npm - @zhuma4/cli - Versions diffs - 4.0.0-alpha.1 → 4.3.0 - Mend

@zhuma4/cli 4.0.0-alpha.1 → 4.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1128) hide show

package/rules/nvd-generated/cwe_79/cl-79-python-056.yaml ADDED Viewed

@@ -0,0 +1,44 @@
+# zhuma-nvd-79-79-python-056.yaml
+# Generated: 2026-06-28T10:37:40.252Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-79-PYTHON-056 | CWE: CWE-79 | Lang: python
+# Precision: MEDIUM | Noise: MEDIUM
+# CVEs: 4954 | KEV: 5 | Exploit: 32
+rules:
+- id: zhuma-nvd-79-79-python-056
+  metadata:
+    category: A03:2021-Injection
+    cwe: "CWE-79: Cross-Site Scripting (XSS)"
+    cve: "CVE-2025-66376, CVE-2025-68461, CVE-2024-42009, CVE-2026-42897, CVE-2023-34192, CVE-2022-28368, CVE-2019-3929, CVE-2021-31761"
+    likelihood: MEDIUM
+    precision: MEDIUM
+    impact: MEDIUM
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-66376
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-68461
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-42009
+      - https://nvd.nist.gov/vuln/detail/CVE-2026-42897
+      - https://nvd.nist.gov/vuln/detail/CVE-2023-34192
+      - https://cwe.mitre.org/data/definitions/79.html
+  message: |
+    检测到跨站脚本(XSS)风险。用户输入未经HTML转义直接输出到页面。
+        修复: 使用框架自动转义机制(Thymeleaf th:text/Blade {{ }}/Jinja2 autoescape)。
+  severity: WARNING
+  languages:
+    - python
+  patterns:
+  - pattern: $OBJ.mark_safe(...)
+  # Django mark_safe call
+  # CONSTRAINT: pattern: verify sink is in security-sensitive context
+  # --- P2 METADATA ---
+  # cluster_id: CL-79-PYTHON-056
+  # cwe: CWE-79 | language: python
+  # sink_patterns: [object Object]
+  # wooyun_cases: 0 | tier: N/A

package/rules/nvd-generated/cwe_79/cl-79-python-057.yaml ADDED Viewed

@@ -0,0 +1,44 @@
+# zhuma-nvd-79-79-python-057.yaml
+# Generated: 2026-06-28T10:37:40.252Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-79-PYTHON-057 | CWE: CWE-79 | Lang: python
+# Precision: MEDIUM | Noise: MEDIUM
+# CVEs: 4954 | KEV: 5 | Exploit: 32
+rules:
+- id: zhuma-nvd-79-79-python-057
+  metadata:
+    category: A03:2021-Injection
+    cwe: "CWE-79: Cross-Site Scripting (XSS)"
+    cve: "CVE-2025-66376, CVE-2025-68461, CVE-2024-42009, CVE-2026-42897, CVE-2023-34192, CVE-2022-28368, CVE-2019-3929, CVE-2021-31761"
+    likelihood: MEDIUM
+    precision: MEDIUM
+    impact: MEDIUM
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-66376
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-68461
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-42009
+      - https://nvd.nist.gov/vuln/detail/CVE-2026-42897
+      - https://nvd.nist.gov/vuln/detail/CVE-2023-34192
+      - https://cwe.mitre.org/data/definitions/79.html
+  message: |
+    检测到跨站脚本(XSS)风险。用户输入未经HTML转义直接输出到页面。
+        修复: 使用框架自动转义机制(Thymeleaf th:text/Blade {{ }}/Jinja2 autoescape)。
+  severity: WARNING
+  languages:
+    - python
+  patterns:
+  - pattern-regex: '\|\s*safe'
+  # Jinja2 safe filter bypass
+  # CONSTRAINT: pattern: verify sink is in security-sensitive context
+  # --- P2 METADATA ---
+  # cluster_id: CL-79-PYTHON-057
+  # cwe: CWE-79 | language: python
+  # sink_patterns: [object Object]
+  # wooyun_cases: 0 | tier: N/A

