@blamejs/exceptd-skills 0.13.93 → 0.13.95

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +8 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +770 -0
  6. package/data/atlas-ttps.json +1 -0
  7. package/data/attack-techniques.json +3 -0
  8. package/data/cve-catalog.json +206 -1
  9. package/data/cwe-catalog.json +2 -0
  10. package/data/framework-control-gaps.json +16 -0
  11. package/data/zeroday-lessons.json +100 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/CHANGELOG.md CHANGED
@@ -1,5 +1,13 @@
1
1
  # Changelog
2
2
 
3
+ ## 0.13.95 — 2026-05-25
4
+
5
+ CVE catalog — LlamaIndex CLI command injection. Adds **CVE-2025-1753** (CWE-78, CNA huntr.dev CVSS 7.8; NVD has not assigned its own score): the LlamaIndex CLI builds a shell command from the user-supplied `--files` argument and runs it without neutralization, so shell metacharacters execute arbitrary OS commands; the fix adds shlex escaping. Maps ATT&CK T1059, with a zero-day lesson (NEW-CTRL-100) requiring AI-framework CLIs/tools to use argv-array execution or shlex neutralization rather than building shell strings from arguments — the same root cause as the MCP-stdio command-injection family, applied to a framework CLI. CVE count 369 → 370.
6
+
7
+ ## 0.13.94 — 2026-05-25
8
+
9
+ CVE catalog — AnythingLLM upload path traversal to RCE. Adds **CVE-2024-13059** (CWE-22, NIST CVSS 7.2): AnythingLLM's multer-based upload handler mishandles non-ASCII filenames so they decode into `../` traversal sequences, letting a manager/admin user write attacker content to an arbitrary path (e.g. a startup script) and achieve remote code execution on the host; fixed in 1.3.1. Maps ATLAS AML.T0049 and ATT&CK T1190 / T1059, and reuses the runtime-API path-traversal control (NEW-CTRL-094) shared with the Ollama entries — AI-app file/path inputs must be canonicalized and validated, including non-ASCII transforms, before touching the filesystem. CVE count 368 → 369.
10
+
3
11
  ## 0.13.93 — 2026-05-25
4
12
 
