@blamejs/exceptd-skills 0.16.31 → 0.18.0

package/data/cve-catalog.json

@@ -55,8 +55,8 @@
     "ai_discovery_methodology": {
       "field_added": "2026-05-15",
       "agents_md_target": "Hard Rule #7 — '41% of 2025 zero-days were AI-discovered'. Catalog target rate floor: 0.40.",
-      "current_rate": 0.0273,
-      "current_floor_enforced_by_test": 0.027,
+      "current_rate": 0.0261,
+      "current_floor_enforced_by_test": 0.026,
       "ladder_to_target": [
         0.027,
         0.028,
@@ -45740,5 +45740,2210 @@
     ],
     "last_updated": "2026-06-01",
     "discovery_attribution_note": "Co-disclosed October 2023 by Google, Cloudflare and AWS after absorbing the largest-recorded HTTP/2 DDoS to that date; CISA KEV-listed 2023-10-10. Vendor research; no AI involvement."
+  },
+  "CVE-2022-0492": {
+    "name": "Linux Kernel cgroups v1 release_agent Privilege Escalation / Container Escape (CISA KEV)",
+    "type": "Privilege Escalation",
+    "cvss_score": 7.8,
+    "cvss_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "NIST (NVD) CVSS v3.1 base 7.8 (HIGH). The local, low-privilege cgroup_release_agent_write path in kernel/cgroup/cgroup-v1.c lets a process that can mount a writable cgroupfs (via unprivileged user + cgroup namespaces) write an attacker-controlled path into release_agent, which the kernel then executes as root in the initial namespace - escaping namespace isolation (CWE-862 missing authorization on the release_agent write, CWE-287 improper authentication of the namespace context).",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-06-02",
+    "cisa_kev_due_date": "2026-06-05",
+    "poc_available": true,
+    "poc_description": "Multiple public proof-of-concepts and detailed writeups exist. Palo Alto Unit 42 documents the full container-escape technique (mount writable cgroupfs via new user/cgroup namespaces, write a payload path into a root cgroup's release_agent, trigger execution at cgroup release so the binary runs as root) and ships a public vulnerability-check tool at github.com/PaloAltoNetworks/can-ctr-escape-cve-2022-0492. The technique works from inside a container that runs without AppArmor/SELinux and without seccomp, and standalone on a host where unprivileged user namespaces are enabled.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed via the upstream Linux kernel commit (https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af) and NVD (https://nvd.nist.gov/vuln/detail/CVE-2022-0492). The abused surface is the Linux kernel cgroups v1 release_agent feature reachable from unprivileged containers.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization; a classic missing-authorization kernel flaw exploited through cgroups v1 release_agent to break container/namespace isolation.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2022-0492 to the Known Exploited Vulnerabilities catalog on 2026-06-02 (due 2026-06-05) - confirmed in-the-wild exploitation. The flaw is a high-value container-escape primitive: a containerized or unprivileged-namespace process can reach root in the host's initial namespace, making it a routine post-compromise lateral-movement step against misconfigured (no AppArmor/SELinux/seccomp) container hosts.",
+    "affected": "Linux kernel 2.6.24 through the fixed releases in each maintained series (see affected_versions); distribution kernels based on these (Debian 9/10/11, RHEL 8 variants, Ubuntu 14.04-22.04, Fedora 35) and embedded firmware (e.g. NetApp HCI/SolidFire) until patched.",
+    "affected_versions": [
+      "Linux kernel 2.6.24 to < 4.9.301",
+      "Linux kernel 4.10 to < 4.14.266",
+      "Linux kernel 4.15 to < 4.19.229",
+      "Linux kernel 4.20 to < 5.4.177",
+      "Linux kernel 5.5 to < 5.10.97",
+      "Linux kernel 5.11 to < 5.15.20",
+      "Linux kernel 5.16 to < 5.16.6",
+      "Linux kernel 5.17-rc1 and 5.17-rc2"
+    ],
+    "vector": "The cgroup_release_agent_write handler in kernel/cgroup/cgroup-v1.c does not verify that the writer has authority over the namespace whose release_agent it is setting. A local process that can create a new user namespace and a new cgroup namespace gains a writable view of cgroupfs, writes an attacker-controlled path into release_agent, then forces the cgroup to empty; the kernel runs that path as root in the initial namespace. From inside a container without AppArmor/SELinux and without seccomp this is a direct container-to-host escape to root; on a bare host with unprivileged user namespaces enabled it is local privilege escalation. Fixed by tightening the privilege check on the release_agent write (kernel commit 24f60085).",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:L / AC:L / PR:L / UI:N - local access with low privileges; the exploit is well-documented and reliable when the host lacks AppArmor/SELinux + seccomp confinement or permits unprivileged user namespaces.",
+    "patch_available": true,
+    "patch_required_reboot": true,
+    "live_patch_available": true,
+    "live_patch_tools": [
+      "kpatch",
+      "Ksplice",
+      "kGraft"
+    ],
+    "live_patch_notes": "Distribution kernel updates fix the release_agent authorization check; applying the on-disk kernel package requires a reboot to run the new kernel. Live-kernel-patching frameworks (kpatch, Oracle Ksplice, SUSE kGraft) can apply the fix without an immediate reboot where a vendor live-patch is published; the reboot is still required to complete full remediation.",
+    "vendor_update_paths": [
+      "Update to a fixed kernel for your series (>= 4.9.301 / 4.14.266 / 4.19.229 / 5.4.177 / 5.10.97 / 5.15.20 / 5.16.6) via the distribution (Debian/RHEL/Ubuntu/Fedora/NetApp) and reboot, or apply the vendor live-kernel-patch where available. Defense in depth: confine containers with AppArmor or SELinux and a seccomp profile, drop CAP_SYS_ADMIN, and disable unprivileged user namespaces (kernel.unprivileged_userns_clone=0 / user.max_user_namespaces=0) where workloads do not require them - any one of these blocks the documented escape even on an unpatched kernel."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-AC-6": "Least privilege is defeated: a low-privilege/containerized process reaches root in the host's initial namespace through the release_agent write, so role/capability restrictions on the workload do not bound its actual privilege.",
+      "NIST-800-53-AC-3": "Access enforcement is missing at the cgroups v1 release_agent write - the kernel runs an attacker-supplied path as root without authorizing the writer's namespace authority (CWE-862).",
+      "NIST-800-53-SC-39": "Process isolation / namespace separation is bypassed - a process escapes its namespace and container boundary to the host.",
+      "NIST-800-53-SI-2": "Flaw remediation timelines calibrated to CVSS 7.8 are insufficient given confirmed KEV exploitation; the kernel update must be applied (with reboot) or live-patched on an accelerated schedule.",
+      "ISO-27001-2022-A.8.22": "Segregation of networks/workloads at the host boundary fails - container isolation does not contain a process that reaches the host kernel's release_agent path.",
+      "NIS2-Art21-vulnerability-handling": "Article 21 vulnerability-handling measures do not enforce accelerated kernel patching/live-patching for a KEV-listed container-escape primitive across the container fleet.",
+      "DORA-Art-9": "ICT protection measures do not model an unprivileged-container-to-host kernel escape as an ICT-risk event crossing the workload isolation boundary.",
+      "UK-CAF-B4": "System Security objective lacks an objective for hardening container hosts (AppArmor/SELinux/seccomp, disabling unprivileged user namespaces) so a single kernel cgroups flaw cannot become host root.",
+      "AU-ISM-1546": "The ISM patch-application control sets vendor-defined timeframes; a CISA KEV-listed, actively-exploited vulnerability requires applying the vendor fix within the KEV due-date, not a default monthly cycle."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1611",
+      "T1068"
+    ],
+    "rwep_score": 73,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 20,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 28,
+      "patch_available": -15,
+      "live_patch_available": -10,
+      "reboot_required": 5
+    },
+    "rwep_notes": "High (RWEP 73, \"patch within 72 hours\" band per lib/scoring.js timeline). CISA KEV-listed (added 2026-06-02) and actively exploited: cisa_kev=25 + active_exploitation(confirmed)=20 + poc_available=20 + blast_radius=28 (kernel container-escape primitive affecting essentially the entire pre-fix Linux container fleet), minus patch_available 15 and live_patch_available 10, plus reboot_required 5. The patch + live-patch credits pull it just below the 75 \"within 24 hours\" band, but confirmed KEV exploitation of a container-escape keeps it firmly in the urgent tier - compensating MAC/seccomp confinement should be confirmed before the reboot window closes.",
+    "epss_score": null,
+    "epss_date": "2026-06-13",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2022-0492",
+    "cwe_refs": [
+      "CWE-862",
+      "CWE-287"
+    ],
+    "iocs": {
+      "behavioral": [
+        "A containerized or unprivileged process creating new user + cgroup namespaces, mounting cgroupfs writable, and writing a path into a release_agent file.",
+        "Execution of an unexpected binary as root in the host's initial namespace immediately after a cgroup becomes empty (release_agent invocation).",
+        "Container hosts running without AppArmor/SELinux confinement and without a seccomp profile, or with unprivileged user namespaces enabled, on kernels older than the fixed releases - the exposed precondition."
+      ],
+      "_ioc_source_note": "Behavioral signatures anchored to the Linux kernel fix commit (https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af), NVD CVE-2022-0492 (CWE-287/CWE-862), the Palo Alto Unit 42 technique writeup, and the CISA KEV listing."
+    },
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2022-0492",
+      "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af",
+      "https://www.kernel.org/",
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "Linux Kernel",
+        "advisory_id": "CVE-2022-0492",
+        "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=24f6008564183aa120d07c03d9289519c2fe02af",
+        "severity": "high",
+        "published_date": "2022-03-03"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2022-0492",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0492",
+        "severity": "high",
+        "published_date": "2022-03-03"
+      }
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from the upstream Linux kernel fix commit (24f60085, kernel/cgroup/cgroup-v1.c) + NVD (CVSS v3.1 7.8; CWE-287/CWE-862) + the CISA KEV listing (added 2026-06-02) + the Palo Alto Unit 42 container-escape technique writeup and public check tool.",
+    "_kev_short_description": "The Linux kernel cgroups v1 release_agent write does not authorize the namespace context (CWE-862/CWE-287), letting an unprivileged or containerized process run code as root in the host's initial namespace - container escape / local privilege escalation; CISA KEV (added 2026-06-02, actively exploited), fixed by kernel commit 24f60085 and per-series kernel updates."
+  },
+  "CVE-2024-11120": {
+    "name": "GeoVision EOL IP Devices Unauthenticated OS Command Injection (CISA KEV)",
+    "type": "RCE",
+    "cvss_score": 9.8,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "NIST (NVD) CVSS v3.1 base 9.8 (CRITICAL). AV:N/AC:L/PR:N/UI:N — a remote, unauthenticated attacker reaches an OS command injection sink (CWE-78) on affected GeoVision IP devices, executing arbitrary system commands with device privileges. No CVSS v4.0 vector is published.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2025-05-07",
+    "cisa_kev_due_date": "2025-05-28",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept exploit code is published. Active in-the-wild exploitation was first observed in Akamai SIRT honeypots in April 2025 (LZRD Mirai variant), but the campaign analysis documents observed traffic rather than releasing a standalone PoC.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed by GeoVision via TWCERT/CC advisories; not AI-discovered. The affected products are end-of-life GeoVision IP cameras and video servers reachable from untrusted networks.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization. A commodity Mirai-style botnet injects shell commands through an unauthenticated input on an unpatchable EOL device.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2024-11120 to the Known Exploited Vulnerabilities catalog on 2025-05-07 (due 2025-05-28). Akamai SIRT confirmed active exploitation in April 2025: an ARM Mirai binary (\"boatnet\", LZRD Mirai variant) recruits the devices into a botnet. NVD records that the vulnerability has already been exploited by attackers. Because the affected models are retired and will receive no firmware fix, exposed devices remain compromisable indefinitely.",
+    "affected": "GeoVision GV-VS12, GV-VS11, GV-DSP_LPR (v3.0), GVLX_4 (v2.0 and v3.0) — end-of-life IP devices.",
+    "affected_versions": [
+      "GeoVision GV-VS12",
+      "GeoVision GV-VS11",
+      "GeoVision GV-DSP_LPR v3.0",
+      "GeoVision GVLX_4 v2.0",
+      "GeoVision GVLX_4 v3.0"
+    ],
+    "vector": "An unauthenticated remote attacker injects and executes arbitrary system commands on affected GeoVision IP devices through an OS command injection sink (CWE-78) that fails to filter user-supplied input. The affected models are end-of-life / end-of-service: GeoVision will issue no firmware fix, so the only remediation is to take the device off untrusted networks and replace it. A Mirai-style botnet (LZRD variant) exploits this in the wild to recruit internet-exposed devices.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:N / UI:N — the injection sink is reachable over the network without authentication or user interaction. Mass scanning + a single crafted request is sufficient, which is why a commodity botnet weaponized it.",
+    "patch_available": false,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "No patch exists and none is coming — GeoVision confirmed the affected models are retired and will not receive further updates. There is nothing to live-patch; remediation is device replacement.",
+    "vendor_update_paths": [
+      "No firmware fix is available or planned — the affected GeoVision models are end-of-life / end-of-service. Remove the device from untrusted and internet-facing networks and replace it with a currently supported model. Do not rely on a patch: GeoVision has confirmed these models will receive no further updates.",
+      "If a device cannot be replaced immediately, isolate it on a segmented management VLAN with no inbound internet reachability and front it with an authenticating reverse proxy or VPN; treat any internet-exposed instance as already compromised and rebuild downstream trust accordingly."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SI-2": "Flaw remediation assumes a patch can be deployed. For an EOL device with no firmware fix, the SI-2 SLA never resolves; the control gap is that the remediation is replacement, not patching, and the program has no workflow for that.",
+      "NIST-800-53-SC-7": "Boundary protection — these devices are frequently internet-exposed for remote viewing; without a boundary that denies inbound reach to the device's management surface, an unauthenticated injection sink is directly attackable.",
+      "ISO-27001-2022-A.8.8": "Technical vulnerability management seldom covers end-of-life embedded assets that no longer receive routine scanning or vendor advisories; a KEV listing of an EOL IoT RCE is the signal those assets are being actively hunted.",
+      "ISO-27001-2022-A.8.9": "Configuration management does not flag devices whose supported-firmware lifecycle has ended, leaving them in service past the point any fix is possible.",
+      "NIS2-Art21-supply-chain": "Article 21 risk-management measures do not require enumerating and retiring unsupported network-attached devices whose vendor has ended security maintenance.",
+      "UK-CAF-B4": "System Security has no objective for identifying and removing internet-exposed unsupported devices that can never be patched.",
+      "AU-ISM-1546": "The ISM patch-application control sets vendor-defined timeframes; a CISA KEV-listed, actively-exploited vulnerability requires applying the vendor fix within the KEV due-date, not a default monthly cycle."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1190",
+      "T1059",
+      "T1584.005"
+    ],
+    "cwe_refs": [
+      "CWE-78"
+    ],
+    "known_ransomware_use": false,
+    "rwep_score": 73,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 28,
+      "patch_available": 0,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "High (RWEP 73, \"patch within 72 hours\" band per lib/scoring.js timeline). cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=28 (internet-exposed IoT botnet fodder), with no PoC credit (no public PoC) and — critically — no patch_available credit because the device is end-of-life with no fix. The absent -15 patch credit is the intended EOL/IoT lesson: an unpatchable, actively-exploited internet-exposed device scores higher than an otherwise-identical CVE that has a patch, because the only real remediation is replacement.",
+    "epss_score": null,
+    "epss_date": "2026-06-13",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2024-11120",
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2024-11120",
+      "https://www.twcert.org.tw/en/cp-139-8237-26d7a-2.html",
+      "https://www.akamai.com/blog/security-research/active-exploitation-mirai-geovision-iot-botnet",
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "TWCERT/CC",
+        "advisory_id": "CVE-2024-11120",
+        "url": "https://www.twcert.org.tw/en/cp-139-8237-26d7a-2.html",
+        "severity": "critical",
+        "published_date": "2024-11-15"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2024-11120",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-11120",
+        "severity": "critical",
+        "published_date": "2024-11-15"
+      }
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from NVD (CVSS v3.1 9.8; CWE-78) + the GeoVision/TWCERT/CC advisory + the CISA KEV listing (added 2025-05-07) + Akamai SIRT active-exploitation research (LZRD Mirai variant, April 2025 honeypot detection). End-of-life IP-device RCE with no vendor fix; remediation is device replacement (NIST SA-22 unsupported system components).",
+    "iocs": {
+      "behavioral": [
+        "Unauthenticated HTTP requests to the vulnerable command-injection endpoint on internet-exposed GeoVision devices (GV-VS12/VS11/DSP_LPR/GVLX_4).",
+        "Shell metacharacters in request parameters that reach a system() call; subsequent download-and-execute of an ARM ELF payload.",
+        "Outbound connections from the device to LZRD/Mirai ('boatnet') botnet C2 after recruitment."
+      ],
+      "indicators": [
+        "LZRD Mirai ARM variant observed in honeypot captures (April 2025)."
+      ],
+      "_ioc_source_note": "Anchored to NVD CVE-2024-11120, CISA KEV, TWCERT/CC advisory, and the Akamai SIRT LZRD-Mirai analysis."