package/rules/nvd-generated/cwe_798/cl-798-all-124.yaml ADDED Viewed

@@ -0,0 +1,45 @@
+# zhuma-nvd-798-798-all-124.yaml
+# Generated: 2026-06-28T10:37:40.275Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-798-ALL-124 | CWE: CWE-798 | Lang: all
+# Precision: LOW | Noise: HIGH
+# CVEs: 1037 | KEV: 5 | Exploit: 20
+rules:
+- id: zhuma-nvd-798-798-all-124
+  metadata:
+    category: A07:2021-Identification and Authentication Failures
+    cwe: "CWE-798: Hardcoded Credentials"
+    cve: "CVE-2024-3272, CVE-2021-44207, CVE-2025-14611, CVE-2024-20439, CVE-2025-30406, CVE-2025-8730, CVE-2020-24215, CVE-2020-13166"
+    likelihood: HIGH
+    precision: LOW
+    impact: LOW
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-3272
+      - https://nvd.nist.gov/vuln/detail/CVE-2021-44207
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-14611
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-20439
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-30406
+      - https://cwe.mitre.org/data/definitions/798.html
+  message: |
+    检测到硬编码凭证风险。密码/API Key/Token明文硬编码在源代码中。
+        修复: 使用环境变量/密钥管理服务(Vault/AWS Secrets Manager)，严禁硬编码。
+  severity: WARNING
+  languages:
+    - generic
+  patterns:
+  - pattern-regex: 'password=|secret_key=|api_key=|token='
+  # CONSTRAINT: ⚠️ CRITICAL: This pattern has inherent high FP risk with Semgrep OSS
+  # CONSTRAINT: pattern-not: exclude common false-positive patterns documented in rule message
+  # CONSTRAINT: Reduce severity to INFO — do not block CI/CD pipelines
+  # --- P2 METADATA ---
+  # cluster_id: CL-798-ALL-124
+  # cwe: CWE-798 | language: all
+  # sink_patterns: [object Object]
+  # wooyun_cases: 0 | tier: N/A

package/rules/nvd-generated/cwe_798/cl-798-all-125.yaml ADDED Viewed

@@ -0,0 +1,43 @@
+# zhuma-nvd-798-798-all-125.yaml
+# Generated: 2026-06-28T10:37:40.275Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-798-ALL-125 | CWE: CWE-798 | Lang: all
+# Precision: MEDIUM | Noise: MEDIUM
+# CVEs: 1037 | KEV: 5 | Exploit: 20
+rules:
+- id: zhuma-nvd-798-798-all-125
+  metadata:
+    category: A07:2021-Identification and Authentication Failures
+    cwe: "CWE-798: Hardcoded Credentials"
+    cve: "CVE-2024-3272, CVE-2021-44207, CVE-2025-14611, CVE-2024-20439, CVE-2025-30406, CVE-2025-8730, CVE-2020-24215, CVE-2020-13166"
+    likelihood: HIGH
+    precision: MEDIUM
+    impact: MEDIUM
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-3272
+      - https://nvd.nist.gov/vuln/detail/CVE-2021-44207
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-14611
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-20439
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-30406
+      - https://cwe.mitre.org/data/definitions/798.html
+  message: |
+    检测到硬编码凭证风险。密码/API Key/Token明文硬编码在源代码中。
+        修复: 使用环境变量/密钥管理服务(Vault/AWS Secrets Manager)，严禁硬编码。
+  severity: WARNING
+  languages:
+    - generic
+  patterns:
+  - pattern-regex: 'jwtSecret|JWT_SECRET|secretKey'
+  # CONSTRAINT: pattern: verify sink is in security-sensitive context
+  # --- P2 METADATA ---
+  # cluster_id: CL-798-ALL-125
+  # cwe: CWE-798 | language: all
+  # sink_patterns: [object Object]
+  # wooyun_cases: 0 | tier: N/A

