@blamejs/exceptd-skills 0.16.31 → 0.17.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/ARCHITECTURE.md +1 -1
- package/CHANGELOG.md +8 -0
- package/CONTEXT.md +3 -3
- package/data/_indexes/_meta.json +10 -10
- package/data/_indexes/activity-feed.json +3 -3
- package/data/_indexes/catalog-summaries.json +3 -3
- package/data/_indexes/chains.json +12587 -2
- package/data/_indexes/frequency.json +4 -0
- package/data/atlas-ttps.json +4 -1
- package/data/attack-techniques.json +64 -8
- package/data/cve-catalog.json +2207 -2
- package/data/cwe-catalog.json +110 -4
- package/data/framework-control-gaps.json +183 -11
- package/data/zeroday-lessons.json +1015 -1
- package/manifest.json +53 -53
- package/package.json +2 -2
- package/sbom.cdx.json +29 -29
package/data/cwe-catalog.json
CHANGED
|
@@ -175,6 +175,7 @@
|
|
|
175
175
|
"CVE-2026-30617",
|
|
176
176
|
"CVE-2026-30624",
|
|
177
177
|
"CVE-2026-30625",
|
|
178
|
+
"CVE-2026-42271",
|
|
178
179
|
"MAL-2026-3083"
|
|
179
180
|
],
|
|
180
181
|
"framework_controls_partially_addressing": [
|
|
@@ -211,7 +212,9 @@
|
|
|
211
212
|
"CVE-2014-6278",
|
|
212
213
|
"CVE-2023-39780",
|
|
213
214
|
"CVE-2023-6019",
|
|
215
|
+
"CVE-2024-11120",
|
|
214
216
|
"CVE-2024-12987",
|
|
217
|
+
"CVE-2024-6047",
|
|
215
218
|
"CVE-2025-11953",
|
|
216
219
|
"CVE-2025-12686",
|
|
217
220
|
"CVE-2025-1753",
|
|
@@ -224,6 +227,7 @@
|
|
|
224
227
|
"CVE-2025-64328",
|
|
225
228
|
"CVE-2025-66644",
|
|
226
229
|
"CVE-2025-9377",
|
|
230
|
+
"CVE-2026-10520",
|
|
227
231
|
"CVE-2026-1731",
|
|
228
232
|
"CVE-2026-22252",
|
|
229
233
|
"CVE-2026-22688",
|
|
@@ -235,7 +239,8 @@
|
|
|
235
239
|
"CVE-2026-30624",
|
|
236
240
|
"CVE-2026-30625",
|
|
237
241
|
"CVE-2026-39987",
|
|
238
|
-
"CVE-2026-40933"
|
|
242
|
+
"CVE-2026-40933",
|
|
243
|
+
"CVE-2026-42271"
|
|
239
244
|
],
|
|
240
245
|
"framework_controls_partially_addressing": [
|
|
241
246
|
"NIST-800-53-SI-10",
|
|
@@ -501,6 +506,7 @@
|
|
|
501
506
|
"CVE-2025-48633",
|
|
502
507
|
"CVE-2025-5419",
|
|
503
508
|
"CVE-2025-5777",
|
|
509
|
+
"CVE-2026-11645",
|
|
504
510
|
"CVE-2026-24213",
|
|
505
511
|
"CVE-2026-3055"
|
|
506
512
|
],
|
|
@@ -543,6 +549,7 @@
|
|
|
543
549
|
"evidence_cves": [
|
|
544
550
|
"CVE-2023-43791",
|
|
545
551
|
"CVE-2023-47117",
|
|
552
|
+
"CVE-2024-21182",
|
|
546
553
|
"CVE-2024-40635",
|
|
547
554
|
"CVE-2025-31125",
|
|
548
555
|
"CVE-2026-20133",
|
|
@@ -733,6 +740,7 @@
|
|
|
733
740
|
"CVE-2019-19006",
|
|
734
741
|
"CVE-2020-10148",
|
|
735
742
|
"CVE-2021-32030",
|
|
743
|
+
"CVE-2022-0492",
|
|
736
744
|
"CVE-2023-27351",
|
|
737
745
|
"CVE-2024-12776",
|
|
738
746
|
"CVE-2024-1709",
|
|
@@ -741,7 +749,8 @@
|
|
|
741
749
|
"CVE-2025-49706",
|
|
742
750
|
"CVE-2025-64513",
|
|
743
751
|
"CVE-2026-20127",
|
|
744
|
-
"CVE-2026-20182"
|
|
752
|
+
"CVE-2026-20182",
|
|
753
|
+
"CVE-2026-50751"
|
|
745
754
|
],
|
|
746
755
|
"framework_controls_partially_addressing": [