+    }
+  },
+  "CVE-2024-21182": {
+    "name": "Oracle WebLogic Server Unauthenticated T3/IIOP Data Access (CISA KEV)",
+    "type": "Information Disclosure",
+    "cvss_score": 7.5,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
+    "cvss_note": "NIST (NVD) CVSS v3.1 base 7.5 (HIGH). The vector is confidentiality-only (C:H / I:N / A:N): an unauthenticated network attacker reaching WebLogic over the T3 or IIOP protocol gains unauthorized access to critical data or complete access to all WebLogic-accessible data - it is a data-exposure flaw, not integrity/availability compromise. NVD assigns NVD-CWE-noinfo (no specific CWE); the precise root-cause class is unspecified by Oracle and NVD, so no CWE is asserted here.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-06-01",
+    "cisa_kev_due_date": "2026-06-04",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept identified at curation. Oracle's Critical Patch Update advisory (July 2024) characterizes the flaw as easily exploitable by an unauthenticated attacker over T3/IIOP but does not publish exploit detail; NVD links no public exploit, and none was located. CISA KEV inclusion indicates confirmed in-the-wild exploitation.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed via the Oracle Critical Patch Update for July 2024 (https://www.oracle.com/security-alerts/cpujul2024.html) and NVD (https://nvd.nist.gov/vuln/detail/CVE-2024-21182). The abused surface is Oracle WebLogic Server's T3/IIOP remoting protocols.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization; an unauthenticated network attacker reaches sensitive data through WebLogic's T3/IIOP remoting.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2024-21182 to the Known Exploited Vulnerabilities catalog on 2026-06-01 (due 2026-06-04) - confirmed in-the-wild exploitation. WebLogic T3/IIOP flaws are a long-standing target for opportunistic and targeted access to internet-exposed application servers; unauthenticated network reachability makes this a direct data-exposure path against exposed instances.",
+    "affected": "Oracle WebLogic Server 12.2.1.4.0 and 14.1.1.0.0 (the supported versions in scope for the July 2024 Critical Patch Update).",
+    "affected_versions": [
+      "Oracle WebLogic Server 12.2.1.4.0",
+      "Oracle WebLogic Server 14.1.1.0.0"
+    ],
+    "vector": "An unauthenticated attacker with network access to Oracle WebLogic Server over the T3 or IIOP protocol can compromise the server's confidentiality, gaining unauthorized access to critical data or complete access to all WebLogic-accessible data. The flaw is easily exploitable (AV:N / AC:L / PR:N / UI:N) and confidentiality-only (I:N / A:N). Remediated by the July 2024 Oracle Critical Patch Update.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:N / UI:N - remote, unauthenticated, low complexity; Oracle marks it easily exploitable over T3/IIOP.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "Remediation is the July 2024 Oracle Critical Patch Update bundle patch for WebLogic; applying it requires restarting the WebLogic managed/admin server processes (an application-server restart, not a host OS reboot). No live-patch path for this fix.",
+    "vendor_update_paths": [
+      "Apply the July 2024 Oracle Critical Patch Update for WebLogic Server (12.2.1.4.0 / 14.1.1.0.0) and restart the affected servers. Defense in depth: do not expose the T3/IIOP listen ports to untrusted networks - restrict them with a connection filter (weblogic.security.net.ConnectionFilterImpl) or network ACLs so only trusted hosts can reach T3/IIOP, since the attack requires network reach to those protocols."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-AC-3": "Access enforcement is missing on a network-reachable protocol surface - WebLogic returns critical data to an unauthenticated T3/IIOP caller.",
+      "NIST-800-53-SC-7": "Boundary protection does not restrict T3/IIOP exposure - the remoting ports are reachable from untrusted networks, enabling unauthenticated data access.",
+      "NIST-800-53-IA-2": "The server does not authenticate the caller before serving critical data over T3/IIOP.",
+      "NIST-800-53-SI-2": "Flaw-remediation timelines calibrated to CVSS 7.5 are insufficient given confirmed KEV exploitation of an internet-reachable app server; the CPU bundle patch must be applied on an accelerated schedule.",
+      "ISO-27001-2022-A.5.15": "Access control does not gate unauthenticated retrieval of critical data over the application server's remoting protocols.",
+      "NIS2-Art21-vulnerability-handling": "Article 21 vulnerability-handling measures do not enforce accelerated patching of a KEV-listed unauthenticated data-access flaw on exposed middleware.",
+      "DORA-Art-9": "ICT protection measures do not model unauthenticated T3/IIOP data exposure on an internet-reachable application server as an ICT-risk event.",
+      "UK-CAF-B4": "System Security objective lacks an objective for restricting and authenticating application-server remoting protocols (T3/IIOP) at the network boundary.",
+      "AU-ISM-1546": "Patch-application control does not single out middleware/application-server critical patch updates (Oracle CPU) for accelerated application when KEV-listed."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1190",
+      "T1212"
+    ],
+    "rwep_score": 52,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 22,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "Elevated (RWEP 52, \"patch within 7 days\" band per lib/scoring.js timeline). CISA KEV-listed (added 2026-06-01) and actively exploited: cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=22 (two supported WebLogic versions widely deployed as internet-facing middleware), minus patch_available 15. No public-PoC credit (none located) and no reboot-window factor beyond the standard server restart. The confidentiality-only impact (I:N/A:N) caps blast magnitude below a full-RCE WebLogic flaw, but unauthenticated network data access on exposed instances still warrants prompt CPU application and T3/IIOP network restriction.",
+    "epss_score": null,
+    "epss_date": "2026-06-13",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2024-21182",
+    "cwe_refs": [
+      "CWE-200"
+    ],
+    "iocs": {
+      "behavioral": [
+        "Unauthenticated T3 or IIOP connections to WebLogic listen ports from untrusted source addresses retrieving application/server data.",
+        "WebLogic serving critical data in response to requests that carry no valid authentication over T3/IIOP.",
+        "Oracle WebLogic Server 12.2.1.4.0 / 14.1.1.0.0 with T3/IIOP ports reachable from untrusted networks and below the July 2024 CPU level - the exposed precondition."
+      ],
+      "_ioc_source_note": "Behavioral signatures anchored to the Oracle Critical Patch Update advisory for July 2024 (https://www.oracle.com/security-alerts/cpujul2024.html), NVD CVE-2024-21182 (NVD-CWE-noinfo), and the CISA KEV listing."
+    },
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2024-21182",
+      "https://www.oracle.com/security-alerts/cpujul2024.html",
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "Oracle",
+        "advisory_id": "CVE-2024-21182",
+        "url": "https://www.oracle.com/security-alerts/cpujul2024.html",
+        "severity": "high",
+        "published_date": "2024-07-16"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2024-21182",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21182",
+        "severity": "high",
+        "published_date": "2024-07-16"
+      }
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from the Oracle Critical Patch Update for July 2024 + NVD (CVSS v3.1 7.5, confidentiality-only vector C:H/I:N/A:N; NVD-CWE-noinfo - no CWE assigned) + the CISA KEV listing (added 2026-06-01). Oracle WebLogic unauthenticated T3/IIOP data-access flaw; no public PoC located and no CWE assigned at curation.",
+    "_kev_short_description": "Oracle WebLogic Server lets an unauthenticated network attacker over T3/IIOP access critical data (confidentiality-only, C:H/I:N/A:N; NVD-CWE-noinfo); CISA KEV (added 2026-06-01, actively exploited), fixed by the July 2024 Oracle Critical Patch Update.",
+    "cwe_note": "NVD assigns NVD-CWE-noinfo; classified as CWE-200 (Exposure of Sensitive Information) per the confidentiality-only impact (C:H/I:N/A:N)."
+  },
+  "CVE-2024-6047": {
+    "name": "GeoVision EOL Devices Unauthenticated OS Command Injection (CISA KEV)",
+    "type": "RCE",
+    "cvss_score": 9.8,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "NIST (NVD) CVSS v3.1 base 9.8 (CRITICAL). AV:N/AC:L/PR:N/UI:N — a remote, unauthenticated attacker reaches an OS command injection sink (CWE-78) on end-of-life GeoVision devices that fail to filter user input, executing arbitrary system commands with device privileges. No CVSS v4.0 vector is published.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2025-05-07",
+    "cisa_kev_due_date": "2025-05-28",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept exploit code is published. Active in-the-wild exploitation was first observed in Akamai SIRT honeypots in April 2025 (LZRD Mirai variant), but the campaign analysis documents observed traffic rather than releasing a standalone PoC.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed by GeoVision via TWCERT/CC advisories; not AI-discovered. The affected products are end-of-life GeoVision IP cameras, video servers, and license-plate-recognition devices reachable from untrusted networks.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization. A commodity Mirai-style botnet injects shell commands through an unauthenticated, unfiltered input on an unpatchable EOL device.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2024-6047 to the Known Exploited Vulnerabilities catalog on 2025-05-07 (due 2025-05-28). Akamai SIRT confirmed active exploitation in April 2025: an ARM Mirai binary (\"boatnet\", LZRD Mirai variant) recruits the devices into a botnet. Because the affected models are retired and will receive no firmware fix, exposed devices remain compromisable indefinitely.",
+    "affected": "End-of-life GeoVision devices: GV-DSP_LPR, GV-BX130, GV-BX1500, GV-CB220, GV-EBL1100, GV-EFD1100, GV-FD2410, GV-FD3400, GV-FE3401, GV-FE420, GV-GM8186_VS14, GV-VS14, GV-VS03, GV-VS2410, GV-VS21600, GV-VS04A, GV-VS04H, GVLX_4, GV-VS2800, GV-VS2820.",
+    "affected_versions": [
+      "GeoVision GV-DSP_LPR",
+      "GeoVision GV-BX130",
+      "GeoVision GV-BX1500",
+      "GeoVision GV-CB220",
+      "GeoVision GV-EBL1100",
+      "GeoVision GV-EFD1100",
+      "GeoVision GV-FD2410",
+      "GeoVision GV-FD3400",
+      "GeoVision GV-FE3401",
+      "GeoVision GV-FE420",
+      "GeoVision GV-GM8186_VS14",
+      "GeoVision GV-VS14",
+      "GeoVision GV-VS03",
+      "GeoVision GV-VS2410",
+      "GeoVision GV-VS21600",
+      "GeoVision GV-VS04A",
+      "GeoVision GV-VS04H",
+      "GeoVision GVLX_4",
+      "GeoVision GV-VS2800",
+      "GeoVision GV-VS2820"
+    ],
+    "vector": "Certain end-of-life GeoVision devices fail to properly filter user input on a specific function, letting an unauthenticated remote attacker inject and execute arbitrary system commands (CWE-78) on the device. The affected models are end-of-life / end-of-service: GeoVision will issue no firmware fix, so the only remediation is to take the device off untrusted networks and replace it. A Mirai-style botnet (LZRD variant) exploits this in the wild to recruit internet-exposed devices.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:N / UI:N — the injection sink is reachable over the network without authentication or user interaction. Mass scanning plus a single crafted request across a broad device fleet is sufficient, which is why a commodity botnet weaponized it.",
+    "patch_available": false,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "No patch exists and none is coming — GeoVision confirmed the affected models are retired and will not receive further updates. There is nothing to live-patch; remediation is device replacement.",
+    "vendor_update_paths": [
+      "No firmware fix is available or planned — the affected GeoVision models are end-of-life / end-of-service. Remove the device from untrusted and internet-facing networks and replace it with a currently supported model. Do not rely on a patch: GeoVision has confirmed these models will receive no further updates.",
+      "If a device cannot be replaced immediately, isolate it on a segmented management VLAN with no inbound internet reachability and front it with an authenticating reverse proxy or VPN; treat any internet-exposed instance as already compromised and rebuild downstream trust accordingly."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SI-2": "Flaw remediation assumes a patch can be deployed. For an EOL device with no firmware fix, the SI-2 SLA never resolves; the control gap is that the remediation is replacement, not patching, and the program has no workflow for that.",
+      "NIST-800-53-SC-7": "Boundary protection — these devices are frequently internet-exposed for remote viewing; without a boundary that denies inbound reach to the device's management surface, an unauthenticated injection sink is directly attackable.",
+      "ISO-27001-2022-A.8.8": "Technical vulnerability management seldom covers end-of-life embedded assets that no longer receive routine scanning or vendor advisories; a KEV listing of an EOL IoT RCE is the signal those assets are being actively hunted.",
+      "ISO-27001-2022-A.8.9": "Configuration management does not flag devices whose supported-firmware lifecycle has ended, leaving them in service past the point any fix is possible.",
+      "NIS2-Art21-supply-chain": "Article 21 risk-management measures do not require enumerating and retiring unsupported network-attached devices whose vendor has ended security maintenance.",
+      "UK-CAF-B4": "System Security has no objective for identifying and removing internet-exposed unsupported devices that can never be patched.",
+      "AU-ISM-1546": "The ISM patch-application control sets vendor-defined timeframes; a CISA KEV-listed, actively-exploited vulnerability requires applying the vendor fix within the KEV due-date, not a default monthly cycle."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1190",
+      "T1059",
+      "T1584.005"
+    ],
+    "cwe_refs": [
+      "CWE-78"
+    ],
+    "known_ransomware_use": false,
+    "rwep_score": 73,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 28,
+      "patch_available": 0,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "High (RWEP 73, \"patch within 72 hours\" band per lib/scoring.js timeline). cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=28 (a broad fleet of internet-exposed IoT botnet fodder), with no PoC credit (no public PoC) and — critically — no patch_available credit because the device is end-of-life with no fix. The absent -15 patch credit is the intended EOL/IoT lesson: an unpatchable, actively-exploited internet-exposed device scores higher than an otherwise-identical CVE that has a patch, because the only real remediation is replacement.",
+    "epss_score": null,
+    "epss_date": "2026-06-13",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2024-6047",
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2024-6047",
+      "https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html",
+      "https://www.akamai.com/blog/security-research/active-exploitation-mirai-geovision-iot-botnet",
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "TWCERT/CC",
+        "advisory_id": "CVE-2024-6047",
+        "url": "https://www.twcert.org.tw/en/cp-139-7884-c5a8b-2.html",
+        "severity": "critical",
+        "published_date": "2024-06-14"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2024-6047",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6047",
+        "severity": "critical",
+        "published_date": "2024-06-14"
+      }
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from NVD (CVSS v3.1 9.8; CWE-78) + the GeoVision/TWCERT/CC advisory + the CISA KEV listing (added 2025-05-07) + Akamai SIRT active-exploitation research (LZRD Mirai variant, April 2025 honeypot detection). End-of-life device RCE across a broad GeoVision fleet with no vendor fix; remediation is device replacement (NIST SA-22 unsupported system components).",
+    "iocs": {
+      "behavioral": [
+        "Unauthenticated HTTP requests injecting shell metacharacters into the vulnerable parameter on EOL GeoVision devices.",
+        "Download-and-execute of an ARM ELF Mirai payload following successful injection.",
+        "Outbound C2 from the recruited device to the LZRD/Mirai botnet."
+      ],
+      "indicators": [
+        "Same LZRD Mirai campaign as CVE-2024-11120; ARM ELF dropper on GeoVision firmware."
+      ],
+      "_ioc_source_note": "Anchored to NVD CVE-2024-6047, CISA KEV, TWCERT/CC, and Akamai SIRT."
+    }
+  },
+  "CVE-2025-27363": {
+    "name": "FreeType TrueType GX / Variable-Font Subglyph Out-of-Bounds Write (CISA KEV)",
+    "type": "memory-corruption",
+    "cvss_score": 8.1,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "NIST (NVD) CVSS v3.1 base 8.1 (HIGH); Facebook/Meta Security (CNA) assigned a secondary score. A crafted TrueType GX / variable font triggers a signed-short-to-unsigned-long assignment that wraps on a static add, under-allocates a heap buffer, then writes up to six signed long values past its bounds (CWE-787), reachable wherever FreeType parses an attacker-supplied font.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2025-05-06",
+    "cisa_kev_due_date": "2025-05-27",
+    "poc_available": false,
+    "poc_description": "The oss-security disclosure and the Meta/Facebook advisory describe the integer-wrap-to-undersized-heap-allocation mechanism and reference the upstream fix commit, but no public proof-of-concept exploit is published; the in-the-wild use was attributed to targeted commercial-spyware delivery, not a public exploit.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed by Meta/Facebook Security (https://www.facebook.com/security/advisories/cve-2025-27363) and coordinated on oss-security (2025-03-13). FreeType is an embedded font-rasterization library shipped in Android, Linux distributions, browsers, and countless applications - not an AI surface.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization; a malformed variable-font file triggers a heap out-of-bounds write in FreeType's subglyph parser.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2025-27363 to the Known Exploited Vulnerabilities catalog on 2025-05-06 (due 2025-05-27) - confirmed active exploitation. The May 2025 Android Security Bulletin states there are indications the flaw may be under limited, targeted exploitation, consistent with commercial-spyware delivery via a crafted font.",
+    "affected": "FreeType 2.13.0 and earlier; fixed upstream in a release after 2.13.0.",
+    "affected_versions": [
+      "FreeType <= 2.13.0"
+    ],
+    "vector": "When FreeType parses font subglyph structures in TrueType GX and variable font files, a signed short is assigned to an unsigned long and a static value is added, wrapping the result; FreeType then allocates an undersized heap buffer and writes up to six signed long integers beyond it. A crafted variable font, delivered anywhere FreeType rasterizes an attacker-supplied font (a document, web page, message, or app asset), triggers the heap out-of-bounds write and can lead to arbitrary code execution. Fixed upstream in the release following 2.13.0.",
+    "complexity": "high",
+    "complexity_notes": "NVD AV:N / AC:H - reaching reliable code execution requires crafting a font that drives the integer wrap and heap layout, hence AC:H; PR:N / UI:N because the malformed font is parsed wherever FreeType is invoked on attacker-supplied input.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "Remediation is upgrading the FreeType library (the upstream release following 2.13.0, or a distribution backport such as Debian bullseye 2.10.4+dfsg-1+deb11u2) and restarting the applications that link it; no host reboot.",
+    "vendor_update_paths": [
+      "Upgrade FreeType to the upstream release following 2.13.0 (or apply the distribution backport, e.g. Debian bullseye 2.10.4+dfsg-1+deb11u2 / the May 2025 Android security patch level) and rebuild or restart every application and service that links FreeType - the library is statically or dynamically embedded across browsers, document viewers, mobile platforms, and rendering toolchains, so a single OS-level update may not cover apps that bundle their own copy."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SI-2": "Flaw remediation does not track embedded third-party font libraries that ship inside many applications, so the FreeType update is missed where an app bundles its own copy.",
+      "NIST-800-53-SI-3": "Malicious-code protection does not treat an attacker-supplied font parsed by an embedded library as a code-execution channel.",
+      "NIST-800-53-SI-10": "Input validation does not bound the subglyph size arithmetic before allocation, so an integer wrap produces an undersized buffer (CWE-787).",
+      "ISO-27001-2022-A.8.8": "Technical-vulnerability management does not enumerate embedded font-rendering libraries as a patch target across the application estate.",
+      "ISO-27001-2022-A.8.28": "Secure-coding expectations do not require bounding size arithmetic before heap allocation in font subglyph parsing.",
+      "NIS2-Art21-vulnerability-handling": "Article 21 vulnerability-handling measures do not reach embedded third-party media-parsing libraries shipped inside applications.",
+      "DORA-Art-9": "ICT protection measures do not model an embedded font-parsing library as an ICT-risk code-execution surface.",
+      "UK-CAF-B4": "System Security objective has no requirement to inventory and patch embedded media-parsing libraries across the software estate.",
+      "AU-ISM-1546": "The ISM patch-application control sets vendor-defined timeframes; a CISA KEV-listed, actively-exploited vulnerability requires applying the vendor fix within the KEV due-date, not a default monthly cycle."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1203"
+    ],
+    "rwep_score": 58,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 28,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "High (RWEP 58, \"patch within 72 hours\" band per lib/scoring.js timeline). CISA KEV-listed (added 2025-05-06) and exploited in targeted attacks: cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=28 (FreeType is embedded across Android, Linux, browsers, and countless applications), minus patch_available 15. No public PoC ships, so poc_available contributes 0. AC:H tempers the score but the embedded ubiquity and confirmed targeted use keep it firmly in the urgent band.",
+    "epss_score": null,
+    "epss_date": "2026-06-13",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2025-27363",
+    "cwe_refs": [
+      "CWE-787"
+    ],
+    "known_ransomware_use": false,
+    "iocs": {
+      "behavioral": [
+        "An application that links FreeType crashing or executing unexpected code while rendering a TrueType GX / variable font received from an untrusted source (a document, web page, message, or app asset).",
+        "Crafted variable fonts whose subglyph size fields drive a signed-to-unsigned wrap producing an undersized allocation.",
+        "FreeType <= 2.13.0 embedded in an application that parses attacker-supplied fonts - the exposed precondition."
+      ],
+      "_ioc_source_note": "Behavioral signatures anchored to the Meta/Facebook advisory (https://www.facebook.com/security/advisories/cve-2025-27363), the oss-security disclosure (http://www.openwall.com/lists/oss-security/2025/03/13/1), the May 2025 Android Security Bulletin (https://source.android.com/docs/security/bulletin/2025-05-01), NVD CVE-2025-27363, the CISA KEV listing, and CWE-787."
