@blamejs/exceptd-skills 0.13.95 → 0.13.96

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. package/CHANGELOG.md +4 -0
  2. package/data/_indexes/_meta.json +9 -9
  3. package/data/_indexes/activity-feed.json +2 -2
  4. package/data/_indexes/catalog-summaries.json +2 -2
  5. package/data/_indexes/chains.json +770 -0
  6. package/data/atlas-ttps.json +4 -0
  7. package/data/attack-techniques.json +4 -0
  8. package/data/cve-catalog.json +208 -0
  9. package/data/cwe-catalog.json +2 -0
  10. package/data/framework-control-gaps.json +16 -0
  11. package/data/zeroday-lessons.json +100 -0
  12. package/manifest.json +44 -44
  13. package/package.json +2 -2
  14. package/sbom.cdx.json +25 -25
package/data/_indexes/chains.json CHANGED
@@ -34639,6 +34639,730 @@
34639
34639
  ]
34640
34640
  }
34641
34641
  },
34642
+ "CVE-2024-6587": {
34643
+ "name": "BerriAI LiteLLM api_base SSRF API-Key Interception",
34644
+ "rwep": 29,
34645
+ "cvss": 7.5,
34646
+ "cisa_kev": false,
34647
+ "epss_score": null,
34648
+ "referencing_skills": [
34649
+ "kernel-lpe-triage",
34650
+ "ai-attack-surface",
34651
+ "compliance-theater",
34652
+ "attack-surface-pentest",
34653
+ "ot-ics-security",
34654
+ "coordinated-vuln-disclosure",
34655
+ "sector-energy"
34656
+ ],
34657
+ "chain": {
34658
+ "cwes": [
34659
+ {
34660
+ "id": "CWE-1037",
34661
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
34662
+ "category": "Hardware / Side Channel"
34663
+ },
34664
+ {
34665
+ "id": "CWE-1039",
34666
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
34667
+ "category": "AI/ML"
34668
+ },
34669
+ {
34670
+ "id": "CWE-125",
34671
+ "name": "Out-of-bounds Read",
34672
+ "category": "Memory Safety"
34673
+ },
34674
+ {
34675
+ "id": "CWE-1357",
34676
+ "name": "Reliance on Insufficiently Trustworthy Component",
34677
+ "category": "Supply Chain"
34678
+ },
34679
+ {
34680
+ "id": "CWE-1395",
34681
+ "name": "Dependency on Vulnerable Third-Party Component",
34682
+ "category": "Supply Chain"
34683
+ },
34684
+ {
34685
+ "id": "CWE-1426",
34686
+ "name": "Improper Validation of Generative AI Output",
34687
+ "category": "AI/ML"
34688
+ },
34689
+ {
34690
+ "id": "CWE-22",
34691
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
34692
+ "category": "Path/Resource"
34693
+ },
34694
+ {
34695
+ "id": "CWE-269",
34696
+ "name": "Improper Privilege Management",
34697
+ "category": "Authorization"
34698
+ },
34699
+ {
34700
+ "id": "CWE-287",
34701
+ "name": "Improper Authentication",
34702
+ "category": "Authentication"
34703
+ },
34704
+ {
34705
+ "id": "CWE-306",
34706
+ "name": "Missing Authentication for Critical Function",
34707
+ "category": "Authentication"
34708
+ },
34709
+ {
34710
+ "id": "CWE-352",
34711
+ "name": "Cross-Site Request Forgery (CSRF)",
34712
+ "category": "Session"
34713
+ },
34714
+ {
34715
+ "id": "CWE-362",
34716
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
34717
+ "category": "Concurrency"
34718
+ },
34719
+ {
34720
+ "id": "CWE-416",
34721
+ "name": "Use After Free",
34722
+ "category": "Memory Safety"
34723
+ },
34724
+ {
34725
+ "id": "CWE-434",
34726
+ "name": "Unrestricted Upload of File with Dangerous Type",
34727
+ "category": "File Handling"
34728
+ },
34729
+ {
34730
+ "id": "CWE-672",
34731
+ "name": "Operation on a Resource after Expiration or Release",
34732
+ "category": "Memory Safety"
34733
+ },
34734
+ {
34735
+ "id": "CWE-732",
34736
+ "name": "Incorrect Permission Assignment for Critical Resource",
34737
+ "category": "Authorization"
34738
+ },
34739
+ {
34740
+ "id": "CWE-78",
34741
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
34742
+ "category": "Injection"
34743
+ },
34744
+ {
34745
+ "id": "CWE-787",
