npm - @blamejs/exceptd-skills - Versions diffs - 0.13.92 → 0.13.94 - Mend

@blamejs/exceptd-skills 0.13.92 → 0.13.94

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/CHANGELOG.md +8 -0
package/data/_indexes/_meta.json +9 -9
package/data/_indexes/activity-feed.json +2 -2
package/data/_indexes/catalog-summaries.json +2 -2
package/data/_indexes/chains.json +1155 -0
package/data/atlas-ttps.json +5 -0
package/data/attack-techniques.json +6 -0
package/data/cve-catalog.json +313 -0
package/data/cwe-catalog.json +3 -0
package/data/framework-control-gaps.json +24 -0
package/data/zeroday-lessons.json +150 -0
package/manifest.json +44 -44
package/package.json +2 -2
package/sbom.cdx.json +25 -25

package/data/atlas-ttps.json CHANGED Viewed

@@ -545,6 +545,8 @@
     "maturity": "high",
     "last_verified": "2026-05-19",
     "cve_refs": [
+      "CVE-2023-44467",
+      "CVE-2024-21513",
       "CVE-2025-53773",
       "CVE-2025-55319",
       "CVE-2025-68664",
@@ -1268,9 +1270,11 @@
     "exceptd_skills": [],
     "last_verified": "2026-05-19",
     "cve_refs": [
+      "CVE-2023-44467",
       "CVE-2024-11392",
       "CVE-2024-11393",
       "CVE-2024-11394",
+      "CVE-2024-21513",
       "CVE-2025-1550",
       "CVE-2025-8747",
       "MAL-2024-PYPI-ULTRALYTICS-XMRIG"
@@ -1714,6 +1718,7 @@
       "CVE-2023-43654",
       "CVE-2023-48022",
       "CVE-2023-51449",
+      "CVE-2024-13059",
       "CVE-2024-1561",
       "CVE-2024-21575",
       "CVE-2024-21576",

package/data/attack-techniques.json CHANGED Viewed

@@ -274,10 +274,13 @@
     "cve_refs": [
       "CVE-2022-1471",
       "CVE-2023-43654",
+      "CVE-2023-44467",
       "CVE-2023-48022",
       "CVE-2024-11392",
       "CVE-2024-11393",
       "CVE-2024-11394",
+      "CVE-2024-13059",
+      "CVE-2024-21513",
       "CVE-2024-21575",
       "CVE-2024-21576",
       "CVE-2024-37032",
@@ -361,6 +364,8 @@
     "name": "Command and Scripting Interpreter: Python",
     "version": "v19",
     "cve_refs": [
+      "CVE-2023-44467",
+      "CVE-2024-21513",
       "CVE-2025-49844",
       "MAL-2026-3083"
     ],
@@ -853,6 +858,7 @@
       "CVE-2023-51449",
       "CVE-2023-52163",
       "CVE-2024-12987",
+      "CVE-2024-13059",
       "CVE-2024-1561",
       "CVE-2024-1709",
       "CVE-2024-21575",

package/data/cve-catalog.json CHANGED Viewed

@@ -14127,6 +14127,319 @@
     "_intake_method": "manual-verified-curation",
     "_kev_short_description": "ComfyUI-Bmad-Nodes passes a workflow-supplied string to a dynamic-code-evaluation call (CWE-94), so a crafted workflow yields unauthenticated RCE."