|
|
747
756
|
"NIST-800-53-IA-2",
|
|
@@ -785,6 +794,7 @@
|
|
|
785
794
|
"CVE-2026-24423",
|
|
786
795
|
"CVE-2026-26190",
|
|
787
796
|
"CVE-2026-33017",
|
|
797
|
+
"CVE-2026-35273",
|
|
788
798
|
"CVE-2026-39987",
|
|
789
799
|
"CVE-2026-41940"
|
|
790
800
|
],
|
|
@@ -1224,6 +1234,7 @@
|
|
|
1224
1234
|
"CVE-2023-41974",
|
|
1225
1235
|
"CVE-2023-43000",
|
|
1226
1236
|
"CVE-2025-27038",
|
|
1237
|
+
"CVE-2025-30400",
|
|
1227
1238
|
"CVE-2025-32701",
|
|
1228
1239
|
"CVE-2025-32709",
|
|
1229
1240
|
"CVE-2025-43529",
|
|
@@ -1403,7 +1414,8 @@
|
|
|
1403
1414
|
"CVE-2026-20963",
|
|
1404
1415
|
"CVE-2026-3059",
|
|
1405
1416
|
"CVE-2026-3060",
|
|
1406
|
-
"CVE-2026-31229"
|
|
1417
|
+
"CVE-2026-31229",
|
|
1418
|
+
"CVE-2026-45247"
|
|
1407
1419
|
],
|
|
1408
1420
|
"framework_controls_partially_addressing": [
|
|
1409
1421
|
"NIST-800-53-SI-10",
|
|
@@ -1441,6 +1453,7 @@
|
|
|
1441
1453
|
"CVE-2026-33634",
|
|
1442
1454
|
"CVE-2026-45321",
|
|
1443
1455
|
"CVE-2026-48027",
|
|
1456
|
+
"CVE-2026-8398",
|
|
1444
1457
|
"MAL-2026-3083",
|
|
1445
1458
|
"MAL-2026-MOIKA-DEPCONFUSION",
|
|
1446
1459
|
"MAL-2026-NODE-IPC-STEALER",
|
|
@@ -1687,10 +1700,12 @@
|
|
|
1687
1700
|
"CVE-2025-21042",
|
|
1688
1701
|
"CVE-2025-21043",
|
|
1689
1702
|
"CVE-2025-22457",
|
|
1703
|
+
"CVE-2025-27363",
|
|
1690
1704
|
"CVE-2025-5419",
|
|
1691
1705
|
"CVE-2025-6965",
|
|
1692
1706
|
"CVE-2025-9242",
|
|
1693
1707
|
"CVE-2026-0300",
|
|
1708
|
+
"CVE-2026-11645",
|
|
1694
1709
|
"CVE-2026-22778",
|
|
1695
1710
|
"CVE-2026-3909",
|
|
1696
1711
|
"CVE-2026-42945",
|
|
@@ -1808,6 +1823,7 @@
|
|
|
1808
1823
|
"webapp-security"
|
|
1809
1824
|
],
|
|
1810
1825
|
"evidence_cves": [
|
|
1826
|
+
"CVE-2022-0492",
|
|
1811
1827
|
"CVE-2023-48022",
|
|
1812
1828
|
"CVE-2023-52163",
|
|
1813
1829
|
"CVE-2023-6038",
|
|
@@ -2438,6 +2454,7 @@
|
|
|
2438
2454
|
"evidence_cves": [
|
|
2439
2455
|
"CVE-2018-14634",
|
|
2440
2456
|
"CVE-2021-30952",
|
|
2457
|
+
"CVE-2025-48595",
|
|
2441
2458
|
"CVE-2026-21385",
|
|
2442
2459
|
"CVE-2026-24214"
|
|
2443
2460
|
],
|
|
@@ -3073,6 +3090,7 @@
|
|
|
3073
3090
|
"CVE-2023-44487",
|
|
3074
3091
|
"CVE-2023-50868",
|
|
3075
3092
|
"CVE-2026-24215",
|
|
3093
|
+
"CVE-2026-28318",
|
|
3076
3094
|
"CVE-2026-45498"
|
|
3077
3095
|
],
|
|
3078
3096
|
"last_verified": "2026-05-19",
|
|
@@ -3490,7 +3508,9 @@
|
|
|
3490
3508
|
"CWE-2000"
|
|
3491
3509
|
],
|
|
3492
3510
|
"related_weaknesses": [],
|
|
3493
|
-
"evidence_cves": [
|
|
3511
|
+
"evidence_cves": [
|
|
3512
|
+
"CVE-2026-0257"
|
|
3513
|
+
],
|
|
3494
3514
|
"last_verified": "2026-05-19",
|
|
3495
3515
|
"notes": "Bulk-imported v0.13.18 from the canonical MITRE Top 25 + commonly-referenced-class expansion.",
|
|
3496
3516
|
"_auto_imported": true,
|
|
@@ -4633,5 +4653,91 @@
|
|
|
4633
4653
|
"log-injection-telemetry"
|
|
4634
4654
|
],
|
|
4635
4655
|
"evidence_cves": []
|
|
4656
