@blamejs/exceptd-skills 0.13.91 → 0.13.92

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +912 -0
  6. package/data/atlas-ttps.json +2 -0
  7. package/data/attack-techniques.json +4 -0
  8. package/data/cve-catalog.json +206 -0
  9. package/data/cwe-catalog.json +2 -0
  10. package/data/framework-control-gaps.json +16 -0
  11. package/data/zeroday-lessons.json +100 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/data/_indexes/chains.json CHANGED
@@ -32327,6 +32327,870 @@
32327
32327
  ]
32328
32328
  }
32329
32329
  },
32330
+ "CVE-2024-21575": {
32331
+ "name": "ComfyUI-Impact-Pack Path Traversal Arbitrary File Write to RCE",
32332
+ "rwep": 29,
32333
+ "cvss": 8.6,
32334
+ "cisa_kev": false,
32335
+ "epss_score": null,
32336
+ "referencing_skills": [
32337
+ "kernel-lpe-triage",
32338
+ "ai-attack-surface",
32339
+ "compliance-theater",
32340
+ "ai-c2-detection",
32341
+ "attack-surface-pentest",
32342
+ "dlp-gap-analysis",
32343
+ "ot-ics-security",
32344
+ "coordinated-vuln-disclosure",
32345
+ "sector-energy"
32346
+ ],
32347
+ "chain": {
32348
+ "cwes": [
32349
+ {
32350
+ "id": "CWE-1037",
32351
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
32352
+ "category": "Hardware / Side Channel"
32353
+ },
32354
+ {
32355
+ "id": "CWE-1039",
32356
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
32357
+ "category": "AI/ML"
32358
+ },
32359
+ {
32360
+ "id": "CWE-125",
32361
+ "name": "Out-of-bounds Read",
32362
+ "category": "Memory Safety"
32363
+ },
32364
+ {
32365
+ "id": "CWE-1357",
32366
+ "name": "Reliance on Insufficiently Trustworthy Component",
32367
+ "category": "Supply Chain"
32368
+ },
32369
+ {
32370
+ "id": "CWE-1395",
32371
+ "name": "Dependency on Vulnerable Third-Party Component",
32372
+ "category": "Supply Chain"
32373
+ },
32374
+ {
32375
+ "id": "CWE-1426",
32376
+ "name": "Improper Validation of Generative AI Output",
32377
+ "category": "AI/ML"
32378
+ },
32379
+ {
32380
+ "id": "CWE-200",
32381
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
32382
+ "category": "Information Exposure"
32383
+ },
32384
+ {
32385
+ "id": "CWE-22",
32386
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
32387
+ "category": "Path/Resource"
32388
+ },
32389
+ {
32390
+ "id": "CWE-269",
32391
+ "name": "Improper Privilege Management",
32392
+ "category": "Authorization"
32393
+ },
32394
+ {
32395
+ "id": "CWE-287",
32396
+ "name": "Improper Authentication",
32397
+ "category": "Authentication"
32398
+ },
32399
+ {
32400
+ "id": "CWE-306",
32401
+ "name": "Missing Authentication for Critical Function",
32402
+ "category": "Authentication"
32403
+ },
32404
+ {
32405
+ "id": "CWE-352",
32406
+ "name": "Cross-Site Request Forgery (CSRF)",
32407
+ "category": "Session"
32408
+ },
32409
+ {
32410
+ "id": "CWE-362",
32411
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
32412
+ "category": "Concurrency"
32413
+ },
32414
+ {
32415
+ "id": "CWE-416",
32416
+ "name": "Use After Free",
32417
+ "category": "Memory Safety"
32418
+ },
32419
+ {
32420
+ "id": "CWE-434",
32421
+ "name": "Unrestricted Upload of File with Dangerous Type",
32422
+ "category": "File Handling"
32423
+ },
32424
+ {
32425
+ "id": "CWE-672",
32426
+ "name": "Operation on a Resource after Expiration or Release",
32427
+ "category": "Memory Safety"
32428
+ },
32429
+ {
32430
+ "id": "CWE-732",
32431
+ "name": "Incorrect Permission Assignment for Critical Resource",
32432
+ "category": "Authorization"
32433
+ },
32434
+ {
32435
+ "id": "CWE-78",
32436
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
32437
+ "category": "Injection"
32438
+ },
32439
+ {
32440
+ "id": "CWE-787",
32441
+ "name": "Out-of-bounds Write",
32442
+ "category": "Memory Safety"
32443
+ },
32444
+ {
32445
+ "id": "CWE-79",
32446
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
32447
+ "category": "Injection"
32448
+ },
32449
+ {
32450
+ "id": "CWE-798",
32451
+ "name": "Use of Hard-coded Credentials",
32452
