025-30165",
58368
+ "CVE-2025-30202",
58369
+ "CVE-2025-32444",
56418
58370
  "CVE-2025-34291",
56419
58371
  "CVE-2025-38352",
56420
58372
  "CVE-2025-43300",
@@ -56431,6 +58383,9 @@
56431
58383
  "CVE-2026-22688",
56432
58384
  "CVE-2026-24206",
56433
58385
  "CVE-2026-24207",
58386
+ "CVE-2026-24213",
58387
+ "CVE-2026-24214",
58388
+ "CVE-2026-24215",
56434
58389
  "CVE-2026-25592",
56435
58390
  "CVE-2026-26015",
56436
58391
  "CVE-2026-30615",
@@ -56798,6 +58753,8 @@
56798
58753
  "CVE-2025-23254",
56799
58754
  "CVE-2025-23266",
56800
58755
  "CVE-2025-30165",
58756
+ "CVE-2025-30202",
58757
+ "CVE-2025-32444",
56801
58758
  "CVE-2025-34291",
56802
58759
  "CVE-2025-38352",
56803
58760
  "CVE-2025-43300",
@@ -56812,6 +58769,9 @@
56812
58769
  "CVE-2026-22688",
56813
58770
  "CVE-2026-24206",
56814
58771
  "CVE-2026-24207",
58772
+ "CVE-2026-24213",
58773
+ "CVE-2026-24214",
58774
+ "CVE-2026-24215",
56815
58775
  "CVE-2026-25592",
56816
58776
  "CVE-2026-26015",
56817
58777
  "CVE-2026-30616",
@@ -56974,6 +58934,8 @@
56974
58934
  "CVE-2025-23254",
56975
58935
  "CVE-2025-23266",
56976
58936
  "CVE-2025-30165",
58937
+ "CVE-2025-30202",
58938
+ "CVE-2025-32444",
56977
58939
  "CVE-2025-34291",
56978
58940
  "CVE-2025-38352",
56979
58941
  "CVE-2025-43300",
@@ -56988,6 +58950,9 @@
56988
58950
  "CVE-2026-22688",
56989
58951
  "CVE-2026-24206",
56990
58952
  "CVE-2026-24207",
58953
+ "CVE-2026-24213",
58954
+ "CVE-2026-24214",
58955
+ "CVE-2026-24215",
56991
58956
  "CVE-2026-25592",
56992
58957
  "CVE-2026-26015",
56993
58958
  "CVE-2026-30616",
@@ -57164,6 +59129,8 @@
57164
59129
  "CVE-2025-23254",
57165
59130
  "CVE-2025-23266",
57166
59131
  "CVE-2025-30165",
59132
+ "CVE-2025-30202",
59133
+ "CVE-2025-32444",
57167
59134
  "CVE-2025-34291",
57168
59135
  "CVE-2025-38352",
57169
59136
  "CVE-2025-43300",
@@ -57178,6 +59145,9 @@
57178
59145
  "CVE-2026-22688",
57179
59146
  "CVE-2026-24206",
57180
59147
  "CVE-2026-24207",
59148
+ "CVE-2026-24213",
59149
+ "CVE-2026-24214",
59150
+ "CVE-2026-24215",
57181
59151
  "CVE-2026-25592",
57182
59152
  "CVE-2026-26015",
57183
59153
  "CVE-2026-30616",
@@ -57459,6 +59429,8 @@
57459
59429
  "CVE-2025-23254",
57460
59430
  "CVE-2025-23266",
57461
59431
  "CVE-2025-30165",
59432
+ "CVE-2025-30202",
59433
+ "CVE-2025-32444",
57462
59434
  "CVE-2025-34291",
57463
59435
  "CVE-2025-49596",
57464
59436
  "CVE-2025-49844",
@@ -57474,6 +59446,9 @@
57474
59446
  "CVE-2026-22778",
57475
59447
  "CVE-2026-24206",
57476
59448
  "CVE-2026-24207",
59449
+ "CVE-2026-24213",
59450
+ "CVE-2026-24214",
59451
+ "CVE-2026-24215",
57477
59452
  "CVE-2026-25592",
57478
59453
  "CVE-2026-26015",
57479
59454
  "CVE-2026-30615",
@@ -57759,11 +59734,13 @@
57759
59734
  "CVE-2025-27920",
57760
59735
  "CVE-2025-29635",
57761
59736