|
+
},
|
|
4657
|
+
"CWE-116": {
|
|
4658
|
+
"id": "CWE-116",
|
|
4659
|
+
"name": "Improper Encoding or Escaping of Output",
|
|
4660
|
+
"abstraction": "Base",
|
|
4661
|
+
"category": "Injection",
|
|
4662
|
+
"description": "The product prepares a structured message for a downstream component but does not correctly encode or escape special elements, so the output is parsed in an unintended way (command, markup, or control-character injection in a management interface).",
|
|
4663
|
+
"top_25_rank_2024": null,
|
|
4664
|
+
"top_25_rank_2025": null,
|
|
4665
|
+
"view_memberships": [],
|
|
4666
|
+
"related_attack_patterns_capec": [
|
|
4667
|
+
"CAPEC-73",
|
|
4668
|
+
"CAPEC-81"
|
|
4669
|
+
],
|
|
4670
|
+
"skills_referencing": [],
|
|
4671
|
+
"evidence_cves": [
|
|
4672
|
+
"CVE-2026-20245"
|
|
4673
|
+
],
|
|
4674
|
+
"framework_controls_partially_addressing": [],
|
|
4675
|
+
"real_requirement": "Context-aware output encoding at every trust boundary where data crosses into a structured interpreter (shell, HTML, config). For AI agent tooling, tool-call output rendered into a downstream interpreter must be escaped for that interpreter, not just the original input.",
|
|
4676
|
+
"lag_notes": "Frameworks treat output handling as a coding-quality concern (SI-10 covers input, not output encoding). No framework operationalizes per-interpreter output encoding for management-plane or agent-tool output.",
|
|
4677
|
+
"last_verified": "2026-06-13"
|
|
4678
|
+
},
|
|
4679
|
+
"CWE-266": {
|
|
4680
|
+
"id": "CWE-266",
|
|
4681
|
+
"name": "Improper Privilege Management",
|
|
4682
|
+
"abstraction": "Base",
|
|
4683
|
+
"category": "Privilege",
|
|
4684
|
+
"description": "The product does not properly assign, track, or relinquish privileges, allowing an actor to gain a higher privilege level than intended (a plugin or low-privilege role escalating to root or administrator).",
|
|
4685
|
+
"top_25_rank_2024": null,
|
|
4686
|
+
"top_25_rank_2025": null,
|
|
4687
|
+
"view_memberships": [],
|
|
4688
|
+
"related_attack_patterns_capec": [
|
|
4689
|
+
"CAPEC-122",
|
|
4690
|
+
"CAPEC-233"
|
|
4691
|
+
],
|
|
4692
|
+
"skills_referencing": [],
|
|
4693
|
+
"evidence_cves": [
|
|
4694
|
+
"CVE-2026-48172"
|
|
4695
|
+
],
|
|
4696
|
+
"framework_controls_partially_addressing": [],
|
|
4697
|
+
"real_requirement": "Least-privilege enforcement with explicit privilege-drop after elevated operations and per-component privilege boundaries; for AI agents, the effective privilege must be the minimum for the current task, not the maximum the service account holds.",
|
|
4698
|
+
"lag_notes": "AC-6 least-privilege is a stated design principle but is not operationalized for plugin/extension components or AI-agent invocation contexts that inherit a broad service-account privilege.",
|
|
4699
|
+
"last_verified": "2026-06-13"
|
|
4700
|
+
},
|
|
4701
|
+
"CWE-912": {
|
|
4702
|
+