+    },
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2025-27363",
+      "https://www.facebook.com/security/advisories/cve-2025-27363",
+      "http://www.openwall.com/lists/oss-security/2025/03/13/1",
+      "https://source.android.com/docs/security/bulletin/2025-05-01",
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "Meta / Facebook Security",
+        "advisory_id": "CVE-2025-27363",
+        "url": "https://www.facebook.com/security/advisories/cve-2025-27363",
+        "severity": "high",
+        "published_date": "2025-03-13"
+      },
+      {
+        "vendor": "Android Security Bulletin",
+        "advisory_id": "CVE-2025-27363",
+        "url": "https://source.android.com/docs/security/bulletin/2025-05-01",
+        "severity": "high",
+        "published_date": "2025-05-01"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2025-27363",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-27363",
+        "severity": "high",
+        "published_date": "2025-05-06"
+      }
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from the Meta/Facebook Security advisory + oss-security disclosure (2025-03-13, CWE-787) + NVD (CVSS v3.1 8.1, NIST primary; Facebook/Meta CNA secondary score) + the May 2025 Android Security Bulletin (limited targeted exploitation) + the CISA KEV listing (added 2025-05-06). Embedded font-rasterization library flaw (FreeType); blast radius spans every application that links it.",
+    "_kev_short_description": "FreeType <= 2.13.0 writes past an undersized heap buffer when parsing TrueType GX / variable-font subglyph structures because a signed-to-unsigned size wrap under-allocates (CWE-787), giving memory corruption and possible code execution from a crafted font; CISA KEV (added 2025-05-06, targeted exploitation), fixed upstream after 2.13.0."
+  },
+  "CVE-2025-30400": {
+    "name": "Microsoft Windows DWM Core Library Use-After-Free Local Privilege Escalation (CISA KEV)",
+    "type": "LPE",
+    "cvss_score": 7.8,
+    "cvss_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "Microsoft (secure@microsoft.com, CNA) CVSS v3.1 base 7.8 (HIGH). A use-after-free in the Desktop Window Manager (DWM) Core Library lets a low-privilege local attacker who already has code execution on the host elevate to SYSTEM (CWE-416).",
+    "cisa_kev": true,
+    "cisa_kev_date": "2025-05-13",
+    "cisa_kev_due_date": "2025-06-03",
+    "poc_available": false,
+    "poc_description": "The Microsoft Security Update Guide entry documents the use-after-free and ships the fix, but no public proof-of-concept exploit is published; the in-the-wild use is consistent with a post-compromise privilege-escalation step rather than a public exploit.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed and patched by Microsoft via the Security Update Guide (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-30400) in the May 2025 Patch Tuesday cycle. The DWM Core Library is a core Windows desktop-compositor component, not an AI surface.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization; a use-after-free in the Windows DWM Core Library is abused as a local privilege-escalation primitive.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2025-30400 to the Known Exploited Vulnerabilities catalog on 2025-05-13 (due 2025-06-03) - confirmed active exploitation. Microsoft flagged it as exploited in the wild at May 2025 Patch Tuesday; a DWM use-after-free is a classic post-compromise local-privilege-escalation step that pairs with an initial-access foothold to reach SYSTEM.",
+    "affected": "Windows 10 (1809, 21H2, 22H2), Windows 11 (22H2, 23H2, 24H2), and Windows Server 2019/2022/2022 23H2/2025, before the May 2025 cumulative update build numbers.",
+    "affected_versions": [
+      "Windows 10 1809 < 10.0.17763.7314",
+      "Windows 11 22H2 < 10.0.22621.5335",
+      "Windows 10 21H2 / 22H2 (pre-May-2025 cumulative update)",
+      "Windows 11 23H2 / 24H2 (pre-May-2025 cumulative update)",
+      "Windows Server 2019 / 2022 / 2022 23H2 / 2025 (pre-May-2025 cumulative update)"
+    ],
+    "vector": "A use-after-free in the Windows Desktop Window Manager (DWM) Core Library is reachable from a local, low-privilege context. An attacker who already has the ability to run code on the host (a malware foothold, a compromised standard user) triggers the freed-object reuse to corrupt memory and elevate to SYSTEM. Remediated by the May 2025 Windows cumulative security update.",
+    "complexity": "low",
+    "complexity_notes": "Microsoft AV:L / AC:L / PR:L / UI:N - the attacker must already be local with low privileges, but no special conditions or user interaction are needed to drive the use-after-free.",
+    "patch_available": true,
+    "patch_required_reboot": true,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "Remediated by the May 2025 Windows monthly cumulative security update; applying the rollup requires a reboot to complete. No Microsoft hotpatch is offered for this DWM Core Library fix.",
+    "vendor_update_paths": [
+      "Apply the May 2025 Windows cumulative security update for the affected SKU (Windows 10 1809 build 10.0.17763.7314 / Windows 11 22H2 build 10.0.22621.5335 or later for each branch) and reboot. There is no live-patch path for the DWM Core Library; the monthly rollup plus reboot is the remediation."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SI-2": "Flaw remediation must reach the May 2025 Windows cumulative update across the endpoint fleet; an LPE primitive that converts a foothold to SYSTEM is missed where monthly patching lags.",
+      "NIST-800-53-AC-6": "Least-privilege does not contain a kernel/compositor use-after-free that elevates a low-privilege user to SYSTEM regardless of the account's assigned rights.",
+      "ISO-27001-2022-A.8.8": "Technical-vulnerability management does not prioritize a KEV-listed local-privilege-escalation primitive on the endpoint fleet.",
+      "ISO-27001-2022-A.8.7": "Protection against malware does not account for a post-compromise UAF that completes the escalation chain to SYSTEM.",
+      "NIS2-Art21-vulnerability-handling": "Article 21 vulnerability-handling measures do not enforce timely monthly OS patch application to close an actively-exploited LPE.",
+      "DORA-Art-9": "ICT protection measures do not model an OS desktop-compositor use-after-free as an ICT-risk privilege-escalation event.",
+      "UK-CAF-B4": "System Security objective has no requirement to apply monthly OS security rollups within the KEV remediation window.",
+      "AU-ISM-1546": "The ISM patch-application control sets vendor-defined timeframes; a CISA KEV-listed, actively-exploited vulnerability requires applying the vendor fix within the KEV due-date, not a default monthly cycle."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1068",
+      "T1203"
+    ],
+    "rwep_score": 59,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 24,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 5
+    },
+    "rwep_notes": "High (RWEP 59, \"patch within 72 hours\" band per lib/scoring.js timeline). CISA KEV-listed (added 2025-05-13) and exploited in the wild: cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=24 (every supported Windows 10/11 and Windows Server SKU), minus patch_available 15, plus reboot_required 5 because the cumulative update needs a reboot and there is no live-patch path. No public PoC ships, so poc_available contributes 0. As an LPE it requires an existing local foothold, which is why blast_radius sits below a remote-RCE class even though the affected population is enormous.",
+    "epss_score": null,
+    "epss_date": "2026-06-13",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2025-30400",
+    "cwe_refs": [
+      "CWE-416"
+    ],
+    "known_ransomware_use": false,
+    "iocs": {
+      "behavioral": [
+        "A low-privilege process unexpectedly gaining SYSTEM rights on a Windows host shortly after interacting with the desktop compositor (dwm.exe / DWM Core Library).",
+        "Crashes or anomalous memory behavior in the DWM Core Library preceding a privilege transition.",
+        "Windows 10/11 or Windows Server endpoints missing the May 2025 cumulative security update (e.g. Windows 10 1809 below build 10.0.17763.7314) - the exposed precondition."
+      ],
+      "_ioc_source_note": "Behavioral signatures anchored to the Microsoft Security Update Guide (https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-30400), NVD CVE-2025-30400 (https://nvd.nist.gov/vuln/detail/CVE-2025-30400), the CISA KEV listing, and CWE-416."
+    },
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2025-30400",
+      "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-30400",
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "Microsoft",
+        "advisory_id": "CVE-2025-30400",
+        "url": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2025-30400",
+        "severity": "high",
+        "published_date": "2025-05-13"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2025-30400",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30400",
+        "severity": "high",
+        "published_date": "2025-05-13"
+      }
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from the Microsoft Security Update Guide (CVE-2025-30400, CWE-416, CVSS v3.1 7.8 assigned by Microsoft as CNA) + NVD + the CISA KEV listing (added 2025-05-13, exploited in the wild at May 2025 Patch Tuesday). Windows DWM Core Library use-after-free used as a local privilege-escalation primitive.",
+    "_kev_short_description": "A use-after-free in the Windows DWM Core Library (CWE-416) lets a low-privilege local attacker elevate to SYSTEM; CISA KEV (added 2025-05-13, exploited in the wild), remediated by the May 2025 Windows cumulative update (reboot required, no live-patch path)."
+  },
+  "CVE-2025-47729": {
+    "name": "TeleMessage TM SGNL Archiving-Backend Cleartext Message Retention (Hidden Functionality, CISA KEV)",
+    "type": "hidden-functionality",
+    "cvss_score": 4.9,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
+    "cvss_note": "NIST (NVD) publishes CVSS v3.1 base 4.9 (MEDIUM) as the primary score (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N); a MITRE secondary assessment rates it CVSS v3.1 1.9 (AV:L/AC:H/PR:H/UI:N/S:U/C:L). The CVSS understates operational severity: the impact is confidentiality of high-sensitivity government and enterprise communications that operators believed were end-to-end encrypted, and the backend was breached in the wild - the RWEP reflects the KEV/active-exploitation reality the base score does not.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2025-05-12",
+    "cisa_kev_due_date": "2025-06-02",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept exploit. The 'hidden functionality' is a design property - the archiving backend retains cleartext copies of messages contrary to the product's end-to-end-encryption documentation - rather than a flaw triggered by exploit code; the in-the-wild exposure came from a breach of that backend.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Surfaced publicly after a breach of the TeleMessage archiving backend in May 2025 and catalogued in NVD; CISA KEV-listed 2025-05-12. The cleartext-retention behavior was identified by security researchers and reporting, not AI tooling.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No evidence of AI-assisted weaponization. The exposure stems from the backend storing cleartext copies of supposedly end-to-end-encrypted messages (CWE-912 hidden functionality), not from an AI-developed exploit.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "Confirmed in the wild. NVD records 'as exploited in the wild in May 2025'; the TeleMessage archiving backend was breached and cleartext message copies were exposed; CISA added CVE-2025-47729 to the KEV catalog on 2025-05-12 (due 2025-06-02). TM SGNL (aka Archive Signal) is a Signal-clone messaging product used in government and enterprise contexts, which is what made the cleartext retention consequential.",
+    "affected": "TeleMessage TM SGNL (aka Archive Signal) and its TeleMessage archiving backend. The backend through 2025-05-05 held cleartext copies of messages from TM SGNL application users, contrary to the product's end-to-end-encryption claims.",
+    "affected_versions": [
+      "TeleMessage TM SGNL / TeleMessage archiving backend through 2025-05-05"
+    ],
+    "vector": "TM SGNL is marketed as providing end-to-end encryption 'from the mobile phone through to the corporate archive,' but the TeleMessage archiving backend in fact retained cleartext copies of users' messages - functionality that contradicts the product's own documentation (CWE-912 hidden functionality). Because the cleartext lived in the backend rather than only on endpoints, a compromise of that backend exposed the plaintext of communications that operators believed were protected end-to-end. The backend was breached in the wild in May 2025, exposing message contents. There is no clean fixed version; CISA's required action is to apply vendor mitigations or, absent them, discontinue use of the product.",
+    "complexity": "low",
+    "complexity_notes": "NVD primary AV:N / AC:L / PR:H. The 'hidden functionality' is inherent to the backend design; realizing the exposure required access to the archiving backend (reflected as PR:H in the NVD primary vector), which a backend breach provided. No special victim interaction is required.",
+    "patch_available": false,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "No live patch and no published fixed version. The cleartext retention is a property of the archiving backend's design; CISA's guidance is to apply vendor mitigations or discontinue use of the product rather than to install a fix.",
+    "vendor_update_paths": [
+      "No fixed version closes the design property. Per CISA KEV, apply mitigations per vendor instructions; absent adequate vendor mitigation, discontinue use of TM SGNL. Treat any messages handled by the TeleMessage archiving backend through 2025-05-05 as potentially exposed in cleartext and respond accordingly (rotate any secrets shared over the channel, assess breach-notification obligations for the affected communications)."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SR-3": "Supply-chain controls did not surface that a procured messaging product retained cleartext server-side copies contradicting its end-to-end-encryption marketing - the product's security claim was accepted without independent verification.",
+      "NIST-800-53-SC-8": "Transmission/storage confidentiality was assumed from the vendor's end-to-end-encryption claim, but the backend retained cleartext, so the assumed protection did not hold at rest in the archive.",
+      "NIST-800-53-SC-28": "Protection of information at rest was defeated: the archiving backend stored message plaintext that operators believed was encrypted end-to-end.",
+      "NIST-800-53-CM-7": "Least-functionality assurance did not catch undocumented backend functionality (cleartext retention) beyond the product's stated behavior.",
+      "ISO-27001-2022-A.8.24": "Use-of-cryptography controls relied on the vendor's end-to-end claim without confirming the archive held no cleartext.",
+      "ALL-AI-PIPELINE-INTEGRITY": "No framework requires verifying that a product's actual data-handling behavior matches its documented/marketed security properties, so undocumented cleartext retention (hidden functionality) in a backend goes unchecked.",
+      "NIS2-Art21-vulnerability-management": "NIS2 Article 21 vulnerability-handling does not bind the remediation window to the KEV due-date; a known-exploited vulnerability must be remediated on the KEV clock, not a generic risk-based schedule.",
+      "UK-CAF-B4": "The CAF System Security objective does not single out actively-exploited (KEV-listed) vulnerabilities on the exposed surface for accelerated, due-date-bound remediation.",
+      "AU-ISM-1546": "The ISM patch-application control sets vendor-defined timeframes; a CISA KEV-listed, actively-exploited vulnerability requires applying the vendor fix within the KEV due-date, not a default monthly cycle."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1505.003",
+      "T1554",
+      "T1530"
+    ],
+    "cwe_refs": [
+      "CWE-912"
+    ],
+    "known_ransomware_use": false,
+    "rwep_score": 69,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 24,
+      "patch_available": 0,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "High (RWEP 69) despite a MEDIUM CVSS (4.9) - the textbook RWEP-vs-CVSS divergence. CISA KEV-listed (added 2025-05-12) with confirmed in-the-wild backend breach: cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=24 (a Signal-clone messaging product used across government and enterprise, where the exposed content is high-sensitivity communications). No patch credit applies because there is no published fixed version - the remediation is mitigation-or-discontinue. No real public PoC and no AI factor. The base CVSS of 4.9 would put this in the 'patch within 7 days' tier; the KEV/active-exploitation reality moves it to the 72-hour band, and the absence of any fix argues for the discontinue-use path on high-sensitivity deployments.",
+    "epss_score": null,
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+      "https://nvd.nist.gov/vuln/detail/CVE-2025-47729"
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from NVD CVE-2025-47729 (primary CVSS v3.1 4.9; MITRE secondary 1.9; CWE-912 hidden functionality) + the CISA KEV listing (added 2025-05-12, required action: apply vendor mitigations or discontinue use). Hidden-functionality / backdoor-class exposure: the TeleMessage archiving backend retained cleartext of supposedly end-to-end-encrypted TM SGNL messages and was breached in the wild.",
+    "vendor_advisories": [
+      {
+        "vendor": "CISA KEV",
+        "advisory_id": "CVE-2025-47729",
+        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+        "severity": "medium",
+        "published_date": "2025-05-12"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2025-47729",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47729",
+        "severity": "medium",
+        "published_date": "2025-05-12"
+      }
+    ],
+    "iocs": {
+      "behavioral": [
+        "Plaintext message content present in the TeleMessage (TM SGNL) archiving backend despite the product's end-to-end-encryption claim.",
+        "Archived messages readable from the backend store / API without the sender's keys.",
+        "Backend access exposing retained cleartext (surfaced via the May 2025 breach)."
+      ],
+      "indicators": [
+        "Cleartext message archives retrievable from the TM SGNL backend."
+      ],
+      "_ioc_source_note": "Anchored to NVD CVE-2025-47729 and CISA KEV; exposed via the May 2025 TeleMessage breach."
+    }
+  },
+  "CVE-2025-48595": {
+    "name": "Android Framework Integer Overflow Local Privilege Escalation (CISA KEV)",
+    "type": "Privilege Escalation",
+    "cvss_score": 8.4,
+    "cvss_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "NIST (NVD) CVSS v3.1 base 8.4 (HIGH). A local integer overflow in the Android Framework (CWE-190) reaches a code-execution path that yields local escalation of privilege with no additional execution privileges required and no user interaction (AV:L / AC:L / PR:N / UI:N).",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-06-02",
+    "cisa_kev_due_date": "2026-06-05",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept identified at curation. The Android Security Bulletin (June 2026) marks the issue as code-execution-capable local privilege escalation; CISA KEV inclusion indicates confirmed in-the-wild exploitation, but neither the bulletin nor NVD links a public exploit, and none was located.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed via the Android Security Bulletin (https://source.android.com/docs/security/bulletin/2026/2026-06-01) and NVD (https://nvd.nist.gov/vuln/detail/CVE-2025-48595). The abused surface is the core Android Framework.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization; a memory-safety integer-overflow flaw in the Android Framework reached for local privilege escalation.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2025-48595 to the Known Exploited Vulnerabilities catalog on 2026-06-02 (due 2026-06-05) - confirmed in-the-wild exploitation. A no-user-interaction local privilege-escalation primitive in the core Framework is a high-value second-stage on Android devices (chained after an initial app-level foothold to reach elevated/system privilege).",
+    "affected": "Android Framework on Android 14, 15, and 16 (including 16 QPR2 Beta 1-3) until the 2026-06-01 security-patch level.",
+    "affected_versions": [
+      "Android 14.0",
+      "Android 15.0",
+      "Android 16.0",
+      "Android 16.0 QPR2 Beta 1",
+      "Android 16.0 QPR2 Beta 2",
+      "Android 16.0 QPR2 Beta 3"
+    ],
+    "vector": "An integer overflow in the Android Framework (multiple locations) causes a memory-safety condition that reaches a code-execution path. A local application with no special execution privileges and no user interaction triggers the overflow to escalate to elevated/system privilege on the device. Remediated by Android devices reaching the 2026-06-01 (or later) security-patch level.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:L / AC:L / PR:N / UI:N - local, no privileges, no user interaction; a local app can drive the overflow.",
+    "patch_available": true,
+    "patch_required_reboot": true,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "Remediation is the monthly Android security update reaching the 2026-06-01 patch level; the framework update is applied through the system OTA and takes effect on device reboot. No live-patch path for the Android Framework.",
+    "vendor_update_paths": [
+      "Update affected devices to the 2026-06-01 (or later) Android security-patch level via the OEM/carrier OTA. Where an OEM has not yet shipped the bulletin, restrict installation of untrusted apps and constrain side-loading until the patch level is reached, since the privilege escalation is driven by locally running code."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SI-2": "Flaw remediation depends on OEM/carrier delivery of the monthly Android patch level; KEV-confirmed exploitation requires accelerated patch-level enforcement on the managed fleet, not best-effort OTA timing.",
+      "NIST-800-53-AC-6": "Least privilege is defeated: a no-privilege local app escalates to elevated/system privilege through a Framework integer overflow, so app-sandbox privilege limits do not bound real privilege.",
+      "ISO-27001-2022-A.8.8": "Management of technical vulnerabilities does not enforce a minimum mobile patch level across the device estate for a KEV-listed Framework flaw.",
+      "NIS2-Art21-vulnerability-handling": "Article 21 vulnerability-handling measures do not enforce timely mobile-OS patch-level compliance for a KEV-listed local-privilege-escalation flaw.",
+      "DORA-Art-9": "ICT protection measures do not model an unpatched mobile-OS privilege escalation on the managed fleet as an ICT-risk event.",
+      "UK-CAF-B4": "System Security objective lacks an objective for enforcing minimum mobile-OS patch levels and constraining untrusted-app installation on managed devices.",
+      "AU-ISM-1546": "The ISM patch-application control sets vendor-defined timeframes; a CISA KEV-listed, actively-exploited vulnerability requires applying the vendor fix within the KEV due-date, not a default monthly cycle."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1068"
+    ],
+    "rwep_score": 61,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 26,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 5
+    },
+    "rwep_notes": "High (RWEP 61, \"patch within 72 hours\" band per lib/scoring.js timeline). CISA KEV-listed (added 2026-06-02) and actively exploited: cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=26 (core Framework across Android 14-16, a very large device population), minus patch_available 15, plus reboot_required 5. No public-PoC credit (none located) keeps it below the 75 \"within 24 hours\" band, but KEV-confirmed exploitation of a no-interaction local-privesc primitive warrants accelerated patch-level enforcement; remediation is gated on OEM/carrier OTA delivery, so the effective field exposure outlasts the headline patch date.",
+    "epss_score": null,
+    "epss_date": "2026-06-13",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2025-48595",
+    "cwe_refs": [
+      "CWE-190"
+    ],
+    "iocs": {
+      "behavioral": [
+        "A local Android application gaining elevated/system privilege without a user-interaction step or an additional privilege grant.",
+        "Crashes or anomalous memory behavior in Android Framework components consistent with an integer-overflow-driven code-execution attempt.",
+        "Managed devices below the 2026-06-01 Android security-patch level on Android 14/15/16 - the exposed precondition."
