@blamejs/exceptd-skills 0.16.10 → 0.16.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (28) hide show
  1. package/AGENTS.md +2 -1
  2. package/CHANGELOG.md +4 -0
  3. package/README.md +5 -5
  4. package/bin/exceptd.js +2 -0
  5. package/data/_indexes/_meta.json +17 -16
  6. package/data/_indexes/activity-feed.json +9 -2
  7. package/data/_indexes/chains.json +1186 -56
  8. package/data/_indexes/currency.json +10 -1
  9. package/data/_indexes/frequency.json +89 -51
  10. package/data/_indexes/handoff-dag.json +5 -1
  11. package/data/_indexes/jurisdiction-map.json +4 -2
  12. package/data/_indexes/section-offsets.json +85 -0
  13. package/data/_indexes/stale-content.json +10 -3
  14. package/data/_indexes/summary-cards.json +40 -0
  15. package/data/_indexes/token-budget.json +53 -3
  16. package/data/_indexes/trigger-table.json +54 -0
  17. package/data/_indexes/xref.json +29 -6
  18. package/data/cwe-catalog.json +12 -3
  19. package/data/playbooks/cred-stores.json +24 -7
  20. package/data/playbooks/framework.json +17 -5
  21. package/data/playbooks/identity-sso-compromise.json +21 -4
  22. package/data/playbooks/vc-wallet-trust.json +725 -0
  23. package/manifest-snapshot.json +57 -2
  24. package/manifest-snapshot.sha256 +1 -1
  25. package/manifest.json +103 -44
  26. package/package.json +2 -2
  27. package/sbom.cdx.json +62 -32
  28. package/skills/vc-wallet-trust/skill.md +84 -0
package/data/_indexes/chains.json CHANGED
@@ -8748,7 +8748,8 @@
8748
8748
  "api-security",
8749
8749
  "container-runtime-security",
8750
8750
  "mlops-security",
8751
- "idp-incident-response"
8751
+ "idp-incident-response",
8752
+ "vc-wallet-trust"
8752
8753
  ],
8753
8754
  "chain": {
8754
8755
  "cwes": [
@@ -8807,11 +8808,21 @@
8807
8808
  "name": "Improper Authentication",
8808
8809
  "category": "Authentication"
8809
8810
  },
8811
+ {
8812
+ "id": "CWE-290",
8813
+ "name": "Authentication Bypass by Spoofing",
8814
+ "category": "Authentication"
8815
+ },
8810
8816
  {
8811
8817
  "id": "CWE-345",
8812
8818
  "name": "Insufficient Verification of Data Authenticity",
8813
8819
  "category": "Authenticity / Supply Chain"
8814
8820
  },
8821
+ {
8822
+ "id": "CWE-347",
8823
+ "name": "Improper Verification of Cryptographic Signature",
8824
+ "category": "Cryptography"
8825
+ },
8815
8826
  {
8816
8827
  "id": "CWE-352",
8817
8828
  "name": "Cross-Site Request Forgery (CSRF)",
@@ -8847,6 +8858,11 @@
8847
8858
  "name": "Insufficiently Protected Credentials",
8848
8859
  "category": "Credentials Management"
8849
8860
  },
8861
+ {
8862
+ "id": "CWE-672",
8863
+ "name": "Operation on a Resource after Expiration or Release",
8864
+ "category": "Memory Safety"
8865
+ },
8850
8866
  {
8851
8867
  "id": "CWE-732",
8852
8868
  "name": "Incorrect Permission Assignment for Critical Resource",
@@ -9068,6 +9084,11 @@
9068
9084
  "framework": "NIST SP 800-53 Rev 5",
9069
9085
  "control_name": "Supply Chain Protection"
9070
9086
  },
9087
+ {
9088
+ "id": "NIST-800-63B-rev4",
9089
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
9090
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
9091
+ },
9071
9092
  {
9072
9093
  "id": "NIST-AI-RMF-MEASURE-2.5",
9073
9094
  "framework": "NIST AI RMF 1.0",
@@ -9118,6 +9139,11 @@
9118
9139
  "framework": "SWIFT Customer Security Controls Framework v2026",
9119
9140
  "control_name": "SWIFT Environment Protection"
9120
9141
  },
9142
+ {
9143
+ "id": "UK-CAF-B2",
9144
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
9145
+ "control_name": "Identity and access control"
9146
+ },
9121
9147
  {
9122
9148
  "id": "UK-CAF-B2-IdP-Tenant",
9123
9149
  "framework": "UK NCSC CAF",
@@ -9140,10 +9166,13 @@
9140
9166
  "T1195.002",
9141
9167
  "T1199",
9142
9168
  "T1505",
9169
+ "T1550",
9143
9170
  "T1554",
9171
+ "T1556",
9144
9172
  "T1556.007",
9145
9173
  "T1565",
9146
9174
  "T1567",
9175
+ "T1606",
9147
9176
  "T1606.002",
9148
9177
  "T1610",
9149
9178
  "T1611"
@@ -24078,7 +24107,8 @@
24078
24107
  "compliance-theater",
24079
24108
  "attack-surface-pentest",
24080
24109
  "ot-ics-security",
24081
- "sector-energy"
24110
+ "sector-energy",
24111
+ "vc-wallet-trust"
24082
24112
  ],
24083
24113
  "chain": {
24084
24114
  "cwes": [
@@ -24107,6 +24137,11 @@
24107
24137
  "name": "Improper Validation of Generative AI Output",
24108
24138
  "category": "AI/ML"
24109
24139
  },
24140
+ {
24141
+ "id": "CWE-200",
24142
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
24143
+ "category": "Information Exposure"
24144
+ },
24110
24145
  {
24111
24146
  "id": "CWE-22",
24112
24147
  "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
@@ -24122,11 +24157,21 @@
24122
24157
  "name": "Improper Authentication",
24123
24158
  "category": "Authentication"
24124
24159
  },
24160
+ {
24161
+ "id": "CWE-290",
24162
+ "name": "Authentication Bypass by Spoofing",
24163
+ "category": "Authentication"
24164
+ },
24125
24165
  {
24126
24166
  "id": "CWE-306",
24127
24167
  "name": "Missing Authentication for Critical Function",
24128
24168
  "category": "Authentication"
24129
24169
  },
24170
+ {
24171
+ "id": "CWE-347",
24172
+ "name": "Improper Verification of Cryptographic Signature",
24173
+ "category": "Cryptography"
24174
+ },
24130
24175
  {
24131
24176
  "id": "CWE-352",
24132
24177
  "name": "Cross-Site Request Forgery (CSRF)",
@@ -24177,6 +24222,11 @@
24177
24222
  "name": "Use of Hard-coded Credentials",
24178
24223
  "category": "Credentials"
24179
24224
  },
24225
+ {
24226
+ "id": "CWE-863",
24227
+ "name": "Incorrect Authorization",
24228
+ "category": "Authorization"
24229
+ },
24180
24230
  {
24181
24231
  "id": "CWE-89",
24182
24232
  "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
@@ -24308,6 +24358,11 @@
24308
24358
  "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
24309
24359
  "control_name": "System security requirements and security levels"
24310
24360
  },
24361
+ {
24362
+ "id": "ISO-27001-2022-A.5.16-Federated",
24363
+ "framework": "ISO/IEC 27001:2022",
24364
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
24365
+ },
24311
24366
  {
24312
24367
  "id": "ISO-27001-2022-A.8.28",
24313
24368
  "framework": "ISO/IEC 27001:2022",
@@ -24328,6 +24383,11 @@
24328
24383
  "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
24329
24384
  "control_name": "Security event monitoring"
24330
24385
  },
24386
+ {
24387
+ "id": "NIS2-Art-21-Federated-Identity",
24388
+ "framework": "EU NIS2 Directive",
24389
+ "control_name": "Cryptography + Access Control — federated-identity extension"
24390
+ },
24331
24391
  {
24332
24392
  "id": "NIS2-Art21-patch-management",
24333
24393
  "framework": "EU NIS2 Directive",
@@ -24343,6 +24403,11 @@
24343
24403
  "framework": "NIST SP 800-53 Rev 5",
24344
24404
  "control_name": "Account Management"
24345
24405
  },
24406
+ {
24407
+ "id": "NIST-800-53-IA-5-Federated",
24408
+ "framework": "NIST 800-53 Rev.5",
24409
+ "control_name": "Authenticator Management — federated-trust extension"
24410
+ },
24346
24411
  {
24347
24412
  "id": "NIST-800-53-SC-8",
24348
24413
  "framework": "NIST SP 800-53 Rev 5",
@@ -24358,6 +24423,11 @@
24358
24423
  "framework": "NIST SP 800-53 Rev 5",
24359
24424
  "control_name": "Malicious Code Protection"
24360
24425
  },
24426
+ {
24427
+ "id": "NIST-800-63B-rev4",
24428
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
24429
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
24430
+ },
24361
24431
  {
24362
24432
  "id": "NIST-800-82r3",
24363
24433
  "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
@@ -24392,6 +24462,11 @@
24392
24462
  "id": "SOC2-CC6-logical-access",
24393
24463
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
24394
24464
  "control_name": "Logical and Physical Access Controls"
24465
+ },
24466
+ {
24467
+ "id": "UK-CAF-B2",
24468
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
24469
+ "control_name": "Identity and access control"
24395
24470
  }
24396
24471
  ],
24397
24472
  "attack_refs": [
@@ -24403,7 +24478,10 @@
24403
24478
  "T1133",
24404
24479
  "T1190",
24405
24480
  "T1548.001",
24406
- "T1566"
24481
+ "T1550",
24482
+ "T1556",
24483
+ "T1566",
24484
+ "T1606"
24407
24485
  ],
24408
24486
  "rfc_refs": [
24409
24487
  "RFC-4301",
@@ -24424,7 +24502,8 @@
24424
24502
  "compliance-theater",
24425
24503
  "attack-surface-pentest",
24426
24504
  "ot-ics-security",
24427
- "sector-energy"
24505
+ "sector-energy",
24506
+ "vc-wallet-trust"
24428
24507
  ],
24429
24508
  "chain": {
24430
24509
  "cwes": [
@@ -24453,6 +24532,11 @@
24453
24532
  "name": "Improper Validation of Generative AI Output",
24454
24533
  "category": "AI/ML"
24455
24534
  },
24535
+ {
24536
+ "id": "CWE-200",
24537
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
24538
+ "category": "Information Exposure"
24539
+ },
24456
24540
  {
24457
24541
  "id": "CWE-22",
24458
24542
  "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
@@ -24468,11 +24552,21 @@
24468
24552
  "name": "Improper Authentication",
24469
24553
  "category": "Authentication"
24470
24554
  },
24555
+ {
24556
+ "id": "CWE-290",
24557
+ "name": "Authentication Bypass by Spoofing",
24558
+ "category": "Authentication"
24559
+ },
24471
24560
  {
24472
24561
  "id": "CWE-306",
24473
24562
  "name": "Missing Authentication for Critical Function",
24474
24563
  "category": "Authentication"
24475
24564
  },
24565
+ {
24566
+ "id": "CWE-347",
24567
+ "name": "Improper Verification of Cryptographic Signature",
24568
+ "category": "Cryptography"
24569
+ },
24476
24570
  {
24477
24571
  "id": "CWE-352",
24478
24572
  "name": "Cross-Site Request Forgery (CSRF)",
@@ -24523,6 +24617,11 @@
24523
24617
  "name": "Use of Hard-coded Credentials",
24524
24618
  "category": "Credentials"
24525
24619
  },
24620
+ {
24621
+ "id": "CWE-863",
24622
+ "name": "Incorrect Authorization",
24623
+ "category": "Authorization"
24624
+ },
24526
24625
  {
24527
24626
  "id": "CWE-89",
24528
24627
  "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
@@ -24654,6 +24753,11 @@
24654
24753
  "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
24655
24754
  "control_name": "System security requirements and security levels"
24656
24755
  },
24756
+ {
24757
+ "id": "ISO-27001-2022-A.5.16-Federated",
24758
+ "framework": "ISO/IEC 27001:2022",
24759
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
24760
+ },
24657
24761
  {
24658
24762
  "id": "ISO-27001-2022-A.8.28",
24659
24763
  "framework": "ISO/IEC 27001:2022",
@@ -24674,6 +24778,11 @@
24674
24778
  "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
24675
24779
  "control_name": "Security event monitoring"
24676
24780
  },
24781
+ {
24782
+ "id": "NIS2-Art-21-Federated-Identity",
24783
+ "framework": "EU NIS2 Directive",
24784
+ "control_name": "Cryptography + Access Control — federated-identity extension"
24785
+ },
24677
24786
  {
24678
24787
  "id": "NIS2-Art21-patch-management",
24679
24788
  "framework": "EU NIS2 Directive",
@@ -24689,6 +24798,11 @@
24689
24798
  "framework": "NIST SP 800-53 Rev 5",
24690
24799
  "control_name": "Account Management"
24691
24800
  },
24801
+ {
24802
+ "id": "NIST-800-53-IA-5-Federated",
24803
+ "framework": "NIST 800-53 Rev.5",
24804
+ "control_name": "Authenticator Management — federated-trust extension"
24805
+ },
24692
24806
  {
24693
24807
  "id": "NIST-800-53-SC-8",
24694
24808
  "framework": "NIST SP 800-53 Rev 5",
@@ -24704,6 +24818,11 @@
24704
24818
  "framework": "NIST SP 800-53 Rev 5",
24705
24819
  "control_name": "Malicious Code Protection"
24706
24820
  },
24821
+ {
24822
+ "id": "NIST-800-63B-rev4",
24823
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