+ "category": "Credentials"
32453
+ },
32454
+ {
32455
+ "id": "CWE-89",
32456
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
32457
+ "category": "Injection"
32458
+ },
32459
+ {
32460
+ "id": "CWE-918",
32461
+ "name": "Server-Side Request Forgery (SSRF)",
32462
+ "category": "Network"
32463
+ },
32464
+ {
32465
+ "id": "CWE-94",
32466
+ "name": "Improper Control of Generation of Code (Code Injection)",
32467
+ "category": "Injection"
32468
+ }
32469
+ ],
32470
+ "atlas": [
32471
+ {
32472
+ "id": "AML.T0010",
32473
+ "name": "ML Supply Chain Compromise",
32474
+ "tactic": "Initial Access"
32475
+ },
32476
+ {
32477
+ "id": "AML.T0016",
32478
+ "name": "Obtain Capabilities: Develop Capabilities",
32479
+ "tactic": "Resource Development"
32480
+ },
32481
+ {
32482
+ "id": "AML.T0017",
32483
+ "name": "Discover ML Model Ontology",
32484
+ "tactic": "Discovery"
32485
+ },
32486
+ {
32487
+ "id": "AML.T0018",
32488
+ "name": "Backdoor ML Model",
32489
+ "tactic": "Persistence"
32490
+ },
32491
+ {
32492
+ "id": "AML.T0020",
32493
+ "name": "Poison Training Data",
32494
+ "tactic": "ML Attack Staging"
32495
+ },
32496
+ {
32497
+ "id": "AML.T0043",
32498
+ "name": "Craft Adversarial Data",
32499
+ "tactic": "ML Attack Staging"
32500
+ },
32501
+ {
32502
+ "id": "AML.T0051",
32503
+ "name": "LLM Prompt Injection",
32504
+ "tactic": "Execution"
32505
+ },
32506
+ {
32507
+ "id": "AML.T0054",
32508
+ "name": "LLM Jailbreak",
32509
+ "tactic": "Defense Evasion"
32510
+ },
32511
+ {
32512
+ "id": "AML.T0096",
32513
+ "name": "AI API as Covert C2 Channel",
32514
+ "tactic": "Command and Control"
32515
+ }
32516
+ ],
32517
+ "d3fend": [
32518
+ {
32519
+ "id": "D3-ASLR",
32520
+ "name": "Address Space Layout Randomization",
32521
+ "tactic": "Harden"
32522
+ },
32523
+ {
32524
+ "id": "D3-CA",
32525
+ "name": "Certificate Analysis",
32526
+ "tactic": "Detect"
32527
+ },
32528
+ {
32529
+ "id": "D3-CSPP",
32530
+ "name": "Client-server Payload Profiling",
32531
+ "tactic": "Detect"
32532
+ },
32533
+ {
32534
+ "id": "D3-DA",
32535
+ "name": "Domain Analysis",
32536
+ "tactic": "Detect"
32537
+ },
32538
+ {
32539
+ "id": "D3-EAL",
32540
+ "name": "Executable Allowlisting",
32541
+ "tactic": "Harden"
32542
+ },
32543
+ {
32544
+ "id": "D3-IOPR",
32545
+ "name": "Input/Output Profiling Resource",
32546
+ "tactic": "Detect"
32547
+ },
32548
+ {
32549
+ "id": "D3-NI",
32550
+ "name": "Network Isolation",
32551
+ "tactic": "Isolate"
32552
+ },
32553
+ {
32554
+ "id": "D3-NTA",
32555
+ "name": "Network Traffic Analysis",
32556
+ "tactic": "Detect"
32557
+ },
32558
+ {
32559
+ "id": "D3-NTPM",
32560
+ "name": "Network Traffic Policy Mapping",
32561
+ "tactic": "Model"
32562
+ },
32563
+ {
32564
+ "id": "D3-PHRA",
32565
+ "name": "Process Hardware Resource Access",
32566
+ "tactic": "Isolate"
32567
+ },
32568
+ {
32569
+ "id": "D3-PSEP",
32570
+ "name": "Process Segment Execution Prevention",
32571
+ "tactic": "Harden"
32572
+ }
32573
+ ],
32574
+ "framework_gaps": [
32575
+ {
32576
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
32577
+ "framework": "ALL",
32578
+ "control_name": "AI Pipeline Integrity"
32579
+ },
32580
+ {
32581
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
32582
+ "framework": "ALL",
32583
+ "control_name": "Prompt Injection as Access Control Failure"
32584
+ },
32585
+ {
32586
+ "id": "CIS-Controls-v8-Control7",
32587
+ "framework": "CIS Controls v8",
32588
+ "control_name": "Continuous Vulnerability Management"
32589
+ },
32590
+ {
32591
+ "id": "CMMC-2.0-Level-2",
32592
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
32593
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
32594
+ },
32595
+ {
32596
+ "id": "FedRAMP-Rev5-Moderate",
32597
+ "framework": "FedRAMP Rev 5 Moderate",
32598
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
32599
+ },
32600
+ {
32601
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
32602
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