+      ],
+      "_ioc_source_note": "Behavioral signatures anchored to the Android Security Bulletin (https://source.android.com/docs/security/bulletin/2026/2026-06-01), NVD CVE-2025-48595 (CWE-190), and the CISA KEV listing."
+    },
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2025-48595",
+      "https://source.android.com/docs/security/bulletin/2026/2026-06-01",
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "Android Security Bulletin",
+        "advisory_id": "CVE-2025-48595",
+        "url": "https://source.android.com/docs/security/bulletin/2026/2026-06-01",
+        "severity": "high",
+        "published_date": "2026-06-01"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2025-48595",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48595",
+        "severity": "high",
+        "published_date": "2026-06-01"
+      }
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from the Android Security Bulletin (2026-06-01) + NVD (CVSS v3.1 8.4; CWE-190 integer overflow) + the CISA KEV listing (added 2026-06-02). Android Framework local-privilege-escalation flaw; no public PoC located at curation.",
+    "_kev_short_description": "An Android Framework integer overflow (CWE-190) reaches a code-execution path that gives a local app elevated/system privilege with no user interaction; CISA KEV (added 2026-06-02, actively exploited), fixed at the 2026-06-01 Android security-patch level."
+  },
+  "CVE-2026-0257": {
+    "name": "Palo Alto Networks PAN-OS GlobalProtect Authentication Bypass (CISA KEV)",
+    "type": "auth-bypass",
+    "cvss_score": 9.1,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
+    "cvss_note": "NIST (NVD) CVSS v3.1 base 9.1 (CRITICAL). Palo Alto Networks (CNA) rates it CVSS v4.0 7.8 (HIGH) with exploit maturity ATTACKED. The authentication-bypass weakness (CWE-565, reliance on untrusted inputs in a security decision) lets an unauthenticated network attacker bypass GlobalProtect portal/gateway authentication and establish an unauthorized VPN connection; Panorama and Cloud NGFW are unaffected.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-05-29",
+    "cisa_kev_due_date": "2026-06-01",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept is published. Palo Alto Networks reports limited exploit attempts against unpatched, un-mitigated PAN-OS devices and marks the vendor exploit maturity ATTACKED, but neither the vendor advisory nor public research has released exploit code.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed in the Palo Alto Networks security advisory for CVE-2026-0257 (https://security.paloaltonetworks.com/CVE-2026-0257). No AI tool is credited with discovery.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization observed; the GlobalProtect portal/gateway authentication surface is reachable and bypassable directly over the network.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2026-0257 to the Known Exploited Vulnerabilities catalog on 2026-05-29 (due 2026-06-01). Palo Alto Networks states it has become aware of limited exploit attempts against unpatched PAN-OS devices without mitigations applied, and the advisory marks exploit maturity ATTACKED — confirmed active exploitation.",
+    "affected": "Palo Alto Networks PAN-OS GlobalProtect portal and gateway (firewall). Panorama and Cloud NGFW are not affected; Prisma Access is affected on non-patched PAN-OS 10.2.0-10.2.9 and 11.2.0-11.2.6. Siemens RUGGEDCOM APE1808 firmware embedding PAN-OS is also affected.",
+    "affected_versions": [
+      "PAN-OS 10.2 < 10.2.7-h34 / 10.2.10-h36 / 10.2.13-h21 / 10.2.16-h7 / 10.2.18-h6",
+      "PAN-OS 11.1 < 11.1.4-h33 / 11.1.6-h32 / 11.1.7-h6 / 11.1.10-h25 / 11.1.13-h5 / 11.1.15",
+      "PAN-OS 11.2 < 11.2.4-h17 / 11.2.7-h14 / 11.2.10-h7 / 11.2.12",
+      "PAN-OS 12.1 < 12.1.4-h6 / 12.1.7",
+      "Prisma Access (PAN-OS 10.2.0-10.2.9, 11.2.0-11.2.6)",
+      "Siemens RUGGEDCOM APE1808 (PAN-OS firmware)"
+    ],
+    "vector": "An unauthenticated remote attacker bypasses authentication on the GlobalProtect portal and gateway of PAN-OS and establishes an unauthorized remote-access VPN connection, gaining a foothold inside the perimeter the firewall is meant to defend. The flaw is an improper-authentication weakness (CWE-565) in how GlobalProtect makes the access decision. Remediation is upgrading to a fixed PAN-OS maintenance release; Panorama and Cloud NGFW are unaffected.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:N / UI:N — the GlobalProtect portal/gateway is internet-facing and the authentication decision is bypassed without credentials or user interaction.",
+    "patch_available": true,
+    "patch_required_reboot": true,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "No live patch — remediation is a PAN-OS maintenance-release upgrade on the appliance, which reboots the firewall. Palo Alto Networks also documents temporary mitigations (Threat Prevention signatures / restricting GlobalProtect exposure) for operators who cannot immediately upgrade.",
+    "vendor_update_paths": [
+      "Upgrade PAN-OS to a fixed maintenance release: 10.2.7-h34 / 10.2.10-h36 / 10.2.13-h21 / 10.2.16-h7 / 10.2.18-h6 or later; 11.1.4-h33 / 11.1.6-h32 / 11.1.7-h6 / 11.1.10-h25 / 11.1.13-h5 / 11.1.15 or later; 11.2.4-h17 / 11.2.7-h14 / 11.2.10-h7 / 11.2.12 or later; 12.1.4-h6 / 12.1.7 or later, per https://security.paloaltonetworks.com/CVE-2026-0257. Prisma Access tenants are updated by Palo Alto Networks. Siemens RUGGEDCOM APE1808 operators follow Siemens advisory SSA-967325. Until patched, apply the vendor's interim mitigations and do not expose GlobalProtect to untrusted networks."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-IA-2": "Identification and authentication of the GlobalProtect VPN caller is satisfied on paper but defeated by the bypass — an unauthenticated attacker reaches an authenticated VPN session.",
+      "NIST-800-53-AC-3": "Access enforcement on the remote-access VPN entry point is bypassed; the perimeter access decision can be skipped without credentials (CWE-565).",
+      "NIST-800-53-SC-7": "Boundary protection fails at its own enforcement point: the firewall providing the boundary is the device whose VPN authentication is bypassed, giving an attacker an interior foothold.",
+      "NIST-800-53-SI-2": "Flaw remediation SLAs keyed to routine patch windows are insufficient for a KEV-listed, actively exploited perimeter auth bypass with a 3-day federal due date.",
+      "NIS2-Art21-network-security": "EU NIS2 network-security and access-control measures treat the VPN gateway as a trusted enforcement point; they carry no CISA-KEV-tied 24h remediation SLA for an actively exploited perimeter auth bypass.",
+      "DORA-Art-9": "ICT protection measures do not model a remote-access VPN authentication bypass on a perimeter firewall as an ICT-risk event requiring expedited containment.",
+      "UK-CAF-B2": "Identity and Access Control objective does not require validating that a VPN gateway cannot be authenticated past without credentials.",
+      "AU-ISM-1546": "Patch-application timeframes for internet-facing infrastructure are insufficient for a confirmed-exploited perimeter authentication bypass.",
+      "ISO-27001-2022-A.8.8": "A.8.8 technical vulnerability management defines 'timely' loosely; a CISA KEV-listed exploited vulnerability needs the KEV due-date as the binding timescale."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1190",
+      "T1078",
+      "T1133"
+    ],
+    "rwep_score": 63,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 28,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 5
+    },
+    "epss_score": null,
+    "cwe_refs": [
+      "CWE-565"
+    ],
+    "known_ransomware_use": false,
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+      "https://security.paloaltonetworks.com/CVE-2026-0257",
+      "https://nvd.nist.gov/vuln/detail/CVE-2026-0257",
+      "https://cert-portal.siemens.com/productcert/html/ssa-967325.html"
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from the Palo Alto Networks security advisory (https://security.paloaltonetworks.com/CVE-2026-0257, exploit maturity ATTACKED) + NVD (CVSS v3.1 9.1 CRITICAL, CWE-565; PAN CNA CVSS v4.0 7.8) + the CISA KEV listing (added 2026-05-29, due 2026-06-01). Perimeter firewall GlobalProtect VPN authentication bypass; no AI tool credited with discovery.",
+    "iocs": {
+      "behavioral": [
+        "GlobalProtect portal/gateway sessions established without valid credentials against an unpatched PAN-OS device.",
+        "Authentication-bypass requests to the GlobalProtect web interface.",
+        "Unexpected administrative or VPN sessions on the firewall not tied to a valid user."
+      ],
+      "indicators": [
+        "Vendor-reported limited exploit attempts; ATTACKED exploit-maturity in the Palo Alto advisory."
+      ],
+      "_ioc_source_note": "Anchored to NVD CVE-2026-0257, the Palo Alto Networks security advisory, and CISA KEV."
+    },
+    "vendor_advisories": [
+      {
+        "vendor": "CISA KEV",
+        "advisory_id": "CVE-2026-0257",
+        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+        "severity": "critical",
+        "published_date": "2026-05-29"
+      },
+      {
+        "vendor": "Palo Alto Networks",
+        "advisory_id": "CVE-2026-0257",
+        "url": "https://security.paloaltonetworks.com/CVE-2026-0257",
+        "severity": "critical",
+        "published_date": "2026-05-29"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2026-0257",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0257",
+        "severity": "critical",
+        "published_date": "2026-05-29"
+      }
+    ]
+  },
+  "CVE-2026-10520": {
+    "name": "Ivanti Sentry Unauthenticated OS Command Injection to Root RCE (CISA KEV)",
+    "type": "RCE",
+    "cvss_score": 10,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
+    "cvss_note": "NIST (NVD) CVSS v3.1 base 10.0 (CRITICAL), Scope:Changed. An OS command injection weakness (CWE-78) in the Sentry web application's ConfigServiceController, reachable via an unauthenticated HTTP POST to /mics/api/v2/sentry/mics-config/handleMessage, lets a remote unauthenticated attacker achieve root-level remote code execution on the appliance.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-06-11",
+    "cisa_kev_due_date": "2026-06-14",
+    "poc_available": true,
+    "poc_description": "watchTowr Labs published technical analysis and a working public proof-of-concept exploit for unauthenticated root RCE on 2026-06-10 (the day after Ivanti's advisory), with a corresponding public GitHub repository. The PoC sends an unauthenticated POST to /mics/api/v2/sentry/mics-config/handleMessage reaching the ConfigServiceController command-injection sink.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed in the Ivanti security advisory for CVE-2026-10520 / CVE-2026-10523 (https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523); technical analysis and the public PoC were published by watchTowr Labs. No AI tool is credited with discovery.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization; an unauthenticated HTTP endpoint reaches an OS-command-injection sink that runs commands as root.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2026-10520 to the Known Exploited Vulnerabilities catalog on 2026-06-11 (due 2026-06-14) based on evidence of active exploitation, and the directive carried a 3-day federal remediation mandate. Shortly after the watchTowr public PoC was released (2026-06-10), Shadowserver reported a surge in in-the-wild exploitation attempts; its telemetry identified at least 19 vulnerable internet-exposed Ivanti Sentry instances, two already confirmed backdoored — confirmed active exploitation. Exploitation is reachable where the Sentry appliance is in an unmanaged state with externally reachable endpoints; mTLS with EPMM or restricted HTTPS via Neurons for MDM makes the interface inaccessible to external actors.",
+    "affected": "Ivanti Sentry (formerly MobileIron Sentry) standalone appliance with externally reachable endpoints in an unmanaged state. mTLS with EPMM or restricted HTTPS access via Neurons for MDM mitigates external reachability.",
+    "affected_versions": [
+      "Ivanti Standalone Sentry < 10.5.2",
+      "Ivanti Standalone Sentry 10.6.0 through 10.6.1",
+      "Ivanti Standalone Sentry 10.7.0"
+    ],
+    "vector": "A remote unauthenticated attacker sends a crafted HTTP POST to /mics/api/v2/sentry/mics-config/handleMessage, reaching an OS command injection sink in the ConfigServiceController of the Sentry web application and executing arbitrary commands as root on the appliance — full perimeter MDM-gateway compromise. Remediation is upgrading to Ivanti Sentry 10.5.2, 10.6.2, or 10.7.1; exposure is gated by whether the appliance endpoints are externally reachable (unmanaged) versus protected by mTLS with EPMM or restricted HTTPS via Neurons for MDM.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:N / UI:N — a single unauthenticated POST to a network-reachable endpoint reaches the root-level command-injection sink. Scope:Changed reflects code execution affecting resources beyond the vulnerable web component. A public PoC further lowers the bar to exploitation.",
+    "patch_available": true,
+    "patch_required_reboot": true,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "No live patch — remediation is an appliance upgrade to Ivanti Sentry 10.5.2 / 10.6.2 / 10.7.1, which restarts the appliance. Until patched, restrict external reachability (mTLS with EPMM or restricted HTTPS via Neurons for MDM) and treat exposed instances as candidates for compromise; CISA BOD 26-04 implementation guidance requires forensic triage.",
+    "vendor_update_paths": [
+      "Upgrade Ivanti Standalone Sentry to 10.5.2, 10.6.2, or 10.7.1 per the Ivanti security advisory (https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523). Where immediate upgrade is not possible, ensure the appliance is managed (mTLS with EPMM or restricted HTTPS via Neurons for MDM) so the endpoints are not externally reachable, and perform forensic triage on any internet-exposed instance per CISA BOD 26-04 implementation guidance."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SI-10": "Input validation on the ConfigServiceController message handler does not neutralize OS-command metacharacters, allowing command injection (CWE-78) from an unauthenticated request.",
+      "NIST-800-53-AC-3": "Access enforcement is missing on a code-execution endpoint — /mics/api/v2/sentry/mics-config/handleMessage reaches a root-level command sink without authentication.",
+      "NIST-800-53-IA-2": "The appliance does not authenticate the caller before reaching an OS-command-execution path that runs as root.",
+      "NIST-800-53-SI-3": "Malicious-code protection does not treat the MDM gateway's unauthenticated config endpoint as an attacker-reachable root-execution channel.",
+      "NIST-800-53-CM-7": "Least-functionality is not enforced: an unmanaged, internet-exposed appliance leaves a privileged config endpoint reachable and wired to a command sink.",
+      "NIST-800-53-SC-7": "Boundary protection fails: the MDM gateway sitting at the perimeter is itself remotely compromised to root, inverting its trust position.",
+      "ISO-27001-2022-A.8.28": "Secure-coding expectations do not address neutralizing OS-command input on an unauthenticated appliance config endpoint.",
+      "DORA-Art-9": "ICT protection measures do not model an unauthenticated root RCE on a perimeter MDM gateway as an ICT-risk event requiring expedited containment and forensic triage.",
+      "AU-ISM-1546": "Patch-application timeframes for internet-facing infrastructure are insufficient for a confirmed-exploited, public-PoC unauthenticated root RCE.",
+      "UK-CAF-B4": "The CAF System Security objective does not single out actively-exploited (KEV-listed) vulnerabilities on the exposed surface for accelerated, due-date-bound remediation."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1190",
+      "T1059",
+      "T1133"
+    ],
+    "rwep_score": 84,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 20,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 29,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 5
+    },
+    "epss_score": null,
+    "cwe_refs": [
+      "CWE-78"
+    ],
+    "known_ransomware_use": false,
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+      "https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US",
+      "https://nvd.nist.gov/vuln/detail/CVE-2026-10520",
+      "https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/",
+      "https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk",
+      "https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk"
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from the Ivanti security advisory (https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523) + NVD (CVSS v3.1 10.0 CRITICAL, Scope:Changed, CWE-78) + the CISA KEV listing (added 2026-06-11, due 2026-06-14) + watchTowr Labs public PoC (https://labs.watchtowr.com/more-evidence-that-words-dont-mean-what-we-thought-they-meant-ivanti-sentry-pre-auth-os-command-injection-cve-2026-10520/). Perimeter MDM-gateway unauthenticated root RCE; no AI tool credited with discovery.",
+    "iocs": {
+      "behavioral": [
+        "POST requests to /mics/api/v2/sentry/mics-config/handleMessage on an exposed Ivanti Sentry instance.",
+        "OS command execution as root via the ConfigServiceController message handler.",
+        "Backdoor/webshell artifacts on the appliance; Shadowserver-observed scanning surge after the 2026-06-10 PoC."
+      ],
+      "indicators": [
+        "watchTowr Labs public PoC (2026-06-10); 19 internet-exposed instances, 2 already backdoored per Shadowserver."
+      ],
+      "_ioc_source_note": "Anchored to NVD CVE-2026-10520, the Ivanti advisory, Rapid7 ETR, and the watchTowr Labs analysis + PoC."