24824
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
24825
+ },
24707
24826
  {
24708
24827
  "id": "NIST-800-82r3",
24709
24828
  "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
@@ -24738,6 +24857,11 @@
24738
24857
  "id": "SOC2-CC6-logical-access",
24739
24858
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
24740
24859
  "control_name": "Logical and Physical Access Controls"
24860
+ },
24861
+ {
24862
+ "id": "UK-CAF-B2",
24863
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
24864
+ "control_name": "Identity and access control"
24741
24865
  }
24742
24866
  ],
24743
24867
  "attack_refs": [
@@ -24749,7 +24873,10 @@
24749
24873
  "T1133",
24750
24874
  "T1190",
24751
24875
  "T1548.001",
24752
- "T1566"
24876
+ "T1550",
24877
+ "T1556",
24878
+ "T1566",
24879
+ "T1606"
24753
24880
  ],
24754
24881
  "rfc_refs": [
24755
24882
  "RFC-4301",
@@ -24772,7 +24899,8 @@
24772
24899
  "attack-surface-pentest",
24773
24900
  "dlp-gap-analysis",
24774
24901
  "ot-ics-security",
24775
- "sector-energy"
24902
+ "sector-energy",
24903
+ "vc-wallet-trust"
24776
24904
  ],
24777
24905
  "chain": {
24778
24906
  "cwes": [
@@ -24821,11 +24949,21 @@
24821
24949
  "name": "Improper Authentication",
24822
24950
  "category": "Authentication"
24823
24951
  },
24952
+ {
24953
+ "id": "CWE-290",
24954
+ "name": "Authentication Bypass by Spoofing",
24955
+ "category": "Authentication"
24956
+ },
24824
24957
  {
24825
24958
  "id": "CWE-306",
24826
24959
  "name": "Missing Authentication for Critical Function",
24827
24960
  "category": "Authentication"
24828
24961
  },
24962
+ {
24963
+ "id": "CWE-347",
24964
+ "name": "Improper Verification of Cryptographic Signature",
24965
+ "category": "Cryptography"
24966
+ },
24829
24967
  {
24830
24968
  "id": "CWE-352",
24831
24969
  "name": "Cross-Site Request Forgery (CSRF)",
@@ -24876,6 +25014,11 @@
24876
25014
  "name": "Use of Hard-coded Credentials",
24877
25015
  "category": "Credentials"
24878
25016
  },
25017
+ {
25018
+ "id": "CWE-863",
25019
+ "name": "Incorrect Authorization",
25020
+ "category": "Authorization"
25021
+ },
24879
25022
  {
24880
25023
  "id": "CWE-89",
24881
25024
  "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
@@ -25032,6 +25175,11 @@
25032
25175
  "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
25033
25176
  "control_name": "System security requirements and security levels"
25034
25177
  },
25178
+ {
25179
+ "id": "ISO-27001-2022-A.5.16-Federated",
25180
+ "framework": "ISO/IEC 27001:2022",
25181
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
25182
+ },
25035
25183
  {
25036
25184
  "id": "ISO-27001-2022-A.8.16",
25037
25185
  "framework": "ISO/IEC 27001:2022",
@@ -25062,6 +25210,11 @@
25062
25210
  "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
25063
25211
  "control_name": "Security event monitoring"
25064
25212
  },
25213
+ {
25214
+ "id": "NIS2-Art-21-Federated-Identity",
25215
+ "framework": "EU NIS2 Directive",
25216
+ "control_name": "Cryptography + Access Control — federated-identity extension"
25217
+ },
25065
25218
  {
25066
25219
  "id": "NIS2-Art21-patch-management",
25067
25220
  "framework": "EU NIS2 Directive",
@@ -25077,6 +25230,11 @@
25077
25230
  "framework": "NIST SP 800-53 Rev 5",
25078
25231
  "control_name": "Account Management"
25079
25232
  },
25233
+ {
25234
+ "id": "NIST-800-53-IA-5-Federated",
25235
+ "framework": "NIST 800-53 Rev.5",
25236
+ "control_name": "Authenticator Management — federated-trust extension"
25237
+ },
25080
25238
  {
25081
25239
  "id": "NIST-800-53-SC-28",
25082
25240
  "framework": "NIST SP 800-53 Rev 5",
@@ -25102,6 +25260,11 @@
25102
25260
  "framework": "NIST SP 800-53 Rev 5",
25103
25261
  "control_name": "Malicious Code Protection"
25104
25262
  },
25263
+ {
25264
+ "id": "NIST-800-63B-rev4",
25265
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
25266
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
25267
+ },
25105
25268
  {
25106
25269
  "id": "NIST-800-82r3",
25107
25270
  "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
@@ -25141,6 +25304,11 @@
25141
25304
  "id": "SOC2-CC7-anomaly-detection",
25142
25305
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
25143
25306
  "control_name": "System Operations — Threat and Vulnerability Management"
25307
+ },
25308
+ {
25309
+ "id": "UK-CAF-B2",
25310
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
25311
+ "control_name": "Identity and access control"
25144
25312
  }
25145
25313
  ],
25146
25314
  "attack_refs": [
@@ -25157,9 +25325,12 @@
25157
25325
  "T1213",
25158
25326
  "T1530",
25159
25327
  "T1548.001",
25328
+ "T1550",
25329
+ "T1556",
25160
25330
  "T1566",
25161
25331
  "T1567",
25162
- "T1568"
25332
+ "T1568",
25333
+ "T1606"
25163
25334
  ],
25164
25335
  "rfc_refs": [
25165
25336
  "RFC-4301",
@@ -28763,7 +28934,8 @@
28763
28934
  "attack-surface-pentest",
28764
28935
  "ot-ics-security",
28765
28936
  "coordinated-vuln-disclosure",
28766
- "sector-energy"
28937
+ "sector-energy",
28938
+ "vc-wallet-trust"
28767
28939
  ],
28768
28940
  "chain": {
28769
28941
  "cwes": [
@@ -28797,6 +28969,11 @@
28797
28969
  "name": "Improper Validation of Generative AI Output",
28798
28970
  "category": "AI/ML"
28799
28971
  },
28972
+ {
28973
+ "id": "CWE-200",
28974
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
28975
+ "category": "Information Exposure"
28976
+ },
28800
28977
  {
28801
28978
  "id": "CWE-22",
28802
28979
  "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
@@ -28812,11 +28989,21 @@
28812
28989
  "name": "Improper Authentication",
28813
28990
  "category": "Authentication"
28814
28991
  },
28992
+ {
28993
+ "id": "CWE-290",
28994
+ "name": "Authentication Bypass by Spoofing",
28995
+ "category": "Authentication"
28996
+ },
28815
28997
  {
28816
28998
  "id": "CWE-306",
28817
28999
  "name": "Missing Authentication for Critical Function",
28818
29000
  "category": "Authentication"
28819
29001
  },
29002
+ {
29003
+ "id": "CWE-347",
29004
+ "name": "Improper Verification of Cryptographic Signature",
29005
+ "category": "Cryptography"
29006
+ },
28820
29007
  {
28821
29008
  "id": "CWE-352",
28822
29009
  "name": "Cross-Site Request Forgery (CSRF)",
@@ -28867,6 +29054,11 @@
28867
29054
  "name": "Use of Hard-coded Credentials",
28868
29055
  "category": "Credentials"
28869
29056
  },
29057
+ {
29058
+ "id": "CWE-863",
29059
+ "name": "Incorrect Authorization",
29060
+ "category": "Authorization"
29061
+ },
28870
29062
  {
28871
29063
  "id": "CWE-89",
28872
29064
  "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
@@ -28998,6 +29190,11 @@
28998
29190
  "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
28999
29191
  "control_name": "System security requirements and security levels"
29000
29192
  },
29193
+ {
29194
+ "id": "ISO-27001-2022-A.5.16-Federated",
29195
+ "framework": "ISO/IEC 27001:2022",
29196
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
29197
+ },
29001
29198
  {
29002
29199
  "id": "ISO-27001-2022-A.8.28",
29003
29200
  "framework": "ISO/IEC 27001:2022",
@@ -29018,6 +29215,11 @@
29018
29215
  "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
29019
29216
  "control_name": "Security event monitoring"
29020
29217
  },
29218
+ {
29219
+ "id": "NIS2-Art-21-Federated-Identity",
29220
+ "framework": "EU NIS2 Directive",
29221
+ "control_name": "Cryptography + Access Control — federated-identity extension"
29222
+ },
29021
29223
  {
29022
29224
  "id": "NIS2-Art21-patch-management",
29023
29225
  "framework": "EU NIS2 Directive",
@@ -29038,6 +29240,11 @@
29038
29240
  "framework": "NIST SP 800-53 Rev 5",
29039
29241
  "control_name": "Account Management"
29040
29242
  },
29243
+ {
29244
+ "id": "NIST-800-53-IA-5-Federated",
29245
+ "framework": "NIST 800-53 Rev.5",
29246
+ "control_name": "Authenticator Management — federated-trust extension"
29247
+ },
29041
29248
  {
29042
29249
  "id": "NIST-800-53-SC-8",
29043
29250
  "framework": "NIST SP 800-53 Rev 5",
@@ -29053,6 +29260,11 @@
29053
29260
  "framework": "NIST SP 800-53 Rev 5",
29054
29261
  "control_name": "Malicious Code Protection"
29055
29262
  },
29263
+ {
29264
+ "id": "NIST-800-63B-rev4",
29265
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
29266
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
29267
+ },
29056
29268
  {
29057
29269
  "id": "NIST-800-82r3",
29058
29270
  "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
@@ -29092,6 +29304,11 @@
29092
29304
  "id": "SOC2-CC9-vendor-management",
29093
29305
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
29094
29306
  "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
29307
+ },
29308
+ {
29309
+ "id": "UK-CAF-B2",
29310
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
29311
+ "control_name": "Identity and access control"
29095
29312
  }
29096
29313
  ],
29097
29314
  "attack_refs": [
@@ -29103,7 +29320,10 @@
29103
29320
  "T1133",
29104
29321
  "T1190",
29105
29322
  "T1548.001",
29106
- "T1566"
29323
+ "T1550",
29324
+ "T1556",
29325
+ "T1566",
29326
+ "T1606"
29107
29327
  ],
29108
29328
  "rfc_refs": [
29109
29329
  "RFC-4301",
@@ -29125,7 +29345,8 @@
29125
29345
  "attack-surface-pentest",
29126
29346
  "ot-ics-security",
29127
29347
  "coordinated-vuln-disclosure",
29128
- "sector-energy"
29348
+ "sector-energy",
29349
+ "vc-wallet-trust"
29129
29350
  ],
29130
29351
  "chain": {
29131
29352
  "cwes": [
@@ -29159,6 +29380,11 @@
29159
29380
  "name": "Improper Validation of Generative AI Output",
29160
29381
  "category": "AI/ML"
29161
29382
  },
29383
+ {
29384
+ "id": "CWE-200",
29385
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
29386
+ "category": "Information Exposure"
29387
+ },
29162
29388
  {
29163
29389
  "id": "CWE-22",
29164
29390
  "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
@@ -29174,11 +29400,21 @@
29174
29400
  "name": "Improper Authentication",
29175
29401
  "category": "Authentication"
29176
29402
  },
29403
+ {
29404
+ "id": "CWE-290",
29405
+ "name": "Authentication Bypass by Spoofing",
29406
+ "category": "Authentication"
29407
+ },
29177
29408
  {
29178
29409
  "id": "CWE-306",
29179
29410
  "name": "Missing Authentication for Critical Function",
29180
29411
  "category": "Authentication"
29181
29412
  },
29413
+ {
29414
+ "id": "CWE-347",
29415
+ "name": "Improper Verification of Cryptographic Signature",
29416
+ "category": "Cryptography"
29417
+ },
29182
29418
  {
29183
29419
  "id": "CWE-352",
29184
29420
  "name": "Cross-Site Request Forgery (CSRF)",
@@ -29229,6 +29465,11 @@
29229
29465
  "name": "Use of Hard-coded Credentials",
29230
29466
  "category": "Credentials"
29231
29467
  },
29468
+ {
29469
+ "id": "CWE-863",
29470
+ "name": "Incorrect Authorization",
29471
+ "category": "Authorization"
29472
+ },
29232
29473
  {
29233
29474
  "id": "CWE-89",
29234
29475
  "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
@@ -29360,6 +29601,11 @@
29360
29601
  "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
29361
29602
  "control_name": "System security requirements and security levels"
29362
29603
  },
29604
+ {
29605
+ "id": "ISO-27001-2022-A.5.16-Federated",
29606
+ "framework": "ISO/IEC 27001:2022",
29607
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
29608
+ },
29363
29609
  {
29364
29610
  "id": "ISO-27001-2022-A.8.28",
29365
29611
  "framework": "ISO/IEC 27001:2022",
@@ -29380,6 +29626,11 @@
29380
29626
  "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
29381
29627
  "control_name": "Security event monitoring"
29382
29628
  },
29629
+ {
29630
+ "id": "NIS2-Art-21-Federated-Identity",
29631
+ "framework": "EU NIS2 Directive",
29632