32603
+ "control_name": "Access control standard (technical safeguards)"
32604
+ },
32605
+ {
32606
+ "id": "IEC-62443-3-3",
32607
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
32608
+ "control_name": "System security requirements and security levels"
32609
+ },
32610
+ {
32611
+ "id": "ISO-27001-2022-A.8.16",
32612
+ "framework": "ISO/IEC 27001:2022",
32613
+ "control_name": "Monitoring activities"
32614
+ },
32615
+ {
32616
+ "id": "ISO-27001-2022-A.8.28",
32617
+ "framework": "ISO/IEC 27001:2022",
32618
+ "control_name": "Secure coding"
32619
+ },
32620
+ {
32621
+ "id": "ISO-27001-2022-A.8.8",
32622
+ "framework": "ISO/IEC 27001:2022",
32623
+ "control_name": "Management of technical vulnerabilities"
32624
+ },
32625
+ {
32626
+ "id": "ISO-IEC-23894-2023-clause-7",
32627
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
32628
+ "control_name": "AI risk management process"
32629
+ },
32630
+ {
32631
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
32632
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
32633
+ "control_name": "AI risk assessment"
32634
+ },
32635
+ {
32636
+ "id": "NERC-CIP-007-6-R4",
32637
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
32638
+ "control_name": "Security event monitoring"
32639
+ },
32640
+ {
32641
+ "id": "NIS2-Art21-patch-management",
32642
+ "framework": "EU NIS2 Directive",
32643
+ "control_name": "Vulnerability handling and disclosure"
32644
+ },
32645
+ {
32646
+ "id": "NIST-800-115",
32647
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
32648
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
32649
+ },
32650
+ {
32651
+ "id": "NIST-800-218-SSDF",
32652
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
32653
+ "control_name": "Secure Software Development Framework"
32654
+ },
32655
+ {
32656
+ "id": "NIST-800-53-AC-2",
32657
+ "framework": "NIST SP 800-53 Rev 5",
32658
+ "control_name": "Account Management"
32659
+ },
32660
+ {
32661
+ "id": "NIST-800-53-SC-28",
32662
+ "framework": "NIST SP 800-53 Rev 5",
32663
+ "control_name": "Protection of Information at Rest"
32664
+ },
32665
+ {
32666
+ "id": "NIST-800-53-SC-7",
32667
+ "framework": "NIST SP 800-53 Rev 5",
32668
+ "control_name": "Boundary Protection"
32669
+ },
32670
+ {
32671
+ "id": "NIST-800-53-SC-8",
32672
+ "framework": "NIST SP 800-53 Rev 5",
32673
+ "control_name": "Transmission Confidentiality and Integrity"
32674
+ },
32675
+ {
32676
+ "id": "NIST-800-53-SI-2",
32677
+ "framework": "NIST SP 800-53 Rev 5",
32678
+ "control_name": "Flaw Remediation"
32679
+ },
32680
+ {
32681
+ "id": "NIST-800-53-SI-3",
32682
+ "framework": "NIST SP 800-53 Rev 5",
32683
+ "control_name": "Malicious Code Protection"
32684
+ },
32685
+ {
32686
+ "id": "NIST-800-82r3",
32687
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
32688
+ "control_name": "Guide to Operational Technology (OT) Security"
32689
+ },
32690
+ {
32691
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
32692
+ "framework": "OWASP Top 10 for LLM Applications 2025",
32693
+ "control_name": "Prompt Injection"
32694
+ },
32695
+ {
32696
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
32697
+ "framework": "OWASP Top 10 for LLM Applications 2025",
32698
+ "control_name": "Sensitive Information Disclosure"
32699
+ },
32700
+ {
32701
+ "id": "OWASP-Pen-Testing-Guide-v5",
32702
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
32703
+ "control_name": "Web application penetration testing methodology"
32704
+ },
32705
+ {
32706
+ "id": "PCI-DSS-4.0-6.3.3",
32707
+ "framework": "PCI DSS 4.0",
32708
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
32709
+ },
32710
+ {
32711
+ "id": "PTES-Pre-engagement",
32712
+ "framework": "Penetration Testing Execution Standard (PTES)",
32713
+ "control_name": "Pre-engagement Interactions"
32714
+ },
32715
+ {
32716
+ "id": "SOC2-CC6-logical-access",
32717
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
32718