5
13
  CVE catalog — LangChain experimental-chain code execution (prompt injection to RCE). Adds the canonical class where an LLM chain turns prompt-influenced input into executed Python. **CVE-2024-21513** (langchain-experimental, CWE-94, NIST CVSS 8.5) — VectorSQLDatabaseChain evaluates database values as code, so an attacker controlling the input prompt achieves arbitrary code execution; fixed in 0.0.21. **CVE-2023-44467** (langchain_experimental PALChain, CWE-94, NIST CVSS 9.8) — PALChain executes prompt-generated Python and did not block the dunder-import builtin, bypassing the earlier CVE-2023-36258 fix; fixed in 0.0.306. Both map ATLAS AML.T0051 (LLM prompt injection) + AML.T0011 and ATT&CK T1059 / T1059.006, and their shared zero-day lesson (NEW-CTRL-099) requires chains that execute generated code to sandbox or disable it — builtin denylists are an incomplete fix. Distinct from the existing LangChain entries (LangGrinch serialization, Chatchat MCP). CVE count 366 → 368.
package/data/_indexes/_meta.json CHANGED
@@ -1,21 +1,21 @@
1
1
  {
2
2
  "schema_version": "1.1.0",
3
- "generated_at": "2026-05-26T02:33:31.075Z",
3
+ "generated_at": "2026-05-26T03:30:30.490Z",
4
4
  "generator": "scripts/build-indexes.js",
5
5
  "source_count": 54,
6
6
  "source_hashes": {
7
- "manifest.json": "cb92f7a7f61228eb5632fbaeaa386b953c90bc2016eb9f84a7f2bb9f8f3013b1",
8
- "data/atlas-ttps.json": "e3d139160b51eac0360f4bee92be52e77e0e441f8596b32f04e8bd6f29c1acd9",
9
- "data/attack-techniques.json": "4f269298532ae7ef304b2f5e52dbb72e8d363e0f1d29dca7c691a7f15d23b7e5",
10
- "data/cve-catalog.json": "0fae8ec235920068e1ea3bed6f3280e920feb2aa82bcb185a8dee42f419c3242",
11
- "data/cwe-catalog.json": "1f2d77ee7d83e6aa113055f620a1c56d9287392c8c0a3fb8336abc52ce53d8fd",
7
+ "manifest.json": "ca9e058f24dff42048d0dbd2bc1cbe43d1bb6952a725ae3cd2b1d008d600d3ec",
8
+ "data/atlas-ttps.json": "00c4cd73790a452917a61423c12ecdaf4a7dd27544a9239665fbef4779ba0c6a",
9
+ "data/attack-techniques.json": "b3f989c348815c79f76a23ce147222e64e92e405f73fdfb60504691c05462b38",
10
+ "data/cve-catalog.json": "726ebd2d7428346544d033f7e05b10c9ca527d6fea545accb23b3646a9209760",
11
+ "data/cwe-catalog.json": "5298d58103a45efe5149c96f578416fe49f517da84a69560063f6dd7ff0dbca4",
12
12
  "data/d3fend-catalog.json": "9a54bccb9f24f84b32024216cc3f53819a053721ac8ab43c326859e68fc0ffaf",
13
13
  "data/dlp-controls.json": "d2406c482dddd30e49203879999dc4b3a7fd4d0494d6a61d86b91ee76415df19",
14
14
  "data/exploit-availability.json": "ec2656f0d9a893610e27b43eb6035fe9b18e057c9f6dfaac7e7d4959bbcbb795",
15
- "data/framework-control-gaps.json": "818c34517b1612cf391379898ae3da6fba16523af1d15df61f7c82823ce5f338",
15
+ "data/framework-control-gaps.json": "e2db0d9fa8e439ff79f8e65ec66fc260cbc83ca2b22ef4455c6a551aef8c14fe",
16
16
  "data/global-frameworks.json": "9ba563a85f7f8d6c3c957de64945e20925a89d0ed6ea6fc561cf093811acf558",
17
17
  "data/rfc-references.json": "66ef2e1f444a2cf0c2700a754f0a66030bb8a91d9e68394b9537ea1fe8b904fe",
18
- "data/zeroday-lessons.json": "20a009550c9f4b9d4cbb79aaec1883cc2db4cc0353238f4c8583aa1f1a622e9b",
18
+ "data/zeroday-lessons.json": "1075c96dff51cc9834ebf1c013203e0ad5a81e09366e10fe16a4a5aa4ca77e46",
19
19
  "skills/kernel-lpe-triage/skill.md": "08b3e9815ba481c57c80f5fc0ccbf5bb7cbb41f570c235ba6ff9596b8c07354d",
20
20
  "skills/ai-attack-surface/skill.md": "c4c1eb22a38ca7a959b5725222bab8fbd4f4044a548a93f3e288e6f698334b72",
21
21
  "skills/mcp-agent-trust/skill.md": "89ac89084391d2341b6513fefb1be2d36b93de1c130f057696219c1c59440f13",
@@ -72,7 +72,7 @@
72
72
  "dlp_refs": 0
73
73
  },
74
74
  "trigger_table_entries": 538,
75
- "chains_cve_entries": 357,
75
+ "chains_cve_entries": 359,
76
76
  "chains_cwe_entries": 171,
77
77
  "jurisdictions_indexed": 29,
78
78
  "handoff_dag_nodes": 42,
package/data/_indexes/activity-feed.json CHANGED
@@ -149,7 +149,7 @@
149
149
  "artifact": "data/cve-catalog.json",
150
150
  "path": "data/cve-catalog.json",
151
151
  "schema_version": "1.0.0",
152
- "entry_count": 368
152
+ "entry_count": 370
153
153
  },
154
154
  {
155
155
  "date": "2026-05-18",
@@ -165,7 +165,7 @@
165
165
  "artifact": "data/zeroday-lessons.json",
166
166
  "path": "data/zeroday-lessons.json",
167
167
  "schema_version": "1.1.0",
168
- "entry_count": 363
168
+ "entry_count": 365
169
169
  },
170
170
  {
171
171
  "date": "2026-05-17",
package/data/_indexes/catalog-summaries.json CHANGED
@@ -62,7 +62,7 @@
62
62
  "rebuild_after_days": 365,
63
63
  "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
64
64
  },
65
- "entry_count": 368,
65
+ "entry_count": 370,
66
66
  "sample_keys": [
67
67
  "CVE-2025-53773",
68
68
  "CVE-2026-30615",
@@ -238,7 +238,7 @@
238
238
  "rebuild_after_days": 365,
239
239
  "note": "Per-entry last_verified governs decay. Skills depending on this catalog must check entry freshness before high-stakes use."
240
240
  },
241
- "entry_count": 363,
241
+ "entry_count": 365,
242
242
  "sample_keys": [
243
243
  "CVE-2026-31431",
244
244
  "CVE-2025-53773",