+ "control_name": "Cryptography + Access Control — federated-identity extension"
29633
+ },
29383
29634
  {
29384
29635
  "id": "NIS2-Art21-patch-management",
29385
29636
  "framework": "EU NIS2 Directive",
@@ -29400,6 +29651,11 @@
29400
29651
  "framework": "NIST SP 800-53 Rev 5",
29401
29652
  "control_name": "Account Management"
29402
29653
  },
29654
+ {
29655
+ "id": "NIST-800-53-IA-5-Federated",
29656
+ "framework": "NIST 800-53 Rev.5",
29657
+ "control_name": "Authenticator Management — federated-trust extension"
29658
+ },
29403
29659
  {
29404
29660
  "id": "NIST-800-53-SC-8",
29405
29661
  "framework": "NIST SP 800-53 Rev 5",
@@ -29415,6 +29671,11 @@
29415
29671
  "framework": "NIST SP 800-53 Rev 5",
29416
29672
  "control_name": "Malicious Code Protection"
29417
29673
  },
29674
+ {
29675
+ "id": "NIST-800-63B-rev4",
29676
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
29677
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
29678
+ },
29418
29679
  {
29419
29680
  "id": "NIST-800-82r3",
29420
29681
  "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
@@ -29454,6 +29715,11 @@
29454
29715
  "id": "SOC2-CC9-vendor-management",
29455
29716
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
29456
29717
  "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
29718
+ },
29719
+ {
29720
+ "id": "UK-CAF-B2",
29721
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
29722
+ "control_name": "Identity and access control"
29457
29723
  }
29458
29724
  ],
29459
29725
  "attack_refs": [
@@ -29465,7 +29731,10 @@
29465
29731
  "T1133",
29466
29732
  "T1190",
29467
29733
  "T1548.001",
29468
- "T1566"
29734
+ "T1550",
29735
+ "T1556",
29736
+ "T1566",
29737
+ "T1606"
29469
29738
  ],
29470
29739
  "rfc_refs": [
29471
29740
  "RFC-4301",
@@ -36785,7 +37054,8 @@
36785
37054
  "attack-surface-pentest",
36786
37055
  "ot-ics-security",
36787
37056
  "coordinated-vuln-disclosure",
36788
- "sector-energy"
37057
+ "sector-energy",
37058
+ "vc-wallet-trust"
36789
37059
  ],
36790
37060
  "chain": {
36791
37061
  "cwes": [
@@ -36819,6 +37089,11 @@
36819
37089
  "name": "Improper Validation of Generative AI Output",
36820
37090
  "category": "AI/ML"
36821
37091
  },
37092
+ {
37093
+ "id": "CWE-200",
37094
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
37095
+ "category": "Information Exposure"
37096
+ },
36822
37097
  {
36823
37098
  "id": "CWE-22",
36824
37099
  "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
@@ -36834,11 +37109,21 @@
36834
37109
  "name": "Improper Authentication",
36835
37110
  "category": "Authentication"
36836
37111
  },
37112
+ {
37113
+ "id": "CWE-290",
37114
+ "name": "Authentication Bypass by Spoofing",
37115
+ "category": "Authentication"
37116
+ },
36837
37117
  {
36838
37118
  "id": "CWE-306",
36839
37119
  "name": "Missing Authentication for Critical Function",
36840
37120
  "category": "Authentication"
36841
37121
  },
37122
+ {
37123
+ "id": "CWE-347",
37124
+ "name": "Improper Verification of Cryptographic Signature",
37125
+ "category": "Cryptography"
37126
+ },
36842
37127
  {
36843
37128
  "id": "CWE-352",
36844
37129
  "name": "Cross-Site Request Forgery (CSRF)",
@@ -36889,6 +37174,11 @@
36889
37174
  "name": "Use of Hard-coded Credentials",
36890
37175
  "category": "Credentials"
36891
37176
  },
37177
+ {
37178
+ "id": "CWE-863",
37179
+ "name": "Incorrect Authorization",
37180
+ "category": "Authorization"
37181
+ },
36892
37182
  {
36893
37183
  "id": "CWE-89",
36894
37184
  "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
@@ -37020,6 +37310,11 @@
37020
37310
  "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
37021
37311
  "control_name": "System security requirements and security levels"
37022
37312
  },
37313
+ {
37314
+ "id": "ISO-27001-2022-A.5.16-Federated",
37315
+ "framework": "ISO/IEC 27001:2022",
37316
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
37317
+ },
37023
37318
  {
37024
37319
  "id": "ISO-27001-2022-A.8.28",
37025
37320
  "framework": "ISO/IEC 27001:2022",
@@ -37040,6 +37335,11 @@
37040
37335
  "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
37041
37336
  "control_name": "Security event monitoring"
37042
37337
  },
37338
+ {
37339
+ "id": "NIS2-Art-21-Federated-Identity",
37340
+ "framework": "EU NIS2 Directive",
37341
+ "control_name": "Cryptography + Access Control — federated-identity extension"
37342
+ },
37043
37343
  {
37044
37344
  "id": "NIS2-Art21-patch-management",
37045
37345
  "framework": "EU NIS2 Directive",
@@ -37060,6 +37360,11 @@
37060
37360
  "framework": "NIST SP 800-53 Rev 5",
37061
37361
  "control_name": "Account Management"
37062
37362
  },
37363
+ {
37364
+ "id": "NIST-800-53-IA-5-Federated",
37365
+ "framework": "NIST 800-53 Rev.5",
37366
+ "control_name": "Authenticator Management — federated-trust extension"
37367
+ },
37063
37368
  {
37064
37369
  "id": "NIST-800-53-SC-8",
37065
37370
  "framework": "NIST SP 800-53 Rev 5",
@@ -37075,6 +37380,11 @@
37075
37380
  "framework": "NIST SP 800-53 Rev 5",
37076
37381
  "control_name": "Malicious Code Protection"
37077
37382
  },
37383
+ {
37384
+ "id": "NIST-800-63B-rev4",
37385
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
37386
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
37387
+ },
37078
37388
  {
37079
37389
  "id": "NIST-800-82r3",
37080
37390
  "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
@@ -37114,6 +37424,11 @@
37114
37424
  "id": "SOC2-CC9-vendor-management",
37115
37425
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
37116
37426
  "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
37427
+ },
37428
+ {
37429
+ "id": "UK-CAF-B2",
37430
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
37431
+ "control_name": "Identity and access control"
37117
37432
  }
37118
37433
  ],
37119
37434
  "attack_refs": [
@@ -37125,7 +37440,10 @@
37125
37440
  "T1133",
37126
37441
  "T1190",
37127
37442
  "T1548.001",
37128
- "T1566"
37443
+ "T1550",
37444
+ "T1556",
37445
+ "T1566",
37446
+ "T1606"
37129
37447
  ],
37130
37448
  "rfc_refs": [
37131
37449
  "RFC-4301",
@@ -37147,7 +37465,8 @@
37147
37465
  "attack-surface-pentest",
37148
37466
  "ot-ics-security",
37149
37467
  "coordinated-vuln-disclosure",
37150
- "sector-energy"
37468
+ "sector-energy",
37469
+ "vc-wallet-trust"
37151
37470
  ],
37152
37471
  "chain": {
37153
37472
  "cwes": [
@@ -37181,6 +37500,11 @@
37181
37500
  "name": "Improper Validation of Generative AI Output",
37182
37501
  "category": "AI/ML"
37183
37502
  },
37503
+ {
37504
+ "id": "CWE-200",
37505
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
37506
+ "category": "Information Exposure"
37507
+ },
37184
37508
  {
37185
37509
  "id": "CWE-22",
37186
37510
  "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
@@ -37196,11 +37520,21 @@
37196
37520
  "name": "Improper Authentication",
37197
37521
  "category": "Authentication"
37198
37522
  },
37523
+ {
37524
+ "id": "CWE-290",
37525
+ "name": "Authentication Bypass by Spoofing",
37526
+ "category": "Authentication"
37527
+ },
37199
37528
  {
37200
37529
  "id": "CWE-306",
37201
37530
  "name": "Missing Authentication for Critical Function",
37202
37531
  "category": "Authentication"
37203
37532
  },
37533
+ {
37534
+ "id": "CWE-347",
37535
+ "name": "Improper Verification of Cryptographic Signature",
37536
+ "category": "Cryptography"
37537
+ },
37204
37538
  {
37205
37539
  "id": "CWE-352",
37206
37540
  "name": "Cross-Site Request Forgery (CSRF)",
@@ -37251,6 +37585,11 @@
37251
37585
  "name": "Use of Hard-coded Credentials",
37252
37586
  "category": "Credentials"
37253
37587
  },
37588
+ {
37589
+ "id": "CWE-863",
37590
+ "name": "Incorrect Authorization",
37591
+ "category": "Authorization"
37592
+ },
37254
37593
  {
37255
37594
  "id": "CWE-89",
37256
37595
  "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
@@ -37382,6 +37721,11 @@
37382
37721
  "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
37383
37722
  "control_name": "System security requirements and security levels"
37384
37723
  },
37724
+ {
37725
+ "id": "ISO-27001-2022-A.5.16-Federated",
37726
+ "framework": "ISO/IEC 27001:2022",
37727
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
37728
+ },
37385
37729
  {
37386
37730
  "id": "ISO-27001-2022-A.8.28",
37387
37731
  "framework": "ISO/IEC 27001:2022",
@@ -37402,6 +37746,11 @@
37402
37746
  "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
37403
37747
  "control_name": "Security event monitoring"
37404
37748
  },
37749
+ {
37750
+ "id": "NIS2-Art-21-Federated-Identity",
37751
+ "framework": "EU NIS2 Directive",
37752
+ "control_name": "Cryptography + Access Control — federated-identity extension"
37753
+ },
37405
37754
  {
37406
37755
  "id": "NIS2-Art21-patch-management",
37407
37756
  "framework": "EU NIS2 Directive",
@@ -37422,6 +37771,11 @@
37422
37771
  "framework": "NIST SP 800-53 Rev 5",
37423
37772
  "control_name": "Account Management"
37424
37773
  },
37774
+ {
37775
+ "id": "NIST-800-53-IA-5-Federated",
37776
+ "framework": "NIST 800-53 Rev.5",
37777
+ "control_name": "Authenticator Management — federated-trust extension"
37778
+ },
37425
37779
  {
37426
37780
  "id": "NIST-800-53-SC-8",
37427
37781
  "framework": "NIST SP 800-53 Rev 5",
@@ -37437,6 +37791,11 @@
37437
37791
  "framework": "NIST SP 800-53 Rev 5",
37438
37792
  "control_name": "Malicious Code Protection"
37439
37793
  },
37794
+ {
37795
+ "id": "NIST-800-63B-rev4",
37796
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
37797
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
37798
+ },
37440
37799
  {
37441
37800
  "id": "NIST-800-82r3",
37442
37801
  "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
@@ -37476,6 +37835,11 @@
37476
37835
  "id": "SOC2-CC9-vendor-management",
37477
37836
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
37478
37837
  "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
37838
+ },
37839
+ {
37840
+ "id": "UK-CAF-B2",
37841
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
37842
+ "control_name": "Identity and access control"
37479
37843
  }
37480
37844
  ],
37481
37845
  "attack_refs": [
@@ -37487,7 +37851,10 @@
37487
37851
  "T1133",
37488
37852
  "T1190",
37489
37853
  "T1548.001",
37490
- "T1566"
37854
+ "T1550",
37855
+ "T1556",
37856
+ "T1566",
37857
+ "T1606"
37491
37858
  ],
37492
37859
  "rfc_refs": [
37493
37860
  "RFC-4301",
@@ -37509,7 +37876,8 @@
37509
37876
  "attack-surface-pentest",
37510
37877
  "ot-ics-security",
37511
37878
  "coordinated-vuln-disclosure",
37512
- "sector-energy"
37879
+ "sector-energy",
37880
+ "vc-wallet-trust"
37513
37881
  ],
37514
37882
  "chain": {
37515
37883
  "cwes": [
@@ -37543,6 +37911,11 @@
37543
37911
  "name": "Improper Validation of Generative AI Output",
37544
37912
  "category": "AI/ML"
37545
37913
  },
37914
+ {
37915
+ "id": "CWE-200",
37916
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
37917
+ "category": "Information Exposure"
37918
+ },
37546
37919
  {
37547
37920
  "id": "CWE-22",
37548
37921
  "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
@@ -37558,11 +37931,21 @@
37558
37931
  "name": "Improper Authentication",
37559
37932
  "category": "Authentication"
37560
37933
  },
37934
+ {
37935
+ "id": "CWE-290",
37936
+ "name": "Authentication Bypass by Spoofing",
37937
+ "category": "Authentication"
37938
+ },
37561
37939
  {
37562
37940
  "id": "CWE-306",
37563
37941
  "name": "Missing Authentication for Critical Function",
37564
37942
  "category": "Authentication"
37565
37943
  },
37944
+ {
37945
+ "id": "CWE-347",
37946
+ "name": "Improper Verification of Cryptographic Signature",
37947
+ "category": "Cryptography"
37948
+ },