34746
+ "name": "Out-of-bounds Write",
34747
+ "category": "Memory Safety"
34748
+ },
34749
+ {
34750
+ "id": "CWE-79",
34751
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
34752
+ "category": "Injection"
34753
+ },
34754
+ {
34755
+ "id": "CWE-798",
34756
+ "name": "Use of Hard-coded Credentials",
34757
+ "category": "Credentials"
34758
+ },
34759
+ {
34760
+ "id": "CWE-89",
34761
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
34762
+ "category": "Injection"
34763
+ },
34764
+ {
34765
+ "id": "CWE-918",
34766
+ "name": "Server-Side Request Forgery (SSRF)",
34767
+ "category": "Network"
34768
+ },
34769
+ {
34770
+ "id": "CWE-94",
34771
+ "name": "Improper Control of Generation of Code (Code Injection)",
34772
+ "category": "Injection"
34773
+ }
34774
+ ],
34775
+ "atlas": [
34776
+ {
34777
+ "id": "AML.T0010",
34778
+ "name": "ML Supply Chain Compromise",
34779
+ "tactic": "Initial Access"
34780
+ },
34781
+ {
34782
+ "id": "AML.T0016",
34783
+ "name": "Obtain Capabilities: Develop Capabilities",
34784
+ "tactic": "Resource Development"
34785
+ },
34786
+ {
34787
+ "id": "AML.T0017",
34788
+ "name": "Discover ML Model Ontology",
34789
+ "tactic": "Discovery"
34790
+ },
34791
+ {
34792
+ "id": "AML.T0018",
34793
+ "name": "Backdoor ML Model",
34794
+ "tactic": "Persistence"
34795
+ },
34796
+ {
34797
+ "id": "AML.T0020",
34798
+ "name": "Poison Training Data",
34799
+ "tactic": "ML Attack Staging"
34800
+ },
34801
+ {
34802
+ "id": "AML.T0043",
34803
+ "name": "Craft Adversarial Data",
34804
+ "tactic": "ML Attack Staging"
34805
+ },
34806
+ {
34807
+ "id": "AML.T0051",
34808
+ "name": "LLM Prompt Injection",
34809
+ "tactic": "Execution"
34810
+ },
34811
+ {
34812
+ "id": "AML.T0054",
34813
+ "name": "LLM Jailbreak",
34814
+ "tactic": "Defense Evasion"
34815
+ },
34816
+ {
34817
+ "id": "AML.T0096",
34818
+ "name": "AI API as Covert C2 Channel",
34819
+ "tactic": "Command and Control"
34820
+ }
34821
+ ],
34822
+ "d3fend": [
34823
+ {
34824
+ "id": "D3-ASLR",
34825
+ "name": "Address Space Layout Randomization",
34826
+ "tactic": "Harden"
34827
+ },
34828
+ {
34829
+ "id": "D3-CSPP",
34830
+ "name": "Client-server Payload Profiling",
34831
+ "tactic": "Detect"
34832
+ },
34833
+ {
34834
+ "id": "D3-EAL",
34835
+ "name": "Executable Allowlisting",
34836
+ "tactic": "Harden"
34837
+ },
34838
+ {
34839
+ "id": "D3-IOPR",
34840
+ "name": "Input/Output Profiling Resource",
34841
+ "tactic": "Detect"
34842
+ },
34843
+ {
34844
+ "id": "D3-NTA",
34845
+ "name": "Network Traffic Analysis",
34846
+ "tactic": "Detect"
34847
+ },
34848
+ {
34849
+ "id": "D3-PHRA",
34850
+ "name": "Process Hardware Resource Access",
34851
+ "tactic": "Isolate"
34852
+ },
34853
+ {
34854
+ "id": "D3-PSEP",
34855
+ "name": "Process Segment Execution Prevention",
34856
+ "tactic": "Harden"
34857
+ }
34858
+ ],
34859
+ "framework_gaps": [
34860
+ {
34861
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
34862
+ "framework": "ALL",
34863
+ "control_name": "AI Pipeline Integrity"
34864
+ },
34865
+ {
34866
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
34867
+ "framework": "ALL",
34868
+ "control_name": "Prompt Injection as Access Control Failure"
34869
+ },
34870
+ {
34871
+ "id": "CIS-Controls-v8-Control7",
34872
+ "framework": "CIS Controls v8",
34873
+ "control_name": "Continuous Vulnerability Management"
34874
+ },
34875
+ {
34876
+ "id": "CMMC-2.0-Level-2",
34877
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
34878
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
34879
+ },
34880
+ {
34881
+ "id": "FedRAMP-Rev5-Moderate",
34882
+ "framework": "FedRAMP Rev 5 Moderate",
34883
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