   },
+  "CVE-2024-21513": {
+    "name": "LangChain-Experimental VectorSQLDatabaseChain Code Execution",
+    "type": "RCE",
+    "cvss_score": 8.5,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
+    "cvss_note": "NVD CVSS v3.1 base 8.5 (HIGH). VectorSQLDatabaseChain runs a dynamic-code-evaluation call (eval()) on values retrieved from the database (CWE-94); an attacker controlling the input prompt executes Python.",
+    "cisa_kev": false,
+    "poc_available": true,
+    "poc_description": "Documented in the Snyk / GitHub advisory and Unit 42 LangChain research: a prompt-injection payload steers the chain into executing attacker-controlled Python.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed via Snyk / the LangChain advisories (Unit 42 also analyzed the class). The abused surface is LangChain's experimental chains that execute LLM-generated or prompt-influenced code.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "Prompt-injection-mediated: the LLM-app input prompt is the attack vector that steers code generation/evaluation. Not AI-assisted exploit development, but an AI-native attack surface.",
+    "active_exploitation": "none",
+    "active_exploitation_notes": "Advisory / research disclosure with a coordinated fix; no confirmed in-the-wild exploitation reported as of curation.",
+    "affected": "langchain-experimental 0.0.15 through 0.0.20 (fixed 0.0.21).",
+    "affected_versions": [
+      "langchain-experimental >= 0.0.15, <= 0.0.20"
+    ],
+    "vector": "With VectorSQLDatabaseChain configured, langchain-experimental passes database-retrieved values to a dynamic-code-evaluation call without sanitization (CWE-94). An attacker who controls the input prompt steers what is retrieved/evaluated, achieving arbitrary Python code execution in the application.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N. The precondition is an LLM application exposing the affected experimental chain to attacker-influenced prompts.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "Remediation is upgrading to langchain-experimental 0.0.21 or later; redeploy, no host reboot.",
+    "vendor_update_paths": [
+      "Upgrade to langchain-experimental 0.0.21 or later. Do not expose chains that execute generated code (PALChain, VectorSQLDatabaseChain, LLMMathChain) to untrusted prompts; sandbox or disable code execution and treat all prompt-derived code as untrusted."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SI-2": "Flaw-remediation cadence does not track LLM-orchestration libraries' code-executing chains as managed, RCE-bearing software.",
+      "NIST-800-53-SI-10": "Input-validation control does not cover prompt-influenced strings that an LLM chain turns into executable code.",
+      "ISO-27001-2022-A.8.8": "Vulnerability management rarely enumerates LLM chains that execute generated code as a code-execution surface.",
+      "NIS2-Art21-patch-management": "Article 21 measures do not reach LLM-orchestration code-execution chains as a privileged surface.",
+      "DORA-Art-9": "ICT protection measures do not model prompt-injection-to-code-execution in an LLM app as an ICT-risk event.",
+      "UK-CAF-B4": "System Security objective has no objective for sandboxing code an LLM chain generates or evaluates.",
+      "AU-ISM-1546": "Patch-application control does not single out LLM-orchestration libraries.",
+      "ALL-PROMPT-INJECTION-ACCESS-CONTROL": "No framework treats prompt-influenced input to a code-executing LLM chain as untrusted code; prompt injection becomes arbitrary code execution."
+    },
+    "atlas_refs": [
+      "AML.T0051",
+      "AML.T0011"
+    ],
+    "attack_refs": [
+      "T1059",
+      "T1059.006"
+    ],
+    "rwep_score": 27,
+    "rwep_factors": {
+      "cisa_kev": 0,
+      "poc_available": 20,
+      "ai_factor": 0,
+      "active_exploitation": 0,
+      "blast_radius": 22,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "Standard (RWEP 27, \"patch within 30 days\" band per lib/scoring.js timeline). Not KEV, no confirmed in-the-wild exploitation, patched at/after disclosure (Hard Rule #3). poc_available=20 + blast_radius=22 (langchain-experimental is widely used in LLM apps) minus patch 15.",
+    "epss_score": null,
+    "epss_date": "2026-05-25",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2024-21513",
+    "cwe_refs": [
+      "CWE-94"
+    ],
+    "iocs": {
+      "behavioral": [
+        "An LLM chain (PALChain / VectorSQLDatabaseChain / LLMMathChain) executing or evaluating code derived from a user-supplied prompt.",
+        "Prompt payloads containing Python constructs (the dunder-import builtin, OS command invocations, code embedded in math/SQL fields) reaching a LangChain experimental chain.",
+        "Python subprocess / import activity in an LLM application correlated with a chain invocation.",
+        "langchain-experimental at an affected version (langchain-experimental >= 0.0.15, <= 0.0.20) exposing a code-executing chain to untrusted prompts - the exposed precondition."