  "CVE-2025-30165",
59737
+ "CVE-2025-30202",
57762
59738
  "CVE-2025-30397",
57763
59739
  "CVE-2025-31125",
57764
59740
  "CVE-2025-31277",
57765
59741
  "CVE-2025-32432",
57766
59742
  "CVE-2025-32433",
59743
+ "CVE-2025-32444",
57767
59744
  "CVE-2025-32463",
57768
59745
  "CVE-2025-32701",
57769
59746
  "CVE-2025-32706",
@@ -57899,6 +59876,9 @@
57899
59876
  "CVE-2026-24061",
57900
59877
  "CVE-2026-24206",
57901
59878
  "CVE-2026-24207",
59879
+ "CVE-2026-24213",
59880
+ "CVE-2026-24214",
59881
+ "CVE-2026-24215",
57902
59882
  "CVE-2026-2441",
57903
59883
  "CVE-2026-24423",
57904
59884
  "CVE-2026-24858",
@@ -58170,6 +60150,8 @@
58170
60150
  "CVE-2025-14847",
58171
60151
  "CVE-2025-22226",
58172
60152
  "CVE-2025-23266",
60153
+ "CVE-2025-30202",
60154
+ "CVE-2025-32444",
58173
60155
  "CVE-2025-49844",
58174
60156
  "CVE-2025-53767",
58175
60157
  "CVE-2025-53773",
@@ -58544,6 +60526,8 @@
58544
60526
  "CVE-2025-23254",
58545
60527
  "CVE-2025-23266",
58546
60528
  "CVE-2025-30165",
60529
+ "CVE-2025-30202",
60530
+ "CVE-2025-32444",
58547
60531
  "CVE-2025-34291",
58548
60532
  "CVE-2025-38352",
58549
60533
  "CVE-2025-43300",
@@ -58560,6 +60544,9 @@
58560
60544
  "CVE-2026-22688",
58561
60545
  "CVE-2026-24206",
58562
60546
  "CVE-2026-24207",
60547
+ "CVE-2026-24213",
60548
+ "CVE-2026-24214",
60549
+ "CVE-2026-24215",
58563
60550
  "CVE-2026-25592",
58564
60551
  "CVE-2026-26015",
58565
60552
  "CVE-2026-30615",
@@ -59159,6 +61146,8 @@
59159
61146
  "CVE-2025-23254",
59160
61147
  "CVE-2025-23266",
59161
61148
  "CVE-2025-30165",
61149
+ "CVE-2025-30202",
61150
+ "CVE-2025-32444",
59162
61151
  "CVE-2025-34291",
59163
61152
  "CVE-2025-38352",
59164
61153
  "CVE-2025-43300",
@@ -59175,6 +61164,9 @@
59175
61164
  "CVE-2026-22688",
59176
61165
  "CVE-2026-24206",
59177
61166
  "CVE-2026-24207",
61167
+ "CVE-2026-24213",
61168
+ "CVE-2026-24214",
61169
+ "CVE-2026-24215",
59178
61170
  "CVE-2026-25592",
59179
61171
  "CVE-2026-26015",
59180
61172
  "CVE-2026-30615",
@@ -59410,6 +61402,8 @@
59410
61402
  "CVE-2025-23254",
59411
61403
  "CVE-2025-23266",
59412
61404
  "CVE-2025-30165",
61405
+ "CVE-2025-30202",
61406
+ "CVE-2025-32444",
59413
61407
  "CVE-2025-34291",
59414
61408
  "CVE-2025-38352",
59415
61409
  "CVE-2025-43300",
@@ -59424,6 +61418,9 @@
59424
61418
  "CVE-2026-22688",
59425
61419
  "CVE-2026-24206",
59426
61420
  "CVE-2026-24207",
61421
+ "CVE-2026-24213",
61422
+ "CVE-2026-24214",
61423
+ "CVE-2026-24215",
59427
61424
  "CVE-2026-25592",
59428
61425
  "CVE-2026-26015",
59429
61426
  "CVE-2026-30615",
@@ -60091,6 +62088,8 @@
60091
62088
  "CVE-2025-23254",
60092
62089
  "CVE-2025-23266",
60093
62090
  "CVE-2025-30165",
62091
+ "CVE-2025-30202",
62092
+ "CVE-2025-32444",
60094
62093
  "CVE-2025-34291",
60095
62094
  "CVE-2025-38352",
60096