+ "control_name": "Logical and Physical Access Controls"
32719
+ },
32720
+ {
32721
+ "id": "SOC2-CC7-anomaly-detection",
32722
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
32723
+ "control_name": "System Operations — Threat and Vulnerability Management"
32724
+ },
32725
+ {
32726
+ "id": "SOC2-CC9-vendor-management",
32727
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
32728
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
32729
+ }
32730
+ ],
32731
+ "attack_refs": [
32732
+ "T0855",
32733
+ "T0883",
32734
+ "T1041",
32735
+ "T1059",
32736
+ "T1068",
32737
+ "T1071",
32738
+ "T1078",
32739
+ "T1102",
32740
+ "T1133",
32741
+ "T1190",
32742
+ "T1213",
32743
+ "T1530",
32744
+ "T1548.001",
32745
+ "T1566",
32746
+ "T1567",
32747
+ "T1568"
32748
+ ],
32749
+ "rfc_refs": [
32750
+ "RFC-4301",
32751
+ "RFC-4303",
32752
+ "RFC-7296",
32753
+ "RFC-8446",
32754
+ "RFC-9000",
32755
+ "RFC-9114",
32756
+ "RFC-9180",
32757
+ "RFC-9421",
32758
+ "RFC-9458"
32759
+ ]
32760
+ }
32761
+ },
32762
+ "CVE-2024-21576": {
32763
+ "name": "ComfyUI-Bmad-Nodes Workflow Code Injection RCE",
32764
+ "rwep": 29,
32765
+ "cvss": 10,
32766
+ "cisa_kev": false,
32767
+ "epss_score": null,
32768
+ "referencing_skills": [
32769
+ "kernel-lpe-triage",
32770
+ "ai-attack-surface",
32771
+ "compliance-theater",
32772
+ "ai-c2-detection",
32773
+ "attack-surface-pentest",
32774
+ "dlp-gap-analysis",
32775
+ "ot-ics-security",
32776
+ "coordinated-vuln-disclosure",
32777
+ "sector-energy"
32778
+ ],
32779
+ "chain": {
32780
+ "cwes": [
32781
+ {
32782
+ "id": "CWE-1037",
32783
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
32784
+ "category": "Hardware / Side Channel"
32785
+ },
32786
+ {
32787
+ "id": "CWE-1039",
32788
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
32789
+ "category": "AI/ML"
32790
+ },
32791
+ {
32792
+ "id": "CWE-125",
32793
+ "name": "Out-of-bounds Read",
32794
+ "category": "Memory Safety"
32795
+ },
32796
+ {
32797
+ "id": "CWE-1357",
32798
+ "name": "Reliance on Insufficiently Trustworthy Component",
32799
+ "category": "Supply Chain"
32800
+ },
32801
+ {
32802
+ "id": "CWE-1395",
32803
+ "name": "Dependency on Vulnerable Third-Party Component",
32804
+ "category": "Supply Chain"
32805
+ },
32806
+ {
32807
+ "id": "CWE-1426",
32808
+ "name": "Improper Validation of Generative AI Output",
32809
+ "category": "AI/ML"
32810
+ },
32811
+ {
32812
+ "id": "CWE-200",
32813
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
32814
+ "category": "Information Exposure"
32815
+ },
32816
+ {
32817
+ "id": "CWE-22",
32818
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
32819
+ "category": "Path/Resource"
32820
+ },
32821
+ {
32822
+ "id": "CWE-269",
32823
+ "name": "Improper Privilege Management",
32824
+ "category": "Authorization"
32825
+ },
32826
+ {
32827
+ "id": "CWE-287",
32828
+ "name": "Improper Authentication",
32829
+ "category": "Authentication"
32830
+ },
32831
+ {
32832
+ "id": "CWE-306",
32833
+ "name": "Missing Authentication for Critical Function",
32834
+ "category": "Authentication"
32835
+ },
32836
+ {
32837
+ "id": "CWE-352",
32838
+ "name": "Cross-Site Request Forgery (CSRF)",
32839
+ "category": "Session"
32840
+ },
32841
+ {
32842
+ "id": "CWE-362",
32843
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
32844
+ "category": "Concurrency"
32845
+ },
32846
+ {
32847
+ "id": "CWE-416",
32848
+ "name": "Use After Free",
32849
+ "category": "Memory Safety"
32850
+ },
32851
+ {
32852
+ "id": "CWE-434",
32853
+ "name": "Unrestricted Upload of File with Dangerous Type",
32854
+ "category": "File Handling"
32855
+ },
32856
+ {
32857
+ "id": "CWE-672",
32858
+ "name": "Operation on a Resource after Expiration or Release",
32859
+ "category": "Memory Safety"
32860
+ },
32861
+ {
32862
+ "id": "CWE-732",
32863
+ "name": "Incorrect Permission Assignment for Critical Resource",
32864
+ "category": "Authorization"
32865
+ },
32866
+ {
32867
+ "id": "CWE-78",
32868