+      ],
+      "_ioc_source_note": "Behavioral signatures derived from NVD CVE-2024-21513 (CWE-94) and the Snyk / LangChain advisory + Unit 42 LangChain research (https://unit42.paloaltonetworks.com/langchain-vulnerabilities/)."
+    },
+    "source_verified": "2026-05-25",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2024-21513",
+      "https://github.com/advisories/GHSA-cgcg-p68q-3w7v",
+      "https://unit42.paloaltonetworks.com/langchain-vulnerabilities/"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "Snyk / GitHub Advisory",
+        "advisory_id": "CVE-2024-21513",
+        "url": "https://github.com/advisories/GHSA-cgcg-p68q-3w7v",
+        "severity": "high",
+        "published_date": "2024-07-15"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2024-21513",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21513",
+        "severity": "high",
+        "published_date": "2024-07-15"
+      }
+    ],
+    "last_updated": "2026-05-25",
+    "discovery_attribution_note": "Manually curated from NVD (CWE-94; NIST CVSS 8.5) + Snyk / LangChain advisory + Unit 42 research. Member of the LangChain experimental-chain code-execution family (prompt injection to RCE); distinct from the LangGrinch serialization (CVE-2025-68664) and Chatchat MCP (CVE-2026-30617) entries.",
+    "_auto_imported": false,
+    "_intake_method": "manual-verified-curation",
+    "_kev_short_description": "langchain-experimental's VectorSQLDatabaseChain evaluates prompt-influenced database values as code (CWE-94), giving arbitrary code execution; fixed in 0.0.21."
+  },
+  "CVE-2023-44467": {
+    "name": "LangChain-Experimental PALChain dunder-import Code Execution (CVE-2023-36258 bypass)",
+    "type": "RCE",
+    "cvss_score": 9.8,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "NVD CVSS v3.1 base 9.8 (CRITICAL); NVD assigned no CWE - the operational class is CWE-94 (code injection). PALChain executes generated Python; the dunder-import builtin was not prohibited, bypassing the CVE-2023-36258 fix.",
+    "cisa_kev": false,
+    "poc_available": true,
+    "poc_description": "Documented in the Snyk / GitHub advisory and Unit 42 LangChain research: a prompt-injection payload steers the chain into executing attacker-controlled Python.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed via Snyk / the LangChain advisories (Unit 42 also analyzed the class). The abused surface is LangChain's experimental chains that execute LLM-generated or prompt-influenced code.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "Prompt-injection-mediated: the LLM-app input prompt is the attack vector that steers code generation/evaluation. Not AI-assisted exploit development, but an AI-native attack surface.",
+    "active_exploitation": "none",
+    "active_exploitation_notes": "Advisory / research disclosure with a coordinated fix; no confirmed in-the-wild exploitation reported as of curation.",
+    "affected": "langchain_experimental before 0.0.306 (PALChain).",
+    "affected_versions": [
+      "langchain_experimental < 0.0.306"
+    ],
+    "vector": "PALChain (program-aided language model) executes Python generated from the prompt. The CVE-2023-36258 fix did not prohibit the dunder-import builtin, so a prompt-injection payload using it in the generated code bypasses the restriction and executes arbitrary code (CWE-94).",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N. The precondition is an LLM application exposing the affected experimental chain to attacker-influenced prompts.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "Remediation is upgrading to langchain-experimental 0.0.306 or later; redeploy, no host reboot.",
+    "vendor_update_paths": [
+      "Upgrade to langchain-experimental 0.0.306 or later. Do not expose chains that execute generated code (PALChain, VectorSQLDatabaseChain, LLMMathChain) to untrusted prompts; sandbox or disable code execution and treat all prompt-derived code as untrusted."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SI-2": "Flaw-remediation cadence does not track LLM-orchestration libraries' code-executing chains as managed, RCE-bearing software.",