34884
+ },
34885
+ {
34886
+ "id": "IEC-62443-3-3",
34887
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
34888
+ "control_name": "System security requirements and security levels"
34889
+ },
34890
+ {
34891
+ "id": "ISO-27001-2022-A.8.28",
34892
+ "framework": "ISO/IEC 27001:2022",
34893
+ "control_name": "Secure coding"
34894
+ },
34895
+ {
34896
+ "id": "ISO-27001-2022-A.8.8",
34897
+ "framework": "ISO/IEC 27001:2022",
34898
+ "control_name": "Management of technical vulnerabilities"
34899
+ },
34900
+ {
34901
+ "id": "ISO-IEC-23894-2023-clause-7",
34902
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
34903
+ "control_name": "AI risk management process"
34904
+ },
34905
+ {
34906
+ "id": "NERC-CIP-007-6-R4",
34907
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
34908
+ "control_name": "Security event monitoring"
34909
+ },
34910
+ {
34911
+ "id": "NIS2-Art21-patch-management",
34912
+ "framework": "EU NIS2 Directive",
34913
+ "control_name": "Vulnerability handling and disclosure"
34914
+ },
34915
+ {
34916
+ "id": "NIST-800-115",
34917
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
34918
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
34919
+ },
34920
+ {
34921
+ "id": "NIST-800-218-SSDF",
34922
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
34923
+ "control_name": "Secure Software Development Framework"
34924
+ },
34925
+ {
34926
+ "id": "NIST-800-53-AC-2",
34927
+ "framework": "NIST SP 800-53 Rev 5",
34928
+ "control_name": "Account Management"
34929
+ },
34930
+ {
34931
+ "id": "NIST-800-53-SC-8",
34932
+ "framework": "NIST SP 800-53 Rev 5",
34933
+ "control_name": "Transmission Confidentiality and Integrity"
34934
+ },
34935
+ {
34936
+ "id": "NIST-800-53-SI-2",
34937
+ "framework": "NIST SP 800-53 Rev 5",
34938
+ "control_name": "Flaw Remediation"
34939
+ },
34940
+ {
34941
+ "id": "NIST-800-53-SI-3",
34942
+ "framework": "NIST SP 800-53 Rev 5",
34943
+ "control_name": "Malicious Code Protection"
34944
+ },
34945
+ {
34946
+ "id": "NIST-800-82r3",
34947
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
34948
+ "control_name": "Guide to Operational Technology (OT) Security"
34949
+ },
34950
+ {
34951
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
34952
+ "framework": "OWASP Top 10 for LLM Applications 2025",
34953
+ "control_name": "Prompt Injection"
34954
+ },
34955
+ {
34956
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
34957
+ "framework": "OWASP Top 10 for LLM Applications 2025",
34958
+ "control_name": "Sensitive Information Disclosure"
34959
+ },
34960
+ {
34961
+ "id": "OWASP-Pen-Testing-Guide-v5",
34962
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
34963
+ "control_name": "Web application penetration testing methodology"
34964
+ },
34965
+ {
34966
+ "id": "PCI-DSS-4.0-6.3.3",
34967
+ "framework": "PCI DSS 4.0",
34968
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
34969
+ },
34970
+ {
34971
+ "id": "PTES-Pre-engagement",
34972
+ "framework": "Penetration Testing Execution Standard (PTES)",
34973
+ "control_name": "Pre-engagement Interactions"
34974
+ },
34975
+ {
34976
+ "id": "SOC2-CC6-logical-access",
34977
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
34978
+ "control_name": "Logical and Physical Access Controls"
34979
+ },
34980
+ {
34981
+ "id": "SOC2-CC9-vendor-management",
34982
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
34983
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
34984
+ }
34985
+ ],
34986
+ "attack_refs": [
34987
+ "T0855",
34988
+ "T0883",
34989
+ "T1059",
34990
+ "T1068",
34991
+ "T1078",
34992
+ "T1133",
34993
+ "T1190",
34994
+ "T1548.001",
34995
+ "T1566"
34996
+ ],
34997
+ "rfc_refs": [
34998