37566
37949
  {
37567
37950
  "id": "CWE-352",
37568
37951
  "name": "Cross-Site Request Forgery (CSRF)",
@@ -37613,6 +37996,11 @@
37613
37996
  "name": "Use of Hard-coded Credentials",
37614
37997
  "category": "Credentials"
37615
37998
  },
37999
+ {
38000
+ "id": "CWE-863",
38001
+ "name": "Incorrect Authorization",
38002
+ "category": "Authorization"
38003
+ },
37616
38004
  {
37617
38005
  "id": "CWE-89",
37618
38006
  "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
@@ -37744,6 +38132,11 @@
37744
38132
  "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
37745
38133
  "control_name": "System security requirements and security levels"
37746
38134
  },
38135
+ {
38136
+ "id": "ISO-27001-2022-A.5.16-Federated",
38137
+ "framework": "ISO/IEC 27001:2022",
38138
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
38139
+ },
37747
38140
  {
37748
38141
  "id": "ISO-27001-2022-A.8.28",
37749
38142
  "framework": "ISO/IEC 27001:2022",
@@ -37764,6 +38157,11 @@
37764
38157
  "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
37765
38158
  "control_name": "Security event monitoring"
37766
38159
  },
38160
+ {
38161
+ "id": "NIS2-Art-21-Federated-Identity",
38162
+ "framework": "EU NIS2 Directive",
38163
+ "control_name": "Cryptography + Access Control — federated-identity extension"
38164
+ },
37767
38165
  {
37768
38166
  "id": "NIS2-Art21-patch-management",
37769
38167
  "framework": "EU NIS2 Directive",
@@ -37784,6 +38182,11 @@
37784
38182
  "framework": "NIST SP 800-53 Rev 5",
37785
38183
  "control_name": "Account Management"
37786
38184
  },
38185
+ {
38186
+ "id": "NIST-800-53-IA-5-Federated",
38187
+ "framework": "NIST 800-53 Rev.5",
38188
+ "control_name": "Authenticator Management — federated-trust extension"
38189
+ },
37787
38190
  {
37788
38191
  "id": "NIST-800-53-SC-8",
37789
38192
  "framework": "NIST SP 800-53 Rev 5",
@@ -37799,6 +38202,11 @@
37799
38202
  "framework": "NIST SP 800-53 Rev 5",
37800
38203
  "control_name": "Malicious Code Protection"
37801
38204
  },
38205
+ {
38206
+ "id": "NIST-800-63B-rev4",
38207
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
38208
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
38209
+ },
37802
38210
  {
37803
38211
  "id": "NIST-800-82r3",
37804
38212
  "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
@@ -37838,6 +38246,11 @@
37838
38246
  "id": "SOC2-CC9-vendor-management",
37839
38247
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
37840
38248
  "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
38249
+ },
38250
+ {
38251
+ "id": "UK-CAF-B2",
38252
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
38253
+ "control_name": "Identity and access control"
37841
38254
  }
37842
38255
  ],
37843
38256
  "attack_refs": [
@@ -37849,7 +38262,10 @@
37849
38262
  "T1133",
37850
38263
  "T1190",
37851
38264
  "T1548.001",
37852
- "T1566"
38265
+ "T1550",
38266
+ "T1556",
38267
+ "T1566",
38268
+ "T1606"
37853
38269
  ],
37854
38270
  "rfc_refs": [
37855
38271
  "RFC-4301",
@@ -37871,7 +38287,8 @@
37871
38287
  "attack-surface-pentest",
37872
38288
  "ot-ics-security",
37873
38289
  "coordinated-vuln-disclosure",
37874
- "sector-energy"
38290
+ "sector-energy",
38291
+ "vc-wallet-trust"
37875
38292
  ],
37876
38293
  "chain": {
37877
38294
  "cwes": [
@@ -37905,6 +38322,11 @@
37905
38322
  "name": "Improper Validation of Generative AI Output",
37906
38323
  "category": "AI/ML"
37907
38324
  },
38325
+ {
38326
+ "id": "CWE-200",
38327
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
38328
+ "category": "Information Exposure"
38329
+ },
37908
38330
  {
37909
38331
  "id": "CWE-22",
37910
38332
  "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
@@ -37920,11 +38342,21 @@
37920
38342
  "name": "Improper Authentication",
37921
38343
  "category": "Authentication"
37922
38344
  },
38345
+ {
38346
+ "id": "CWE-290",
38347
+ "name": "Authentication Bypass by Spoofing",
38348
+ "category": "Authentication"
38349
+ },
37923
38350
  {
37924
38351
  "id": "CWE-306",
37925
38352
  "name": "Missing Authentication for Critical Function",
37926
38353
  "category": "Authentication"
37927
38354
  },
38355
+ {
38356
+ "id": "CWE-347",
38357
+ "name": "Improper Verification of Cryptographic Signature",
38358
+ "category": "Cryptography"
38359
+ },
37928
38360
  {
37929
38361
  "id": "CWE-352",
37930
38362
  "name": "Cross-Site Request Forgery (CSRF)",
@@ -37975,6 +38407,11 @@
37975
38407
  "name": "Use of Hard-coded Credentials",
37976
38408
  "category": "Credentials"
37977
38409
  },
38410
+ {
38411
+ "id": "CWE-863",
38412
+ "name": "Incorrect Authorization",
38413
+ "category": "Authorization"
38414
+ },
37978
38415
  {
37979
38416
  "id": "CWE-89",
37980
38417
  "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
@@ -38106,6 +38543,11 @@
38106
38543
  "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
38107
38544
  "control_name": "System security requirements and security levels"
38108
38545
  },
38546
+ {
38547
+ "id": "ISO-27001-2022-A.5.16-Federated",
38548
+ "framework": "ISO/IEC 27001:2022",
38549
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
38550
+ },
38109
38551
  {
38110
38552
  "id": "ISO-27001-2022-A.8.28",
38111
38553
  "framework": "ISO/IEC 27001:2022",
@@ -38126,6 +38568,11 @@
38126
38568
  "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
38127
38569
  "control_name": "Security event monitoring"
38128
38570
  },
38571
+ {
38572
+ "id": "NIS2-Art-21-Federated-Identity",
38573
+ "framework": "EU NIS2 Directive",
38574
+ "control_name": "Cryptography + Access Control — federated-identity extension"
38575
+ },
38129
38576
  {
38130
38577
  "id": "NIS2-Art21-patch-management",
38131
38578
  "framework": "EU NIS2 Directive",
@@ -38146,6 +38593,11 @@
38146
38593
  "framework": "NIST SP 800-53 Rev 5",
38147
38594
  "control_name": "Account Management"
38148
38595
  },
38596
+ {
38597
+ "id": "NIST-800-53-IA-5-Federated",
38598
+ "framework": "NIST 800-53 Rev.5",
38599
+ "control_name": "Authenticator Management — federated-trust extension"
38600
+ },
38149
38601
  {
38150
38602
  "id": "NIST-800-53-SC-8",
38151
38603
  "framework": "NIST SP 800-53 Rev 5",
@@ -38161,6 +38613,11 @@
38161
38613
  "framework": "NIST SP 800-53 Rev 5",
38162
38614
  "control_name": "Malicious Code Protection"
38163
38615
  },
38616
+ {
38617
+ "id": "NIST-800-63B-rev4",
38618
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
38619
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
38620
+ },
38164
38621
  {
38165
38622
  "id": "NIST-800-82r3",
38166
38623
  "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
@@ -38200,6 +38657,11 @@
38200
38657
  "id": "SOC2-CC9-vendor-management",
38201
38658
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
38202
38659
  "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
38660
+ },
38661
+ {
38662
+ "id": "UK-CAF-B2",
38663
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
38664
+ "control_name": "Identity and access control"
38203
38665
  }
38204
38666
  ],
38205
38667
  "attack_refs": [
@@ -38211,7 +38673,10 @@
38211
38673
  "T1133",
38212
38674
  "T1190",
38213
38675
  "T1548.001",
38214
- "T1566"
38676
+ "T1550",
38677
+ "T1556",
38678
+ "T1566",
38679
+ "T1606"
38215
38680
  ],
38216
38681
  "rfc_refs": [
38217
38682
  "RFC-4301",
@@ -38233,7 +38698,8 @@
38233
38698
  "attack-surface-pentest",
38234
38699
  "ot-ics-security",
38235
38700
  "coordinated-vuln-disclosure",
38236
- "sector-energy"
38701
+ "sector-energy",
38702
+ "vc-wallet-trust"
38237
38703
  ],
38238
38704
  "chain": {
38239
38705
  "cwes": [
@@ -38267,6 +38733,11 @@
38267
38733
  "name": "Improper Validation of Generative AI Output",
38268
38734
  "category": "AI/ML"
38269
38735
  },
38736
+ {
38737
+ "id": "CWE-200",
38738
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
38739
+ "category": "Information Exposure"
38740
+ },
38270
38741
  {
38271
38742
  "id": "CWE-22",
38272
38743
  "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
@@ -38282,11 +38753,21 @@
38282
38753
  "name": "Improper Authentication",
38283
38754
  "category": "Authentication"
38284
38755
  },
38756
+ {
38757
+ "id": "CWE-290",
38758
+ "name": "Authentication Bypass by Spoofing",
38759
+ "category": "Authentication"
38760
+ },
38285
38761
  {
38286
38762
  "id": "CWE-306",
38287
38763
  "name": "Missing Authentication for Critical Function",
38288
38764
  "category": "Authentication"
38289
38765
  },
38766
+ {
38767
+ "id": "CWE-347",
38768
+ "name": "Improper Verification of Cryptographic Signature",
38769
+ "category": "Cryptography"
38770
+ },
38290
38771
  {
38291
38772
  "id": "CWE-352",
38292
38773
  "name": "Cross-Site Request Forgery (CSRF)",
@@ -38337,6 +38818,11 @@
38337
38818
  "name": "Use of Hard-coded Credentials",
38338
38819
  "category": "Credentials"
38339
38820
  },
38821
+ {
38822
+ "id": "CWE-863",
38823
+ "name": "Incorrect Authorization",
38824
+ "category": "Authorization"
38825
+ },
38340
38826
  {
38341
38827
  "id": "CWE-89",
38342
38828
  "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
@@ -38468,6 +38954,11 @@
38468
38954
  "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
38469
38955
  "control_name": "System security requirements and security levels"
38470
38956
  },
38957
+ {
38958
+ "id": "ISO-27001-2022-A.5.16-Federated",
38959
+ "framework": "ISO/IEC 27001:2022",
38960
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
38961
+ },
38471
38962
  {
38472
38963
  "id": "ISO-27001-2022-A.8.28",
38473
38964
  "framework": "ISO/IEC 27001:2022",
@@ -38488,6 +38979,11 @@
38488
38979
  "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
38489
38980
  "control_name": "Security event monitoring"
38490
38981
  },
38982
+ {
38983
+ "id": "NIS2-Art-21-Federated-Identity",
38984
+ "framework": "EU NIS2 Directive",
38985
+ "control_name": "Cryptography + Access Control — federated-identity extension"
38986
+ },
38491
38987
  {
38492
38988
  "id": "NIS2-Art21-patch-management",
38493
38989
  "framework": "EU NIS2 Directive",
@@ -38508,6 +39004,11 @@
38508
39004
  "framework": "NIST SP 800-53 Rev 5",
38509
39005
  "control_name": "Account Management"
38510
39006
  },
39007
+ {
39008
+ "id": "NIST-800-53-IA-5-Federated",
39009
+ "framework": "NIST 800-53 Rev.5",
39010
+ "control_name": "Authenticator Management — federated-trust extension"
39011
+ },
38511
39012
  {
38512
39013
  "id": "NIST-800-53-SC-8",
38513
39014
  "framework": "NIST SP 800-53 Rev 5",
@@ -38523,6 +39024,11 @@
38523
39024
  "framework": "NIST SP 800-53 Rev 5",
38524
39025
  "control_name": "Malicious Code Protection"
38525
39026
  },
39027
+ {
39028
+ "id": "NIST-800-63B-rev4",
39029
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
39030
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
39031
+ },
38526
39032
  {
38527
39033
  "id": "NIST-800-82r3",
38528
39034
  "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
@@ -38562,6 +39068,11 @@
38562
39068
  "id": "SOC2-CC9-vendor-management",
38563
39069
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
38564
39070
  "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
39071
+ },
39072
+ {
39073
+ "id": "UK-CAF-B2",
39074
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
39075
+ "control_name": "Identity and access control"
38565
39076
  }
38566
39077
  ],
38567
39078
  "attack_refs": [
@@ -38573,7 +39084,10 @@
38573
39084
  "T1133",
38574
39085
  "T1190",
38575
39086
  "T1548.001",
38576
- "T1566"
39087
+ "T1550",
39088
+ "T1556",
39089
+ "T1566",
39090
+ "T1606"
38577
39091
  ],
38578
39092
  "rfc_refs": [
38579
39093
  "RFC-4301",
@@ -38595,7 +39109,8 @@
38595
39109