+    },
+    "vendor_advisories": [
+      {
+        "vendor": "CISA KEV",
+        "advisory_id": "CVE-2026-10520",
+        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+        "severity": "critical",
+        "published_date": "2026-06-11"
+      },
+      {
+        "vendor": "hub.ivanti.com",
+        "advisory_id": "CVE-2026-10520",
+        "url": "https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US",
+        "severity": "critical",
+        "published_date": "2026-06-11"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2026-10520",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-10520",
+        "severity": "critical",
+        "published_date": "2026-06-11"
+      }
+    ]
+  },
+  "CVE-2026-11645": {
+    "name": "Google Chromium V8 Out-of-Bounds Read and Write Remote Code Execution (CISA KEV)",
+    "type": "RCE",
+    "cvss_score": 8.8,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
+    "cvss_note": "NIST (NVD) CVSS v3.1 base 8.8 (HIGH). An out-of-bounds read and write in the V8 JavaScript/WebAssembly engine (CWE-125 / CWE-787) lets a remote attacker who serves a crafted HTML page corrupt memory in the renderer and execute arbitrary code inside the renderer sandbox; UI:R reflects that the victim must visit attacker-controlled content. The sandbox-internal code execution is a primitive that is routinely chained with a sandbox-escape bug to reach the host.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-06-09",
+    "cisa_kev_due_date": "2026-06-23",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept. The upstream Chromium issue (https://issues.chromium.org/issues/506689381) is access-restricted per Google's standard practice of withholding exploit detail until the patched build has propagated.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed through the Chrome stable-channel security release (https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0153744567.html) and tracked in NVD (https://nvd.nist.gov/vuln/detail/CVE-2026-11645). No AI-discovery attribution is published for this V8 memory-corruption bug.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization reported. This is a classic V8 out-of-bounds read/write memory-corruption class reached from attacker-controlled JavaScript on a crafted page.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2026-11645 to the Known Exploited Vulnerabilities catalog on 2026-06-09 (due 2026-06-23) - confirmed active exploitation. The flaw is in Chromium's V8 engine, so it affects every Chromium-based browser (Google Chrome, Microsoft Edge, Opera, Brave and others), not only Chrome. KEV record reports knownRansomwareCampaignUse: Unknown.",
+    "affected": "Google Chrome and Chromium-based browsers before Chrome 149.0.7827.103 (Windows, macOS, Linux); the V8 defect ships in every Chromium-derived browser until each rebases onto the fixed V8.",
+    "affected_versions": [
+      "Google Chrome < 149.0.7827.103",
+      "Chromium-based browsers (Microsoft Edge, Opera, Brave, and others) until rebased onto the fixed V8"
+    ],
+    "vector": "A remote attacker serves a crafted HTML page whose JavaScript drives V8 into an out-of-bounds read and write. The memory corruption yields arbitrary code execution inside the renderer sandbox. Because the bug lives in V8 - shared by every Chromium-based browser - the affected population spans Chrome, Edge, Opera, Brave and more. Renderer-sandbox code execution is the building block attackers chain with a separate sandbox-escape bug to reach the host. Fixed in Chrome 149.0.7827.103; downstream browsers remediate as they rebase onto the fixed V8.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:N / UI:R - reachable over the network with no privileges; the only precondition is that the victim loads attacker-controlled web content, which routine drive-by / malvertising delivery satisfies.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "Remediation is updating to Chrome 149.0.7827.103 or later (or the fixed build of the affected Chromium-based browser) and relaunching the browser. This is an application restart, not a host reboot.",
+    "vendor_update_paths": [
+      "Update Google Chrome to 149.0.7827.103 or later and relaunch the browser to load the patched V8. For other Chromium-based browsers (Microsoft Edge, Opera, Brave, etc.), apply the vendor build that rebases onto the fixed V8. In managed fleets, force the browser-update channel and confirm the running version post-restart rather than assuming the auto-updater has applied it."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SI-2": "Flaw remediation does not treat browser-engine updates as urgent patch events on the same clock as server CVEs - a KEV-listed renderer RCE on the most widely deployed client engine sits outside many patch-SLA scopes.",
+      "NIST-800-53-SI-3": "Malicious-code protection assumes the browser sandbox holds; it does not account for a memory-corruption primitive in the engine itself that is chained toward host code execution.",
+      "ISO-27001-2022-A.8.8": "Technical-vulnerability management does not single out browser-engine (Chromium/V8) CVEs as a high-velocity patch surface across the whole estate of Chromium-derived browsers.",
+      "ISO-27001-2022-A.8.7": "Protection-against-malware controls rely on the browser sandbox without addressing engine-internal memory-corruption that erodes that boundary.",
+      "NIS2-Art21-vulnerability-handling": "Article 21 vulnerability-handling measures do not enforce an expedited patch window for actively exploited client-side browser-engine RCEs.",
+      "DORA-Art-9": "ICT protection measures do not model a KEV-listed browser-engine RCE on every employee endpoint as an ICT-risk event requiring prompt patching.",
+      "UK-CAF-B4": "System Security objective lacks an objective for keeping browser engines current against actively exploited memory-corruption bugs across all Chromium-based browsers in use.",
+      "AU-ISM-1546": "The ISM patch-application control sets vendor-defined timeframes; a CISA KEV-listed, actively-exploited vulnerability requires applying the vendor fix within the KEV due-date, not a default monthly cycle."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1203",
+      "T1189"
+    ],
+    "cwe_refs": [
+      "CWE-125",
+      "CWE-787"
+    ],
+    "known_ransomware_use": false,
+    "rwep_score": 60,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 30,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "High (RWEP 60, \"patch within 72 hours\" band per lib/scoring.js timeline). CISA KEV-listed (added 2026-06-09) and actively exploited: cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=30 (Chromium/V8 is among the most ubiquitous client software, present on essentially every desktop), minus patch_available 15. No public PoC (poc_available=0) holds the score below the urgent band even though the affected population is maximal; the available patch credit and absence of a published exploit keep it at P3 rather than P1, but the KEV listing means treat it as actively exploited and patch on the 72-hour clock.",
+    "epss_score": null,
+    "epss_date": "2026-06-13",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2026-11645",
+    "iocs": {
+      "behavioral": [
+        "Chromium-based browser process (chrome.exe / msedge.exe / opera.exe) spawning an unexpected child process or performing process injection shortly after rendering untrusted web content - the post-exploitation signature of a renderer compromise chained to escape.",
+        "Renderer (V8/JIT) crashes or RENDERER_HUNG / out-of-bounds crash signatures clustering around visits to specific attacker-controlled pages or ad networks.",
+        "Endpoints running Chrome < 149.0.7827.103 (or an unpatched Chromium-based browser) reachable to untrusted web content - the exposed precondition."
+      ],
+      "_ioc_source_note": "Behavioral signatures anchored to NVD CVE-2026-11645 (https://nvd.nist.gov/vuln/detail/CVE-2026-11645), the Chrome stable-channel release notes (https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0153744567.html), the CISA KEV listing (added 2026-06-09), and CWE-125/CWE-787."
+    },
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2026-11645",
+      "https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0153744567.html",
+      "https://issues.chromium.org/issues/506689381",
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "Google Chrome",
+        "advisory_id": "CVE-2026-11645",
+        "url": "https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0153744567.html",
+        "severity": "high",
+        "published_date": "2026-06-08"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2026-11645",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-11645",
+        "severity": "high",
+        "published_date": "2026-06-09"
+      }
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from NVD (CVSS v3.1 8.8; CWE-125 out-of-bounds read + CWE-787 out-of-bounds write) + the Chrome stable-channel security release (fixed in 149.0.7827.103) + the CISA KEV listing (added 2026-06-09, due 2026-06-23, knownRansomwareCampaignUse: Unknown). Chromium V8 memory-corruption RCE affecting every Chromium-based browser.",
+    "_kev_short_description": "Google Chromium V8 out-of-bounds read and write (CWE-125/CWE-787) lets a remote attacker run arbitrary code inside the renderer sandbox via a crafted HTML page, affecting every Chromium-based browser; CISA KEV (added 2026-06-09, actively exploited), fixed in Chrome 149.0.7827.103."
+  },
+  "CVE-2026-20245": {
+    "name": "Cisco Catalyst SD-WAN Manager Root Command Execution via Improper Output Encoding (CISA KEV)",
+    "type": "Privilege Escalation",
+    "cvss_score": 7.8,
+    "cvss_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "NIST (NVD) CVSS v3.1 base 7.8 (HIGH). CWE-116 (improper encoding or escaping of output): the SD-WAN Manager CLI insufficiently validates a user-supplied crafted file, allowing command injection. An authenticated local attacker holding netadmin privileges escalates to arbitrary command execution as root (C:H/I:H/A:H). AV:L reflects that the attacker must already be authenticated to the management console; the payoff is full root on the management plane that controls the SD-WAN fabric.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-06-09",
+    "cisa_kev_due_date": "2026-06-23",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept. The Cisco PSIRT advisory documents exploitation but publishes no exploit code, and no third-party PoC is available.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed via Cisco PSIRT advisory cisco-sa-sdwan-privesc-4uxFrdzx (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx) and tracked in NVD (https://nvd.nist.gov/vuln/detail/CVE-2026-20245). No AI-discovery attribution is published.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization reported. The flaw is a command-injection via improperly encoded output in the management CLI, reached by uploading a crafted file as a netadmin user.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2026-20245 to the Known Exploited Vulnerabilities catalog on 2026-06-09 (due 2026-06-23) - confirmed active exploitation. The Cisco PSIRT states that in June 2026 it became aware of exploitation of this vulnerability, with limited cases where exploitation resulted in configuration changes pushed to edge devices. KEV record reports knownRansomwareCampaignUse: Unknown. The netadmin precondition can be satisfied by chaining the authentication-bypass / privilege CVEs CVE-2026-20182 or CVE-2026-20127 noted in the advisory.",
+    "affected": "Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) and SD-WAN vSmart Controller across the affected 20.x and 26.x release ranges.",
+    "affected_versions": [
+      "Catalyst SD-WAN Manager 20.9.x < 20.9.9.2",
+      "Catalyst SD-WAN Manager 20.12.x < 20.12.7.2",
+      "Catalyst SD-WAN Manager 20.15.4.x < 20.15.4.5",
+      "Catalyst SD-WAN Manager 20.15.5.x < 20.15.5.3",
+      "Catalyst SD-WAN Manager 20.18.x < 20.18.3.1",
+      "Catalyst SD-WAN Manager 26.1.1.x < 26.1.1.2",
+      "SD-WAN vSmart Controller in the matching affected release ranges"
+    ],
+    "vector": "An authenticated local attacker with netadmin privileges on Cisco Catalyst SD-WAN Manager uploads a crafted file; insufficient validation of the user-supplied input in the management CLI (improper output encoding/escaping, CWE-116) results in command injection, executing arbitrary commands as root. The netadmin precondition can be obtained by chaining CVE-2026-20182 or CVE-2026-20127. Root on the SD-WAN Manager controls the fabric: observed exploitation has pushed configuration changes down to edge devices. Fixed in 20.9.9.2 / 20.12.7.2 / 20.15.4.5 / 20.15.5.3 / 20.18.3.1 / 26.1.1.2 and later; there are no workarounds.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:L / AC:L / PR:L / UI:N - low attack complexity once the attacker holds netadmin on the management console. The PR:L (netadmin) precondition is the gating factor, not algorithmic complexity, and that precondition is itself reachable by chaining CVE-2026-20182 / CVE-2026-20127.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "Remediation is upgrading to a fixed Catalyst SD-WAN Manager release (20.9.9.2 / 20.12.7.2 / 20.15.4.5 / 20.15.5.3 / 20.18.3.1 / 26.1.1.2 or later). There are no workarounds. Reboot handling follows the controller's standard software-upgrade procedure rather than an OS-level reboot of the operator's host.",
+    "vendor_update_paths": [
+      "Upgrade Cisco Catalyst SD-WAN Manager to a fixed release: 20.9.9.2, 20.12.7.2, 20.15.4.5, 20.15.5.3, 20.18.3.1, 26.1.1.2 or later (per the Cisco PSIRT advisory cisco-sa-sdwan-privesc-4uxFrdzx). There are no workarounds. Because the bug is exploited from a netadmin session and that session can be obtained by chaining CVE-2026-20182 / CVE-2026-20127, also patch those and tightly restrict and monitor netadmin access to the management plane."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SI-10": "Input-validation controls are unmet: the management CLI insufficiently validates a user-supplied crafted file, allowing command injection (CWE-116).",
+      "NIST-800-53-AC-6": "Least-privilege is defeated when a netadmin-scoped operator escalates to root command execution on the controller - the privilege boundary between management role and host root does not hold.",
+      "ISO-27001-2022-A.8.28": "Secure-coding expectations do not address proper output encoding/escaping on a privileged management CLI that processes uploaded files.",
+      "DORA-Art-9": "ICT protection measures do not model an SD-WAN management-plane privilege escalation - whose blast radius is fleet-wide config push - as an ICT-risk event.",
+      "UK-CAF-B2": "Identity and Access Control objective lacks an objective for preventing administrative roles on network controllers from escalating to host root via injection flaws.",
+      "AU-ISM-1546": "The ISM patch-application control sets vendor-defined timeframes; a CISA KEV-listed, actively-exploited vulnerability requires applying the vendor fix within the KEV due-date, not a default monthly cycle."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1059",
+      "T1068"
+    ],
+    "cwe_refs": [
+      "CWE-116"
+    ],
+    "known_ransomware_use": false,
+    "rwep_score": 56,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 26,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "Elevated (RWEP 56, \"patch within 7 days\" band per lib/scoring.js timeline). CISA KEV-listed (added 2026-06-09) and actively exploited: cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=26 (SD-WAN Manager governs entire WAN fabrics; root there pushes config to all edge devices), minus patch_available 15. The netadmin precondition (PR:L) and the available fix hold the RWEP just below the 72-hour band, but observed in-the-wild config-push to edge devices means treat the management-plane patch as priority, especially where the chainable auth CVEs CVE-2026-20182 / CVE-2026-20127 are also unpatched.",
+    "epss_score": null,
+    "epss_date": "2026-06-13",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2026-20245",
+    "iocs": {
+      "behavioral": [
+        "Crafted-file uploads to the Catalyst SD-WAN Manager management CLI from a netadmin session followed by unexpected root-level process execution on the controller.",
+        "Unexpected configuration changes pushed from SD-WAN Manager to edge devices not traceable to an authorized change window - the observed exploitation signature.",
+        "Catalyst SD-WAN Manager running a pre-fix release (< 20.9.9.2 / 20.12.7.2 / 20.15.4.5 / 20.15.5.3 / 20.18.3.1 / 26.1.1.2) with netadmin access reachable - the exposed precondition.",
+        "Use of CVE-2026-20182 / CVE-2026-20127 to obtain the netadmin session that this flaw is then exploited from."
+      ],
+      "_ioc_source_note": "Behavioral signatures anchored to the Cisco PSIRT advisory cisco-sa-sdwan-privesc-4uxFrdzx (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx), NVD CVE-2026-20245 (https://nvd.nist.gov/vuln/detail/CVE-2026-20245), the CISA KEV listing (added 2026-06-09), and CWE-116."
+    },
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2026-20245",
+      "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx",
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "Cisco PSIRT",
+        "advisory_id": "cisco-sa-sdwan-privesc-4uxFrdzx",
+        "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx",
+        "severity": "high",
+        "published_date": "2026-06-09"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2026-20245",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20245",
+        "severity": "high",
+        "published_date": "2026-06-09"
+      }
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from NVD (CVSS v3.1 7.8; CWE-116 improper encoding or escaping of output) + Cisco PSIRT advisory cisco-sa-sdwan-privesc-4uxFrdzx (netadmin-to-root command injection via crafted file; fixed releases listed; no workaround; observed config-push to edge devices) + the CISA KEV listing (added 2026-06-09, due 2026-06-23, knownRansomwareCampaignUse: Unknown). Management-plane privilege escalation on the SD-WAN fabric controller.",
+    "_kev_short_description": "Cisco Catalyst SD-WAN Manager improperly encodes output in its management CLI (CWE-116), letting an authenticated netadmin run arbitrary commands as root via a crafted file - root on the fabric controller that pushes config to edge devices; CISA KEV (added 2026-06-09, actively exploited), fixed in 20.9.9.2 / 20.12.7.2 / 20.15.4.5 / 20.15.5.3 / 20.18.3.1 / 26.1.1.2."
+  },
+  "CVE-2026-28318": {
+    "name": "SolarWinds Serv-U Uncontrolled Resource Consumption Denial of Service (CISA KEV)",
+    "type": "DoS",
+    "cvss_score": 7.5,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+    "cvss_note": "NVD CVSS v3.1 base 7.5 (HIGH). Availability-only impact (C:N/I:N/A:H): a specially crafted unauthenticated POST request using the Content-Encoding: deflate header crashes the Serv-U service (CWE-400). No confidentiality or integrity impact in the NVD vector - this is a denial-of-service, not a takeover.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-06-05",
+    "cisa_kev_due_date": "2026-06-19",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept exploit was located. The SolarWinds advisory and NVD record describe the crafted Content-Encoding: deflate POST that crashes the service but do not publish exploit code; CISA confirms in-the-wild exploitation without releasing a PoC.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed via a SolarWinds Trust Center security advisory (https://www.solarwinds.com/trust-center/security-advisories/CVE-2026-28318) and CISA KEV listing. No indication of AI-assisted discovery.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization reported. A crafted compressed POST that exhausts resources and crashes the service is directly reachable without tooling assistance.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2026-28318 to the Known Exploited Vulnerabilities catalog on 2026-06-05 (due 2026-06-19) - confirmed active exploitation. Serv-U is a widely deployed managed file-transfer / FTP server frequently exposed to the internet for partner file exchange; an unauthenticated crash takes the file-transfer service offline.",
+    "affected": "SolarWinds Serv-U versions before 15.5.4 and 15.5.4.",
+    "affected_versions": [
+      "SolarWinds Serv-U < 15.5.4",
+      "SolarWinds Serv-U 15.5.4"
+    ],
+    "vector": "SolarWinds Serv-U contains an uncontrolled-resource-consumption flaw (CWE-400). A specially crafted unauthenticated POST request carrying the Content-Encoding: deflate header drives the Serv-U service into resource exhaustion and crashes it - a denial of service against the managed file-transfer surface. Remediation is updating to Serv-U 15.5.4 Hotfix 1 or later and restarting the Serv-U service; no host reboot.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:N / UI:N - the crash is triggered over the network with a single crafted POST, without authentication or user interaction.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "Remediation is updating to Serv-U 15.5.4 Hotfix 1 or later; apply the update and restart the Serv-U service, no host reboot.",
+    "vendor_update_paths": [
+      "Update SolarWinds Serv-U to 15.5.4 Hotfix 1 or later (https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4-hotfix-1_release_notes.htm) and restart the Serv-U service. Where the update cannot be applied immediately, restrict network exposure of the Serv-U HTTP listener to trusted sources and front it with a proxy that rejects malformed Content-Encoding: deflate request bodies."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SC-5": "Denial-of-service protection does not treat an internet-exposed managed file-transfer service as a single crafted-request crash target (CWE-400).",
+      "NIST-800-53-SI-2": "Flaw remediation does not single out internet-facing file-transfer servers for emergency patching when an unauthenticated crash is KEV-listed.",
+      "NIST-800-53-SI-10": "Input validation does not reject malformed / abusive Content-Encoding request bodies before they reach the resource-consuming decode path.",
+      "ISO-27001-2022-A.8.8": "Technical-vulnerability management does not prioritize an unauthenticated-DoS flaw on an internet-exposed file-transfer server for emergency remediation.",
+      "NIS2-Art21-patch-management": "Article 21 patch-management measures do not enforce emergency timelines for an actively exploited DoS on a managed file-transfer surface.",
+      "DORA-Art-9": "ICT protection measures do not model an unauthenticated crash of a partner-facing file-transfer service as an ICT availability-risk event for financial entities.",
+      "UK-CAF-B4": "System Security objective has no objective for hardening internet-exposed file-transfer services against unauthenticated resource-exhaustion crashes.",
+      "AU-ISM-1546": "Patch-application control does not single out internet-facing managed file-transfer servers for emergency patch timelines on an actively exploited DoS."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1499"
+    ],
+    "cwe_refs": [
+      "CWE-400"
+    ],
+    "known_ransomware_use": false,
+    "rwep_score": 54,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 24,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "High (RWEP 54, \"patch within 7 days\" band per lib/scoring.js timeline). CISA KEV-listed (added 2026-06-05) and actively exploited: cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=24 (internet-exposed managed file-transfer service), minus patch_available 15. No public PoC was located, so poc_available contributes 0. The CVSS 7.5 (HIGH) reflects an availability-only impact (A:H, C:N, I:N) - this is a denial of service, not a takeover - but the KEV listing and confirmed exploitation keep it on a short remediation clock.",
+    "epss_score": null,
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+      "https://www.solarwinds.com/trust-center/security-advisories/cve-2026-28318",
+      "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4-hotfix-1_release_notes.htm#link7",
+      "https://nvd.nist.gov/vuln/detail/CVE-2026-28318"
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from the SolarWinds Trust Center security advisory (https://www.solarwinds.com/trust-center/security-advisories/CVE-2026-28318, CWE-400) + NVD (CVSS v3.1 7.5, availability-only A:H) + the CISA KEV listing (added 2026-06-05, actively exploited). Unauthenticated crafted Content-Encoding: deflate POST crashes the Serv-U managed file-transfer service.",
+    "iocs": {
+      "behavioral": [
+        "Crafted requests to an exposed SolarWinds Serv-U service causing uncontrolled resource consumption.",
+        "Serv-U process CPU/memory exhaustion or crash leading to denial of service.",
+        "Repeated malformed requests preceding a service outage."