+ "RFC-4301",
34999
+ "RFC-4303",
35000
+ "RFC-7296"
35001
+ ]
35002
+ }
35003
+ },
35004
+ "CVE-2024-4889": {
35005
+ "name": "BerriAI LiteLLM Config Code Injection via UI_LOGO_PATH / KMS",
35006
+ "rwep": 27,
35007
+ "cvss": 7.2,
35008
+ "cisa_kev": false,
35009
+ "epss_score": null,
35010
+ "referencing_skills": [
35011
+ "kernel-lpe-triage",
35012
+ "ai-attack-surface",
35013
+ "compliance-theater",
35014
+ "attack-surface-pentest",
35015
+ "ot-ics-security",
35016
+ "coordinated-vuln-disclosure",
35017
+ "sector-energy"
35018
+ ],
35019
+ "chain": {
35020
+ "cwes": [
35021
+ {
35022
+ "id": "CWE-1037",
35023
+ "name": "Processor Optimization Removal or Modification of Security-critical Code",
35024
+ "category": "Hardware / Side Channel"
35025
+ },
35026
+ {
35027
+ "id": "CWE-1039",
35028
+ "name": "Automated Recognition Mechanism with Inadequate Detection or Handling of Adversarial Input Perturbations",
35029
+ "category": "AI/ML"
35030
+ },
35031
+ {
35032
+ "id": "CWE-125",
35033
+ "name": "Out-of-bounds Read",
35034
+ "category": "Memory Safety"
35035
+ },
35036
+ {
35037
+ "id": "CWE-1357",
35038
+ "name": "Reliance on Insufficiently Trustworthy Component",
35039
+ "category": "Supply Chain"
35040
+ },
35041
+ {
35042
+ "id": "CWE-1395",
35043
+ "name": "Dependency on Vulnerable Third-Party Component",
35044
+ "category": "Supply Chain"
35045
+ },
35046
+ {
35047
+ "id": "CWE-1426",
35048
+ "name": "Improper Validation of Generative AI Output",
35049
+ "category": "AI/ML"
35050
+ },
35051
+ {
35052
+ "id": "CWE-22",
35053
+ "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
35054
+ "category": "Path/Resource"
35055
+ },
35056
+ {
35057
+ "id": "CWE-269",
35058
+ "name": "Improper Privilege Management",
35059
+ "category": "Authorization"
35060
+ },
35061
+ {
35062
+ "id": "CWE-287",
35063
+ "name": "Improper Authentication",
35064
+ "category": "Authentication"
35065
+ },
35066
+ {
35067
+ "id": "CWE-306",
35068
+ "name": "Missing Authentication for Critical Function",
35069
+ "category": "Authentication"
35070
+ },
35071
+ {
35072
+ "id": "CWE-352",
35073
+ "name": "Cross-Site Request Forgery (CSRF)",
35074
+ "category": "Session"
35075
+ },
35076
+ {
35077
+ "id": "CWE-362",
35078
+ "name": "Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)",
35079
+ "category": "Concurrency"
35080
+ },
35081
+ {
35082
+ "id": "CWE-416",
35083
+ "name": "Use After Free",
35084
+ "category": "Memory Safety"
35085
+ },
35086
+ {
35087
+ "id": "CWE-434",
35088
+ "name": "Unrestricted Upload of File with Dangerous Type",
35089
+ "category": "File Handling"
35090
+ },
35091
+ {
35092
+ "id": "CWE-672",
35093
+ "name": "Operation on a Resource after Expiration or Release",
35094
+ "category": "Memory Safety"
35095
+ },
35096
+ {
35097
+ "id": "CWE-732",
35098
+ "name": "Incorrect Permission Assignment for Critical Resource",
35099
+ "category": "Authorization"
35100
+ },
35101
+ {
35102
+ "id": "CWE-78",
35103
+ "name": "Improper Neutralization of Special Elements used in an OS Command (OS Command Injection)",
35104
+ "category": "Injection"
35105
+ },
35106
+ {
35107
+ "id": "CWE-787",
35108
+ "name": "Out-of-bounds Write",
35109
+ "category": "Memory Safety"
35110
+ },
35111
+ {
35112
+ "id": "CWE-79",
35113
+ "name": "Improper Neutralization of Input During Web Page Generation (Cross-site Scripting)",
35114
+ "category": "Injection"
35115
+ },
35116
+ {
35117
+ "id": "CWE-798",
35118
+ "name": "Use of Hard-coded Credentials",
35119
+ "category": "Credentials"
35120
+ },
35121
+ {
35122
+ "id": "CWE-89",
35123
+ "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
35124
+ "category": "Injection"
35125
+ },
35126
+ {
35127
+ "id": "CWE-918",