  "attack-surface-pentest",
38596
39110
  "ot-ics-security",
38597
39111
  "coordinated-vuln-disclosure",
38598
- "sector-energy"
39112
+ "sector-energy",
39113
+ "vc-wallet-trust"
38599
39114
  ],
38600
39115
  "chain": {
38601
39116
  "cwes": [
@@ -38629,6 +39144,11 @@
38629
39144
  "name": "Improper Validation of Generative AI Output",
38630
39145
  "category": "AI/ML"
38631
39146
  },
39147
+ {
39148
+ "id": "CWE-200",
39149
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
39150
+ "category": "Information Exposure"
39151
+ },
38632
39152
  {
38633
39153
  "id": "CWE-22",
38634
39154
  "name": "Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)",
@@ -38644,11 +39164,21 @@
38644
39164
  "name": "Improper Authentication",
38645
39165
  "category": "Authentication"
38646
39166
  },
39167
+ {
39168
+ "id": "CWE-290",
39169
+ "name": "Authentication Bypass by Spoofing",
39170
+ "category": "Authentication"
39171
+ },
38647
39172
  {
38648
39173
  "id": "CWE-306",
38649
39174
  "name": "Missing Authentication for Critical Function",
38650
39175
  "category": "Authentication"
38651
39176
  },
39177
+ {
39178
+ "id": "CWE-347",
39179
+ "name": "Improper Verification of Cryptographic Signature",
39180
+ "category": "Cryptography"
39181
+ },
38652
39182
  {
38653
39183
  "id": "CWE-352",
38654
39184
  "name": "Cross-Site Request Forgery (CSRF)",
@@ -38699,6 +39229,11 @@
38699
39229
  "name": "Use of Hard-coded Credentials",
38700
39230
  "category": "Credentials"
38701
39231
  },
39232
+ {
39233
+ "id": "CWE-863",
39234
+ "name": "Incorrect Authorization",
39235
+ "category": "Authorization"
39236
+ },
38702
39237
  {
38703
39238
  "id": "CWE-89",
38704
39239
  "name": "Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)",
@@ -38830,6 +39365,11 @@
38830
39365
  "framework": "IEC 62443-3-3 (Industrial communication networks — security for IACS)",
38831
39366
  "control_name": "System security requirements and security levels"
38832
39367
  },
39368
+ {
39369
+ "id": "ISO-27001-2022-A.5.16-Federated",
39370
+ "framework": "ISO/IEC 27001:2022",
39371
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
39372
+ },
38833
39373
  {
38834
39374
  "id": "ISO-27001-2022-A.8.28",
38835
39375
  "framework": "ISO/IEC 27001:2022",
@@ -38850,6 +39390,11 @@
38850
39390
  "framework": "NERC CIP-007-6 (BES Cyber System Security Management)",
38851
39391
  "control_name": "Security event monitoring"
38852
39392
  },
39393
+ {
39394
+ "id": "NIS2-Art-21-Federated-Identity",
39395
+ "framework": "EU NIS2 Directive",
39396
+ "control_name": "Cryptography + Access Control — federated-identity extension"
39397
+ },
38853
39398
  {
38854
39399
  "id": "NIS2-Art21-patch-management",
38855
39400
  "framework": "EU NIS2 Directive",
@@ -38870,6 +39415,11 @@
38870
39415
  "framework": "NIST SP 800-53 Rev 5",
38871
39416
  "control_name": "Account Management"
38872
39417
  },
39418
+ {
39419
+ "id": "NIST-800-53-IA-5-Federated",
39420
+ "framework": "NIST 800-53 Rev.5",
39421
+ "control_name": "Authenticator Management — federated-trust extension"
39422
+ },
38873
39423
  {
38874
39424
  "id": "NIST-800-53-SC-8",
38875
39425
  "framework": "NIST SP 800-53 Rev 5",
@@ -38885,6 +39435,11 @@
38885
39435
  "framework": "NIST SP 800-53 Rev 5",
38886
39436
  "control_name": "Malicious Code Protection"
38887
39437
  },
39438
+ {
39439
+ "id": "NIST-800-63B-rev4",
39440
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
39441
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
39442
+ },
38888
39443
  {
38889
39444
  "id": "NIST-800-82r3",
38890
39445
  "framework": "NIST SP 800-82 Rev 3 (Guide to OT Security)",
@@ -38924,6 +39479,11 @@
38924
39479
  "id": "SOC2-CC9-vendor-management",
38925
39480
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
38926
39481
  "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
39482
+ },
39483
+ {
39484
+ "id": "UK-CAF-B2",
39485
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
39486
+ "control_name": "Identity and access control"
38927
39487
  }
38928
39488
  ],
38929
39489
  "attack_refs": [
@@ -38935,7 +39495,10 @@
38935
39495
  "T1133",
38936
39496
  "T1190",
38937
39497
  "T1548.001",
38938
- "T1566"
39498
+ "T1550",
39499
+ "T1556",
39500
+ "T1566",
39501
+ "T1606"
38939
39502
  ],
38940
39503
  "rfc_refs": [
38941
39504
  "RFC-4301",
@@ -45940,7 +46503,8 @@
45940
46503
  "ai-attack-surface",
45941
46504
  "compliance-theater",
45942
46505
  "pqc-first",
45943
- "dlp-gap-analysis"
46506
+ "dlp-gap-analysis",
46507
+ "vc-wallet-trust"
45944
46508
  ],
45945
46509
  "chain": {
45946
46510
  "cwes": [
@@ -45959,11 +46523,31 @@
45959
46523
  "name": "Exposure of Sensitive Information to an Unauthorized Actor",
45960
46524
  "category": "Information Exposure"
45961
46525
  },
46526
+ {
46527
+ "id": "CWE-290",
46528
+ "name": "Authentication Bypass by Spoofing",
46529
+ "category": "Authentication"
46530
+ },
45962
46531
  {
45963
46532
  "id": "CWE-327",
45964
46533
  "name": "Use of a Broken or Risky Cryptographic Algorithm",
45965
46534
  "category": "Cryptography"
45966
46535
  },
46536
+ {
46537
+ "id": "CWE-347",
46538
+ "name": "Improper Verification of Cryptographic Signature",
46539
+ "category": "Cryptography"
46540
+ },
46541
+ {
46542
+ "id": "CWE-672",
46543
+ "name": "Operation on a Resource after Expiration or Release",
46544
+ "category": "Memory Safety"
46545
+ },
46546
+ {
46547
+ "id": "CWE-863",
46548
+ "name": "Incorrect Authorization",
46549
+ "category": "Authorization"
46550
+ },
45967
46551
  {
45968
46552
  "id": "CWE-94",
45969
46553
  "name": "Improper Control of Generation of Code (Code Injection)",
@@ -46075,6 +46659,11 @@
46075
46659
  "framework": "HIPAA Security Rule (45 CFR § 164.312)",
46076
46660
  "control_name": "Access control standard (technical safeguards)"
46077
46661
  },
46662
+ {
46663
+ "id": "ISO-27001-2022-A.5.16-Federated",
46664
+ "framework": "ISO/IEC 27001:2022",
46665
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
46666
+ },
46078
46667
  {
46079
46668
  "id": "ISO-27001-2022-A.8.16",
46080
46669
  "framework": "ISO/IEC 27001:2022",
@@ -46095,11 +46684,21 @@
46095
46684
  "framework": "ISO/IEC 42001:2023 (AI Management System)",
46096
46685
  "control_name": "AI risk assessment"
46097
46686
  },
46687
+ {
46688
+ "id": "NIS2-Art-21-Federated-Identity",
46689
+ "framework": "EU NIS2 Directive",
46690
+ "control_name": "Cryptography + Access Control — federated-identity extension"
46691
+ },
46098
46692
  {
46099
46693
  "id": "NIST-800-53-AC-2",
46100
46694
  "framework": "NIST SP 800-53 Rev 5",
46101
46695
  "control_name": "Account Management"
46102
46696
  },
46697
+ {
46698
+ "id": "NIST-800-53-IA-5-Federated",
46699
+ "framework": "NIST 800-53 Rev.5",
46700
+ "control_name": "Authenticator Management — federated-trust extension"
46701
+ },
46103
46702
  {
46104
46703
  "id": "NIST-800-53-SC-28",
46105
46704
  "framework": "NIST SP 800-53 Rev 5",
@@ -46120,6 +46719,11 @@
46120
46719
  "framework": "NIST SP 800-53 Rev 5",
46121
46720
  "control_name": "Malicious Code Protection"
46122
46721
  },
46722
+ {
46723
+ "id": "NIST-800-63B-rev4",
46724
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
46725
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
46726
+ },
46123
46727
  {
46124
46728
  "id": "OWASP-LLM-Top-10-2025-LLM01",
46125
46729
  "framework": "OWASP Top 10 for LLM Applications 2025",
@@ -46139,6 +46743,11 @@
46139
46743
  "id": "SOC2-CC7-anomaly-detection",
46140
46744
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
46141
46745
  "control_name": "System Operations — Threat and Vulnerability Management"
46746
+ },
46747
+ {
46748
+ "id": "UK-CAF-B2",
46749
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
46750
+ "control_name": "Identity and access control"
46142
46751
  }
46143
46752
  ],
46144
46753
  "attack_refs": [
@@ -46147,8 +46756,11 @@
46147
46756
  "T1190",
46148
46757
  "T1213",
46149
46758
  "T1530",
46759
+ "T1550",
46760
+ "T1556",
46150
46761
  "T1566",
46151
- "T1567"
46762
+ "T1567",
46763
+ "T1606"
46152
46764
  ],
46153
46765
  "rfc_refs": [
46154
46766
  "DRAFT-IETF-TLS-ECDHE-MLKEM",
@@ -46173,7 +46785,8 @@
46173
46785
  "ai-attack-surface",
46174
46786
  "compliance-theater",
46175
46787
  "pqc-first",
46176
- "dlp-gap-analysis"
46788
+ "dlp-gap-analysis",
46789
+ "vc-wallet-trust"
46177
46790
  ],
46178
46791
  "chain": {
46179
46792
  "cwes": [
@@ -46192,11 +46805,31 @@
46192
46805
  "name": "Exposure of Sensitive Information to an Unauthorized Actor",
46193
46806
  "category": "Information Exposure"
46194
46807
  },
46808
+ {
46809
+ "id": "CWE-290",
46810
+ "name": "Authentication Bypass by Spoofing",
46811
+ "category": "Authentication"
46812
+ },
46195
46813
  {
46196
46814
  "id": "CWE-327",
46197
46815
  "name": "Use of a Broken or Risky Cryptographic Algorithm",
46198
46816
  "category": "Cryptography"
46199
46817
  },
46818
+ {
46819
+ "id": "CWE-347",
46820
+ "name": "Improper Verification of Cryptographic Signature",
46821
+ "category": "Cryptography"
46822
+ },
46823
+ {
46824
+ "id": "CWE-672",
46825
+ "name": "Operation on a Resource after Expiration or Release",
46826
+ "category": "Memory Safety"
46827
+ },
46828
+ {
46829
+ "id": "CWE-863",
46830
+ "name": "Incorrect Authorization",
46831
+ "category": "Authorization"
46832
+ },
46200
46833
  {
46201
46834
  "id": "CWE-94",
46202
46835
  "name": "Improper Control of Generation of Code (Code Injection)",
@@ -46308,6 +46941,11 @@
46308
46941
  "framework": "HIPAA Security Rule (45 CFR § 164.312)",
46309
46942
  "control_name": "Access control standard (technical safeguards)"
46310
46943
  },
46944
+ {
46945
+ "id": "ISO-27001-2022-A.5.16-Federated",
46946
+ "framework": "ISO/IEC 27001:2022",
46947
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
46948
+ },
46311
46949
  {
46312
46950
  "id": "ISO-27001-2022-A.8.16",
46313
46951
  "framework": "ISO/IEC 27001:2022",
@@ -46328,11 +46966,21 @@
46328
46966
  "framework": "ISO/IEC 42001:2023 (AI Management System)",
46329
46967
  "control_name": "AI risk assessment"
46330
46968
  },
46969
+ {
46970
+ "id": "NIS2-Art-21-Federated-Identity",
46971
+ "framework": "EU NIS2 Directive",
46972
+ "control_name": "Cryptography + Access Control — federated-identity extension"
46973
+ },
46331
46974
  {
46332
46975
  "id": "NIST-800-53-AC-2",
46333
46976
  "framework": "NIST SP 800-53 Rev 5",
46334
46977
  "control_name": "Account Management"
46335
46978
  },
46979
+ {
46980
+ "id": "NIST-800-53-IA-5-Federated",
46981
+ "framework": "NIST 800-53 Rev.5",
46982
+ "control_name": "Authenticator Management — federated-trust extension"
46983
+ },
46336
46984
  {
46337
46985
  "id": "NIST-800-53-SC-28",
46338
46986
  "framework": "NIST SP 800-53 Rev 5",
@@ -46353,6 +47001,11 @@
46353
47001
  "framework": "NIST SP 800-53 Rev 5",
46354
47002
  "control_name": "Malicious Code Protection"
46355
47003
  },
47004
+ {
47005
+ "id": "NIST-800-63B-rev4",
47006
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
47007
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
47008
+ },
46356
47009
  {
46357
47010
  "id": "OWASP-LLM-Top-10-2025-LLM01",
46358
47011
  "framework": "OWASP Top 10 for LLM Applications 2025",
@@ -46372,6 +47025,11 @@
46372
47025
  "id": "SOC2-CC7-anomaly-detection",
46373
47026
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
46374
47027
  "control_name": "System Operations — Threat and Vulnerability Management"
47028
+ },
47029
+ {
47030
+ "id": "UK-CAF-B2",
47031
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
47032
+ "control_name": "Identity and access control"
46375
47033
  }
46376
47034