package/rules/nvd-generated/cwe_798/cl-798-all-126.yaml ADDED Viewed

@@ -0,0 +1,43 @@
+# zhuma-nvd-798-798-all-126.yaml
+# Generated: 2026-06-28T10:37:40.276Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-798-ALL-126 | CWE: CWE-798 | Lang: all
+# Precision: MEDIUM | Noise: MEDIUM
+# CVEs: 1037 | KEV: 5 | Exploit: 20
+rules:
+- id: zhuma-nvd-798-798-all-126
+  metadata:
+    category: A07:2021-Identification and Authentication Failures
+    cwe: "CWE-798: Hardcoded Credentials"
+    cve: "CVE-2024-3272, CVE-2021-44207, CVE-2025-14611, CVE-2024-20439, CVE-2025-30406, CVE-2025-8730, CVE-2020-24215, CVE-2020-13166"
+    likelihood: HIGH
+    precision: MEDIUM
+    impact: MEDIUM
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-3272
+      - https://nvd.nist.gov/vuln/detail/CVE-2021-44207
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-14611
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-20439
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-30406
+      - https://cwe.mitre.org/data/definitions/798.html
+  message: |
+    检测到硬编码凭证风险。密码/API Key/Token明文硬编码在源代码中。
+        修复: 使用环境变量/密钥管理服务(Vault/AWS Secrets Manager)，严禁硬编码。
+  severity: WARNING
+  languages:
+    - generic
+  patterns:
+  - pattern-regex: 'jdbc:.*//.*:.*@'
+  # CONSTRAINT: pattern: verify sink is in security-sensitive context
+  # --- P2 METADATA ---
+  # cluster_id: CL-798-ALL-126
+  # cwe: CWE-798 | language: all
+  # sink_patterns: [object Object]
+  # wooyun_cases: 0 | tier: N/A

package/rules/nvd-generated/cwe_798/cl-798-all-127.yaml ADDED Viewed

@@ -0,0 +1,43 @@
+# zhuma-nvd-798-798-all-127.yaml
+# Generated: 2026-06-28T10:37:40.276Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-798-ALL-127 | CWE: CWE-798 | Lang: all
+# Precision: MEDIUM | Noise: MEDIUM
+# CVEs: 1037 | KEV: 5 | Exploit: 20
+rules:
+- id: zhuma-nvd-798-798-all-127
+  metadata:
+    category: A07:2021-Identification and Authentication Failures
+    cwe: "CWE-798: Hardcoded Credentials"
+    cve: "CVE-2024-3272, CVE-2021-44207, CVE-2025-14611, CVE-2024-20439, CVE-2025-30406, CVE-2025-8730, CVE-2020-24215, CVE-2020-13166"
+    likelihood: HIGH
+    precision: MEDIUM
+    impact: MEDIUM
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-3272
+      - https://nvd.nist.gov/vuln/detail/CVE-2021-44207
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-14611
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-20439
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-30406
+      - https://cwe.mitre.org/data/definitions/798.html
+  message: |
+    检测到硬编码凭证风险。密码/API Key/Token明文硬编码在源代码中。
+        修复: 使用环境变量/密钥管理服务(Vault/AWS Secrets Manager)，严禁硬编码。
+  severity: WARNING
+  languages:
+    - generic
+  patterns:
+  - pattern-regex: 'AWS_ACCESS_KEY|AKIA\[A-Z0-9\]\{16\}'
+  # CONSTRAINT: pattern: verify sink is in security-sensitive context
+  # --- P2 METADATA ---
+  # cluster_id: CL-798-ALL-127
+  # cwe: CWE-798 | language: all
+  # sink_patterns: [object Object]
+  # wooyun_cases: 0 | tier: N/A

package/rules/nvd-generated/cwe_798/cl-798-all-128.yaml ADDED Viewed

@@ -0,0 +1,43 @@
+# zhuma-nvd-798-798-all-128.yaml
+# Generated: 2026-06-28T10:37:40.277Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-798-ALL-128 | CWE: CWE-798 | Lang: all
+# Precision: MEDIUM | Noise: MEDIUM
+# CVEs: 1037 | KEV: 5 | Exploit: 20
+rules:
+- id: zhuma-nvd-798-798-all-128
+  metadata:
+    category: A07:2021-Identification and Authentication Failures
+    cwe: "CWE-798: Hardcoded Credentials"
+    cve: "CVE-2024-3272, CVE-2021-44207, CVE-2025-14611, CVE-2024-20439, CVE-2025-30406, CVE-2025-8730, CVE-2020-24215, CVE-2020-13166"
+    likelihood: HIGH
+    precision: MEDIUM
+    impact: MEDIUM
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-3272
+      - https://nvd.nist.gov/vuln/detail/CVE-2021-44207
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-14611
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-20439
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-30406
+      - https://cwe.mitre.org/data/definitions/798.html
+  message: |
+    检测到硬编码凭证风险。密码/API Key/Token明文硬编码在源代码中。
+        修复: 使用环境变量/密钥管理服务(Vault/AWS Secrets Manager)，严禁硬编码。
+  severity: WARNING
+  languages:
+    - generic
+  patterns:
+  - pattern-regex: 'SMTP_PASSWORD|ftp_password'
+  # CONSTRAINT: pattern: verify sink is in security-sensitive context
+  # --- P2 METADATA ---
+  # cluster_id: CL-798-ALL-128
+  # cwe: CWE-798 | language: all
+  # sink_patterns: [object Object]
+  # wooyun_cases: 0 | tier: N/A