+      "NIST-800-53-SI-10": "Input-validation control does not cover prompt-influenced strings that an LLM chain turns into executable code.",
+      "ISO-27001-2022-A.8.8": "Vulnerability management rarely enumerates LLM chains that execute generated code as a code-execution surface.",
+      "NIS2-Art21-patch-management": "Article 21 measures do not reach LLM-orchestration code-execution chains as a privileged surface.",
+      "DORA-Art-9": "ICT protection measures do not model prompt-injection-to-code-execution in an LLM app as an ICT-risk event.",
+      "UK-CAF-B4": "System Security objective has no objective for sandboxing code an LLM chain generates or evaluates.",
+      "AU-ISM-1546": "Patch-application control does not single out LLM-orchestration libraries.",
+      "ALL-PROMPT-INJECTION-ACCESS-CONTROL": "No framework treats prompt-influenced input to a code-executing LLM chain as untrusted code; prompt injection becomes arbitrary code execution."
+    },
+    "atlas_refs": [
+      "AML.T0051",
+      "AML.T0011"
+    ],
+    "attack_refs": [
+      "T1059",
+      "T1059.006"
+    ],
+    "rwep_score": 27,
+    "rwep_factors": {
+      "cisa_kev": 0,
+      "poc_available": 20,
+      "ai_factor": 0,
+      "active_exploitation": 0,
+      "blast_radius": 22,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "Standard (RWEP 27, \"patch within 30 days\" band per lib/scoring.js timeline). Not KEV, no confirmed in-the-wild exploitation, patched at/after disclosure (Hard Rule #3). poc_available=20 + blast_radius=22 (langchain-experimental is widely used in LLM apps) minus patch 15.",
+    "epss_score": null,
+    "epss_date": "2026-05-25",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2023-44467",
+    "cwe_refs": [
+      "CWE-94"
+    ],
+    "iocs": {
+      "behavioral": [
+        "An LLM chain (PALChain / VectorSQLDatabaseChain / LLMMathChain) executing or evaluating code derived from a user-supplied prompt.",
+        "Prompt payloads containing Python constructs (the dunder-import builtin, OS command invocations, code embedded in math/SQL fields) reaching a LangChain experimental chain.",
+        "Python subprocess / import activity in an LLM application correlated with a chain invocation.",
+        "langchain-experimental at an affected version (langchain_experimental < 0.0.306) exposing a code-executing chain to untrusted prompts - the exposed precondition."
+      ],
+      "_ioc_source_note": "Behavioral signatures derived from NVD CVE-2023-44467 (CWE-94) and the Snyk / LangChain advisory + Unit 42 LangChain research (https://unit42.paloaltonetworks.com/langchain-vulnerabilities/)."
+    },
+    "source_verified": "2026-05-25",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2023-44467",
+      "https://github.com/advisories/GHSA-gjjr-63x4-v8cq",
+      "https://unit42.paloaltonetworks.com/langchain-vulnerabilities/"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "GitHub Security Advisory",
+        "advisory_id": "GHSA-gjjr-63x4-v8cq",
+        "url": "https://github.com/advisories/GHSA-gjjr-63x4-v8cq",
+        "severity": "critical",
+        "published_date": "2023-10-09"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2023-44467",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-44467",
+        "severity": "critical",
+        "published_date": "2023-10-09"
+      }
+    ],
+    "last_updated": "2026-05-25",
+    "discovery_attribution_note": "Manually curated from NVD (CWE-94; NIST CVSS 9.8) + Snyk / LangChain advisory + Unit 42 research. Member of the LangChain experimental-chain code-execution family (prompt injection to RCE); distinct from the LangGrinch serialization (CVE-2025-68664) and Chatchat MCP (CVE-2026-30617) entries.",
+    "_auto_imported": false,
+    "_intake_method": "manual-verified-curation",
+    "_kev_short_description": "langchain_experimental's PALChain runs prompt-generated Python and did not block the dunder-import builtin, bypassing the CVE-2023-36258 fix for arbitrary code execution; fixed in 0.0.306."