  ],
46377
47035
  "attack_refs": [
@@ -46380,8 +47038,11 @@
46380
47038
  "T1190",
46381
47039
  "T1213",
46382
47040
  "T1530",
47041
+ "T1550",
47042
+ "T1556",
46383
47043
  "T1566",
46384
- "T1567"
47044
+ "T1567",
47045
+ "T1606"
46385
47046
  ],
46386
47047
  "rfc_refs": [
46387
47048
  "DRAFT-IETF-TLS-ECDHE-MLKEM",
@@ -48662,7 +49323,8 @@
48662
49323
  "epss_score": null,
48663
49324
  "referencing_skills": [
48664
49325
  "ai-attack-surface",
48665
- "compliance-theater"
49326
+ "compliance-theater",
49327
+ "vc-wallet-trust"
48666
49328
  ],
48667
49329
  "chain": {
48668
49330
  "cwes": [
@@ -48676,6 +49338,31 @@
48676
49338
  "name": "Improper Validation of Generative AI Output",
48677
49339
  "category": "AI/ML"
48678
49340
  },
49341
+ {
49342
+ "id": "CWE-200",
49343
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
49344
+ "category": "Information Exposure"
49345
+ },
49346
+ {
49347
+ "id": "CWE-290",
49348
+ "name": "Authentication Bypass by Spoofing",
49349
+ "category": "Authentication"
49350
+ },
49351
+ {
49352
+ "id": "CWE-347",
49353
+ "name": "Improper Verification of Cryptographic Signature",
49354
+ "category": "Cryptography"
49355
+ },
49356
+ {
49357
+ "id": "CWE-672",
49358
+ "name": "Operation on a Resource after Expiration or Release",
49359
+ "category": "Memory Safety"
49360
+ },
49361
+ {
49362
+ "id": "CWE-863",
49363
+ "name": "Incorrect Authorization",
49364
+ "category": "Authorization"
49365
+ },
48679
49366
  {
48680
49367
  "id": "CWE-94",
48681
49368
  "name": "Improper Control of Generation of Code (Code Injection)",
@@ -48757,6 +49444,11 @@
48757
49444
  "framework": "FedRAMP Rev 5 Moderate",
48758
49445
  "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
48759
49446
  },
49447
+ {
49448
+ "id": "ISO-27001-2022-A.5.16-Federated",
49449
+ "framework": "ISO/IEC 27001:2022",
49450
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
49451
+ },
48760
49452
  {
48761
49453
  "id": "ISO-27001-2022-A.8.28",
48762
49454
  "framework": "ISO/IEC 27001:2022",
@@ -48767,16 +49459,31 @@
48767
49459
  "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
48768
49460
  "control_name": "AI risk management process"
48769
49461
  },
49462
+ {
49463
+ "id": "NIS2-Art-21-Federated-Identity",
49464
+ "framework": "EU NIS2 Directive",
49465
+ "control_name": "Cryptography + Access Control — federated-identity extension"
49466
+ },
48770
49467
  {
48771
49468
  "id": "NIST-800-53-AC-2",
48772
49469
  "framework": "NIST SP 800-53 Rev 5",
48773
49470
  "control_name": "Account Management"
48774
49471
  },
49472
+ {
49473
+ "id": "NIST-800-53-IA-5-Federated",
49474
+ "framework": "NIST 800-53 Rev.5",
49475
+ "control_name": "Authenticator Management — federated-trust extension"
49476
+ },
48775
49477
  {
48776
49478
  "id": "NIST-800-53-SI-3",
48777
49479
  "framework": "NIST SP 800-53 Rev 5",
48778
49480
  "control_name": "Malicious Code Protection"
48779
49481
  },
49482
+ {
49483
+ "id": "NIST-800-63B-rev4",
49484
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
49485
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
49486
+ },
48780
49487
  {
48781
49488
  "id": "OWASP-LLM-Top-10-2025-LLM01",
48782
49489
  "framework": "OWASP Top 10 for LLM Applications 2025",
@@ -48791,12 +49498,20 @@
48791
49498
  "id": "SOC2-CC6-logical-access",
48792
49499
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
48793
49500
  "control_name": "Logical and Physical Access Controls"
49501
+ },
49502
+ {
49503
+ "id": "UK-CAF-B2",
49504
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
49505
+ "control_name": "Identity and access control"
48794
49506
  }
48795
49507
  ],
48796
49508
  "attack_refs": [
48797
49509
  "T1059",
48798
49510
  "T1190",
48799
- "T1566"
49511
+ "T1550",
49512
+ "T1556",
49513
+ "T1566",
49514
+ "T1606"
48800
49515
  ],
48801
49516
  "rfc_refs": []
48802
49517
  }
@@ -48809,7 +49524,8 @@
48809
49524
  "epss_score": null,
48810
49525
  "referencing_skills": [
48811
49526
  "ai-attack-surface",
48812
- "compliance-theater"
49527
+ "compliance-theater",
49528
+ "vc-wallet-trust"
48813
49529
  ],
48814
49530
  "chain": {
48815
49531
  "cwes": [
@@ -48823,6 +49539,31 @@
48823
49539
  "name": "Improper Validation of Generative AI Output",
48824
49540
  "category": "AI/ML"
48825
49541
  },
49542
+ {
49543
+ "id": "CWE-200",
49544
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
49545
+ "category": "Information Exposure"
49546
+ },
49547
+ {
49548
+ "id": "CWE-290",
49549
+ "name": "Authentication Bypass by Spoofing",
49550
+ "category": "Authentication"
49551
+ },
49552
+ {
49553
+ "id": "CWE-347",
49554
+ "name": "Improper Verification of Cryptographic Signature",
49555
+ "category": "Cryptography"
49556
+ },
49557
+ {
49558
+ "id": "CWE-672",
49559
+ "name": "Operation on a Resource after Expiration or Release",
49560
+ "category": "Memory Safety"
49561
+ },
49562
+ {
49563
+ "id": "CWE-863",
49564
+ "name": "Incorrect Authorization",
49565
+ "category": "Authorization"
49566
+ },
48826
49567
  {
48827
49568
  "id": "CWE-94",
48828
49569
  "name": "Improper Control of Generation of Code (Code Injection)",
@@ -48904,6 +49645,11 @@
48904
49645
  "framework": "FedRAMP Rev 5 Moderate",
48905
49646
  "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
48906
49647
  },
49648
+ {
49649
+ "id": "ISO-27001-2022-A.5.16-Federated",
49650
+ "framework": "ISO/IEC 27001:2022",
49651
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
49652
+ },
48907
49653
  {
48908
49654
  "id": "ISO-27001-2022-A.8.28",
48909
49655
  "framework": "ISO/IEC 27001:2022",
@@ -48914,16 +49660,31 @@
48914
49660
  "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
48915
49661
  "control_name": "AI risk management process"
48916
49662
  },
49663
+ {
49664
+ "id": "NIS2-Art-21-Federated-Identity",
49665
+ "framework": "EU NIS2 Directive",
49666
+ "control_name": "Cryptography + Access Control — federated-identity extension"
49667
+ },
48917
49668
  {
48918
49669
  "id": "NIST-800-53-AC-2",
48919
49670
  "framework": "NIST SP 800-53 Rev 5",
48920
49671
  "control_name": "Account Management"
48921
49672
  },
49673
+ {
49674
+ "id": "NIST-800-53-IA-5-Federated",
49675
+ "framework": "NIST 800-53 Rev.5",
49676
+ "control_name": "Authenticator Management — federated-trust extension"
49677
+ },
48922
49678
  {
48923
49679
  "id": "NIST-800-53-SI-3",
48924
49680
  "framework": "NIST SP 800-53 Rev 5",
48925
49681
  "control_name": "Malicious Code Protection"
48926
49682
  },
49683
+ {
49684
+ "id": "NIST-800-63B-rev4",
49685
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
49686
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
49687
+ },
48927
49688
  {
48928
49689
  "id": "OWASP-LLM-Top-10-2025-LLM01",
48929
49690
  "framework": "OWASP Top 10 for LLM Applications 2025",
@@ -48938,12 +49699,20 @@
48938
49699
  "id": "SOC2-CC6-logical-access",
48939
49700
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
48940
49701
  "control_name": "Logical and Physical Access Controls"
49702
+ },
49703
+ {
49704
+ "id": "UK-CAF-B2",
49705
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
49706
+ "control_name": "Identity and access control"
48941
49707
  }
48942
49708
  ],
48943
49709
  "attack_refs": [
48944
49710
  "T1059",
48945
49711
  "T1190",
48946
- "T1566"
49712
+ "T1550",
49713
+ "T1556",
49714
+ "T1566",
49715
+ "T1606"
48947
49716
  ],
48948
49717
  "rfc_refs": []
48949
49718
  }
@@ -48958,7 +49727,8 @@
48958
49727
  "ai-attack-surface",
48959
49728
  "compliance-theater",
48960
49729
  "pqc-first",
48961
- "dlp-gap-analysis"
49730
+ "dlp-gap-analysis",
49731
+ "vc-wallet-trust"
48962
49732
  ],
48963
49733
  "chain": {
48964
49734
  "cwes": [
@@ -48977,11 +49747,31 @@
48977
49747
  "name": "Exposure of Sensitive Information to an Unauthorized Actor",
48978
49748
  "category": "Information Exposure"
48979
49749
  },
49750
+ {
49751
+ "id": "CWE-290",
49752
+ "name": "Authentication Bypass by Spoofing",
49753
+ "category": "Authentication"
49754
+ },
48980
49755
  {
48981
49756
  "id": "CWE-327",
48982
49757
  "name": "Use of a Broken or Risky Cryptographic Algorithm",
48983
49758
  "category": "Cryptography"
48984
49759
  },
49760
+ {
49761
+ "id": "CWE-347",
49762
+ "name": "Improper Verification of Cryptographic Signature",
49763
+ "category": "Cryptography"
49764
+ },
49765
+ {
49766
+ "id": "CWE-672",
49767
+ "name": "Operation on a Resource after Expiration or Release",
49768
+ "category": "Memory Safety"
49769
+ },
49770
+ {
49771
+ "id": "CWE-863",
49772
+ "name": "Incorrect Authorization",
49773
+ "category": "Authorization"
49774
+ },
48985
49775
  {
48986
49776
  "id": "CWE-94",
48987
49777
  "name": "Improper Control of Generation of Code (Code Injection)",
@@ -49093,6 +49883,11 @@
49093
49883
  "framework": "HIPAA Security Rule (45 CFR § 164.312)",
49094
49884
  "control_name": "Access control standard (technical safeguards)"
49095
49885
  },
49886
+ {
49887
+ "id": "ISO-27001-2022-A.5.16-Federated",
49888
+ "framework": "ISO/IEC 27001:2022",
49889
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
49890
+ },
49096
49891
  {
49097
49892
  "id": "ISO-27001-2022-A.8.16",
49098
49893
  "framework": "ISO/IEC 27001:2022",
@@ -49113,11 +49908,21 @@
49113
49908
  "framework": "ISO/IEC 42001:2023 (AI Management System)",
49114
49909
  "control_name": "AI risk assessment"
49115
49910
  },
49911
+ {
49912
+ "id": "NIS2-Art-21-Federated-Identity",
49913
+ "framework": "EU NIS2 Directive",
49914
+ "control_name": "Cryptography + Access Control — federated-identity extension"
49915
+ },
49116
49916
  {
49117
49917
  "id": "NIST-800-53-AC-2",
49118
49918
  "framework": "NIST SP 800-53 Rev 5",
49119
49919
  "control_name": "Account Management"
49120
49920
  },
49921
+ {
49922
+ "id": "NIST-800-53-IA-5-Federated",
49923
+ "framework": "NIST 800-53 Rev.5",
49924
+ "control_name": "Authenticator Management — federated-trust extension"
49925
+ },
49121
49926
  {
49122
49927
  "id": "NIST-800-53-SC-28",
49123
49928
  "framework": "NIST SP 800-53 Rev 5",
@@ -49138,6 +49943,11 @@
49138
49943
  "framework": "NIST SP 800-53 Rev 5",
49139
49944
  "control_name": "Malicious Code Protection"
49140
49945
  },
49946
+ {
49947
+ "id": "NIST-800-63B-rev4",
49948
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
49949
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
49950
+ },
49141
49951
  {
49142
49952
  "id": "OWASP-LLM-Top-10-2025-LLM01",
49143
49953
  "framework": "OWASP Top 10 for LLM Applications 2025",
@@ -49157,6 +49967,11 @@
49157
49967
  "id": "SOC2-CC7-anomaly-detection",
49158
49968
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
49159
49969
  "control_name": "System Operations — Threat and Vulnerability Management"
49970
+ },
49971
+ {
49972
+ "id": "UK-CAF-B2",
49973
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
49974
+ "control_name": "Identity and access control"
49160
49975
  }
49161
49976
  ],
49162
49977
  "attack_refs": [
@@ -49165,8 +49980,11 @@
49165
49980
  "T1190",
49166
49981
  "T1213",
49167
49982
  "T1530",
49983
+ "T1550",
49984
+ "T1556",
49168
49985
  "T1566",
49169
- "T1567"
49986
+ "T1567",
49987
+ "T1606"
49170
49988
  ],
49171
49989
  "rfc_refs": [
49172
49990
  "DRAFT-IETF-TLS-ECDHE-MLKEM",
@@ -49191,7 +50009,8 @@
49191
50009
  "ai-attack-surface",
49192
50010
  "compliance-theater",
49193
50011
  "pqc-first",
49194
- "dlp-gap-analysis"
50012
+ "dlp-gap-analysis",
50013
+ "vc-wallet-trust"
49195
50014
  ],
49196
50015
  "chain": {
49197
50016
  "cwes": [
@@ -49210,11 +50029,31 @@
49210
50029
  "name": "Exposure of Sensitive Information to an Unauthorized Actor",
49211
50030