35128
+ "name": "Server-Side Request Forgery (SSRF)",
35129
+ "category": "Network"
35130
+ },
35131
+ {
35132
+ "id": "CWE-94",
35133
+ "name": "Improper Control of Generation of Code (Code Injection)",
35134
+ "category": "Injection"
35135
+ }
35136
+ ],
35137
+ "atlas": [
35138
+ {
35139
+ "id": "AML.T0010",
35140
+ "name": "ML Supply Chain Compromise",
35141
+ "tactic": "Initial Access"
35142
+ },
35143
+ {
35144
+ "id": "AML.T0016",
35145
+ "name": "Obtain Capabilities: Develop Capabilities",
35146
+ "tactic": "Resource Development"
35147
+ },
35148
+ {
35149
+ "id": "AML.T0017",
35150
+ "name": "Discover ML Model Ontology",
35151
+ "tactic": "Discovery"
35152
+ },
35153
+ {
35154
+ "id": "AML.T0018",
35155
+ "name": "Backdoor ML Model",
35156
+ "tactic": "Persistence"
35157
+ },
35158
+ {
35159
+ "id": "AML.T0020",
35160
+ "name": "Poison Training Data",
35161
+ "tactic": "ML Attack Staging"
35162
+ },
35163
+ {
35164
+ "id": "AML.T0043",
35165
+ "name": "Craft Adversarial Data",
35166
+ "tactic": "ML Attack Staging"
35167
+ },
35168
+ {
35169
+ "id": "AML.T0051",
35170
+ "name": "LLM Prompt Injection",
35171
+ "tactic": "Execution"
35172
+ },
35173
+ {
35174
+ "id": "AML.T0054",
35175
+ "name": "LLM Jailbreak",
35176
+ "tactic": "Defense Evasion"
35177
+ },
35178
+ {
35179
+ "id": "AML.T0096",
35180
+ "name": "AI API as Covert C2 Channel",
35181
+ "tactic": "Command and Control"
35182
+ }
35183
+ ],
35184
+ "d3fend": [
35185
+ {
35186
+ "id": "D3-ASLR",
35187
+ "name": "Address Space Layout Randomization",
35188
+ "tactic": "Harden"
35189
+ },
35190
+ {
35191
+ "id": "D3-CSPP",
35192
+ "name": "Client-server Payload Profiling",
35193
+ "tactic": "Detect"
35194
+ },
35195
+ {
35196
+ "id": "D3-EAL",
35197
+ "name": "Executable Allowlisting",
35198
+ "tactic": "Harden"
35199
+ },
35200
+ {
35201
+ "id": "D3-IOPR",
35202
+ "name": "Input/Output Profiling Resource",
35203
+ "tactic": "Detect"
35204
+ },
35205
+ {
35206
+ "id": "D3-NTA",
35207
+ "name": "Network Traffic Analysis",
35208
+ "tactic": "Detect"
35209
+ },
35210
+ {
35211
+ "id": "D3-PHRA",
35212
+ "name": "Process Hardware Resource Access",
35213
+ "tactic": "Isolate"
35214
+ },
35215
+ {
35216
+ "id": "D3-PSEP",
35217
+ "name": "Process Segment Execution Prevention",
35218
+ "tactic": "Harden"
35219
+ }
35220
+ ],
35221
+ "framework_gaps": [
35222
+ {
35223
+ "id": "ALL-AI-PIPELINE-INTEGRITY",
35224
+ "framework": "ALL",
35225
+ "control_name": "AI Pipeline Integrity"
35226
+ },
35227
+ {
35228
+ "id": "ALL-PROMPT-INJECTION-ACCESS-CONTROL",
35229
+ "framework": "ALL",
35230
+ "control_name": "Prompt Injection as Access Control Failure"
35231
+ },
35232
+ {
35233
+ "id": "CIS-Controls-v8-Control7",
35234
+ "framework": "CIS Controls v8",
35235
+ "control_name": "Continuous Vulnerability Management"
35236
+ },
35237
+ {
35238
+ "id": "CMMC-2.0-Level-2",
35239
+ "framework": "CMMC 2.0 (Cybersecurity Maturity Model Certification) Level 2",
35240
+ "control_name": "Level 2 — Advanced (110 NIST 800-171 Rev 2 controls)"
35241
+ },
35242
+ {
35243
+ "id": "FedRAMP-Rev5-Moderate",
35244
+ "framework": "FedRAMP Rev 5 Moderate",
35245
+ "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
35246
+ },
35247
+ {
35248
+ "id": "IEC-62443-3-3",
35249
+ "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
35250
+ "control_name": "System security requirements and security levels"
35251
+ },
35252
+ {
35253
+ "id": "ISO-27001-2022-A.8.28",
35254
+ "framework": "ISO/IEC 27001:2022",
35255
+ "control_name": "Secure coding"
35256
+ },
35257
+ {
35258
+ "id": "ISO-27001-2022-A.8.8",
35259
+ "framework": "ISO/IEC 27001:2022",
35260
+ "control_name": "Management of technical vulnerabilities"
