@blamejs/exceptd-skills 0.15.1 → 0.15.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +8 -0
- package/data/_indexes/_meta.json +5 -5
- package/data/attack-techniques.json +5 -0
- package/data/cve-catalog.json +612 -96
- package/data/zeroday-lessons.json +328 -104
- package/manifest.json +44 -44
- package/package.json +1 -1
- package/sbom.cdx.json +18 -18
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,13 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## 0.15.3 — 2026-05-29
|
|
4
|
+
|
|
5
|
+
Draft-curation pass (1 of an ongoing series). Eight CISA KEV-listed CVE entries that were carried as auto-imported drafts are promoted to fully-curated entries with behavioral IOCs, ATT&CK enrichment, and matching zero-day lessons: Apache ActiveMQ (CVE-2026-34197), Microsoft SharePoint deserialization (CVE-2026-20963), BeyondTrust RS/PRA command injection (CVE-2026-1731), Fortinet FortiClient EMS SQL injection (CVE-2026-21643), Ivanti EPMM code injection (CVE-2026-1340), Cisco Secure Firewall Management Center deserialization (CVE-2026-20131), Broadcom VMware Aria Operations command injection (CVE-2026-22719), and Soliton FileZen command injection (CVE-2026-25108). The CVSS, KEV status, and vendor advisories were retained from the verified import; curation adds detection and response guidance.
|
|
6
|
+
|
|
7
|
+
## 0.15.2 — 2026-05-29
|
|
8
|
+
|
|
9
|
+
Every curated catalog entry now carries detection IOCs. The 51 operator-curated CVE/MAL entries that previously lacked an `iocs` block — spanning the actively-exploited perimeter and supply-chain entries (runc, xz-utils, SolarWinds, Citrix, ConnectWise, Cisco SD-WAN, FortiOS), the AI-ecosystem cluster (MLflow, vLLM, Ollama, LangChain, the MCP SDK, Big Sleep AI-discovered bugs), the malicious-package supply-chain worms (Shai-Hulud, ultralytics, the RubyGems/PyPI stealers), and the Pwn2Own appliance chains — now ship behavioral detection indicators derived from each entry's documented vulnerability mechanics, with the indicator provenance recorded per entry. Detection coverage for the curated catalog is now complete.
|
|
10
|
+
|
|
3
11
|
## 0.15.1 — 2026-05-29
|
|
4
12
|
|
|
5
13
|
Skill content and catalog hygiene.
|
package/data/_indexes/_meta.json
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
{
|
|
2
2
|
"schema_version": "1.1.0",
|
|
3
|
-
"generated_at": "2026-05-
|
|
3
|
+
"generated_at": "2026-05-29T15:42:14.664Z",
|
|
4
4
|
"generator": "scripts/build-indexes.js",
|
|
5
5
|
"source_count": 54,
|
|
6
6
|
"source_hashes": {
|
|
7
|
-
"manifest.json": "
|
|
7
|
+
"manifest.json": "e8e97bbe842dcab1f5fcde056ec1afc32a3c2ce6b9ddd7ee29a0fee8c606b9b1",
|
|
8
8
|
"data/atlas-ttps.json": "878b4a08bb73c8d20396d85cf433a88f2bc5e7a8cbf7f6ab773ce7ede0a11251",
|
|
9
|
-
"data/attack-techniques.json": "
|
|
10
|
-
"data/cve-catalog.json": "
|
|
9
|
+
"data/attack-techniques.json": "a55232127999ce6aed914016e7a8eab5104cb1142fe2196c9e6d4daf975a41c0",
|
|
10
|
+
"data/cve-catalog.json": "3dcdbf16b8c33352526399070142a65a077d1d8d39ce8283bda1d7fb5aa39852",
|
|
11
11
|
"data/cwe-catalog.json": "0fd275c2a61754958d68cea03a92794a67cf1c1d4d609f81a5728334df013ee3",
|
|
12
12
|
"data/d3fend-catalog.json": "9a54bccb9f24f84b32024216cc3f53819a053721ac8ab43c326859e68fc0ffaf",
|
|
13
13
|
"data/dlp-controls.json": "d2406c482dddd30e49203879999dc4b3a7fd4d0494d6a61d86b91ee76415df19",
|
|
@@ -15,7 +15,7 @@
|
|
|
15
15
|
"data/framework-control-gaps.json": "29e7b6aa841ddf2530ca5971bdb60d7a715684b2f6264141ad49f0de9a039d78",
|
|
16
16
|
"data/global-frameworks.json": "9ba563a85f7f8d6c3c957de64945e20925a89d0ed6ea6fc561cf093811acf558",
|
|
17
17
|
"data/rfc-references.json": "b21d03b948c41bc8a854e2f057948ecf844bd8c105848aeb141d1eadf8192c31",
|
|
18
|
-
"data/zeroday-lessons.json": "
|
|
18
|
+
"data/zeroday-lessons.json": "3ae4273d8d79b787bc5053da3de1aedab043ef97e1098e39be19975114f12ff9",
|
|
19
19
|
"skills/kernel-lpe-triage/skill.md": "0f79c641cef6e5f4a942eb94f43c460562bf83dfb67ae112d146c39c6b320fb0",
|
|
20
20
|
"skills/ai-attack-surface/skill.md": "2880499993e0e69e3897a9d02b5e83aa0462c86a4dd2c1988b9968e375704a1f",
|
|
21
21
|
"skills/mcp-agent-trust/skill.md": "0752834acde0303d6d1e36be4b320eac3d34fde715bb8d71f3ad9e801d701482",
|
|
@@ -322,13 +322,17 @@
|
|
|
322
322
|
"CVE-2025-68668",
|
|
323
323
|
"CVE-2025-8747",
|
|
324
324
|
"CVE-2026-0766",
|
|
325
|
+
"CVE-2026-1340",
|
|
326
|
+
"CVE-2026-1731",
|
|
325
327
|
"CVE-2026-21858",
|
|
326
328
|
"CVE-2026-21877",
|
|
327
329
|
"CVE-2026-22252",
|
|
328
330
|
"CVE-2026-22688",
|
|
331
|
+
"CVE-2026-22719",
|
|
329
332
|
"CVE-2026-22778",
|
|
330
333
|
"CVE-2026-24213",
|
|
331
334
|
"CVE-2026-24214",
|
|
335
|
+
"CVE-2026-25108",
|
|
332
336
|
"CVE-2026-25592",
|
|
333
337
|
"CVE-2026-26015",
|
|
334
338
|
"CVE-2026-26190",
|
|
@@ -345,6 +349,7 @@
|
|
|
345
349
|
"CVE-2026-32202",
|
|
346
350
|
"CVE-2026-33017",
|
|
347
351
|
"CVE-2026-34159",
|
|
352
|
+
"CVE-2026-34197",
|
|
348
353
|
"CVE-2026-39884",
|
|
349
354
|
"CVE-2026-39987",
|
|
350
355
|
"CVE-2026-40933",
|