+      ],
+      "indicators": [
+        "Service unavailability / crash loop on Serv-U < 15.5.4."
+      ],
+      "_ioc_source_note": "Anchored to NVD CVE-2026-28318, the SolarWinds Trust Center advisory, and CISA KEV."
+    },
+    "vendor_advisories": [
+      {
+        "vendor": "CISA KEV",
+        "advisory_id": "CVE-2026-28318",
+        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+        "severity": "high",
+        "published_date": "2026-06-05"
+      },
+      {
+        "vendor": "SolarWinds",
+        "advisory_id": "CVE-2026-28318",
+        "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2026-28318",
+        "severity": "high",
+        "published_date": "2026-06-05"
+      },
+      {
+        "vendor": "documentation.solarwinds.com",
+        "advisory_id": "CVE-2026-28318",
+        "url": "https://documentation.solarwinds.com/en/success_center/servu/content/release_notes/servu_15-5-4-hotfix-1_release_notes.htm#link7",
+        "severity": "high",
+        "published_date": "2026-06-05"
+      }
+    ]
+  },
+  "CVE-2026-35273": {
+    "name": "Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function (CISA KEV)",
+    "type": "auth-bypass",
+    "cvss_score": 9.8,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "NIST (NVD) CVSS v3.1 base 9.8 (CRITICAL). The PeopleTools environment-management component exposes a critical function without authentication (CWE-306); an unauthenticated network attacker reaches full compromise (C:H/I:H/A:H), described by Oracle as takeover of PeopleSoft Enterprise PeopleTools.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-06-12",
+    "cisa_kev_due_date": "2026-06-15",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept exploit was located. Oracle's Security Alert and the NVD record describe the missing-authentication takeover but do not publish exploit code; CISA confirms in-the-wild exploitation without releasing a PoC.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed via an Oracle out-of-cycle Security Alert (https://www.oracle.com/security-alerts/alert-cve-2026-35273.html) and CISA KEV listing. No indication of AI-assisted discovery.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization reported. A missing-authentication critical function on an enterprise ERP platform is directly reachable without tooling assistance.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2026-35273 to the Known Exploited Vulnerabilities catalog on 2026-06-12 (due 2026-06-15) - confirmed active exploitation. Oracle issued an out-of-cycle Security Alert for the same flaw. PeopleSoft is a widely deployed HR/finance/student-administration ERP; an unauthenticated takeover of PeopleTools exposes the connected enterprise data and processes.",
+    "affected": "Oracle PeopleSoft Enterprise PeopleTools 8.61 and 8.62.",
+    "affected_versions": [
+      "Oracle PeopleSoft Enterprise PeopleTools 8.61",
+      "Oracle PeopleSoft Enterprise PeopleTools 8.62"
+    ],
+    "vector": "Oracle PeopleSoft Enterprise PeopleTools contains a missing-authentication-for-critical-function flaw (CWE-306) in its environment-management component. An unauthenticated attacker with network access via HTTP reaches a critical function that should require authentication, resulting in full compromise - Oracle characterizes the outcome as takeover of PeopleSoft Enterprise PeopleTools. Remediation is the Oracle Security Alert / Critical Patch Update fix; redeploy the PeopleTools application, no host reboot.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:N / UI:N - the critical function is reachable over the network without authentication, user interaction, or special conditions.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "Remediation is the Oracle Security Alert / Critical Patch Update fix for PeopleTools 8.61 and 8.62; apply the PeopleTools patch and redeploy, no host reboot.",
+    "vendor_update_paths": [
+      "Apply the Oracle Security Alert fix for CVE-2026-35273 (https://www.oracle.com/security-alerts/alert-cve-2026-35273.html) to PeopleSoft Enterprise PeopleTools 8.61 / 8.62 via the Oracle Critical Patch Update channel. Do not expose the PeopleTools environment-management component to untrusted networks; place PeopleSoft behind authenticated access control and segment the management surface from the public internet."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-AC-3": "Access enforcement is missing on a critical function - the PeopleTools environment-management surface is reachable without authentication (CWE-306).",
+      "NIST-800-53-IA-2": "The ERP platform does not authenticate callers before exposing a critical, takeover-capable function.",
+      "NIST-800-53-SI-2": "Flaw remediation does not single out enterprise ERP management surfaces as unauthenticated-takeover targets that need out-of-cycle patching when a vendor alert ships.",
+      "NIST-800-53-CM-7": "Least-functionality is not enforced: a critical management function is exposed on the network without an authentication gate.",
+      "ISO-27001-2022-A.5.15": "Access control does not gate the ERP platform's critical management functions.",
+      "ISO-27001-2022-A.8.8": "Technical-vulnerability management does not prioritize an unauthenticated-takeover flaw on a core ERP platform for emergency remediation.",
+      "NIS2-Art21-identity-management": "Article 21 access-control and identity measures do not reach the ERP platform's unauthenticated critical-function surface.",
+      "DORA-Art-9": "ICT protection measures do not model an ERP management-plane takeover as an ICT-risk event for financial entities running PeopleSoft.",
+      "UK-CAF-B4": "System Security objective has no objective for authenticating the ERP platform's critical management functions.",
+      "AU-ISM-1546": "Patch-application control does not single out enterprise ERP platforms for emergency patch timelines when a vendor ships an out-of-cycle alert."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1190",
+      "T1078"
+    ],
+    "cwe_refs": [
+      "CWE-306"
+    ],
+    "known_ransomware_use": true,
+    "rwep_score": 54,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 24,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "High (RWEP 54, \"patch within 7 days\" band per lib/scoring.js timeline). CISA KEV-listed (added 2026-06-12) and actively exploited: cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=24 (enterprise ERP management plane), minus patch_available 15. No public PoC was located, so poc_available contributes 0. The CVSS 9.8 (CRITICAL) reflects the unauthenticated-takeover impact; the RWEP is moderated by the available Oracle patch but the KEV listing and confirmed exploitation keep this on a short remediation clock.",
+    "epss_score": null,
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+      "https://www.oracle.com/security-alerts/alert-cve-2026-35273.html",
+      "https://support.oracle.com/signin/",
+      "https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk",
+      "https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk",
+      "https://nvd.nist.gov/vuln/detail/CVE-2026-35273"
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from the Oracle out-of-cycle Security Alert (https://www.oracle.com/security-alerts/alert-cve-2026-35273.html, CWE-306) + NVD (CVSS v3.1 9.8) + the CISA KEV listing (added 2026-06-12, actively exploited). Enterprise ERP missing-authentication takeover of PeopleSoft Enterprise PeopleTools 8.61 / 8.62.",
+    "iocs": {
+      "behavioral": [
+        "Access to a PeopleTools critical function over the network without authentication.",
+        "Requests reaching a privileged PeopleSoft endpoint that should require a valid session.",
+        "Anomalous unauthenticated access to PeopleSoft administrative/integration functions."
+      ],
+      "indicators": [
+        "Oracle out-of-cycle Security Alert; CISA KEV with ransomware-campaign linkage flagged."
+      ],
+      "_ioc_source_note": "Anchored to NVD CVE-2026-35273, the Oracle Security Alert, and CISA KEV."
+    },
+    "vendor_advisories": [
+      {
+        "vendor": "CISA KEV",
+        "advisory_id": "CVE-2026-35273",
+        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+        "severity": "critical",
+        "published_date": "2026-06-12"
+      },
+      {
+        "vendor": "Oracle",
+        "advisory_id": "CVE-2026-35273",
+        "url": "https://www.oracle.com/security-alerts/alert-cve-2026-35273.html",
+        "severity": "critical",
+        "published_date": "2026-06-12"
+      },
+      {
+        "vendor": "support.oracle.com",
+        "advisory_id": "CVE-2026-35273",
+        "url": "https://support.oracle.com/signin/",
+        "severity": "critical",
+        "published_date": "2026-06-12"
+      }
+    ]
+  },
+  "CVE-2026-42271": {
+    "name": "BerriAI LiteLLM MCP Test-Endpoint Authenticated Command Injection (CISA KEV)",
+    "type": "RCE",
+    "cvss_score": 8.8,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "NIST (NVD) CVSS v3.1 base 8.8 (HIGH); the GitHub (CNA) advisory rates it CVSS v4.0 8.7 (HIGH). The MCP REST test endpoints accept attacker-supplied server configurations that spawn arbitrary subprocesses; any authenticated caller, including a low-privilege internal-user key, reaches command execution on the proxy host (CWE-77 / CWE-78).",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-06-08",
+    "cisa_kev_due_date": "2026-06-22",
+    "poc_available": false,
+    "poc_description": "The GitHub Security Advisory documents the mechanism - the POST /mcp-rest/test/connection and /mcp-rest/test/tools/list endpoints accept MCP server configs that spawn subprocesses - but ships no public proof-of-concept exploit.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed via the BerriAI GitHub Security Advisory (https://github.com/BerriAI/litellm/security/advisories/GHSA-v4p8-mg3p-g94g). The abused surface is an LLM gateway/proxy (LiteLLM) and its Model Context Protocol (MCP) integration.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization; an authenticated MCP test endpoint on an LLM gateway accepts server configs that spawn arbitrary subprocesses on the host.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2026-42271 to the Known Exploited Vulnerabilities catalog on 2026-06-08 (due 2026-06-22) - confirmed active exploitation. The MCP test endpoints accept attacker-controlled server configurations that spawn subprocesses; any authenticated user, including a holder of a low-privilege internal-user key, can run commands on the proxy host, bypassing the PROXY_ADMIN gate that protects the config-save endpoint. No public proof-of-concept ships in the advisory.",
+    "affected": "BerriAI LiteLLM >= 1.74.2 and < 1.83.7.",
+    "affected_versions": [
+      "BerriAI LiteLLM >= 1.74.2, < 1.83.7"
+    ],
+    "vector": "LiteLLM's MCP REST interface exposes POST /mcp-rest/test/connection and /mcp-rest/test/tools/list, which accept Model Context Protocol server configurations. A supplied stdio-transport config spawns an arbitrary subprocess on the proxy host. The save-config endpoint is gated behind PROXY_ADMIN, but the test endpoints are not - any authenticated caller, including a low-privilege internal-user key, reaches the subprocess-spawn path and runs commands on the host. Fixed in 1.83.7.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:L / UI:N - the MCP test endpoints are network-reachable, require only an authenticated (even low-privilege) key, and spawn the supplied config's subprocess without further interaction.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "Remediation is upgrading to LiteLLM 1.83.7 (stable) or later; redeploy the proxy, no host reboot.",
+    "vendor_update_paths": [
+      "Upgrade BerriAI LiteLLM to 1.83.7-stable or later. Until patched, do not expose the MCP REST test endpoints (/mcp-rest/test/connection, /mcp-rest/test/tools/list) to any caller that is not fully trusted, and apply the same PROXY_ADMIN gate the config-save endpoint already enforces - every MCP endpoint that can spawn a subprocess from a supplied server config is an admin-equivalent execution surface."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-AC-3": "Access enforcement is insufficient on a command-execution endpoint - the MCP test routes spawn subprocesses for any authenticated caller while the equivalent save route requires PROXY_ADMIN (CWE-77/CWE-78).",
+      "NIST-800-53-AC-6": "Least-privilege is broken: a low-privilege internal-user key reaches a host-command-execution path that should require administrative authority.",
+      "NIST-800-53-SI-3": "Malicious-code protection does not treat the LLM gateway's MCP test endpoints as an attacker-reachable subprocess-spawn channel.",
+      "NIST-800-53-CM-7": "Least-functionality is not enforced: a network endpoint spawns subprocesses from a request-supplied MCP server config without sandboxing.",
+      "ISO-27001-2022-A.8.28": "Secure-coding expectations do not address spawning subprocesses from externally supplied MCP server configurations on an authenticated endpoint.",
+      "NIS2-Art21-identity-management": "Article 21 access-control measures do not gate the LLM gateway's MCP subprocess-spawn endpoints behind the privilege level the action requires.",
+      "DORA-Art-9": "ICT protection measures do not model an LLM gateway's MCP test endpoints as an ICT-risk command-execution event.",
+      "UK-CAF-B4": "System Security objective has no requirement to authenticate to admin level and sandbox an LLM gateway's MCP server-config execution endpoints.",
+      "AU-ISM-1546": "Patch-application control does not single out LLM gateways and their MCP integrations.",
+      "ALL-AI-PIPELINE-INTEGRITY": "No framework treats an LLM gateway's MCP test/connection endpoints as privileged execution surfaces that must authenticate to admin level and must not spawn subprocesses from a request-supplied server config."
+    },
+    "atlas_refs": [
+      "AML.T0050"
+    ],
+    "attack_refs": [
+      "T1190",
+      "T1059"
+    ],
+    "rwep_score": 56,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 26,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "High (RWEP 56, \"patch within 72 hours\" band per lib/scoring.js timeline). CISA KEV-listed (added 2026-06-08) and actively exploited: cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=26 (an LLM gateway/proxy that fronts model traffic for many internal callers), minus patch_available 15. No public PoC ships, so poc_available contributes 0. The patch credit does not pull it out of the P-72h band because real-world exploitation is confirmed.",
+    "epss_score": null,
+    "epss_date": "2026-06-13",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2026-42271",
+    "cwe_refs": [
+      "CWE-77",
+      "CWE-78"
+    ],
+    "known_ransomware_use": false,
+    "iocs": {
+      "behavioral": [
+        "Authenticated POST requests to /mcp-rest/test/connection or /mcp-rest/test/tools/list carrying MCP server configurations with a stdio-transport command/args that spawn a subprocess.",
+        "LiteLLM proxy spawning unexpected child processes that perform file, network, or process operations not tied to a legitimate MCP server.",
+        "Low-privilege internal-user keys reaching the MCP test endpoints - the privilege mismatch is the exposed precondition (save-config requires PROXY_ADMIN; the test endpoints did not)."
+      ],
+      "_ioc_source_note": "Behavioral signatures anchored to the BerriAI GitHub Security Advisory (https://github.com/BerriAI/litellm/security/advisories/GHSA-v4p8-mg3p-g94g), NVD CVE-2026-42271 (https://nvd.nist.gov/vuln/detail/CVE-2026-42271), the v1.83.7-stable release notes, the CISA KEV listing, and CWE-77/CWE-78."
+    },
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2026-42271",
+      "https://github.com/BerriAI/litellm/security/advisories/GHSA-v4p8-mg3p-g94g",
+      "https://github.com/BerriAI/litellm/releases/tag/v1.83.7-stable",
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "GitHub Security Advisory",
+        "advisory_id": "GHSA-v4p8-mg3p-g94g",
+        "url": "https://github.com/BerriAI/litellm/security/advisories/GHSA-v4p8-mg3p-g94g",
+        "severity": "high",
+        "published_date": "2026-06-08"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2026-42271",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-42271",
+        "severity": "high",
+        "published_date": "2026-06-08"
+      }
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from the BerriAI GitHub Security Advisory (GHSA-v4p8-mg3p-g94g, CWE-77/CWE-78) + NVD (CVSS v3.1 8.8; GitHub CNA CVSS v4.0 8.7) + the CISA KEV listing (added 2026-06-08). LLM gateway / MCP-integration flaw (LiteLLM); the MCP test endpoints reach an admin-equivalent subprocess-spawn path from a low-privilege authenticated key.",
+    "_kev_short_description": "LiteLLM's MCP test endpoints (/mcp-rest/test/connection, /mcp-rest/test/tools/list) spawn subprocesses from a request-supplied server config for any authenticated caller, including low-privilege internal-user keys (CWE-77/CWE-78), giving authenticated RCE that bypasses the PROXY_ADMIN gate on save-config; CISA KEV (added 2026-06-08, actively exploited), fixed in 1.83.7."