62095
  "CVE-2025-43300",
@@ -60107,6 +62106,9 @@
60107
62106
  "CVE-2026-22688",
60108
62107
  "CVE-2026-24206",
60109
62108
  "CVE-2026-24207",
62109
+ "CVE-2026-24213",
62110
+ "CVE-2026-24214",
62111
+ "CVE-2026-24215",
60110
62112
  "CVE-2026-25592",
60111
62113
  "CVE-2026-26015",
60112
62114
  "CVE-2026-30615",
@@ -60397,11 +62399,13 @@
60397
62399
  "CVE-2025-27920",
60398
62400
  "CVE-2025-29635",
60399
62401
  "CVE-2025-30165",
62402
+ "CVE-2025-30202",
60400
62403
  "CVE-2025-30397",
60401
62404
  "CVE-2025-31125",
60402
62405
  "CVE-2025-31277",
60403
62406
  "CVE-2025-32432",
60404
62407
  "CVE-2025-32433",
62408
+ "CVE-2025-32444",
60405
62409
  "CVE-2025-32463",
60406
62410
  "CVE-2025-32701",
60407
62411
  "CVE-2025-32706",
@@ -60537,6 +62541,9 @@
60537
62541
  "CVE-2026-24061",
60538
62542
  "CVE-2026-24206",
60539
62543
  "CVE-2026-24207",
62544
+ "CVE-2026-24213",
62545
+ "CVE-2026-24214",
62546
+ "CVE-2026-24215",
60540
62547
  "CVE-2026-2441",
60541
62548
  "CVE-2026-24423",
60542
62549
  "CVE-2026-24858",
@@ -60833,11 +62840,13 @@
60833
62840
  "CVE-2025-27920",
60834
62841
  "CVE-2025-29635",
60835
62842
  "CVE-2025-30165",
62843
+ "CVE-2025-30202",
60836
62844
  "CVE-2025-30397",
60837
62845
  "CVE-2025-31125",
60838
62846
  "CVE-2025-31277",
60839
62847
  "CVE-2025-32432",
60840
62848
  "CVE-2025-32433",
62849
+ "CVE-2025-32444",
60841
62850
  "CVE-2025-32463",
60842
62851
  "CVE-2025-32701",
60843
62852
  "CVE-2025-32706",
@@ -60973,6 +62982,9 @@
60973
62982
  "CVE-2026-24061",
60974
62983
  "CVE-2026-24206",
60975
62984
  "CVE-2026-24207",
62985
+ "CVE-2026-24213",
62986
+ "CVE-2026-24214",
62987
+ "CVE-2026-24215",
60976
62988
  "CVE-2026-2441",
60977
62989
  "CVE-2026-24423",
60978
62990
  "CVE-2026-24858",
@@ -61251,6 +63263,8 @@
61251
63263
  "CVE-2025-23254",
61252
63264
  "CVE-2025-23266",
61253
63265
  "CVE-2025-30165",
63266
+ "CVE-2025-30202",
63267
+ "CVE-2025-32444",
61254
63268
  "CVE-2025-34291",
61255
63269
  "CVE-2025-38352",
61256
63270
  "CVE-2025-43300",
@@ -61267,6 +63281,9 @@
61267
63281
  "CVE-2026-22688",
61268
63282
  "CVE-2026-24206",
61269
63283
  "CVE-2026-24207",
63284
+ "CVE-2026-24213",
63285
+ "CVE-2026-24214",
63286
+ "CVE-2026-24215",
61270
63287
  "CVE-2026-25592",
61271
63288
  "CVE-2026-26015",
61272
63289
  "CVE-2026-30615",
@@ -62109,11 +64126,13 @@
62109
64126
  "CVE-2025-27920",
62110
64127
  "CVE-2025-29635",
62111
64128
  "CVE-2025-30165",
64129
+ "CVE-2025-30202",
62112
64130
  "CVE-2025-30397",
62113
64131
  "CVE-2025-31125",
62114
64132
  "CVE-2025-31277",
62115
64133
  "CVE-2025-32432",
62116
64134
  "CVE-2025-32433",
64135
+ "CVE-2025-32444",
62117
64136
  "CVE-2025-32463",
62118
64137
  "CVE-2025-32701",
62119
64138
  "CVE-2025-32706",
@@ -62249,6 +64268,9 @@
62249
64268
  "CVE-2026-24061",