  "category": "Information Exposure"
49212
50031
  },
50032
+ {
50033
+ "id": "CWE-290",
50034
+ "name": "Authentication Bypass by Spoofing",
50035
+ "category": "Authentication"
50036
+ },
49213
50037
  {
49214
50038
  "id": "CWE-327",
49215
50039
  "name": "Use of a Broken or Risky Cryptographic Algorithm",
49216
50040
  "category": "Cryptography"
49217
50041
  },
50042
+ {
50043
+ "id": "CWE-347",
50044
+ "name": "Improper Verification of Cryptographic Signature",
50045
+ "category": "Cryptography"
50046
+ },
50047
+ {
50048
+ "id": "CWE-672",
50049
+ "name": "Operation on a Resource after Expiration or Release",
50050
+ "category": "Memory Safety"
50051
+ },
50052
+ {
50053
+ "id": "CWE-863",
50054
+ "name": "Incorrect Authorization",
50055
+ "category": "Authorization"
50056
+ },
49218
50057
  {
49219
50058
  "id": "CWE-94",
49220
50059
  "name": "Improper Control of Generation of Code (Code Injection)",
@@ -49326,6 +50165,11 @@
49326
50165
  "framework": "HIPAA Security Rule (45 CFR § 164.312)",
49327
50166
  "control_name": "Access control standard (technical safeguards)"
49328
50167
  },
50168
+ {
50169
+ "id": "ISO-27001-2022-A.5.16-Federated",
50170
+ "framework": "ISO/IEC 27001:2022",
50171
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
50172
+ },
49329
50173
  {
49330
50174
  "id": "ISO-27001-2022-A.8.16",
49331
50175
  "framework": "ISO/IEC 27001:2022",
@@ -49346,11 +50190,21 @@
49346
50190
  "framework": "ISO/IEC 42001:2023 (AI Management System)",
49347
50191
  "control_name": "AI risk assessment"
49348
50192
  },
50193
+ {
50194
+ "id": "NIS2-Art-21-Federated-Identity",
50195
+ "framework": "EU NIS2 Directive",
50196
+ "control_name": "Cryptography + Access Control — federated-identity extension"
50197
+ },
49349
50198
  {
49350
50199
  "id": "NIST-800-53-AC-2",
49351
50200
  "framework": "NIST SP 800-53 Rev 5",
49352
50201
  "control_name": "Account Management"
49353
50202
  },
50203
+ {
50204
+ "id": "NIST-800-53-IA-5-Federated",
50205
+ "framework": "NIST 800-53 Rev.5",
50206
+ "control_name": "Authenticator Management — federated-trust extension"
50207
+ },
49354
50208
  {
49355
50209
  "id": "NIST-800-53-SC-28",
49356
50210
  "framework": "NIST SP 800-53 Rev 5",
@@ -49371,6 +50225,11 @@
49371
50225
  "framework": "NIST SP 800-53 Rev 5",
49372
50226
  "control_name": "Malicious Code Protection"
49373
50227
  },
50228
+ {
50229
+ "id": "NIST-800-63B-rev4",
50230
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
50231
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
50232
+ },
49374
50233
  {
49375
50234
  "id": "OWASP-LLM-Top-10-2025-LLM01",
49376
50235
  "framework": "OWASP Top 10 for LLM Applications 2025",
@@ -49390,6 +50249,11 @@
49390
50249
  "id": "SOC2-CC7-anomaly-detection",
49391
50250
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
49392
50251
  "control_name": "System Operations — Threat and Vulnerability Management"
50252
+ },
50253
+ {
50254
+ "id": "UK-CAF-B2",
50255
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
50256
+ "control_name": "Identity and access control"
49393
50257
  }
49394
50258
  ],
49395
50259
  "attack_refs": [
@@ -49398,8 +50262,11 @@
49398
50262
  "T1190",
49399
50263
  "T1213",
49400
50264
  "T1530",
50265
+ "T1550",
50266
+ "T1556",
49401
50267
  "T1566",
49402
- "T1567"
50268
+ "T1567",
50269
+ "T1606"
49403
50270
  ],
49404
50271
  "rfc_refs": [
49405
50272
  "DRAFT-IETF-TLS-ECDHE-MLKEM",
@@ -75759,7 +76626,8 @@
75759
76626
  "epss_score": 0.00125,
75760
76627
  "referencing_skills": [
75761
76628
  "ai-attack-surface",
75762
- "compliance-theater"
76629
+ "compliance-theater",
76630
+ "vc-wallet-trust"
75763
76631
  ],
75764
76632
  "chain": {
75765
76633
  "cwes": [
@@ -75773,6 +76641,31 @@
75773
76641
  "name": "Improper Validation of Generative AI Output",
75774
76642
  "category": "AI/ML"
75775
76643
  },
76644
+ {
76645
+ "id": "CWE-200",
76646
+ "name": "Exposure of Sensitive Information to an Unauthorized Actor",
76647
+ "category": "Information Exposure"
76648
+ },
76649
+ {
76650
+ "id": "CWE-290",
76651
+ "name": "Authentication Bypass by Spoofing",
76652
+ "category": "Authentication"
76653
+ },
76654
+ {
76655
+ "id": "CWE-347",
76656
+ "name": "Improper Verification of Cryptographic Signature",
76657
+ "category": "Cryptography"
76658
+ },
76659
+ {
76660
+ "id": "CWE-672",
76661
+ "name": "Operation on a Resource after Expiration or Release",
76662
+ "category": "Memory Safety"
76663
+ },
76664
+ {
76665
+ "id": "CWE-863",
76666
+ "name": "Incorrect Authorization",
76667
+ "category": "Authorization"
76668
+ },
75776
76669
  {
75777
76670
  "id": "CWE-94",
75778
76671
  "name": "Improper Control of Generation of Code (Code Injection)",
@@ -75854,6 +76747,11 @@
75854
76747
  "framework": "FedRAMP Rev 5 Moderate",
75855
76748
  "control_name": "FedRAMP Moderate baseline (NIST 800-53 Rev 5 tailoring)"
75856
76749
  },
76750
+ {
76751
+ "id": "ISO-27001-2022-A.5.16-Federated",
76752
+ "framework": "ISO/IEC 27001:2022",
76753
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
76754
+ },
75857
76755
  {
75858
76756
  "id": "ISO-27001-2022-A.8.28",
75859
76757
  "framework": "ISO/IEC 27001:2022",
@@ -75864,16 +76762,31 @@
75864
76762
  "framework": "ISO/IEC 23894:2023 (AI Risk Management Guidance)",
75865
76763
  "control_name": "AI risk management process"
75866
76764
  },
76765
+ {
76766
+ "id": "NIS2-Art-21-Federated-Identity",
76767
+ "framework": "EU NIS2 Directive",
76768
+ "control_name": "Cryptography + Access Control — federated-identity extension"
76769
+ },
75867
76770
  {
75868
76771
  "id": "NIST-800-53-AC-2",
75869
76772
  "framework": "NIST SP 800-53 Rev 5",
75870
76773
  "control_name": "Account Management"
75871
76774
  },
76775
+ {
76776
+ "id": "NIST-800-53-IA-5-Federated",
76777
+ "framework": "NIST 800-53 Rev.5",
76778
+ "control_name": "Authenticator Management — federated-trust extension"
76779
+ },
75872
76780
  {
75873
76781
  "id": "NIST-800-53-SI-3",
75874
76782
  "framework": "NIST SP 800-53 Rev 5",
75875
76783
  "control_name": "Malicious Code Protection"
75876
76784
  },
76785
+ {
76786
+ "id": "NIST-800-63B-rev4",
76787
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
76788
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
76789
+ },
75877
76790
  {
75878
76791
  "id": "OWASP-LLM-Top-10-2025-LLM01",
75879
76792
  "framework": "OWASP Top 10 for LLM Applications 2025",
@@ -75888,12 +76801,20 @@
75888
76801
  "id": "SOC2-CC6-logical-access",
75889
76802
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
75890
76803
  "control_name": "Logical and Physical Access Controls"
76804
+ },
76805
+ {
76806
+ "id": "UK-CAF-B2",
76807
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
76808
+ "control_name": "Identity and access control"
75891
76809
  }
75892
76810
  ],
75893
76811
  "attack_refs": [
75894
76812
  "T1059",
75895
76813
  "T1190",
75896
- "T1566"
76814
+ "T1550",
76815
+ "T1556",
76816
+ "T1566",
76817
+ "T1606"
75897
76818
  ],
75898
76819
  "rfc_refs": []
75899
76820
  }
@@ -82716,9 +83637,10 @@
82716
83637
  "sector-healthcare",
82717
83638
  "api-security",
82718
83639
  "cloud-security",
82719
- "age-gates-child-safety"
83640
+ "age-gates-child-safety",
83641
+ "vc-wallet-trust"
82720
83642
  ],
82721
- "skill_count": 6,
83643
+ "skill_count": 7,
82722
83644
  "chain": {
82723
83645
  "atlas": [
82724
83646
  {
@@ -82750,8 +83672,11 @@
82750
83672
  "T1213",
82751
83673
  "T1505",
82752
83674
  "T1530",
83675
+ "T1550",
82753
83676
  "T1552",
82754
- "T1567"
83677
+ "T1556",
83678
+ "T1567",
83679
+ "T1606"
82755
83680
  ],
82756
83681
  "framework_gaps": [
82757
83682
  {
@@ -82769,6 +83694,11 @@
82769
83694
  "framework": "HITRUST CSF v11.4",
82770
83695
  "control_name": "Outsourced services management"
82771
83696
  },
83697
+ {
83698
+ "id": "ISO-27001-2022-A.5.16-Federated",
83699
+ "framework": "ISO/IEC 27001:2022",
83700
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
83701
+ },
82772
83702
  {
82773
83703
  "id": "ISO-27001-2022-A.8.16",
82774
83704
  "framework": "ISO/IEC 27001:2022",
@@ -82789,6 +83719,11 @@
82789
83719
  "framework": "ISO/IEC 42001:2023 (AI Management System)",
82790
83720
  "control_name": "AI risk assessment"
82791
83721
  },
83722
+ {
83723
+ "id": "NIS2-Art-21-Federated-Identity",
83724
+ "framework": "EU NIS2 Directive",
83725
+ "control_name": "Cryptography + Access Control — federated-identity extension"
83726
+ },
82792
83727
  {
82793
83728
  "id": "NIST-800-218-SSDF",
82794
83729
  "framework": "NIST SP 800-218 (Secure Software Development Framework v1.1)",
@@ -82804,6 +83739,11 @@
82804
83739
  "framework": "NIST SP 800-53 Rev 5",
82805
83740
  "control_name": "Least Functionality"
82806
83741
  },
83742
+ {
83743
+ "id": "NIST-800-53-IA-5-Federated",
83744
+ "framework": "NIST 800-53 Rev.5",
83745
+ "control_name": "Authenticator Management — federated-trust extension"
83746
+ },
82807
83747
  {
82808
83748
  "id": "NIST-800-53-SC-28",
82809
83749
  "framework": "NIST SP 800-53 Rev 5",
@@ -82814,6 +83754,11 @@
82814
83754
  "framework": "NIST SP 800-53 Rev 5",
82815
83755
  "control_name": "Boundary Protection"
82816
83756
  },
83757
+ {
83758
+ "id": "NIST-800-63B-rev4",
83759
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
83760
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
83761
+ },
82817
83762
  {
82818
83763
  "id": "OWASP-ASVS-v5.0-V14",
82819
83764
  "framework": "OWASP ASVS v5.0",
@@ -82838,6 +83783,11 @@
82838
83783
  "id": "SOC2-CC9-vendor-management",
82839
83784
  "framework": "SOC 2 (AICPA Trust Services Criteria)",
82840
83785
  "control_name": "Risk Mitigation — Vendor and Business Partner Risk"
83786
+ },
83787
+ {
83788
+ "id": "UK-CAF-B2",
83789
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
83790
+ "control_name": "Identity and access control"
82841
83791
  }
82842
83792
  ],
82843
83793
  "d3fend": [
@@ -82918,19 +83868,24 @@
82918
83868
  "related_cves": [
82919
83869
  "BUG-2026-NIGHTMARE-ECLIPSE-GREENPLASMA",
82920
83870
  "BUG-2026-NIGHTMARE-ECLIPSE-YELLOWKEY",
83871
+ "CVE-2022-1471",
82921
83872
  "CVE-2022-23812",
82922
83873
  "CVE-2022-36551",
82923
83874
  "CVE-2023-43472",
83875
+ "CVE-2023-43654",
82924
83876
  "CVE-2023-43791",
82925
83877
  "CVE-2023-47117",
82926
83878
  "CVE-2023-48022",
82927
83879
  "CVE-2023-51449",
82928
83880
  "CVE-2023-6016",
83881
+ "CVE-2023-6019",
83882
+ "CVE-2023-6021",
82929
83883
  "CVE-2023-6038",
82930
83884
  "CVE-2023-6571",
82931
83885
  "CVE-2024-0132",
82932
83886
  "CVE-2024-12366",
82933
83887
  "CVE-2024-12450",
83888
+ "CVE-2024-12776",
82934
83889
  "CVE-2024-1561",
82935
83890
  "CVE-2024-21575",
82936
83891
  "CVE-2024-21576",
@@ -82945,12 +83900,15 @@
82945
83900
  "CVE-2024-40635",
82946
83901
  "CVE-2024-42478",
82947
83902
  "CVE-2024-42479",
83903
+ "CVE-2024-4889",
82948
83904
  "CVE-2024-5565",
83905
+ "CVE-2024-6587",
82949
83906
  "CVE-2024-9526",
82950
83907
  "CVE-2025-0133",
82951
83908
  "CVE-2025-10164",
82952
83909
  "CVE-2025-1094",
82953
83910
  "CVE-2025-14847",
83911
+ "CVE-2025-1796",
82954
83912
  "CVE-2025-22226",
82955
83913
  "CVE-2025-23266",
82956
83914
  "CVE-2025-25297",
@@ -82966,12 +83924,17 @@
82966
83924
  "CVE-2025-53767",
82967
83925
  "CVE-2025-53773",
82968
83926
  "CVE-2025-56520",
83927
+ "CVE-2025-64513",
82969
83928
  "CVE-2025-68668",
83929
+ "CVE-2025-69286",
82970
83930
  "CVE-2025-6965",
82971
83931
  "CVE-2026-21858",
82972
83932
  "CVE-2026-21877",
82973
83933
  "CVE-2026-22218",
82974
83934
  "CVE-2026-22219",
83935
+ "CVE-2026-24206",
83936
+ "CVE-2026-24207",
83937
+ "CVE-2026-26190",
82975
83938