"id": "CWE-912",
|
|
4703
|
+
"name": "Hidden Functionality",
|
|
4704
|
+
"abstraction": "Base",
|
|
4705
|
+
"category": "Malicious Code",
|
|
4706
|
+
"description": "The product contains functionality that is not documented, not part of the stated requirements, and not visible to the operator (a backdoor or covert capability), such as a messaging app that silently retains or forwards plaintext beyond its stated end-to-end guarantee.",
|
|
4707
|
+
"top_25_rank_2024": null,
|
|
4708
|
+
"top_25_rank_2025": null,
|
|
4709
|
+
"view_memberships": [],
|
|
4710
|
+
"related_attack_patterns_capec": [
|
|
4711
|
+
"CAPEC-670"
|
|
4712
|
+
],
|
|
4713
|
+
"skills_referencing": [],
|
|
4714
|
+
"evidence_cves": [
|
|
4715
|
+
"CVE-2025-47729"
|
|
4716
|
+
],
|
|
4717
|
+
"framework_controls_partially_addressing": [],
|
|
4718
|
+
"real_requirement": "Provenance and behavioral attestation for shipped software: documented capability inventory, build-from-source reproducibility, and runtime monitoring that flags undocumented network or data flows. For AI and model supply chains this extends to undisclosed model behaviors and covert data exfiltration.",
|
|
4719
|
+
"lag_notes": "Supply-chain controls (SR family, A.5.23) verify build integrity, not the absence of undocumented functionality in a validly-signed artifact. No framework requires a capability-inventory attestation.",
|
|
4720
|
+
"last_verified": "2026-06-13"
|
|
4721
|
+
},
|
|
4722
|
+
"CWE-1023": {
|
|
4723
|
+
"id": "CWE-1023",
|
|
4724
|
+
"name": "Incomplete Comparison with Missing Factors",
|
|
4725
|
+
"abstraction": "Base",
|
|
4726
|
+
"category": "Comparison",
|
|
4727
|
+
"description": "The product performs a comparison that omits one or more factors required to correctly distinguish the cases, so inputs that should be treated differently are treated the same (a packet or tunnel filter that compares only some fields and forwards unconfigured types).",
|
|
4728
|
+
"top_25_rank_2024": null,
|
|
4729
|
+
"top_25_rank_2025": null,
|
|
4730
|
+
"view_memberships": [],
|
|
4731
|
+
"related_attack_patterns_capec": [
|
|
4732
|
+
"CAPEC-13"
|
|
4733
|
+
],
|
|
4734
|
+
"skills_referencing": [],
|
|
4735
|
+
"evidence_cves": [
|
|
4736
|
+
"CVE-2026-7473"
|
|
4737
|
+
],
|
|
4738
|
+
"framework_controls_partially_addressing": [],
|
|
4739
|
+
"real_requirement": "Complete, deny-by-default comparison logic that enumerates every distinguishing factor for a security decision; security filters must fail closed on any unmatched factor rather than forwarding the default case.",
|
|
4740
|
+
"lag_notes": "Frameworks specify that filtering exist (SC-7 boundary protection) but not that comparison logic be complete and fail-closed across all factors. Partial-match forwarding passes a control review while leaving an access-control bypass.",
|
|
4741
|
+
"last_verified": "2026-06-13"
|
|
4636
4742
|
}
|
|
4637
4743
|
}
|