35261
+ },
35262
+ {
35263
+ "id": "ISO-IEC-23894-2023-clause-7",
35264
+ "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
35265
+ "control_name": "AI risk management process"
35266
+ },
35267
+ {
35268
+ "id": "NERC-CIP-007-6-R4",
35269
+ "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
35270
+ "control_name": "Security event monitoring"
35271
+ },
35272
+ {
35273
+ "id": "NIS2-Art21-patch-management",
35274
+ "framework": "EU NIS2 Directive",
35275
+ "control_name": "Vulnerability handling and disclosure"
35276
+ },
35277
+ {
35278
+ "id": "NIST-800-115",
35279
+ "framework": "NIST SP 800-115 (Technical Guide to Information Security Testing and Assessment)",
35280
+ "control_name": "Technical Guide to Information Security Testing and Assessment"
35281
+ },
35282
+ {
35283
+ "id": "NIST-800-218-SSDF",
35284
+ "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
35285
+ "control_name": "Secure Software Development Framework"
35286
+ },
35287
+ {
35288
+ "id": "NIST-800-53-AC-2",
35289
+ "framework": "NIST SP 800-53 Rev 5",
35290
+ "control_name": "Account Management"
35291
+ },
35292
+ {
35293
+ "id": "NIST-800-53-SC-8",
35294
+ "framework": "NIST SP 800-53 Rev 5",
35295
+ "control_name": "Transmission Confidentiality and Integrity"
35296
+ },
35297
+ {
35298
+ "id": "NIST-800-53-SI-2",
35299
+ "framework": "NIST SP 800-53 Rev 5",
35300
+ "control_name": "Flaw Remediation"
35301
+ },
35302
+ {
35303
+ "id": "NIST-800-53-SI-3",
35304
+ "framework": "NIST SP 800-53 Rev 5",
35305
+ "control_name": "Malicious Code Protection"
35306
+ },
35307
+ {
35308
+ "id": "NIST-800-82r3",
35309
+ "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
35310
+ "control_name": "Guide to Operational Technology (OT) Security"
35311
+ },
35312
+ {
35313
+ "id": "OWASP-LLM-Top-10-2025-LLM01",
35314
+ "framework": "OWASP Top 10 for LLM Applications 2025",
35315
+ "control_name": "Prompt Injection"
35316
+ },
35317
+ {
35318
+ "id": "OWASP-LLM-Top-10-2025-LLM02",
35319
+ "framework": "OWASP Top 10 for LLM Applications 2025",
35320
+ "control_name": "Sensitive Information Disclosure"
35321
+ },
35322
+ {
35323
+ "id": "OWASP-Pen-Testing-Guide-v5",
35324
+ "framework": "OWASP Web Security Testing Guide v5 (WSTG)",
35325
+ "control_name": "Web application penetration testing methodology"
35326
+ },
35327
+ {
35328
+ "id": "PCI-DSS-4.0-6.3.3",
35329
+ "framework": "PCI DSS 4.0",
35330
+ "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
35331
+ },
35332
+ {
35333
+ "id": "PTES-Pre-engagement",
35334
+ "framework": "Penetration Testing Execution Standard (PTES)",
35335
+ "control_name": "Pre-engagement Interactions"
35336
+ },
35337
+ {
35338
+ "id": "SOC2-CC6-logical-access",
35339
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
35340
+ "control_name": "Logical and Physical Access Controls"
35341
+ },
35342
+ {
35343
+ "id": "SOC2-CC9-vendor-management",
35344
+ "framework": "SOC 2 (AICPA Trust Services Criteria)",
35345
+ "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
35346
+ }
35347
+ ],
35348
+ "attack_refs": [
35349
+ "T0855",
35350
+ "T0883",
35351
+ "T1059",
35352
+ "T1068",
35353
+ "T1078",
35354
+ "T1133",
35355
+ "T1190",
35356
+ "T1548.001",
35357
+ "T1566"
35358
+ ],
35359
+ "rfc_refs": [
35360
+ "RFC-4301",
35361
+ "RFC-4303",
35362
+ "RFC-7296"
35363
+ ]
35364
+ }
35365
+ },
34642
35366
  "CVE-2026-41091": {
34643
35367
  "name": "Microsoft Defender (Malware Protection Engine) Link-Following LPE to SYSTEM",
34644
35368
  "rwep": 45,
@@ -61036,7 +61760,9 @@
61036
61760
  "CVE-2024-39722",
61037
61761
  "CVE-2024-42478",
61038
61762
  "CVE-2024-42479",
61763
+ "CVE-2024-4889",
61039
61764
  "CVE-2024-50050",