62250
64269
  "CVE-2026-24206",
62251
64270
  "CVE-2026-24207",
64271
+ "CVE-2026-24213",
64272
+ "CVE-2026-24214",
64273
+ "CVE-2026-24215",
62252
64274
  "CVE-2026-2441",
62253
64275
  "CVE-2026-24423",
62254
64276
  "CVE-2026-24858",
@@ -62591,6 +64613,8 @@
62591
64613
  "CVE-2025-23254",
62592
64614
  "CVE-2025-23266",
62593
64615
  "CVE-2025-30165",
64616
+ "CVE-2025-30202",
64617
+ "CVE-2025-32444",
62594
64618
  "CVE-2025-34291",
62595
64619
  "CVE-2025-38352",
62596
64620
  "CVE-2025-43300",
@@ -62607,6 +64631,9 @@
62607
64631
  "CVE-2026-22688",
62608
64632
  "CVE-2026-24206",
62609
64633
  "CVE-2026-24207",
64634
+ "CVE-2026-24213",
64635
+ "CVE-2026-24214",
64636
+ "CVE-2026-24215",
62610
64637
  "CVE-2026-25592",
62611
64638
  "CVE-2026-26015",
62612
64639
  "CVE-2026-30615",
@@ -62978,11 +65005,13 @@
62978
65005
  "CVE-2025-27920",
62979
65006
  "CVE-2025-29635",
62980
65007
  "CVE-2025-30165",
65008
+ "CVE-2025-30202",
62981
65009
  "CVE-2025-30397",
62982
65010
  "CVE-2025-31125",
62983
65011
  "CVE-2025-31277",
62984
65012
  "CVE-2025-32432",
62985
65013
  "CVE-2025-32433",
65014
+ "CVE-2025-32444",
62986
65015
  "CVE-2025-32463",
62987
65016
  "CVE-2025-32701",
62988
65017
  "CVE-2025-32706",
@@ -63120,6 +65149,9 @@
63120
65149
  "CVE-2026-24061",
63121
65150
  "CVE-2026-24206",
63122
65151
  "CVE-2026-24207",
65152
+ "CVE-2026-24213",
65153
+ "CVE-2026-24214",
65154
+ "CVE-2026-24215",
63123
65155
  "CVE-2026-2441",
63124
65156
  "CVE-2026-24423",
63125
65157
  "CVE-2026-24858",
@@ -63475,6 +65507,8 @@
63475
65507
  "CVE-2025-23254",
63476
65508
  "CVE-2025-23266",
63477
65509
  "CVE-2025-30165",
65510
+ "CVE-2025-30202",
65511
+ "CVE-2025-32444",
63478
65512
  "CVE-2025-34291",
63479
65513
  "CVE-2025-38352",
63480
65514
  "CVE-2025-43300",
@@ -63490,6 +65524,9 @@
63490
65524
  "CVE-2026-22688",
63491
65525
  "CVE-2026-24206",
63492
65526
  "CVE-2026-24207",
65527
+ "CVE-2026-24213",
65528
+ "CVE-2026-24214",
65529
+ "CVE-2026-24215",
63493
65530
  "CVE-2026-25592",
63494
65531
  "CVE-2026-26015",
63495
65532
  "CVE-2026-30615",
@@ -64426,6 +66463,8 @@
64426
66463
  "CVE-2025-23254",
64427
66464
  "CVE-2025-23266",
64428
66465
  "CVE-2025-30165",
66466
+ "CVE-2025-30202",
66467
+ "CVE-2025-32444",
64429
66468
  "CVE-2025-34291",
64430
66469
  "CVE-2025-38352",
64431
66470
  "CVE-2025-43300",
@@ -64442,6 +66481,9 @@
64442
66481
  "CVE-2026-22688",
64443
66482
  "CVE-2026-24206",
64444
66483
  "CVE-2026-24207",
66484
+ "CVE-2026-24213",
66485
+ "CVE-2026-24214",
66486
+ "CVE-2026-24215",
64445
66487
  "CVE-2026-25592",
64446
66488
  "CVE-2026-26015",
64447
66489
  "CVE-2026-30615",
@@ -64537,6 +66579,8 @@
64537
66579
  "CVE-2025-23254",
64538
66580
  "CVE-2025-23266",
64539
66581
  "CVE-2025-30165",
66582
+ "CVE-2025-30202",
66583