package/rules/nvd-generated/cwe_798/cl-798-all-129.yaml ADDED Viewed

@@ -0,0 +1,43 @@
+# zhuma-nvd-798-798-all-129.yaml
+# Generated: 2026-06-28T10:37:40.277Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-798-ALL-129 | CWE: CWE-798 | Lang: all
+# Precision: MEDIUM | Noise: MEDIUM
+# CVEs: 1037 | KEV: 5 | Exploit: 20
+rules:
+- id: zhuma-nvd-798-798-all-129
+  metadata:
+    category: A07:2021-Identification and Authentication Failures
+    cwe: "CWE-798: Hardcoded Credentials"
+    cve: "CVE-2024-3272, CVE-2021-44207, CVE-2025-14611, CVE-2024-20439, CVE-2025-30406, CVE-2025-8730, CVE-2020-24215, CVE-2020-13166"
+    likelihood: HIGH
+    precision: MEDIUM
+    impact: MEDIUM
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-3272
+      - https://nvd.nist.gov/vuln/detail/CVE-2021-44207
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-14611
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-20439
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-30406
+      - https://cwe.mitre.org/data/definitions/798.html
+  message: |
+    检测到硬编码凭证风险。密码/API Key/Token明文硬编码在源代码中。
+        修复: 使用环境变量/密钥管理服务(Vault/AWS Secrets Manager)，严禁硬编码。
+  severity: WARNING
+  languages:
+    - generic
+  patterns:
+  - pattern-regex: 'AES_KEY|ENCRYPTION_KEY|IV='
+  # CONSTRAINT: pattern: verify sink is in security-sensitive context
+  # --- P2 METADATA ---
+  # cluster_id: CL-798-ALL-129
+  # cwe: CWE-798 | language: all
+  # sink_patterns: [object Object]
+  # wooyun_cases: 0 | tier: N/A

package/rules/nvd-generated/cwe_862/cl-862-go-150.yaml ADDED Viewed

@@ -0,0 +1,44 @@
+# zhuma-nvd-862-862-go-150.yaml
+# Generated: 2026-06-28T10:37:40.283Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-862-GO-150 | CWE: CWE-862 | Lang: go
+# Precision: MEDIUM | Noise: MEDIUM
+# CVEs: 2070 | KEV: 3 | Exploit: 17
+rules:
+- id: zhuma-nvd-862-862-go-150
+  metadata:
+    category: A01:2021-Broken Access Control
+    cwe: "CWE-862: Missing Authorization"
+    cve: "CVE-2025-6205, CVE-2024-57726, CVE-2023-52163, CVE-2021-32172, CVE-2020-14944, CVE-2021-40379, CVE-2021-24146, CVE-2019-10849"
+    likelihood: MEDIUM
+    precision: MEDIUM
+    impact: MEDIUM
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-6205
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-57726
+      - https://nvd.nist.gov/vuln/detail/CVE-2023-52163
+      - https://nvd.nist.gov/vuln/detail/CVE-2021-32172
+      - https://nvd.nist.gov/vuln/detail/CVE-2020-14944
+      - https://cwe.mitre.org/data/definitions/862.html
+  message: |
+    检测到缺失授权检查。API端点/函数缺少用户权限验证。
+        修复: 在业务逻辑前添加角色/权限检查(如@PreAuthorize、isAuthenticated装饰器)。
+  severity: WARNING
+  languages:
+    - go
+  patterns:
+  - pattern-regex: 'r.GET|r.POST \(no middleware\)'
+  # CONSTRAINT: pattern-not: whitelist known-public paths (/login, /register, /health, /static)
+  # CONSTRAINT: Reduce severity to INFO — public endpoints may be intentional
+  # --- P2 METADATA ---
+  # cluster_id: CL-862-GO-150
+  # cwe: CWE-862 | language: go
+  # sink_patterns: [object Object]
+  # wooyun_cases: 1 | tier: N/A