  "CVE-2026-3059",
82976
83939
  "CVE-2026-3060",
82977
83940
  "CVE-2026-30615",
@@ -87086,14 +88049,18 @@
87086
88049
  "name": "Operation on a Resource after Expiration or Release",
87087
88050
  "category": "Memory Safety",
87088
88051
  "referencing_skills": [
87089
- "kernel-lpe-triage"
88052
+ "kernel-lpe-triage",
88053
+ "vc-wallet-trust"
87090
88054
  ],
87091
- "skill_count": 1,
88055
+ "skill_count": 2,
87092
88056
  "chain": {
87093
88057
  "atlas": [],
87094
88058
  "attack_refs": [
87095
88059
  "T1068",
87096
- "T1548.001"
88060
+ "T1548.001",
88061
+ "T1550",
88062
+ "T1556",
88063
+ "T1606"
87097
88064
  ],
87098
88065
  "framework_gaps": [
87099
88066
  {
@@ -87101,16 +88068,31 @@
87101
88068
  "framework": "CIS Controls v8",
87102
88069
  "control_name": "Continuous Vulnerability Management"
87103
88070
  },
88071
+ {
88072
+ "id": "ISO-27001-2022-A.5.16-Federated",
88073
+ "framework": "ISO/IEC 27001:2022",
88074
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
88075
+ },
87104
88076
  {
87105
88077
  "id": "ISO-27001-2022-A.8.8",
87106
88078
  "framework": "ISO/IEC 27001:2022",
87107
88079
  "control_name": "Management of technical vulnerabilities"
87108
88080
  },
88081
+ {
88082
+ "id": "NIS2-Art-21-Federated-Identity",
88083
+ "framework": "EU NIS2 Directive",
88084
+ "control_name": "Cryptography + Access Control — federated-identity extension"
88085
+ },
87109
88086
  {
87110
88087
  "id": "NIS2-Art21-patch-management",
87111
88088
  "framework": "EU NIS2 Directive",
87112
88089
  "control_name": "Vulnerability handling and disclosure"
87113
88090
  },
88091
+ {
88092
+ "id": "NIST-800-53-IA-5-Federated",
88093
+ "framework": "NIST 800-53 Rev.5",
88094
+ "control_name": "Authenticator Management — federated-trust extension"
88095
+ },
87114
88096
  {
87115
88097
  "id": "NIST-800-53-SC-8",
87116
88098
  "framework": "NIST SP 800-53 Rev 5",
@@ -87121,10 +88103,20 @@
87121
88103
  "framework": "NIST SP 800-53 Rev 5",
87122
88104
  "control_name": "Flaw Remediation"
87123
88105
  },
88106
+ {
88107
+ "id": "NIST-800-63B-rev4",
88108
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
88109
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
88110
+ },
87124
88111
  {
87125
88112
  "id": "PCI-DSS-4.0-6.3.3",
87126
88113
  "framework": "PCI DSS 4.0",
87127
88114
  "control_name": "All system components are protected from known vulnerabilities by installing applicable security patches/updates"
88115
+ },
88116
+ {
88117
+ "id": "UK-CAF-B2",
88118
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
88119
+ "control_name": "Identity and access control"
87128
88120
  }
87129
88121
  ],
87130
88122
  "d3fend": [
@@ -87235,8 +88227,10 @@
87235
88227
  "CVE-2023-41974",
87236
88228
  "CVE-2023-43000",
87237
88229
  "CVE-2023-43654",
88230
+ "CVE-2023-43791",
87238
88231
  "CVE-2023-44467",
87239
88232
  "CVE-2023-44487",
88233
+ "CVE-2023-47117",
87240
88234
  "CVE-2023-48022",
87241
88235
  "CVE-2023-50224",
87242
88236
  "CVE-2023-50387",
@@ -87255,6 +88249,7 @@
87255
88249
  "CVE-2024-11392",
87256
88250
  "CVE-2024-11393",
87257
88251
  "CVE-2024-11394",
88252
+ "CVE-2024-12776",
87258
88253
  "CVE-2024-12987",
87259
88254
  "CVE-2024-13059",
87260
88255
  "CVE-2024-1561",
@@ -87302,6 +88297,7 @@
87302
88297
  "CVE-2025-1550",
87303
88298
  "CVE-2025-15556",
87304
88299
  "CVE-2025-1753",
88300
+ "CVE-2025-1796",
87305
88301
  "CVE-2025-20281",
87306
88302
  "CVE-2025-20333",
87307
88303
  "CVE-2025-20337",
@@ -87439,6 +88435,7 @@
87439
88435
  "CVE-2025-68461",
87440
88436
  "CVE-2025-68613",
87441
88437
  "CVE-2025-68645",
88438
+ "CVE-2025-69286",
87442
88439
  "CVE-2025-7775",
87443
88440
  "CVE-2025-8088",
87444
88441
  "CVE-2025-8110",
@@ -87516,6 +88513,8 @@
87516
88513
  "CVE-2026-40933",
87517
88514
  "CVE-2026-41091",
87518
88515
  "CVE-2026-41940",
88516
+ "CVE-2026-41947",
88517
+ "CVE-2026-41950",
87519
88518
  "CVE-2026-42897",
87520
88519
  "CVE-2026-42945",
87521
88520
  "CVE-2026-43284",
@@ -87529,7 +88528,8 @@
87529
88528
  "CVE-2026-5281",
87530
88529
  "CVE-2026-6973",
87531
88530
  "CVE-2026-9082",
87532
- "MAL-2026-3083"
88531
+ "MAL-2026-3083",
88532
+ "MAL-2026-NODE-IPC-STEALER"
87533
88533
  ]
87534
88534
  },
87535
88535
  "CWE-732": {
@@ -89261,9 +90261,10 @@
89261
90261
  "sector-financial",
89262
90262
  "api-security",
89263
90263
  "cloud-iam-incident",
89264
- "idp-incident-response"
90264
+ "idp-incident-response",
90265
+ "vc-wallet-trust"
89265
90266
  ],
89266
- "skill_count": 6,
90267
+ "skill_count": 7,
89267
90268
  "chain": {
89268
90269
  "atlas": [
89269
90270
  {
@@ -89293,11 +90294,13 @@
89293
90294
  "T1486",
89294
90295
  "T1505",
89295
90296
  "T1538",
90297
+ "T1550",
89296
90298
  "T1552.005",
89297
90299
  "T1556",
89298
90300
  "T1556.007",
89299
90301
  "T1567",
89300
90302
  "T1580",
90303
+ "T1606",
89301
90304
  "T1606.002"
89302
90305
  ],
89303
90306
  "framework_gaps": [
@@ -89421,6 +90424,11 @@
89421
90424
  "framework": "SWIFT Customer Security Controls Framework v2026",
89422
90425
  "control_name": "SWIFT Environment Protection"
89423
90426
  },
90427
+ {
90428
+ "id": "UK-CAF-B2",
90429
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
90430
+ "control_name": "Identity and access control"
90431
+ },
89424
90432
  {
89425
90433
  "id": "UK-CAF-B2-Cloud-IAM",
89426
90434
  "framework": "UK NCSC CAF (Cyber Assessment Framework) v3.x",
@@ -89518,11 +90526,19 @@
89518
90526
  ]
89519
90527
  },
89520
90528
  "related_cves": [
90529
+ "CVE-2022-1471",
89521
90530
  "CVE-2022-23812",
89522
90531
  "CVE-2023-43472",
90532
+ "CVE-2023-43654",
90533
+ "CVE-2023-43791",
90534
+ "CVE-2023-47117",
90535
+ "CVE-2023-48022",
89523
90536
  "CVE-2023-6016",
90537
+ "CVE-2023-6019",
90538
+ "CVE-2023-6021",
89524
90539
  "CVE-2023-6571",
89525
90540
  "CVE-2024-12366",
90541
+ "CVE-2024-12776",
89526
90542
  "CVE-2024-24590",
89527
90543
  "CVE-2024-24591",
89528
90544
  "CVE-2024-2912",
@@ -89530,11 +90546,14 @@
89530
90546
  "CVE-2024-31462",
89531
90547
  "CVE-2024-37052",
89532
90548
  "CVE-2024-37060",
90549
+ "CVE-2024-4889",
89533
90550
  "CVE-2024-5565",
90551
+ "CVE-2024-6587",
89534
90552
  "CVE-2024-9526",
89535
90553
  "CVE-2025-0133",
89536
90554
  "CVE-2025-10164",
89537
90555
  "CVE-2025-1094",
90556
+ "CVE-2025-1796",
89538
90557
  "CVE-2025-27520",
89539
90558
  "CVE-2025-30066",
89540
90559
  "CVE-2025-30154",
@@ -89542,17 +90561,24 @@
89542
90561
  "CVE-2025-3466",
89543
90562
  "CVE-2025-51480",
89544
90563
  "CVE-2025-53773",
90564
+ "CVE-2025-64513",
89545
90565
  "CVE-2025-68668",
90566
+ "CVE-2025-69286",
89546
90567
  "CVE-2025-6965",
89547
90568
  "CVE-2026-21858",
89548
90569
  "CVE-2026-21877",
89549
90570
  "CVE-2026-22218",
90571
+ "CVE-2026-24206",
90572
+ "CVE-2026-24207",
90573
+ "CVE-2026-26190",
89550
90574
  "CVE-2026-30615",
89551
90575
  "CVE-2026-30623",
89552
90576
  "CVE-2026-31229",
89553
90577
  "CVE-2026-31230",
89554
90578
  "CVE-2026-33017",
89555
90579
  "CVE-2026-39884",
90580
+ "CVE-2026-41947",
90581
+ "CVE-2026-41950",
89556
90582
  "CVE-2026-42208",
89557
90583
  "CVE-2026-45321",
89558
90584
  "CVE-2026-48027",
@@ -92012,16 +93038,68 @@
92012
93038
  "CWE-347": {
92013
93039
  "name": "Improper Verification of Cryptographic Signature",
92014
93040
  "category": "Cryptography",
92015
- "referencing_skills": [],
92016
- "skill_count": 0,
93041
+ "referencing_skills": [
93042
+ "vc-wallet-trust"
93043
+ ],
93044
+ "skill_count": 1,
92017
93045
  "chain": {
92018
93046
  "atlas": [],
92019
- "attack_refs": [],
92020
- "framework_gaps": [],
93047
+ "attack_refs": [
93048
+ "T1550",
93049
+ "T1556",
93050
+ "T1606"
93051
+ ],
93052
+ "framework_gaps": [
93053
+ {
93054
+ "id": "ISO-27001-2022-A.5.16-Federated",
93055
+ "framework": "ISO/IEC 27001:2022",
93056
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
93057
+ },
93058
+ {
93059
+ "id": "NIS2-Art-21-Federated-Identity",
93060
+ "framework": "EU NIS2 Directive",
93061
+ "control_name": "Cryptography + Access Control — federated-identity extension"
93062
+ },
93063
+ {
93064
+ "id": "NIST-800-53-IA-5-Federated",
93065
+ "framework": "NIST 800-53 Rev.5",
93066
+ "control_name": "Authenticator Management — federated-trust extension"
93067
+ },
93068
+ {
93069
+ "id": "NIST-800-63B-rev4",
93070
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
93071
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
93072
+ },
93073
+ {
93074
+ "id": "UK-CAF-B2",
93075
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
93076
+ "control_name": "Identity and access control"
93077
+ }
93078
+ ],
92021
93079
  "d3fend": [],
92022
93080
  "rfc_refs": []
92023
93081
  },
92024
- "related_cves": []
93082
+ "related_cves": [
93083
+ "CVE-2022-1471",
93084
+ "CVE-2023-43654",
93085
+ "CVE-2023-43791",
93086
+ "CVE-2023-47117",
93087
+ "CVE-2023-48022",
93088
+ "CVE-2023-6019",
93089
+ "CVE-2023-6021",
93090
+ "CVE-2024-12776",
93091
+ "CVE-2024-4889",
93092
+ "CVE-2024-6587",
93093
+ "CVE-2025-1796",
93094
+ "CVE-2025-64513",
93095
+ "CVE-2025-69286",
93096
+ "CVE-2026-24206",
93097
+ "CVE-2026-24207",
93098
+ "CVE-2026-26190",
93099
+ "CVE-2026-41947",
93100
+ "CVE-2026-41950",
93101
+ "MAL-2026-NODE-IPC-STEALER"
93102
+ ]
92025
93103
  },
92026
93104
  "CWE-476": {
92027
93105
  "name": "NULL Pointer Dereference",
@@ -92264,16 +93342,68 @@
92264
93342
  "CWE-290": {
92265
93343
  "name": "Authentication Bypass by Spoofing",
92266
93344
  "category": "Authentication",
92267
- "referencing_skills": [],
92268
- "skill_count": 0,
93345
+ "referencing_skills": [
93346
+ "vc-wallet-trust"
93347
+ ],
93348
+ "skill_count": 1,
92269
93349
  "chain": {
92270
93350
  "atlas": [],
92271
- "attack_refs": [],
92272
- "framework_gaps": [],
93351
+ "attack_refs": [
93352
+ "T1550",
93353
+ "T1556",
93354
+ "T1606"
93355
+ ],
93356
+ "framework_gaps": [
93357
+ {
93358
+ "id": "ISO-27001-2022-A.5.16-Federated",
93359
+ "framework": "ISO/IEC 27001:2022",
93360
+ "control_name": "Identity Management + Authentication Information — federated-state extension"
93361
+ },
93362
+ {
93363
+ "id": "NIS2-Art-21-Federated-Identity",
93364
+ "framework": "EU NIS2 Directive",
93365
+ "control_name": "Cryptography + Access Control — federated-identity extension"
93366
+ },
93367
+ {
93368
+ "id": "NIST-800-53-IA-5-Federated",
93369
+ "framework": "NIST 800-53 Rev.5",
93370
+ "control_name": "Authenticator Management — federated-trust extension"
93371
+ },
93372
+ {
93373
+ "id": "NIST-800-63B-rev4",
93374
+ "framework": "NIST SP 800-63B Rev 4 (Digital Identity Guidelines — Authentication & Lifecycle Mgmt)",
93375
+ "control_name": "Authentication and Lifecycle Management (AAL/IAL/FAL)"
93376
+ },
93377
+ {
93378
+ "id": "UK-CAF-B2",
93379
+ "framework": "UK NCSC Cyber Assessment Framework v3.2",
93380
+ "control_name": "Identity and access control"
93381
+ }
93382
+ ],
92273
93383
  "d3fend": [],
92274
93384
  "rfc_refs": []
92275
93385
  },
92276
- "related_cves": []
93386
+ "related_cves": [
93387
+ "CVE-2022-1471",
93388
+ "CVE-2023-43654",
93389
+ "CVE-2023-43791",
93390
+ "CVE-2023-47117",
93391
+ "CVE-2023-48022",
93392
+ "CVE-2023-6019",
93393
+ "CVE-2023-6021",
93394
+ "CVE-2024-12776",
93395
+ "CVE-2024-4889",
93396
+ "CVE-2024-6587",
93397
+ "CVE-2025-1796",
93398
+ "CVE-2025-64513",
93399
+ "CVE-2025-69286",
93400
+ "CVE-2026-24206",
93401
+ "CVE-2026-24207",
93402
+ "CVE-2026-26190",
93403
+ "CVE-2026-41947",
93404
+ "CVE-2026-41950",
93405
+ "MAL-2026-NODE-IPC-STEALER"
93406
+ ]
92277
93407
  },
92278
93408
  "CWE-399": {
92279
93409
  "name": "Resource Management Errors (deprecated category)",