+  },
+  "CVE-2024-13059": {
+    "name": "AnythingLLM Non-ASCII Filename Path Traversal Arbitrary File Write to RCE",
+    "type": "RCE",
+    "cvss_score": 7.2,
+    "cvss_vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "CNA (huntr.dev) CVSS v3.0 base 7.2 (HIGH); NVD has not published its own assessed score for this CVE. Improper handling of non-ASCII filenames in the multer upload library introduces unsanitized ../ sequences (CWE-22), allowing a manager/admin user to write files to arbitrary paths and achieve RCE.",
+    "cisa_kev": false,
+    "poc_available": true,
+    "poc_description": "Documented in OffSec and Nox90 research: a manager/admin uploads a file whose non-ASCII filename transforms into a path-traversal sequence, writing attacker content to an arbitrary location (e.g. a startup script / cron path) for remote code execution.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed via OffSec / Nox90 research. AnythingLLM is a widely used self-hosted RAG / AI chat application; the abused surface is its document-upload handler.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization; path-traversal file write in the AI app's upload handler.",
+    "active_exploitation": "none",
+    "active_exploitation_notes": "Research disclosure with a coordinated fix; no confirmed in-the-wild exploitation reported as of curation.",
+    "affected": "AnythingLLM (mintplex-labs) before 1.3.1.",
+    "affected_versions": [
+      "AnythingLLM < 1.3.1"
+    ],
+    "vector": "AnythingLLM's upload handler relies on the multer library, which mishandles non-ASCII filenames so that a crafted name decodes to include ../ traversal sequences left unsanitized (CWE-22). A manager/admin user uploads such a file to write attacker-controlled content to an arbitrary path; placing it in a system-executed directory yields remote code execution on the host.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:H — requires a manager or admin account, but no user interaction.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "Remediation is upgrading AnythingLLM to 1.3.1 or later; redeploy, no host reboot.",
+    "vendor_update_paths": [
+      "Upgrade AnythingLLM to 1.3.1 or later, restrict manager/admin roles, run the app as a least-privilege user, and do not expose it to untrusted users."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SI-2": "Flaw-remediation cadence does not track self-hosted RAG / AI chat applications as managed, RCE-bearing software.",
+      "NIST-800-53-SI-10": "Input-validation control is not applied to uploaded filenames (including non-ASCII transformations) in the AI app's upload handler.",
+      "ISO-27001-2022-A.8.8": "Vulnerability management rarely enumerates the AI app's upload/file handling as a path-traversal surface.",
+      "NIS2-Art21-patch-management": "Article 21 measures do not reach the self-hosted AI app as a privileged surface.",
+      "DORA-Art-9": "ICT protection measures do not model path-traversal file write in a RAG application as an ICT-risk event.",
+      "UK-CAF-B4": "System Security objective has no objective for validating upload filenames in the AI app.",
+      "AU-ISM-1546": "Patch-application control does not single out self-hosted RAG / AI chat applications.",
+      "ALL-AI-PIPELINE-INTEGRITY": "No framework treats the AI app's document-upload filename as untrusted input reaching the filesystem; a manager-role upload becomes host RCE."