package/rules/nvd-generated/cwe_862/cl-862-go-151.yaml ADDED Viewed

@@ -0,0 +1,43 @@
+# zhuma-nvd-862-862-go-151.yaml
+# Generated: 2026-06-28T10:37:40.283Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-862-GO-151 | CWE: CWE-862 | Lang: go
+# Precision: MEDIUM | Noise: MEDIUM
+# CVEs: 2070 | KEV: 3 | Exploit: 17
+rules:
+- id: zhuma-nvd-862-862-go-151
+  metadata:
+    category: A01:2021-Broken Access Control
+    cwe: "CWE-862: Missing Authorization"
+    cve: "CVE-2025-6205, CVE-2024-57726, CVE-2023-52163, CVE-2021-32172, CVE-2020-14944, CVE-2021-40379, CVE-2021-24146, CVE-2019-10849"
+    likelihood: MEDIUM
+    precision: MEDIUM
+    impact: MEDIUM
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-6205
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-57726
+      - https://nvd.nist.gov/vuln/detail/CVE-2023-52163
+      - https://nvd.nist.gov/vuln/detail/CVE-2021-32172
+      - https://nvd.nist.gov/vuln/detail/CVE-2020-14944
+      - https://cwe.mitre.org/data/definitions/862.html
+  message: |
+    检测到缺失授权检查。API端点/函数缺少用户权限验证。
+        修复: 在业务逻辑前添加角色/权限检查(如@PreAuthorize、isAuthenticated装饰器)。
+  severity: WARNING
+  languages:
+    - go
+  patterns:
+  - pattern: $OBJ.HandleFunc(...)
+  # CONSTRAINT: pattern: verify sink is in security-sensitive context
+  # --- P2 METADATA ---
+  # cluster_id: CL-862-GO-151
+  # cwe: CWE-862 | language: go
+  # sink_patterns: [object Object]
+  # wooyun_cases: 1 | tier: N/A

package/rules/nvd-generated/cwe_862/cl-862-java-141.yaml ADDED Viewed

@@ -0,0 +1,44 @@
+# zhuma-nvd-862-862-java-141.yaml
+# Generated: 2026-06-28T10:37:40.280Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-862-JAVA-141 | CWE: CWE-862 | Lang: java
+# Precision: MEDIUM | Noise: MEDIUM
+# CVEs: 2070 | KEV: 3 | Exploit: 17
+rules:
+- id: zhuma-nvd-862-862-java-141
+  metadata:
+    category: A01:2021-Broken Access Control
+    cwe: "CWE-862: Missing Authorization"
+    cve: "CVE-2025-6205, CVE-2024-57726, CVE-2023-52163, CVE-2021-32172, CVE-2020-14944, CVE-2021-40379, CVE-2021-24146, CVE-2019-10849"
+    likelihood: MEDIUM
+    precision: MEDIUM
+    impact: MEDIUM
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-6205
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-57726
+      - https://nvd.nist.gov/vuln/detail/CVE-2023-52163
+      - https://nvd.nist.gov/vuln/detail/CVE-2021-32172
+      - https://nvd.nist.gov/vuln/detail/CVE-2020-14944
+      - https://cwe.mitre.org/data/definitions/862.html
+  message: |
+    检测到缺失授权检查。API端点/函数缺少用户权限验证。
+        修复: 在业务逻辑前添加角色/权限检查(如@PreAuthorize、isAuthenticated装饰器)。
+  severity: WARNING
+  languages:
+    - java
+  patterns:
+  - pattern-regex: '@RequestMapping \(no @PreAuthorize\)'
+  # CONSTRAINT: pattern-not: whitelist known-public paths (/login, /register, /health, /static)
+  # CONSTRAINT: Reduce severity to INFO — public endpoints may be intentional
+  # --- P2 METADATA ---
+  # cluster_id: CL-862-JAVA-141
+  # cwe: CWE-862 | language: java
+  # sink_patterns: [object Object]
+  # wooyun_cases: 1 | tier: N/A