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
32869
+ "category": "Injection"
32870
+ },
32871
+ {
32872
+ "id": "CWE-787",
32873
+ "name": "Out-of-bounds Write",
32874
+ "category": "Memory Safety"
32875
+ },
32876
+ {
32877
+ "id": "CWE-79",
32878
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
32879
+ "category": "Injection"
32880
+ },
32881
+ {
32882
+ "id": "CWE-798",
32883
+ "name": "Use of Hard-coded Credentials",
32884
+ "category": "Credentials"
32885
+ },
32886
+ {
32887
+ "id": "CWE-89",
32888
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
32889
+ "category": "Injection"
32890
+ },
32891
+ {
32892
+ "id": "CWE-918",
32893
+ "name": "Server-Side Request Forgery (SSRF)",
32894
+ "category": "Network"
32895
+ },
32896
+ {
32897
+ "id": "CWE-94",
32898
+ "name": "Improper Control of Generation of Code (Code Injection)",
32899
+ "category": "Injection"
32900
+ }
32901
+ ],
32902
+ "atlas": [
32903
+ {
32904
+ "id": "AML.T0010",
32905
+ "name": "ML Supply Chain Compromise",
32906
+ "tactic": "Initial Access"
32907
+ },
32908
+ {
32909
+ "id": "AML.T0016",
32910
+ "name": "Obtain Capabilities: Develop Capabilities",
32911
+ "tactic": "Resource Development"
32912
+ },
32913
+ {
32914
+ "id": "AML.T0017",
32915
+ "name": "Discover ML Model Ontology",
32916
+ "tactic": "Discovery"
32917
+ },
32918
+ {
32919
+ "id": "AML.T0018",
32920
+ "name": "Backdoor ML Model",
32921
+ "tactic": "Persistence"
32922
+ },
32923
+ {
32924
+ "id": "AML.T0020",
32925
+ "name": "Poison Training Data",
32926
+ "tactic": "ML Attack Staging"
32927
+ },
32928
+ {
32929
+ "id": "AML.T0043",
32930
+ "name": "Craft Adversarial Data",
32931
+ "tactic": "ML Attack Staging"
32932
+ },
32933
+ {
32934
+ "id": "AML.T0051",
32935
+ "name": "LLM Prompt Injection",
32936
+ "tactic": "Execution"
32937
+ },
32938
+ {
32939
+ "id": "AML.T0054",
32940
+ "name": "LLM Jailbreak",
32941
+ "tactic": "Defense Evasion"
32942
+ },
32943
+ {
32944
+ "id": "AML.T0096",
32945
+ "name": "AI API as Covert C2 Channel",
32946
+ "tactic": "Command and Control"
32947
+ }
32948
+ ],
32949
+ "d3fend": [
32950
+ {
32951
+ "id": "D3-ASLR",
32952
+ "name": "Address Space Layout Randomization",
32953
+ "tactic": "Harden"
32954
+ },
32955
+ {
32956
+ "id": "D3-CA",
32957
+ "name": "Certificate Analysis",
32958
+ "tactic": "Detect"
32959
+ },
32960
+ {
32961
+ "id": "D3-CSPP",
32962
+ "name": "Client-server Payload Profiling",
32963
+ "tactic": "Detect"
32964
+ },
32965
+ {
32966
+ "id": "D3-DA",
32967
+ "name": "Domain Analysis",
32968
+ "tactic": "Detect"
32969
+ },
32970
+ {
32971
+ "id": "D3-EAL",
32972
+ "name": "Executable Allowlisting",
32973
+ "tactic": "Harden"
32974
+ },
32975
+ {
32976
+ "id": "D3-IOPR",
32977
+ "name": "Input/Output Profiling Resource",
32978
+ "tactic": "Detect"
32979
+ },
32980
+ {
32981
+ "id": "D3-NI",
32982
+ "name": "Network Isolation",
32983
+ "tactic": "Isolate"
32984
+ },
32985
+ {
32986
+ "id": "D3-NTA",
32987
+ "name": "Network Traffic Analysis",
32988
+ "tactic": "Detect"
32989
+ },
32990
+ {
32991
+ "id": "D3-NTPM",
32992
+ "name": "Network Traffic Policy Mapping",
32993
+ "tactic": "Model"
32994
+ },
32995
+ {
32996
+ "id": "D3-PHRA",
32997
+ "name": "Process Hardware Resource Access",
32998
+ "tactic": "Isolate"
32999
+ },
33000
+ {
33001
+ "id": "D3-PSEP",
33002
+ "name": "Process Segment Execution Prevention",
33003
+ "tactic": "Harden"
33004
+ }
33005
+ ],
33006
+ "framework_gaps": [
33007
+ {
33008
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
33009
+ "framework": "ALL",
33010
+ "control_name": "AI Pipeline Integrity"
33011
+ },
33012
+ {
33013
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
33014
+ "framework": "ALL",
33015
+ "control_name": "Prompt Injection as Access Control Failure"
33016
+ },
33017
+ {
33018
+ "id": "CIS-Controls-v8-Control7",
33019
+ "framework": "CIS Controls v8",
33020
+ "control_name": "Continuous Vulnerability Management"
33021
+ },
33022
+ {
33023