+    },
+    "atlas_refs": [
+      "AML.T0049"
+    ],
+    "attack_refs": [
+      "T1190",
+      "T1059"
+    ],
+    "rwep_score": 25,
+    "rwep_factors": {
+      "cisa_kev": 0,
+      "poc_available": 20,
+      "ai_factor": 0,
+      "active_exploitation": 0,
+      "blast_radius": 20,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "Standard (RWEP 25, \"patch within 30 days\" band per lib/scoring.js timeline). Not KEV, no confirmed in-the-wild exploitation, patched at disclosure (Hard Rule #3); requires a manager/admin account (PR:H), which lowers reachability. poc_available=20 + blast_radius=20 minus patch 15.",
+    "epss_score": null,
+    "epss_date": "2026-05-25",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2024-13059",
+    "cwe_refs": [
+      "CWE-22"
+    ],
+    "iocs": {
+      "behavioral": [
+        "AnythingLLM document uploads with non-ASCII filenames that decode to include ../ traversal sequences.",
+        "Files written by AnythingLLM outside its intended document-storage directory (startup scripts, cron paths, app directories).",
+        "Code execution on the AnythingLLM host following a manager/admin file upload.",
+        "AnythingLLM < 1.3.1 with manager/admin accounts reachable by untrusted users — the exposed precondition."
+      ],
+      "_ioc_source_note": "Behavioral signatures derived from NVD CVE-2024-13059 (CWE-22) and the OffSec / Nox90 research (https://www.offsec.com/blog/cve-2024-13059/). The non-ASCII-filename multer traversal is the indicator anchor."
+    },
+    "source_verified": "2026-05-25",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2024-13059",
+      "https://www.offsec.com/blog/cve-2024-13059/"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "OffSec / Nox90 research",
+        "advisory_id": "CVE-2024-13059",
+        "url": "https://www.offsec.com/blog/cve-2024-13059/",
+        "severity": "high",
+        "published_date": "2025-02-10"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2024-13059",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-13059",
+        "severity": "high",
+        "published_date": "2025-02-10"
+      }
+    ],
+    "last_updated": "2026-05-25",
+    "discovery_attribution_note": "Manually curated from NVD (CWE-22; CNA huntr.dev CVSS 7.2, no NVD-assessed score) + OffSec / Nox90 research. AnythingLLM upload path-traversal to RCE; same path-traversal class as the Ollama API entries (shares NEW-CTRL-094).",
+    "_auto_imported": false,
+    "_intake_method": "manual-verified-curation",
+    "_kev_short_description": "AnythingLLM's upload handler mishandles non-ASCII filenames (multer) so a manager/admin upload path-traverses to an arbitrary write and RCE (CWE-22); fixed in 1.3.1."
+  },
   "CVE-2026-41091": {
     "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
     "type": "LPE",

package/data/cwe-catalog.json CHANGED Viewed

@@ -96,6 +96,7 @@
       "CVE-2023-43472",
       "CVE-2023-51449",
       "CVE-2024-0769",
+      "CVE-2024-13059",
       "CVE-2024-1561",
       "CVE-2024-1708",
       "CVE-2024-37032",
@@ -373,6 +374,8 @@
       "CVE-2017-1000353",
       "CVE-2020-25078",
       "CVE-2022-48503",
+      "CVE-2023-44467",
+      "CVE-2024-21513",
       "CVE-2024-21576",
       "CVE-2024-27132",
       "CVE-2024-56145",

package/data/framework-control-gaps.json CHANGED Viewed