+  },
+  "CVE-2026-45247": {
+    "name": "Mirasvit Full Page Cache Warmer (Magento) Deserialization of Untrusted Data Remote Code Execution (CISA KEV)",
+    "type": "RCE",
+    "cvss_score": 9.8,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "NVD CVSS v3.1 base 9.8 (CRITICAL); the CNA also publishes a CVSS v4.0 9.3 (CRITICAL) vector. A crafted serialized PHP object in the CacheWarmer cookie reaches PHP's native unserialize() on attacker-controlled data (CWE-502 PHP object injection), giving unauthenticated remote code execution on the Magento / Adobe Commerce storefront (C:H/I:H/A:H).",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-06-03",
+    "cisa_kev_due_date": "2026-06-06",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept exploit was located. The Sansec research write-up describes the unserialize() sink and publishes a detection signature (a CacheWarmer cookie value matching CacheWarmer:(Tz|Qz|YT)) but deliberately withholds exploit code and the gadget chain; CISA confirms the flaw is exploited without releasing a PoC.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed via Sansec research (https://sansec.io/research/mirasvit-cache-warmer-object-injection) and a VulnCheck advisory, with a CISA KEV listing. No indication of AI-assisted discovery.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization reported. A request-supplied serialized PHP object reaching unserialize() is a classic object-injection path that does not require tooling assistance to weaponize.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2026-45247 to the Known Exploited Vulnerabilities catalog on 2026-06-03 (due 2026-06-06) - confirmed active exploitation. The flaw fires on ordinary unauthenticated storefront traffic carrying a crafted CacheWarmer cookie; Magento / Adobe Commerce stores are high-value e-commerce targets (payment flows, customer PII), and a third-party caching extension widens the attack surface beyond the core platform.",
+    "affected": "Mirasvit Full Page Cache Warmer for Magento 2 before 1.11.12.",
+    "affected_versions": [
+      "Mirasvit Full Page Cache Warmer for Magento 2 < 1.11.12"
+    ],
+    "vector": "Mirasvit Full Page Cache Warmer for Magento 2 deserializes untrusted data (CWE-502): any unauthenticated storefront request carrying a crafted CacheWarmer cookie reaches PHP's native unserialize() on attacker-controlled data, enabling PHP object injection and remote code execution on the store. No authentication is required and the flaw fires on ordinary storefront traffic. Remediation is updating the extension to 1.11.12 or later and redeploying; no host reboot.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:N / UI:N - the object-injection sink is reachable over the network with an unauthenticated request carrying a crafted cookie, no user interaction required.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "Remediation is updating the Mirasvit Full Page Cache Warmer extension to 1.11.12 or later; update via Composer and redeploy the Magento application, no host reboot.",
+    "vendor_update_paths": [
+      "Update the Mirasvit Full Page Cache Warmer extension (mirasvit/module-cache-warmer) to 1.11.12 or later via Composer (https://mirasvit.com/package/changelog/?package=mirasvit/module-cache-warmer) and redeploy the Magento / Adobe Commerce application. Until updated, block or reject inbound requests whose CacheWarmer cookie value matches the published exploitation signature (CacheWarmer:(Tz|Qz|YT)) at the WAF / edge, and audit logs for prior hits."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SI-10": "Input validation does not prevent a request-supplied serialized PHP object from reaching unserialize() - untrusted data flows into a native deserialization sink (CWE-502).",
+      "NIST-800-53-SI-2": "Flaw remediation does not track third-party e-commerce extensions (not just the core platform) as an attacker-reachable RCE surface needing emergency patching.",
+      "NIST-800-53-AC-3": "Access enforcement is irrelevant to the attack - an unauthenticated storefront request reaches the code-execution sink, so the control that should bound impact is never engaged.",
+      "NIST-800-53-CM-7": "Least-functionality is not enforced: an extension deserializes request-controlled data into live PHP objects on the storefront request path.",
+      "ISO-27001-2022-A.8.8": "Technical-vulnerability management does not prioritize a third-party Magento extension's unauthenticated-RCE flaw for emergency remediation.",
+      "ISO-27001-2022-A.8.28": "Secure-coding expectations do not address passing request-supplied data to a native deserialization function on a public storefront endpoint.",
+      "NIS2-Art21-patch-management": "Article 21 patch-management measures do not enforce emergency timelines for an actively exploited RCE in a third-party e-commerce extension.",
+      "DORA-Art-9": "ICT protection measures do not model a deserialization RCE in a payment-adjacent e-commerce extension as an ICT-risk event.",
+      "UK-CAF-B4": "System Security objective has no objective for treating third-party e-commerce extensions' deserialization paths as code-execution surfaces.",
+      "AU-ISM-1546": "Patch-application control does not single out third-party e-commerce platform extensions for emergency patch timelines on an actively exploited RCE."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1190",
+      "T1059"
+    ],
+    "cwe_refs": [
+      "CWE-502"
+    ],
+    "known_ransomware_use": false,
+    "rwep_score": 48,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 18,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "Elevated (RWEP 48, \"patch within 7 days\" band per lib/scoring.js timeline). CISA KEV-listed (added 2026-06-03) and actively exploited: cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=18 (single third-party Magento extension, narrower than a core-platform flaw but on high-value e-commerce stores), minus patch_available 15. No public PoC was located - Sansec published only a detection signature, not exploit code - so poc_available contributes 0. The CVSS 9.8 (CRITICAL) reflects the unauthenticated-RCE impact; the RWEP is moderated by the available extension update and the narrower extension-scoped blast radius, but the KEV listing and confirmed exploitation keep this on a short remediation clock.",
+    "epss_score": null,
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+      "https://mirasvit.com/package/changelog/?package=mirasvit/module-cache-warmer",
+      "https://sansec.io/research/mirasvit-cache-warmer-object-injection",
+      "https://www.vulncheck.com/advisories/mirasvit-cache-warmer-for-magento-php-object-injection",
+      "https://nvd.nist.gov/vuln/detail/CVE-2026-45247"
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from Sansec research (https://sansec.io/research/mirasvit-cache-warmer-object-injection, CWE-502) + the VulnCheck advisory + NVD (CVSS v3.1 9.8; CNA CVSS v4.0 9.3) + the CISA KEV listing (added 2026-06-03, actively exploited). Third-party Magento / Adobe Commerce extension deserialization RCE via a crafted CacheWarmer cookie; fixed in 1.11.12.",
+    "iocs": {
+      "behavioral": [
+        "Untrusted serialized payload delivered to the Mirasvit Full Page Cache Warmer extension on a Magento 2 / Adobe Commerce store.",
+        "PHP object deserialization reaching a gadget chain → remote code execution.",
+        "Sansec detection signature CacheWarmer:(Tz|Qz|YT) in store traffic/logs."
+      ],
+      "indicators": [
+        "Sansec signature CacheWarmer:(Tz|Qz|YT); VulnCheck advisory."
+      ],
+      "_ioc_source_note": "Anchored to NVD CVE-2026-45247, Sansec research, VulnCheck, and CISA KEV."
+    },
+    "vendor_advisories": [
+      {
+        "vendor": "CISA KEV",
+        "advisory_id": "CVE-2026-45247",
+        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+        "severity": "critical",
+        "published_date": "2026-06-03"
+      },
+      {
+        "vendor": "mirasvit.com",
+        "advisory_id": "CVE-2026-45247",
+        "url": "https://mirasvit.com/package/changelog/?package=mirasvit/module-cache-warmer",
+        "severity": "critical",
+        "published_date": "2026-06-03"
+      },
+      {
+        "vendor": "Sansec",
+        "advisory_id": "CVE-2026-45247",
+        "url": "https://sansec.io/research/mirasvit-cache-warmer-object-injection",
+        "severity": "critical",
+        "published_date": "2026-06-03"
+      }
+    ]
+  },
+  "CVE-2026-48172": {
+    "name": "LiteSpeed User-End cPanel Plugin redisAble Root Privilege Escalation (CISA KEV)",
+    "type": "LPE",
+    "cvss_score": 9.8,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "NIST (NVD) publishes CVSS v3.1 base 9.8 (CRITICAL); the MITRE secondary assessment rates it CVSS v4.0 10.0 (CRITICAL). The NVD v3.1 vector scores AV:N/PR:N to reflect that any cPanel user account - including a compromised low-privilege account reached over the network - can drive the redisAble function to execute arbitrary scripts as root.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-05-26",
+    "cisa_kev_due_date": "2026-05-29",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept exploit. The vendor advisory documents the abused function (lsws.redisAble / cpanel_jsonapi_func=redisAble) and a log-based detection grep, but does not publish exploit code.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed by LiteSpeed Technologies via their security update (https://blog.litespeedtech.com/2026/05/21/security-update-for-litespeed-cpanel-plugin/) and catalogued in NVD; CISA KEV-listed 2026-05-26. Identified through vendor incident response after in-the-wild exploitation, not AI tooling.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No evidence of AI-assisted weaponization. The flaw is improper privilege management on a control-panel plugin function reachable by any panel user.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "Confirmed in the wild. The vendor states the vulnerability is being actively exploited and poses a risk for all user-end plugin versions v2.3 through v2.4.4; NVD records 'as exploited in the wild in May 2026'; CISA added CVE-2026-48172 to the KEV catalog on 2026-05-26 (due 2026-05-29). The vendor publishes a detection grep for the redisAble call in cPanel logs.",
+    "affected": "LiteSpeed User-End cPanel Plugin (the user-facing cPanel plugin component), versions v2.3 through v2.4.4, on cPanel/WHM hosting servers. Bundled with the LiteSpeed WHM plugin.",
+    "affected_versions": [
+      "LiteSpeed User-End cPanel Plugin v2.3 through v2.4.4 (before 2.4.7)",
+      "LiteSpeed WHM Plugin before 5.3.1.0"
+    ],
+    "vector": "The LiteSpeed user-end cPanel plugin mishandles its Redis enable/disable feature (the lsws.redisAble function, invoked via cpanel_jsonapi_func=redisAble). Because the function runs with root privileges but is reachable from the user-end plugin, any cPanel user account - including a compromised or malicious tenant - can drive it to execute arbitrary scripts as root, escalating from an unprivileged panel user to full root on the shared hosting server (CWE-266, improper privilege management). On a multi-tenant control-panel host this collapses tenant isolation: one compromised account becomes root over every site on the box. Fixed in cPanel plugin v2.4.7 (bundled with WHM plugin v5.3.1.0 or higher).",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:N / UI:N. Exploitation requires only the ability to invoke the user-end plugin function as any cPanel user; no special conditions, race, or user interaction. The vendor confirms any cPanel user, including a compromised account, can exploit it.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "No live patch. Remediation is updating the plugin to cPanel plugin v2.4.7 (WHM plugin v5.3.1.0+); the vendor also offers a temporary mitigation of uninstalling the cPanel plugin via lscmctl. A plugin update suffices - no server reboot is required.",
+    "vendor_update_paths": [
+      "Upgrade immediately to LiteSpeed WHM plugin v5.3.1.0 or higher, which bundles cPanel plugin v2.4.7. If an immediate upgrade is not possible, apply the temporary mitigation of uninstalling the user-end cPanel plugin (/usr/local/lsws/admin/misc/lscmctl cpanelplugin --uninstall). After patching, run the vendor's detection grep (cpanel_jsonapi_func=redisAble across /var/cpanel/logs and /usr/local/cpanel/logs/) to determine whether the host was already exploited, and investigate any source IPs found."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-AC-6": "Least-privilege is violated: a user-end plugin function executes with root privileges and is reachable by any unprivileged cPanel user, granting root to accounts that should never have it.",
+      "NIST-800-53-AC-3": "Access enforcement does not gate a root-privileged operation behind appropriate authorization - the redisAble function trusts the panel user to invoke a privileged action.",
+      "NIST-800-53-CM-7": "Least-functionality is not enforced: a user-facing plugin exposes a root-capable enable/disable operation to every tenant rather than restricting it to administrators.",
+      "NIST-800-53-SC-39": "Process isolation on a multi-tenant host is defeated when one tenant's plugin call escalates to root across all tenants.",
+      "NIST-800-53-SI-10": "Input/parameter handling for the redisAble function does not adequately constrain what the user-end call can cause to run as root.",
+      "DORA-Art-9": "ICT protection measures do not model a multi-tenant hosting control plane's privilege-escalation surface as an ICT-risk event.",
+      "UK-CAF-B4": "The CAF System Security objective does not single out actively-exploited (KEV-listed) vulnerabilities on the exposed surface for accelerated, due-date-bound remediation.",
+      "AU-ISM-1546": "The ISM patch-application control sets vendor-defined timeframes; a CISA KEV-listed, actively-exploited vulnerability requires applying the vendor fix within the KEV due-date, not a default monthly cycle.",
+      "ISO-27001-2022-A.8.8": "A.8.8 technical vulnerability management defines 'timely' loosely; a CISA KEV-listed exploited vulnerability needs the KEV due-date as the binding timescale."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1068",
+      "T1059",
+      "T1548"
+    ],
+    "cwe_refs": [
+      "CWE-266"
+    ],
+    "known_ransomware_use": false,
+    "rwep_score": 52,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 22,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "Elevated/High (RWEP 52). CISA KEV-listed (added 2026-05-26) with vendor-confirmed active exploitation: cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=22 (LiteSpeed cPanel plugins run on a large population of shared-hosting servers, and each compromised host yields root over every tenant site), minus patch_available 15. No real public PoC and no AI factor. The score lands in the patch-within-7-days band, but the multi-tenant blast radius - one tenant account to root over the whole box - argues for prioritizing the available v2.4.7 update.",
+    "epss_score": null,
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+      "https://blog.litespeedtech.com/2026/05/21/security-update-for-litespeed-cpanel-plugin/",
+      "https://nvd.nist.gov/vuln/detail/CVE-2026-48172"
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from the LiteSpeed security update (https://blog.litespeedtech.com/2026/05/21/security-update-for-litespeed-cpanel-plugin/) + NVD CVE-2026-48172 (CVSS v3.1 9.8; MITRE secondary v4.0 10.0; CWE-266 improper privilege management) + the CISA KEV listing (added 2026-05-26). Root LPE via the user-end cPanel plugin's redisAble function on shared hosting.",
+    "iocs": {
+      "behavioral": [
+        "Low-privilege actor on a LiteSpeed-enabled cPanel host invoking the plugin path that escalates to root.",
+        "Presence of the redisAble component reachable from a non-root context.",
+        "Unexpected root-owned processes spawned via the LiteSpeed cPanel plugin."
+      ],
+      "indicators": [
+        "LiteSpeed advisory redisAble detection grep; in-the-wild exploitation reported May 2026."
+      ],
+      "_ioc_source_note": "Anchored to NVD CVE-2026-48172 and the LiteSpeed advisory."
+    },
+    "vendor_advisories": [
+      {
+        "vendor": "CISA KEV",
+        "advisory_id": "CVE-2026-48172",
+        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+        "severity": "critical",
+        "published_date": "2026-05-26"
+      },
+      {
+        "vendor": "blog.litespeedtech.com",
+        "advisory_id": "CVE-2026-48172",
+        "url": "https://blog.litespeedtech.com/2026/05/21/security-update-for-litespeed-cpanel-plugin/",
+        "severity": "critical",
+        "published_date": "2026-05-26"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2026-48172",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48172",
+        "severity": "critical",
+        "published_date": "2026-05-26"
+      }
+    ]
+  },
+  "CVE-2026-50751": {
+    "name": "Check Point Security Gateway IKEv1 Remote-Access VPN Authentication Bypass (CISA KEV)",
+    "type": "auth-bypass",
+    "cvss_score": 9.3,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N",
+    "cvss_note": "NIST (NVD) CVSS v3.1 base 9.3 (CRITICAL), Scope:Changed. The improper-authentication weakness (CWE-287) is a logic-flow flaw in Remote Access and Mobile Access certificate validation in the deprecated IKEv1 key exchange, letting an unauthenticated remote attacker bypass user authentication and establish a remote-access VPN connection without a valid user password.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-06-08",
+    "cisa_kev_due_date": "2026-06-11",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept is published. Check Point and CISA confirm in-the-wild exploitation against IKEv1-enabled gateways, but no exploit code has been released by the vendor or public research at the time of curation.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed in the Check Point security advisory sk185033 and accompanying blog post (https://support.checkpoint.com/results/sk/sk185033). No AI tool is credited with discovery.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization observed; the IKEv1 certificate-validation logic flaw is exploitable directly over the network against gateways accepting legacy Remote Access clients.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2026-50751 to the Known Exploited Vulnerabilities catalog on 2026-06-08 (due 2026-06-11). Check Point reports active exploitation in the wild dating to 2026-05-07, limited to a few dozen targeted organizations globally, with at least one case of confirmed post-compromise activity attributed (medium confidence) to a Qilin ransomware affiliate that attempted to download malicious ELF files — confirmed active exploitation.",
+    "affected": "Check Point Security Gateway (Quantum / Gaia OS and Gaia Embedded) configured for Remote Access or Mobile Access VPN with the deprecated IKEv1 key exchange enabled and not requiring a machine certificate for connections.",
+    "affected_versions": [
+      "Gaia OS R80.40 through R81.20 (prior to fixed Jumbo Hotfix)",
+      "Gaia OS R81.20 (Jumbo Hotfix Take 141 or below)",
+      "Gaia OS R82 (Jumbo Hotfix Take 103 or below)",
+      "Gaia OS R82.10 (Jumbo Hotfix Take 19 or below)",
+      "Gaia Embedded R80.20.00 through R82.00.10 (Quantum Spark 1530-2590)",
+      "End-of-support R80.40 / R81 / R81.10 (no fix; upgrade required)"
+    ],
+    "vector": "A logic-flow weakness in Remote Access and Mobile Access certificate validation within the deprecated IKEv1 key exchange lets an unauthenticated remote attacker bypass user authentication and bring up a remote-access VPN connection without a valid user password, placing the attacker directly inside the network perimeter the gateway is meant to defend. Remediation is the sk185033 hotfix (delivered via Jumbo Hotfix Accumulators for R81.20 / R82 / R82.10) followed by a gateway reboot; gateways can also be hardened by disabling IKEv1 for remote access or requiring a machine certificate.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:N / UI:N — the IKEv1 remote-access surface is network-reachable and the certificate-validation logic is bypassed without credentials or user interaction. Scope:Changed reflects the attacker crossing from the gateway boundary into the protected network.",
+    "patch_available": true,
+    "patch_required_reboot": true,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "No live patch — the sk185033 hotfix is applied via Jumbo Hotfix Accumulator and requires a gateway reboot to take effect. Operators who cannot immediately patch can mitigate by disabling IKEv1 for remote access or requiring a machine certificate for connections.",
+    "vendor_update_paths": [
+      "Apply the Check Point hotfix per sk185033: install the fixed Jumbo Hotfix Accumulator for R81.20, R82, or R82.10 (above the affected Take), then reboot the gateway and verify the patch level (https://support.checkpoint.com/results/sk/sk185033 and https://blog.checkpoint.com/security/check-point-releases-important-hotfix-for-vulnerabilities-in-deprecated-ikev1-vpn-protocol/). End-of-support trains (R80.40 / R81 / R81.10) must be upgraded to a supported, fixed train. As a compensating control, disable IKEv1 for remote access or require a machine certificate for connections."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-IA-2": "Identification and authentication of the VPN caller is satisfied on paper but defeated by the IKEv1 certificate-validation bypass — an unauthenticated attacker reaches an authenticated remote-access session.",
+      "NIST-800-53-AC-3": "Access enforcement on the remote-access VPN entry point is bypassed; the perimeter access decision is skipped without a valid user password (CWE-287).",
+      "NIST-800-53-SC-7": "Boundary protection fails at its enforcement point: the security gateway providing the boundary is the device whose VPN authentication is bypassed, giving an interior foothold.",
+      "NIST-800-53-SC-8": "Reliance on a deprecated key-exchange protocol (IKEv1) whose certificate-validation logic is unsound undermines the transmission-confidentiality/integrity assumption for the VPN tunnel.",
+      "NIST-800-53-SI-2": "Flaw-remediation SLAs keyed to routine windows are insufficient for a KEV-listed, ransomware-linked perimeter auth bypass with a 3-day federal due date.",
+      "NIS2-Art21-network-security": "EU NIS2 network-security and access-control measures treat the VPN gateway as a trusted enforcement point and carry no CISA-KEV-tied 24h remediation SLA for an actively exploited, ransomware-linked perimeter auth bypass.",
+      "DORA-Art-9": "ICT protection measures do not model a remote-access VPN authentication bypass on a perimeter gateway, with confirmed ransomware-affiliate post-compromise activity, as an ICT-risk event requiring expedited containment.",
+      "UK-CAF-B2": "Identity and Access Control objective does not require validating that a VPN gateway cannot be authenticated past via a deprecated key-exchange protocol.",
+      "AU-ISM-1546": "Patch-application timeframes for internet-facing VPN infrastructure are insufficient for a confirmed-exploited perimeter authentication bypass.",
+      "ISO-27001-2022-A.8.8": "A.8.8 technical vulnerability management defines 'timely' loosely; a CISA KEV-listed exploited vulnerability needs the KEV due-date as the binding timescale."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1190",
+      "T1078",
+      "T1133"
+    ],
+    "rwep_score": 62,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 27,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 5
+    },
+    "epss_score": null,
+    "cwe_refs": [
+      "CWE-287"
+    ],
+    "known_ransomware_use": true,
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+      "https://blog.checkpoint.com/security/check-point-releases-important-hotfix-for-vulnerabilities-in-deprecated-ikev1-vpn-protocol/",
+      "https://support.checkpoint.com/results/sk/sk185033",
+      "https://nvd.nist.gov/vuln/detail/CVE-2026-50751"
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from the Check Point security advisory sk185033 and vendor blog (https://blog.checkpoint.com/security/check-point-releases-important-hotfix-for-vulnerabilities-in-deprecated-ikev1-vpn-protocol/) + NVD (CVSS v3.1 9.3 CRITICAL, Scope:Changed, CWE-287) + the CISA KEV listing (added 2026-06-08, due 2026-06-11). Perimeter VPN gateway IKEv1 authentication bypass with confirmed Qilin ransomware-affiliate post-compromise activity; no AI tool credited with discovery.",
+    "iocs": {
+      "behavioral": [
+        "IKEv1 remote-access VPN negotiation against a Check Point Security Gateway that bypasses authentication.",
+        "Unauthorized VPN/admin access on the gateway without valid credentials.",
+        "Qilin ransomware-affiliate post-compromise activity following gateway access (medium confidence)."