package/rules/nvd-generated/cwe_862/cl-862-java-142.yaml ADDED Viewed

@@ -0,0 +1,44 @@
+# zhuma-nvd-862-862-java-142.yaml
+# Generated: 2026-06-28T10:37:40.280Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-862-JAVA-142 | CWE: CWE-862 | Lang: java
+# Precision: MEDIUM | Noise: MEDIUM
+# CVEs: 2070 | KEV: 3 | Exploit: 17
+rules:
+- id: zhuma-nvd-862-862-java-142
+  metadata:
+    category: A01:2021-Broken Access Control
+    cwe: "CWE-862: Missing Authorization"
+    cve: "CVE-2025-6205, CVE-2024-57726, CVE-2023-52163, CVE-2021-32172, CVE-2020-14944, CVE-2021-40379, CVE-2021-24146, CVE-2019-10849"
+    likelihood: MEDIUM
+    precision: MEDIUM
+    impact: MEDIUM
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-6205
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-57726
+      - https://nvd.nist.gov/vuln/detail/CVE-2023-52163
+      - https://nvd.nist.gov/vuln/detail/CVE-2021-32172
+      - https://nvd.nist.gov/vuln/detail/CVE-2020-14944
+      - https://cwe.mitre.org/data/definitions/862.html
+  message: |
+    检测到缺失授权检查。API端点/函数缺少用户权限验证。
+        修复: 在业务逻辑前添加角色/权限检查(如@PreAuthorize、isAuthenticated装饰器)。
+  severity: WARNING
+  languages:
+    - java
+  patterns:
+  - pattern: $FILTER.doFilter(...)
+  # Servlet filter doFilter
+  # CONSTRAINT: pattern: verify sink is in security-sensitive context
+  # --- P2 METADATA ---
+  # cluster_id: CL-862-JAVA-142
+  # cwe: CWE-862 | language: java
+  # sink_patterns: [object Object]
+  # wooyun_cases: 1 | tier: N/A

package/rules/nvd-generated/cwe_862/cl-862-java-143.yaml ADDED Viewed

@@ -0,0 +1,43 @@
+# zhuma-nvd-862-862-java-143.yaml
+# Generated: 2026-06-28T10:37:40.281Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-862-JAVA-143 | CWE: CWE-862 | Lang: java
+# Precision: MEDIUM | Noise: MEDIUM
+# CVEs: 2070 | KEV: 3 | Exploit: 17
+rules:
+- id: zhuma-nvd-862-862-java-143
+  metadata:
+    category: A01:2021-Broken Access Control
+    cwe: "CWE-862: Missing Authorization"
+    cve: "CVE-2025-6205, CVE-2024-57726, CVE-2023-52163, CVE-2021-32172, CVE-2020-14944, CVE-2021-40379, CVE-2021-24146, CVE-2019-10849"
+    likelihood: MEDIUM
+    precision: MEDIUM
+    impact: MEDIUM
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-6205
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-57726
+      - https://nvd.nist.gov/vuln/detail/CVE-2023-52163
+      - https://nvd.nist.gov/vuln/detail/CVE-2021-32172
+      - https://nvd.nist.gov/vuln/detail/CVE-2020-14944
+      - https://cwe.mitre.org/data/definitions/862.html
+  message: |
+    检测到缺失授权检查。API端点/函数缺少用户权限验证。
+        修复: 在业务逻辑前添加角色/权限检查(如@PreAuthorize、isAuthenticated装饰器)。
+  severity: WARNING
+  languages:
+    - java
+  patterns:
+  - pattern-regex: '@Path \(no @RolesAllowed\)'
+  # CONSTRAINT: pattern: verify sink is in security-sensitive context
+  # --- P2 METADATA ---
+  # cluster_id: CL-862-JAVA-143
+  # cwe: CWE-862 | language: java
+  # sink_patterns: [object Object]
+  # wooyun_cases: 1 | tier: N/A