+ "id": "CMMC-2.0-Level-2",
33024
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
33025
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
33026
+ },
33027
+ {
33028
+ "id": "FedRAMP-Rev5-Moderate",
33029
+ "framework": "FedRAMP Rev 5 Moderate",
33030
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
33031
+ },
33032
+ {
33033
+ "id": "HIPAA-Security-Rule-164.312(a)(1)",
33034
+ "framework": "HIPAA Security Rule (45 CFR § 164.312)",
33035
+ "control_name": "Access control standard (technical safeguards)"
33036
+ },
33037
+ {
33038
+ "id": "IEC-62443-3-3",
33039
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
33040
+ "control_name": "System security requirements and security levels"
33041
+ },
33042
+ {
33043
+ "id": "ISO-27001-2022-A.8.16",
33044
+ "framework": "ISO/IEC 27001:2022",
33045
+ "control_name": "Monitoring activities"
33046
+ },
33047
+ {
33048
+ "id": "ISO-27001-2022-A.8.28",
33049
+ "framework": "ISO/IEC 27001:2022",
33050
+ "control_name": "Secure coding"
33051
+ },
33052
+ {
33053
+ "id": "ISO-27001-2022-A.8.8",
33054
+ "framework": "ISO/IEC 27001:2022",
33055
+ "control_name": "Management of technical vulnerabilities"
33056
+ },
33057
+ {
33058
+ "id": "ISO-IEC-23894-2023-clause-7",
33059
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
33060
+ "control_name": "AI risk management process"
33061
+ },
33062
+ {
33063
+ "id": "ISO-IEC-42001-2023-clause-6.1.2",
33064
+ "framework": "ISO/IEC 42001:2023 (AI Management System)",
33065
+ "control_name": "AI risk assessment"
33066
+ },
33067
+ {
33068
+ "id": "NERC-CIP-007-6-R4",
33069
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
33070
+ "control_name": "Security event monitoring"
33071
+ },
33072
+ {
33073
+ "id": "NIS2-Art21-patch-management",
33074
+ "framework": "EU NIS2 Directive",
33075
+ "control_name": "Vulnerability handling and disclosure"
33076
+ },
33077
+ {
33078
+ "id": "NIST-800-115",
33079
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
33080
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
33081
+ },
33082
+ {
33083
+ "id": "NIST-800-218-SSDF",
33084
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
33085
+ "control_name": "Secure Software Development Framework"
33086
+ },
33087
+ {
33088
+ "id": "NIST-800-53-AC-2",
33089
+ "framework": "NIST SP 800-53 Rev 5",
33090
+ "control_name": "Account Management"
33091
+ },
33092
+ {
33093
+ "id": "NIST-800-53-SC-28",
33094
+ "framework": "NIST SP 800-53 Rev 5",
33095
+ "control_name": "Protection of Information at Rest"
33096
+ },
33097
+ {
33098
+ "id": "NIST-800-53-SC-7",
33099
+ "framework": "NIST SP 800-53 Rev 5",
33100
+ "control_name": "Boundary Protection"
33101
+ },
33102
+ {
33103
+ "id": "NIST-800-53-SC-8",
33104
+ "framework": "NIST SP 800-53 Rev 5",
33105
+ "control_name": "Transmission Confidentiality and Integrity"
33106
+ },
33107
+ {
33108
+ "id": "NIST-800-53-SI-2",
33109
+ "framework": "NIST SP 800-53 Rev 5",
33110
+ "control_name": "Flaw Remediation"
33111
+ },
33112
+ {
33113
+ "id": "NIST-800-53-SI-3",
33114
+ "framework": "NIST SP 800-53 Rev 5",
33115
+ "control_name": "Malicious Code Protection"
33116
+ },
33117
+ {
33118
+ "id": "NIST-800-82r3",
33119
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
33120
+ "control_name": "Guide to Operational Technology (OT) Security"
33121
+ },
33122
+ {
33123
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
33124
+ "framework": "OWASP Top 10 for LLM Applications 2025",
33125
+ "control_name": "Prompt Injection"
33126
+ },
33127
+ {
33128
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
33129
+ "framework": "OWASP Top 10 for LLM Applications 2025",
33130
+ "control_name": "Sensitive Information Disclosure"
33131
+ },
33132
+ {
33133
+ "id": "OWASP-Pen-Testing-Guide-v5",
33134
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
33135
+ "control_name": "Web application penetration testing methodology"
33136
+ },
33137
+ {
33138
+ "id": "PCI-DSS-4.0-6.3.3",