+ "CVE-2025-32444",
64540
66584
  "CVE-2025-34291",
64541
66585
  "CVE-2025-38352",
64542
66586
  "CVE-2025-43300",
@@ -64550,6 +66594,9 @@
64550
66594
  "CVE-2026-22688",
64551
66595
  "CVE-2026-24206",
64552
66596
  "CVE-2026-24207",
66597
+ "CVE-2026-24213",
66598
+ "CVE-2026-24214",
66599
+ "CVE-2026-24215",
64553
66600
  "CVE-2026-25592",
64554
66601
  "CVE-2026-26015",
64555
66602
  "CVE-2026-30616",
@@ -64721,6 +66768,8 @@
64721
66768
  "CVE-2025-23254",
64722
66769
  "CVE-2025-23266",
64723
66770
  "CVE-2025-30165",
66771
+ "CVE-2025-30202",
66772
+ "CVE-2025-32444",
64724
66773
  "CVE-2025-34291",
64725
66774
  "CVE-2025-49596",
64726
66775
  "CVE-2025-53773",
@@ -64735,6 +66784,9 @@
64735
66784
  "CVE-2026-22778",
64736
66785
  "CVE-2026-24206",
64737
66786
  "CVE-2026-24207",
66787
+ "CVE-2026-24213",
66788
+ "CVE-2026-24214",
66789
+ "CVE-2026-24215",
64738
66790
  "CVE-2026-25592",
64739
66791
  "CVE-2026-26015",
64740
66792
  "CVE-2026-30616",
@@ -65204,11 +67256,13 @@
65204
67256
  "CVE-2025-27920",
65205
67257
  "CVE-2025-29635",
65206
67258
  "CVE-2025-30165",
67259
+ "CVE-2025-30202",
65207
67260
  "CVE-2025-30397",
65208
67261
  "CVE-2025-31125",
65209
67262
  "CVE-2025-31277",
65210
67263
  "CVE-2025-32432",
65211
67264
  "CVE-2025-32433",
67265
+ "CVE-2025-32444",
65212
67266
  "CVE-2025-32463",
65213
67267
  "CVE-2025-32701",
65214
67268
  "CVE-2025-32706",
@@ -65337,6 +67391,9 @@
65337
67391
  "CVE-2026-22769",
65338
67392
  "CVE-2026-23760",
65339
67393
  "CVE-2026-24061",
67394
+ "CVE-2026-24213",
67395
+ "CVE-2026-24214",
67396
+ "CVE-2026-24215",
65340
67397
  "CVE-2026-2441",
65341
67398
  "CVE-2026-24423",
65342
67399
  "CVE-2026-24858",
@@ -65614,6 +67671,8 @@
65614
67671
  "CVE-2025-23254",
65615
67672
  "CVE-2025-23266",
65616
67673
  "CVE-2025-30165",
67674
+ "CVE-2025-30202",
67675
+ "CVE-2025-32444",
65617
67676
  "CVE-2025-34291",
65618
67677
  "CVE-2025-38352",
65619
67678
  "CVE-2025-43300",
@@ -65630,6 +67689,9 @@
65630
67689
  "CVE-2026-22688",
65631
67690
  "CVE-2026-24206",
65632
67691
  "CVE-2026-24207",
67692
+ "CVE-2026-24213",
67693
+ "CVE-2026-24214",
67694
+ "CVE-2026-24215",
65633
67695
  "CVE-2026-25592",
65634
67696
  "CVE-2026-26015",
65635
67697
  "CVE-2026-30615",
@@ -65922,6 +67984,8 @@
65922
67984
  "CVE-2025-23254",
65923
67985
  "CVE-2025-23266",
65924
67986
  "CVE-2025-30165",
67987
+ "CVE-2025-30202",
67988
+ "CVE-2025-32444",
65925
67989
  "CVE-2025-34291",
65926
67990
  "CVE-2025-49596",
65927
67991
  "CVE-2025-53767",
@@ -65937,6 +68001,9 @@
65937
68001
  "CVE-2026-22778",
65938
68002
  "CVE-2026-24206",
65939
68003
  "CVE-2026-24207",
68004
+ "CVE-2026-24213",
68005
+ "CVE-2026-24214",
68006
+ "CVE-2026-24215",
65940
68007
  "CVE-2026-25592",
65941
68008
  "CVE-2026-26015",
65942
68009
  "CVE-2026-30615",