package/rules/nvd-generated/cwe_862/cl-862-javascript-144.yaml ADDED Viewed

@@ -0,0 +1,44 @@
+# zhuma-nvd-862-862-javascript-144.yaml
+# Generated: 2026-06-28T10:37:40.281Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-862-JAVASCRIPT-144 | CWE: CWE-862 | Lang: javascript
+# Precision: MEDIUM | Noise: MEDIUM
+# CVEs: 2070 | KEV: 3 | Exploit: 17
+rules:
+- id: zhuma-nvd-862-862-javascript-144
+  metadata:
+    category: A01:2021-Broken Access Control
+    cwe: "CWE-862: Missing Authorization"
+    cve: "CVE-2025-6205, CVE-2024-57726, CVE-2023-52163, CVE-2021-32172, CVE-2020-14944, CVE-2021-40379, CVE-2021-24146, CVE-2019-10849"
+    likelihood: MEDIUM
+    precision: MEDIUM
+    impact: MEDIUM
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-6205
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-57726
+      - https://nvd.nist.gov/vuln/detail/CVE-2023-52163
+      - https://nvd.nist.gov/vuln/detail/CVE-2021-32172
+      - https://nvd.nist.gov/vuln/detail/CVE-2020-14944
+      - https://cwe.mitre.org/data/definitions/862.html
+  message: |
+    检测到缺失授权检查。API端点/函数缺少用户权限验证。
+        修复: 在业务逻辑前添加角色/权限检查(如@PreAuthorize、isAuthenticated装饰器)。
+  severity: WARNING
+  languages:
+    - javascript
+  patterns:
+  - pattern-regex: 'app.get|app.post|router.get'
+  # CONSTRAINT: pattern-not: whitelist known-public paths (/login, /register, /health, /static)
+  # CONSTRAINT: Reduce severity to INFO — public endpoints may be intentional
+  # --- P2 METADATA ---
+  # cluster_id: CL-862-JAVASCRIPT-144
+  # cwe: CWE-862 | language: javascript
+  # sink_patterns: [object Object]
+  # wooyun_cases: 1 | tier: N/A

package/rules/nvd-generated/cwe_862/cl-862-javascript-145.yaml ADDED Viewed

@@ -0,0 +1,44 @@
+# zhuma-nvd-862-862-javascript-145.yaml
+# Generated: 2026-06-28T10:37:40.282Z
+# Source: P2 auto-generation (fixed) from P1.5 classified clusters
+# Cluster: CL-862-JAVASCRIPT-145 | CWE: CWE-862 | Lang: javascript
+# Precision: MEDIUM | Noise: MEDIUM
+# CVEs: 2070 | KEV: 3 | Exploit: 17
+rules:
+- id: zhuma-nvd-862-862-javascript-145
+  metadata:
+    category: A01:2021-Broken Access Control
+    cwe: "CWE-862: Missing Authorization"
+    cve: "CVE-2025-6205, CVE-2024-57726, CVE-2023-52163, CVE-2021-32172, CVE-2020-14944, CVE-2021-40379, CVE-2021-24146, CVE-2019-10849"
+    likelihood: MEDIUM
+    precision: MEDIUM
+    impact: MEDIUM
+    confidence: MEDIUM
+    source: nvd+wooyun
+    references:
+      - https://nvd.nist.gov/vuln/detail/CVE-2025-6205
+      - https://nvd.nist.gov/vuln/detail/CVE-2024-57726
+      - https://nvd.nist.gov/vuln/detail/CVE-2023-52163
+      - https://nvd.nist.gov/vuln/detail/CVE-2021-32172
+      - https://nvd.nist.gov/vuln/detail/CVE-2020-14944
+      - https://cwe.mitre.org/data/definitions/862.html
+  message: |
+    检测到缺失授权检查。API端点/函数缺少用户权限验证。
+        修复: 在业务逻辑前添加角色/权限检查(如@PreAuthorize、isAuthenticated装饰器)。
+  severity: WARNING
+  languages:
+    - javascript
+  patterns:
+  - pattern-regex: 'export\s+default\s+function'
+  # Next.js API route handler
+  # CONSTRAINT: pattern: verify sink is in security-sensitive context
+  # --- P2 METADATA ---
+  # cluster_id: CL-862-JAVASCRIPT-145
+  # cwe: CWE-862 | language: javascript
+  # sink_patterns: [object Object]
+  # wooyun_cases: 1 | tier: N/A