33139
+ "framework": "PCI DSS 4.0",
33140
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
33141
+ },
33142
+ {
33143
+ "id": "PTES-Pre-engagement",
33144
+ "framework": "Penetration Testing Execution Standard (PTES)",
33145
+ "control_name": "Pre-engagement Interactions"
33146
+ },
33147
+ {
33148
+ "id": "SOC2-CC6-logical-access",
33149
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
33150
+ "control_name": "Logical and Physical Access Controls"
33151
+ },
33152
+ {
33153
+ "id": "SOC2-CC7-anomaly-detection",
33154
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
33155
+ "control_name": "System Operations — Threat and Vulnerability Management"
33156
+ },
33157
+ {
33158
+ "id": "SOC2-CC9-vendor-management",
33159
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
33160
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
33161
+ }
33162
+ ],
33163
+ "attack_refs": [
33164
+ "T0855",
33165
+ "T0883",
33166
+ "T1041",
33167
+ "T1059",
33168
+ "T1068",
33169
+ "T1071",
33170
+ "T1078",
33171
+ "T1102",
33172
+ "T1133",
33173
+ "T1190",
33174
+ "T1213",
33175
+ "T1530",
33176
+ "T1548.001",
33177
+ "T1566",
33178
+ "T1567",
33179
+ "T1568"
33180
+ ],
33181
+ "rfc_refs": [
33182
+ "RFC-4301",
33183
+ "RFC-4303",
33184
+ "RFC-7296",
33185
+ "RFC-8446",
33186
+ "RFC-9000",
33187
+ "RFC-9114",
33188
+ "RFC-9180",
33189
+ "RFC-9421",
33190
+ "RFC-9458"
33191
+ ]
33192
+ }
33193
+ },
32330
33194
  "CVE-2026-41091": {
32331
33195
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
32332
33196
  "rwep": 45,
@@ -58712,6 +59576,8 @@
58712
59576
  "CVE-2024-11393",
58713
59577
  "CVE-2024-11394",
58714
59578
  "CVE-2024-1561",
59579
+ "CVE-2024-21575",
59580
+ "CVE-2024-21576",
58715
59581
  "CVE-2024-27132",
58716
59582
  "CVE-2024-3094",
58717
59583
  "CVE-2024-3154",
@@ -59103,6 +59969,8 @@
59103
59969
  "CVE-2024-11393",
59104
59970
  "CVE-2024-11394",
59105
59971
  "CVE-2024-1561",
59972
+ "CVE-2024-21575",
59973
+ "CVE-2024-21576",
59106
59974
  "CVE-2024-27132",
59107
59975
  "CVE-2024-37032",
59108
59976
  "CVE-2024-39722",
@@ -59285,6 +60153,8 @@
59285
60153
  "CVE-2024-11393",
59286
60154
  "CVE-2024-11394",
59287
60155
  "CVE-2024-1561",
60156
+ "CVE-2024-21575",
60157
+ "CVE-2024-21576",
59288
60158
  "CVE-2024-27132",
59289
60159
  "CVE-2024-37032",
59290
60160
  "CVE-2024-39722",
@@ -59481,6 +60351,8 @@
59481
60351
  "CVE-2024-11393",
59482
60352
  "CVE-2024-11394",
59483
60353
  "CVE-2024-1561",
60354
+ "CVE-2024-21575",
60355
+ "CVE-2024-21576",
59484
60356
  "CVE-2024-27132",
59485
60357
  "CVE-2024-37032",
59486
60358
  "CVE-2024-39722",
@@ -59781,6 +60653,8 @@
59781
60653
  "CVE-2024-11393",
59782
60654
  "CVE-2024-11394",
59783
60655
  "CVE-2024-1561",
60656
+ "CVE-2024-21575",
60657
+ "CVE-2024-21576",
59784
60658
  "CVE-2024-27132",
59785
60659
  "CVE-2024-3094",
59786
60660
  "CVE-2024-3154",
@@ -60041,6 +60915,8 @@
60041
60915
  "CVE-2024-12987",
60042
60916
  "CVE-2024-1561",
60043
60917
  "CVE-2024-1708",
60918
+ "CVE-2024-21575",
60919
+ "CVE-2024-21576",
60044
60920
  "CVE-2024-21762",
60045
60921
  "CVE-2024-27132",
60046
60922
  "CVE-2024-27199",
@@ -60508,6 +61384,8 @@
60508
61384
  "CVE-2023-51449",
60509
61385
  "CVE-2024-0132",
60510
61386
  "CVE-2024-1561",
61387
+ "CVE-2024-21575",
61388
+ "CVE-2024-21576",
60511
61389
  "CVE-2024-3094",
60512
61390
  "CVE-2024-3154",
60513
61391
  "CVE-2024-40635",
@@ -60879,6 +61757,8 @@
60879
61757
  "CVE-2024-11393",
60880
61758
  "CVE-2024-11394",
60881
61759
  "CVE-2024-1561",
61760
+ "CVE-2024-21575",
61761
+ "CVE-2024-21576",
60882
61762
  "CVE-2024-27132",
60883
61763
  "CVE-2024-3094",
60884
61764
  "CVE-2024-3154",
@@ -61500,6 +62380,8 @@
61500
62380
  "CVE-2024-11393",
61501
62381
  "CVE-2024-11394",
61502
62382
  "CVE-2024-1561",
62383
+ "CVE-2024-21575",
62384
+ "CVE-2024-21576",
61503
62385
  "CVE-2024-27132",
61504
62386
  "CVE-2024-3094",
61505
62387
  "CVE-2024-3154",
@@ -61759,6 +62641,8 @@