+      ],
+      "indicators": [
+        "Check Point sk185033; exploitation observed since 2026-05-07; Qilin affiliate linkage."
+      ],
+      "_ioc_source_note": "Anchored to NVD CVE-2026-50751, Check Point sk185033/blog, and CISA KEV."
+    },
+    "vendor_advisories": [
+      {
+        "vendor": "CISA KEV",
+        "advisory_id": "CVE-2026-50751",
+        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+        "severity": "critical",
+        "published_date": "2026-06-08"
+      },
+      {
+        "vendor": "blog.checkpoint.com",
+        "advisory_id": "CVE-2026-50751",
+        "url": "https://blog.checkpoint.com/security/check-point-releases-important-hotfix-for-vulnerabilities-in-deprecated-ikev1-vpn-protocol/",
+        "severity": "critical",
+        "published_date": "2026-06-08"
+      },
+      {
+        "vendor": "Check Point",
+        "advisory_id": "CVE-2026-50751",
+        "url": "https://support.checkpoint.com/results/sk/sk185033",
+        "severity": "critical",
+        "published_date": "2026-06-08"
+      }
+    ]
+  },
+  "CVE-2026-7473": {
+    "name": "Arista EOS Tunnel Decapsulation Access-Control Bypass via Incomplete Comparison (CISA KEV)",
+    "type": "Access Control Bypass",
+    "cvss_score": 5.8,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
+    "cvss_note": "NIST (NVD) CVSS v3.1 base 5.8 (MEDIUM); NVD also publishes a CVSS v4.0 base 6.9 (MEDIUM, vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N). CWE-1023 (incomplete comparison with missing factors): the switch checks only the destination IP against its configured decapsulation IP and omits the tunnel-protocol-type check, so it decapsulates and forwards tunnel types it was never configured for. Scope:Changed, Integrity:Low - the impact is unexpected traffic injection past the intended tunnel-type filter, not confidentiality or availability loss.",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-06-09",
+    "cisa_kev_due_date": "2026-06-23",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept. The Arista advisory documents the decapsulation logic flaw and notes it has been reported as exploited in the wild, but publishes no exploit code, and no third-party PoC is available.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed via Arista Security Advisory 0137 (https://www.arista.com/en/support/advisories-notices/security-advisory/24005-security-advisory-0137) and tracked in NVD (https://nvd.nist.gov/vuln/detail/CVE-2026-7473). No AI-discovery attribution is published.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No AI-assisted weaponization reported. The flaw is a missing protocol-type factor in the switch's tunnel-decapsulation comparison; it is exploited by sending unexpected tunneled packets to the configured decapsulation IP.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "CISA added CVE-2026-7473 to the Known Exploited Vulnerabilities catalog on 2026-06-09 (due 2026-06-23) - confirmed active exploitation; the Arista advisory itself states the issue has been reported as exploited in the wild. KEV record reports knownRansomwareCampaignUse: Unknown. Note that no software fix is planned, so the KEV remediation is the ACL-based mitigation, not a patch.",
+    "affected": "Arista EOS - all release trains. The advisory lists 4.30.x through 4.36.x plus all releases older than 4.30.x and newer than 4.36.x as vulnerable on platforms that perform tunnel decapsulation (VXLAN / GRE / decap-groups).",
+    "affected_versions": [
+      "Arista EOS 4.30.x through 4.36.x (tunnel-decapsulation configurations)",
+      "Arista EOS releases older than 4.30.x",
+      "Arista EOS releases newer than 4.36.x"
+    ],
+    "vector": "An EOS switch configured to decapsulate a specific tunnel type (e.g. VXLAN) matches inbound packets only on the destination IP equal to its configured decapsulation IP, omitting the tunnel-protocol-type from the comparison (CWE-1023). A remote attacker sends a different, unconfigured tunnel type (e.g. GRE) to that same IP; the switch decapsulates and forwards it, injecting traffic past the intended tunnel-type filter. This is an access-control bypass at the tunnel layer. Arista has stated no software upgrade path is planned because a fix risks breaking existing deployments; remediation is ACL-based filtering on upstream or affected devices.",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:N / UI:N - reachable over the network with no privileges or user interaction; the attacker need only send crafted tunneled packets to the switch's configured decapsulation IP.",
+    "patch_available": false,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "No software fix or hotfix is available - Arista states no upgrade path is planned due to the risk of breaking existing configurations. Mitigation is MAC/IP access-control lists on upstream devices or on the affected switches to drop unexpected tunnel types; applying ACLs on a decapsulation device may require a TCAM profile update, which Arista describes as a disruptive operation that can impact traffic forwarding.",
+    "vendor_update_paths": [
+      "No software fix is planned. Mitigate per Arista Security Advisory 0137: apply MAC/IP access-control lists on upstream devices or on the affected switches to permit only the expected tunnel protocol(s) toward the configured decapsulation IP and drop all other tunnel types. Plan for the TCAM-profile change ACL enforcement may require on decapsulation hardware, treating it as a disruptive maintenance operation."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SC-7": "Boundary protection assumes the switch enforces the configured tunnel-type filter; the missing protocol-type comparison lets unexpected tunnel types cross the boundary the decapsulation policy was meant to define.",
+      "NIST-800-53-SI-10": "Input-validation expectations are unmet: the device validates only the destination IP, not the tunnel protocol type, on packets it decapsulates.",
+      "NIST-800-53-SI-2": "Flaw remediation has no path here - the vendor has declined a software fix, so the control must fall back to compensating ACLs, which standard patch-SLA processes do not account for.",
+      "ISO-27001-2022-A.8.22": "Segregation-of-networks assurance fails when a decapsulation device injects unexpected tunnel traffic past the intended segmentation boundary.",
+      "NIS2-Art21-network-security": "Article 21 network-security measures do not require validating that network-fabric decapsulation logic checks tunnel type, leaving a fabric-level access-control bypass unaddressed - acute given no vendor patch.",
+      "DORA-Art-9": "ICT protection measures do not model a fabric switch's tunnel-decapsulation logic flaw, for which no patch exists, as an ICT-risk event requiring compensating network controls.",
+      "UK-CAF-B4": "System Security objective lacks an objective for verifying that network devices enforce tunnel-type filtering on decapsulation, and for compensating controls when the vendor ships no fix.",
+      "AU-ISM-1546": "The ISM patch-application control sets vendor-defined timeframes; a CISA KEV-listed, actively-exploited vulnerability requires applying the vendor fix within the KEV due-date, not a default monthly cycle."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1190",
+      "T1599"
+    ],
+    "cwe_refs": [
+      "CWE-1023"
+    ],
+    "known_ransomware_use": false,
+    "rwep_score": 69,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 24,
+      "patch_available": 0,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "High (RWEP 69, \"patch within 72 hours\" band per lib/scoring.js timeline). CISA KEV-listed (added 2026-06-09) and reported exploited in the wild: cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=24 (all EOS trains across data-center/enterprise fabrics that perform tunnel decapsulation). There is no patch_available credit because Arista has declined a software fix, so the score carries no -15 mitigation - the RWEP is higher than the CVSS 5.8 would suggest precisely because operators cannot patch their way out and must deploy compensating ACLs. No public PoC keeps it out of the urgent band, but the no-fix posture means the compensating-control work is the urgent action.",
+    "epss_score": null,
+    "epss_date": "2026-06-13",
+    "epss_note": "EPSS not pulled for this entry; retrieve via FIRST EPSS API in a future refresh.",
+    "epss_source": "https://api.first.org/data/v1/epss?cve=CVE-2026-7473",
+    "iocs": {
+      "behavioral": [
+        "Unexpected tunnel-type packets (e.g. GRE) arriving at and being decapsulated by a switch configured only for a different tunnel type (e.g. VXLAN) on the same decapsulation IP.",
+        "Traffic appearing on internal segments that should have been filtered by tunnel-type policy - decapsulated payloads reaching destinations the intended tunnel filter would have blocked.",
+        "Arista EOS decapsulation devices without an upstream/local ACL restricting tunnel types to the configured decapsulation IP - the exposed precondition (no vendor patch exists)."
+      ],
+      "_ioc_source_note": "Behavioral signatures anchored to Arista Security Advisory 0137 (https://www.arista.com/en/support/advisories-notices/security-advisory/24005-security-advisory-0137), NVD CVE-2026-7473 (https://nvd.nist.gov/vuln/detail/CVE-2026-7473), the CISA KEV listing (added 2026-06-09), and CWE-1023."
+    },
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://nvd.nist.gov/vuln/detail/CVE-2026-7473",
+      "https://www.arista.com/en/support/advisories-notices/security-advisory/24005-security-advisory-0137",
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
+    ],
+    "vendor_advisories": [
+      {
+        "vendor": "Arista Networks",
+        "advisory_id": "Security Advisory 0137",
+        "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/24005-security-advisory-0137",
+        "severity": "medium",
+        "published_date": "2026-06-09"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2026-7473",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-7473",
+        "severity": "medium",
+        "published_date": "2026-06-09"
+      }
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from NVD (CVSS v3.1 5.8 / CVSS v4.0 6.9; CWE-1023 incomplete comparison with missing factors) + Arista Security Advisory 0137 (tunnel-decapsulation access-control bypass; no software fix planned, ACL mitigation only) + the CISA KEV listing (added 2026-06-09, due 2026-06-23, knownRansomwareCampaignUse: Unknown). Network-fabric access-control bypass with no vendor patch.",
+    "_kev_short_description": "Arista EOS decapsulates tunneled packets on destination-IP match alone, omitting the tunnel-protocol-type check (CWE-1023), so unexpected tunnel types are forwarded past the intended filter - a fabric access-control bypass; CISA KEV (added 2026-06-09, exploited in the wild). No software fix planned; mitigate with ACLs."
+  },
+  "CVE-2026-8398": {
+    "name": "DAEMON Tools Lite Trojanized Installer Supply-Chain Compromise (CISA KEV)",
+    "type": "supply-chain",
+    "cvss_score": 9.8,
+    "cvss_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+    "cvss_note": "NIST (NVD) publishes CVSS v3.1 base 9.8 (CRITICAL) from the Kaspersky CNA assessment; the same CNA also rates it CVSS v4.0 9.3 (CRITICAL). The score reflects the full confidentiality/integrity/availability impact of running trojanized binaries that shipped inside signed, vendor-distributed installers (CWE-506, embedded malicious code).",
+    "cisa_kev": true,
+    "cisa_kev_date": "2026-05-27",
+    "cisa_kev_due_date": "2026-05-30",
+    "poc_available": false,
+    "poc_description": "No public proof-of-concept. This is a delivered supply-chain compromise rather than an exploit against a software flaw: the malicious code shipped inside the official installer, so the 'exploit' was the trojanized package itself reaching users via the legitimate download path.",
+    "ai_discovered": false,
+    "ai_discovery_source": "human_researcher",
+    "ai_discovery_notes": "Disclosed by the vendor (AVB Disc Soft) via the DAEMON Tools security-incident notice (https://blog.daemon-tools.cc/post/security-incident) and catalogued in NVD; CISA KEV-listed 2026-05-27. The compromise was identified through the vendor's incident response, not AI tooling.",
+    "ai_assisted_weaponization": false,
+    "ai_assisted_notes": "No evidence of AI-assisted weaponization. The attacker compromised the vendor's build/distribution infrastructure and trojanized signed binaries; the technique is classic build-pipeline compromise.",
+    "active_exploitation": "confirmed",
+    "active_exploitation_notes": "Confirmed in the wild. The vendor states the build environment was compromised and that affected installation packages were released in a compromised state; CISA added CVE-2026-8398 to the KEV catalog on 2026-05-27 (due 2026-05-30). Trojanized installers signed with the legitimate AVB Disc Soft code-signing certificate were distributed from the official site daemon-tools.cc between approximately 2026-04-08 and 2026-05-05.",
+    "affected": "DAEMON Tools Lite for Windows, free edition. The trojanized binaries (DTHelper.exe, DiscSoftBusServiceLite.exe, DTShellHlp.exe) shipped in installers distributed from daemon-tools.cc between approximately 2026-04-08 and 2026-05-05.",
+    "affected_versions": [
+      "DAEMON Tools Lite 12.5.0.2421 through 12.5.0.2434 (Windows)",
+      "DAEMON Tools Lite 12.5.1 (free edition)"
+    ],
+    "vector": "An attacker compromised AVB Disc Soft's build or distribution infrastructure and replaced three DAEMON Tools Lite binaries (DTHelper.exe, DiscSoftBusServiceLite.exe, DTShellHlp.exe) with trojanized versions. Because the malicious files were signed with the vendor's legitimate code-signing certificate and served from the official daemon-tools.cc download path, the installers appeared trustworthy and bypassed signature-based detection. Any user who downloaded and installed Lite during the compromise window executed attacker-controlled code with the privileges of the installer/runtime (CWE-506 embedded malicious code). Remediation is to uninstall the affected version, run a full antivirus scan, and reinstall a clean build (12.6 or later).",
+    "complexity": "low",
+    "complexity_notes": "NVD AV:N / AC:L / PR:N / UI:N. For a supply-chain compromise the user-facing precondition is simply downloading and running the official installer during the compromise window; no additional attacker effort is required once the trusted distribution path is poisoned.",
+    "patch_available": true,
+    "patch_required_reboot": false,
+    "live_patch_available": false,
+    "live_patch_tools": [],
+    "live_patch_notes": "No live patch. Remediation requires uninstalling the trojanized version, running a full antivirus scan, and reinstalling a clean build (12.6 or later) - an application reinstall, not an in-place hotfix.",
+    "vendor_update_paths": [
+      "Uninstall DAEMON Tools Lite 12.5.x, run a full system scan with trusted antivirus, and reinstall a clean build (12.6 or later, current 12.6.0.2445) downloaded fresh from the official site. Treat any host that ran the trojanized installer during 2026-04-08 to 2026-05-05 as potentially compromised and investigate accordingly; a signed binary from a trusted vendor is not proof of integrity when the vendor's build pipeline was the breach point."
+    ],
+    "framework_control_gaps": {
+      "NIST-800-53-SR-3": "Supply-chain controls and processes did not detect a compromised vendor build pipeline producing signed, trojanized installers before they reached customers.",
+      "NIST-800-53-SR-11": "Component-authenticity controls rely on the vendor's code signature, which the attacker obtained the use of; there is no independent integrity check (reproducible build, second-source hash) that would have caught the substitution.",
+      "NIST-800-53-SI-3": "Malicious-code protection did not flag the trojanized binaries because they carried a legitimate signature and were delivered through the trusted update channel.",
+      "NIST-800-53-CM-7": "Least-functionality assumptions trust vendor-signed installers implicitly; no allowlisting or behavioral baseline distinguished the trojanized build from the legitimate one.",
+      "ISO-27001-2022-A.8.30": "Outsourced-development assurance does not extend to verifying that a third-party vendor's build pipeline has not been tampered with before its signed artifacts are trusted.",
+      "NIS2-Art21-supply-chain": "Article 21 supply-chain security measures do not model a trusted software vendor's compromised build pipeline shipping signed malware as an in-scope ICT supply-chain risk.",
+      "ALL-AI-PIPELINE-INTEGRITY": "No framework requires treating every signed third-party installer as a potential build-pipeline-compromise vector requiring independent integrity verification, not signature trust alone.",
+      "UK-CAF-B4": "The CAF System Security objective does not single out actively-exploited (KEV-listed) vulnerabilities on the exposed surface for accelerated, due-date-bound remediation.",
+      "AU-ISM-1546": "The ISM patch-application control sets vendor-defined timeframes; a CISA KEV-listed, actively-exploited vulnerability requires applying the vendor fix within the KEV due-date, not a default monthly cycle."
+    },
+    "atlas_refs": [],
+    "attack_refs": [
+      "T1195",
+      "T1195.002",
+      "T1505",
+      "T1553.002"
+    ],
+    "cwe_refs": [
+      "CWE-506"
+    ],
+    "known_ransomware_use": false,
+    "rwep_score": 52,
+    "rwep_factors": {
+      "cisa_kev": 25,
+      "poc_available": 0,
+      "ai_factor": 0,
+      "active_exploitation": 20,
+      "blast_radius": 22,
+      "patch_available": -15,
+      "live_patch_available": 0,
+      "reboot_required": 0
+    },
+    "rwep_notes": "Elevated/High (RWEP 52). CISA KEV-listed (added 2026-05-27) with confirmed in-the-wild distribution: cisa_kev=25 + active_exploitation(confirmed)=20 + blast_radius=22 (wide consumer install base of a popular Windows disc-imaging utility), minus patch_available 15. No real public PoC and no AI factor, so the score sits in the patch-within-7-days band - but the blast-radius reality for already-compromised hosts (signed-malware execution during the window) warrants immediate investigation regardless of the numeric band, since the malicious code already ran on affected systems.",
+    "epss_score": null,
+    "source_verified": "2026-06-13",
+    "verification_sources": [
+      "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+      "https://blog.daemon-tools.cc/post/security-incident",
+      "https://nvd.nist.gov/vuln/detail/CVE-2026-8398"
+    ],
+    "last_updated": "2026-06-13",
+    "discovery_attribution_note": "Manually curated from the DAEMON Tools security-incident notice (https://blog.daemon-tools.cc/post/security-incident) + NVD CVE-2026-8398 (CVSS v3.1 9.8; Kaspersky CNA v4.0 9.3; CWE-506 embedded malicious code) + the CISA KEV listing (added 2026-05-27). Build-pipeline supply-chain compromise: trojanized, validly signed installers distributed from the official vendor site.",
+    "iocs": {
+      "behavioral": [
+        "DAEMON Tools Lite installer downloaded from the official site between ~2026-04-08 and 2026-05-05 carrying trojanized code.",
+        "Installer validly signed with the legitimate AVB Disc Soft certificate yet bundling malicious payload.",
+        "Outbound connections from the host to the embedded malware's command-and-control after install."
+      ],
+      "indicators": [
+        "Trojanized DAEMON Tools Lite 12.5.x installers signed with the legitimate AVB Disc Soft cert."
+      ],
+      "_ioc_source_note": "Anchored to NVD CVE-2026-8398 and the DAEMON Tools vendor security incident notice."
+    },
+    "vendor_advisories": [
+      {
+        "vendor": "CISA KEV",
+        "advisory_id": "CVE-2026-8398",
+        "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
+        "severity": "critical",
+        "published_date": "2026-05-27"
+      },
+      {
+        "vendor": "Disc Soft (DAEMON Tools)",
+        "advisory_id": "CVE-2026-8398",
+        "url": "https://blog.daemon-tools.cc/post/security-incident",
+        "severity": "critical",
+        "published_date": "2026-05-27"
+      },
+      {
+        "vendor": "NVD",
+        "advisory_id": "CVE-2026-8398",
+        "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-8398",
+        "severity": "critical",
+        "published_date": "2026-05-27"
+      }
+    ]
   }
 }