@@ -42,6 +42,7 @@
       "CVE-2024-11392",
       "CVE-2024-11393",
       "CVE-2024-11394",
+      "CVE-2024-13059",
       "CVE-2024-1561",
       "CVE-2024-21575",
       "CVE-2024-21576",
@@ -145,6 +146,8 @@
     "status": "open",
     "opened_date": "2026-01-01",
     "evidence_cves": [
+      "CVE-2023-44467",
+      "CVE-2024-21513",
       "CVE-2026-25592"
     ],
     "atlas_refs": [
@@ -1379,6 +1382,7 @@
       "CVE-2023-41974",
       "CVE-2023-43000",
       "CVE-2023-43654",
+      "CVE-2023-44467",
       "CVE-2023-50224",
       "CVE-2023-51449",
       "CVE-2023-52163",
@@ -1388,8 +1392,10 @@
       "CVE-2024-11393",
       "CVE-2024-11394",
       "CVE-2024-12987",
+      "CVE-2024-13059",
       "CVE-2024-1561",
       "CVE-2024-1708",
+      "CVE-2024-21513",
       "CVE-2024-21575",
       "CVE-2024-21576",
       "CVE-2024-21762",
@@ -1803,13 +1809,16 @@
     "evidence_cves": [
       "CVE-2022-1471",
       "CVE-2023-43654",
+      "CVE-2023-44467",
       "CVE-2023-48022",
       "CVE-2023-51449",
       "CVE-2024-0132",
       "CVE-2024-11392",
       "CVE-2024-11393",
       "CVE-2024-11394",
+      "CVE-2024-13059",
       "CVE-2024-1561",
+      "CVE-2024-21513",
       "CVE-2024-21575",
       "CVE-2024-21576",
       "CVE-2024-27132",
@@ -2264,9 +2273,12 @@
     "status": "open",
     "opened_date": "2026-05-13",
     "evidence_cves": [
+      "CVE-2023-44467",
       "CVE-2024-11392",
       "CVE-2024-11393",
       "CVE-2024-11394",
+      "CVE-2024-13059",
+      "CVE-2024-21513",
       "CVE-2024-27132",
       "CVE-2024-37032",
       "CVE-2024-39722",
@@ -2419,6 +2431,7 @@
       "CVE-2023-41974",
       "CVE-2023-43000",
       "CVE-2023-43654",
+      "CVE-2023-44467",
       "CVE-2023-50224",
       "CVE-2023-51449",
       "CVE-2023-52163",
@@ -2429,8 +2442,10 @@
       "CVE-2024-11393",
       "CVE-2024-11394",
       "CVE-2024-12987",
+      "CVE-2024-13059",
       "CVE-2024-1561",
       "CVE-2024-1708",
+      "CVE-2024-21513",
       "CVE-2024-21575",
       "CVE-2024-21576",
       "CVE-2024-21762",
@@ -4920,13 +4935,16 @@
     "evidence_cves": [
       "CVE-2022-1471",
       "CVE-2023-43654",
+      "CVE-2023-44467",
       "CVE-2023-48022",
       "CVE-2023-51449",
       "CVE-2024-0132",
       "CVE-2024-11392",
       "CVE-2024-11393",
       "CVE-2024-11394",
+      "CVE-2024-13059",
       "CVE-2024-1561",
+      "CVE-2024-21513",
       "CVE-2024-21575",
       "CVE-2024-21576",
       "CVE-2024-21762",
@@ -5459,12 +5477,15 @@
     "status": "open",
     "opened_date": "2026-05-17",
     "evidence_cves": [
+      "CVE-2023-44467",
       "CVE-2023-51449",
       "CVE-2024-0132",
       "CVE-2024-11392",
       "CVE-2024-11393",
       "CVE-2024-11394",
+      "CVE-2024-13059",
       "CVE-2024-1561",
+      "CVE-2024-21513",
       "CVE-2024-21575",
       "CVE-2024-21576",
       "CVE-2024-21762",
@@ -5539,13 +5560,16 @@
     "evidence_cves": [
       "CVE-2022-1471",
       "CVE-2023-43654",
+      "CVE-2023-44467",
       "CVE-2023-48022",
       "CVE-2023-51449",
       "CVE-2024-0132",
       "CVE-2024-11392",
       "CVE-2024-11393",
       "CVE-2024-11394",
+      "CVE-2024-13059",
       "CVE-2024-1561",
+      "CVE-2024-21513",
       "CVE-2024-21575",
       "CVE-2024-21576",
       "CVE-2024-21762",