61765
+ "CVE-2024-6587",
61040
61766
  "CVE-2025-0133",
61041
61767
  "CVE-2025-10585",
61042
61768
  "CVE-2025-1094",
@@ -61431,7 +62157,9 @@
61431
62157
  "CVE-2024-39722",
61432
62158
  "CVE-2024-42478",
61433
62159
  "CVE-2024-42479",
62160
+ "CVE-2024-4889",
61434
62161
  "CVE-2024-50050",
62162
+ "CVE-2024-6587",
61435
62163
  "CVE-2025-0133",
61436
62164
  "CVE-2025-10585",
61437
62165
  "CVE-2025-1094",
@@ -61619,7 +62347,9 @@
61619
62347
  "CVE-2024-39722",
61620
62348
  "CVE-2024-42478",
61621
62349
  "CVE-2024-42479",
62350
+ "CVE-2024-4889",
61622
62351
  "CVE-2024-50050",
62352
+ "CVE-2024-6587",
61623
62353
  "CVE-2025-0133",
61624
62354
  "CVE-2025-10585",
61625
62355
  "CVE-2025-1094",
@@ -61821,7 +62551,9 @@
61821
62551
  "CVE-2024-39722",
61822
62552
  "CVE-2024-42478",
61823
62553
  "CVE-2024-42479",
62554
+ "CVE-2024-4889",
61824
62555
  "CVE-2024-50050",
62556
+ "CVE-2024-6587",
61825
62557
  "CVE-2025-0133",
61826
62558
  "CVE-2025-10585",
61827
62559
  "CVE-2025-1094",
@@ -62129,7 +62861,9 @@
62129
62861
  "CVE-2024-39722",
62130
62862
  "CVE-2024-42478",
62131
62863
  "CVE-2024-42479",
62864
+ "CVE-2024-4889",
62132
62865
  "CVE-2024-50050",
62866
+ "CVE-2024-6587",
62133
62867
  "CVE-2025-0133",
62134
62868
  "CVE-2025-1094",
62135
62869
  "CVE-2025-11837",
@@ -62399,11 +63133,13 @@
62399
63133
  "CVE-2024-42478",
62400
63134
  "CVE-2024-42479",
62401
63135
  "CVE-2024-43468",
63136
+ "CVE-2024-4889",
62402
63137
  "CVE-2024-50050",
62403
63138
  "CVE-2024-54085",
62404
63139
  "CVE-2024-56145",
62405
63140
  "CVE-2024-57726",
62406
63141
  "CVE-2024-57728",
63142
+ "CVE-2024-6587",
62407
63143
  "CVE-2024-7399",
62408
63144
  "CVE-2024-7694",
62409
63145
  "CVE-2024-8068",
@@ -63241,7 +63977,9 @@
63241
63977
  "CVE-2024-39722",
63242
63978
  "CVE-2024-42478",
63243
63979
  "CVE-2024-42479",
63980
+ "CVE-2024-4889",
63244
63981
  "CVE-2024-50050",
63982
+ "CVE-2024-6587",
63245
63983
  "CVE-2025-0133",
63246
63984
  "CVE-2025-10585",
63247
63985
  "CVE-2025-1094",
@@ -63868,7 +64606,9 @@
63868
64606
  "CVE-2024-39722",
63869
64607
  "CVE-2024-42478",
63870
64608
  "CVE-2024-42479",
64609
+ "CVE-2024-4889",
63871
64610
  "CVE-2024-50050",
64611
+ "CVE-2024-6587",
63872
64612
  "CVE-2025-0133",
63873
64613
  "CVE-2025-10585",
63874
64614
  "CVE-2025-1094",
@@ -64132,7 +64872,9 @@
64132
64872
  "CVE-2024-39722",
64133
64873
  "CVE-2024-42478",
64134
64874
  "CVE-2024-42479",
64875
+ "CVE-2024-4889",
64135
64876
  "CVE-2024-50050",
64877
+ "CVE-2024-6587",
64136
64878
  "CVE-2025-10585",
64137
64879
  "CVE-2025-1094",
64138
64880
  "CVE-2025-14174",
@@ -64824,7 +65566,9 @@
64824
65566
  "CVE-2024-39722",
64825
65567
  "CVE-2024-42478",
64826
65568
  "CVE-2024-42479",
65569
+ "CVE-2024-4889",
64827
65570
  "CVE-2024-50050",
65571
+ "CVE-2024-6587",
64828
65572
  "CVE-2025-0133",
64829
65573
  "CVE-2025-10585",
64830
65574
  "CVE-2025-1094",
@@ -65101,11 +65845,13 @@
65101
65845
  "CVE-2024-42478",
65102
65846
  "CVE-2024-42479",
65103
65847
  "CVE-2024-43468",
65848
+ "CVE-2024-4889",
65104
65849
  "CVE-2024-50050",
65105
65850
  "CVE-2024-54085",
65106
65851
  "CVE-2024-56145",
65107
65852
  "CVE-2024-57726",
65108
65853
  "CVE-2024-57728",
65854
+ "CVE-2024-6587",
65109
65855
  "CVE-2024-7399",
65110
65856
  "CVE-2024-7694",
65111
65857
  "CVE-2024-8068",
@@ -65549,11 +66295,13 @@
65549
66295
  "CVE-2024-42478",
65550
66296
  "CVE-2024-42479",
65551
66297
  "CVE-2024-43468",
66298
+ "CVE-2024-4889",
65552
66299
  "CVE-2024-50050",
65553
66300
  "CVE-2024-54085",
65554
66301
  "CVE-2024-56145",
65555
66302
  "CVE-2024-57726",
65556
66303
  "CVE-2024-57728",
66304
+ "CVE-2024-6587",
65557
66305
  "CVE-2024-7399",
65558