61759
62641
  "CVE-2024-11393",
61760
62642
  "CVE-2024-11394",
61761
62643
  "CVE-2024-1561",
62644
+ "CVE-2024-21575",
62645
+ "CVE-2024-21576",
61762
62646
  "CVE-2024-27132",
61763
62647
  "CVE-2024-3094",
61764
62648
  "CVE-2024-37032",
@@ -62444,6 +63328,8 @@
62444
63328
  "CVE-2024-11393",
62445
63329
  "CVE-2024-11394",
62446
63330
  "CVE-2024-1561",
63331
+ "CVE-2024-21575",
63332
+ "CVE-2024-21576",
62447
63333
  "CVE-2024-27132",
62448
63334
  "CVE-2024-3094",
62449
63335
  "CVE-2024-3154",
@@ -62711,6 +63597,8 @@
62711
63597
  "CVE-2024-12987",
62712
63598
  "CVE-2024-1561",
62713
63599
  "CVE-2024-1708",
63600
+ "CVE-2024-21575",
63601
+ "CVE-2024-21576",
62714
63602
  "CVE-2024-21762",
62715
63603
  "CVE-2024-27132",
62716
63604
  "CVE-2024-27199",
@@ -63153,6 +64041,8 @@
63153
64041
  "CVE-2024-12987",
63154
64042
  "CVE-2024-1561",
63155
64043
  "CVE-2024-1708",
64044
+ "CVE-2024-21575",
64045
+ "CVE-2024-21576",
63156
64046
  "CVE-2024-21762",
63157
64047
  "CVE-2024-27132",
63158
64048
  "CVE-2024-27199",
@@ -63622,6 +64512,8 @@
63622
64512
  "CVE-2024-11393",
63623
64513
  "CVE-2024-11394",
63624
64514
  "CVE-2024-1561",
64515
+ "CVE-2024-21575",
64516
+ "CVE-2024-21576",
63625
64517
  "CVE-2024-27132",
63626
64518
  "CVE-2024-3094",
63627
64519
  "CVE-2024-3154",
@@ -64441,6 +65333,8 @@
64441
65333
  "CVE-2024-12987",
64442
65334
  "CVE-2024-1561",
64443
65335
  "CVE-2024-1708",
65336
+ "CVE-2024-21575",
65337
+ "CVE-2024-21576",
64444
65338
  "CVE-2024-21762",
64445
65339
  "CVE-2024-27132",
64446
65340
  "CVE-2024-27199",
@@ -64974,6 +65868,8 @@
64974
65868
  "CVE-2024-11393",
64975
65869
  "CVE-2024-11394",
64976
65870
  "CVE-2024-1561",
65871
+ "CVE-2024-21575",
65872
+ "CVE-2024-21576",
64977
65873
  "CVE-2024-27132",
64978
65874
  "CVE-2024-3094",
64979
65875
  "CVE-2024-3154",
@@ -65319,6 +66215,8 @@
65319
66215
  "CVE-2024-12987",
65320
66216
  "CVE-2024-1561",
65321
66217
  "CVE-2024-1708",
66218
+ "CVE-2024-21575",
66219
+ "CVE-2024-21576",
65322
66220
  "CVE-2024-21762",
65323
66221
  "CVE-2024-27132",
65324
66222
  "CVE-2024-27199",
@@ -65871,6 +66769,8 @@
65871
66769
  "CVE-2024-11393",
65872
66770
  "CVE-2024-11394",
65873
66771
  "CVE-2024-1561",
66772
+ "CVE-2024-21575",
66773
+ "CVE-2024-21576",
65874
66774
  "CVE-2024-27132",
65875
66775
  "CVE-2024-3094",
65876
66776
  "CVE-2024-3154",
@@ -66827,6 +67727,8 @@
66827
67727
  "CVE-2024-11393",
66828
67728
  "CVE-2024-11394",
66829
67729
  "CVE-2024-1561",
67730
+ "CVE-2024-21575",
67731
+ "CVE-2024-21576",
66830
67732
  "CVE-2024-27132",
66831
67733
  "CVE-2024-3094",
66832
67734
  "CVE-2024-3154",
@@ -66947,6 +67849,8 @@
66947
67849
  "CVE-2024-11393",
66948
67850
  "CVE-2024-11394",
66949
67851
  "CVE-2024-1561",
67852
+ "CVE-2024-21575",
67853
+ "CVE-2024-21576",
66950
67854
  "CVE-2024-27132",
66951
67855
  "CVE-2024-37032",
66952
67856
  "CVE-2024-39722",
@@ -67137,6 +68041,8 @@
67137
68041
  "CVE-2024-11393",
67138
68042
  "CVE-2024-11394",
67139
68043
  "CVE-2024-1561",
68044
+ "CVE-2024-21575",
68045
+ "CVE-2024-21576",
67140
68046
  "CVE-2024-27132",
67141
68047
  "CVE-2024-37032",
67142
68048
  "CVE-2024-39722",
@@ -67580,6 +68486,8 @@
67580
68486
  "CVE-2024-12987",
67581
68487
  "CVE-2024-1561",
67582
68488
  "CVE-2024-1708",
68489
+ "CVE-2024-21575",
68490
+ "CVE-2024-21576",
67583
68491
  "CVE-2024-21762",
67584
68492
  "CVE-2024-27132",
67585
68493
  "CVE-2024-27199",
@@ -68039,6 +68947,8 @@
68039
68947
  "CVE-2024-11393",
68040
68948
  "CVE-2024-11394",
68041
68949
  "CVE-2024-1561",
68950
+ "CVE-2024-21575",
68951
+ "CVE-2024-21576",
68042
68952
  "CVE-2024-27132",
68043
68953
  "CVE-2024-3094",
68044
68954
  "CVE-2024-3154",
@@ -68352,6 +69262,8 @@
68352
69262
  "CVE-2024-11393",
68353
69263
  "CVE-2024-11394",
68354
69264
  "CVE-2024-1561",
69265
+ "CVE-2024-21575",
69266
+ "CVE-2024-21576",
68355
69267
  "CVE-2024-27132",
68356
69268
  "CVE-2024-3094",
68357
69269
  "CVE-2024-37032",