66306
  "CVE-2024-7694",
65559
66307
  "CVE-2024-8068",
@@ -66020,7 +66768,9 @@
66020
66768
  "CVE-2024-39722",
66021
66769
  "CVE-2024-42478",
66022
66770
  "CVE-2024-42479",
66771
+ "CVE-2024-4889",
66023
66772
  "CVE-2024-50050",
66773
+ "CVE-2024-6587",
66024
66774
  "CVE-2025-0133",
66025
66775
  "CVE-2025-10585",
66026
66776
  "CVE-2025-1094",
@@ -66849,11 +67599,13 @@
66849
67599
  "CVE-2024-42478",
66850
67600
  "CVE-2024-42479",
66851
67601
  "CVE-2024-43468",
67602
+ "CVE-2024-4889",
66852
67603
  "CVE-2024-50050",
66853
67604
  "CVE-2024-54085",
66854
67605
  "CVE-2024-56145",
66855
67606
  "CVE-2024-57726",
66856
67607
  "CVE-2024-57728",
67608
+ "CVE-2024-6587",
66857
67609
  "CVE-2024-7399",
66858
67610
  "CVE-2024-7694",
66859
67611
  "CVE-2024-8068",
@@ -67384,7 +68136,9 @@
67384
68136
  "CVE-2024-39722",
67385
68137
  "CVE-2024-42478",
67386
68138
  "CVE-2024-42479",
68139
+ "CVE-2024-4889",
67387
68140
  "CVE-2024-50050",
68141
+ "CVE-2024-6587",
67388
68142
  "CVE-2025-0133",
67389
68143
  "CVE-2025-10585",
67390
68144
  "CVE-2025-1094",
@@ -67741,11 +68495,13 @@
67741
68495
  "CVE-2024-42478",
67742
68496
  "CVE-2024-42479",
67743
68497
  "CVE-2024-43468",
68498
+ "CVE-2024-4889",
67744
68499
  "CVE-2024-50050",
67745
68500
  "CVE-2024-54085",
67746
68501
  "CVE-2024-56145",
67747
68502
  "CVE-2024-57726",
67748
68503
  "CVE-2024-57728",
68504
+ "CVE-2024-6587",
67749
68505
  "CVE-2024-7399",
67750
68506
  "CVE-2024-7694",
67751
68507
  "CVE-2024-8068",
@@ -68293,7 +69049,9 @@
68293
69049
  "CVE-2024-39722",
68294
69050
  "CVE-2024-42478",
68295
69051
  "CVE-2024-42479",
69052
+ "CVE-2024-4889",
68296
69053
  "CVE-2024-50050",
69054
+ "CVE-2024-6587",
68297
69055
  "CVE-2025-10585",
68298
69056
  "CVE-2025-1094",
68299
69057
  "CVE-2025-14174",
@@ -69255,7 +70013,9 @@
69255
70013
  "CVE-2024-39722",
69256
70014
  "CVE-2024-42478",
69257
70015
  "CVE-2024-42479",
70016
+ "CVE-2024-4889",
69258
70017
  "CVE-2024-50050",
70018
+ "CVE-2024-6587",
69259
70019
  "CVE-2025-0133",
69260
70020
  "CVE-2025-10585",
69261
70021
  "CVE-2025-1094",
@@ -69379,7 +70139,9 @@
69379
70139
  "CVE-2024-39722",
69380
70140
  "CVE-2024-42478",
69381
70141
  "CVE-2024-42479",
70142
+ "CVE-2024-4889",
69382
70143
  "CVE-2024-50050",
70144
+ "CVE-2024-6587",
69383
70145
  "CVE-2025-10585",
69384
70146
  "CVE-2025-1094",
69385
70147
  "CVE-2025-14174",
@@ -69575,7 +70337,9 @@
69575
70337
  "CVE-2024-39722",
69576
70338
  "CVE-2024-42478",
69577
70339
  "CVE-2024-42479",
70340
+ "CVE-2024-4889",
69578
70341
  "CVE-2024-50050",
70342
+ "CVE-2024-6587",
69579
70343
  "CVE-2025-0133",
69580
70344
  "CVE-2025-1094",
69581
70345
  "CVE-2025-11837",
@@ -70031,11 +70795,13 @@
70031
70795
  "CVE-2024-42478",
70032
70796
  "CVE-2024-42479",
70033
70797
  "CVE-2024-43468",
70798
+ "CVE-2024-4889",
70034
70799
  "CVE-2024-50050",
70035
70800
  "CVE-2024-54085",
70036
70801
  "CVE-2024-56145",
70037
70802
  "CVE-2024-57726",
70038
70803
  "CVE-2024-57728",
70804
+ "CVE-2024-6587",
70039
70805
  "CVE-2024-7399",
70040
70806
  "CVE-2024-7694",
70041
70807
  "CVE-2024-8068",
@@ -70491,7 +71257,9 @@
70491
71257
  "CVE-2024-39722",
70492
71258
  "CVE-2024-42478",
70493
71259
  "CVE-2024-42479",
71260
+ "CVE-2024-4889",
70494
71261
  "CVE-2024-50050",
71262
+ "CVE-2024-6587",
70495
71263
  "CVE-2025-0133",
70496
71264
  "CVE-2025-10585",
70497
71265
  "CVE-2025-1094",
@@ -70810,7 +71578,9 @@
70810
71578
  "CVE-2024-40635",
70811
71579
  "CVE-2024-42478",
70812
71580
  "CVE-2024-42479",
71581
+ "CVE-2024-4889",
70813
71582
  "CVE-2024-50050",
71583
+ "CVE-2024-6587",
70814
71584
  "CVE-2025-0133",
70815
71585
  "CVE-2025-1094",
70816
71586
  "CVE-2025-11837",