更新: 2531 个文件 - 2026-03-17 21:00:03

2026-03-17 21:00:04 -07:00
--- a/07-framework-security/platforms/adminer/INDEX.md
+++ b/07-framework-security/platforms/adminer/INDEX.md
@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `0`
- 最近渲染时间: `2026-03-18T01:29:36+00:00`
+- 最近渲染时间: `2026-03-18T03:58:59+00:00`

 ## 目标约束

--- a/07-framework-security/platforms/gitea/INDEX.md
+++ b/07-framework-security/platforms/gitea/INDEX.md
@@ -5,14 +5,14 @@
 - 系统 ID: `gitea`
 - 分类: `platforms`
 - 覆盖策略: `rolling-24m`
- 总案例数: `30`
- 近 30 天新增/更新: `30`
- 重点 Markdown 案例数: `30`
- 已实证(真实版本): `0`
+- 总案例数: `37`
+- 近 30 天新增/更新: `37`
+- 重点 Markdown 案例数: `37`
+- 已实证(真实版本): `37`
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
- 待人工/缺浏览器证据: `30`
- 最近渲染时间: `2026-03-18T01:29:38+00:00`
+- 待人工/缺浏览器证据: `0`
+- 最近渲染时间: `2026-03-18T03:59:03+00:00`

 ## 目标约束

@@ -31,33 +31,40 @@

 | 标题 | 严重度 | 案例状态 | 实证状态 | 实证方式 | 来源置信度 | 更新时间 | 案例页 |
 |------|--------|----------|----------|----------|------------|----------|--------|
-| Gitea may send release notification emails for private repositories to users whose access has been revoked in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:54.518308Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-0798.md) |
-| Gitea has improper access control for uploaded attachments in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:53.977351Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20736.md) |
-| Gitea does not properly validate project ownership in organization project operations in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:57.697708Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20750.md) |
-| Gitea improperly exposes issue and pull request titles in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:54.012782Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20800.md) |
-| Gitea improperly exposes issue titles and repository names through previously started stopwatches in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:54.692700Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20883.md) |
-| Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interface in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:56.025932Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20888.md) |
-| Gitea does not properly validate repository ownership when deleting Git LFS locks in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:55.339967Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20897.md) |
-| Gitea does not properly validate ownership when toggling OpenID URI visibility in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:54.244003Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20904.md) |
-| Gitea does not properly validate repository ownership when linking attachments to releases in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:55.747880Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20912.md) |
-| Gitea's /api/v1/user endpoint has different responses for failed authentication depending on whether a username exists in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:49.801641Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-69413.md) |
-| Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:49.095775Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68938.md) |
-| Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:50.339953Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68941.md) |
-| Gitea allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:49.781753Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68942.md) |
-| Gitea inadvertently discloses users' login times by allowing (for example) the lastlogintime explore/users sort order in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:49.213758Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68943.md) |
-| Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:50.526913Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68944.md) |
-| Gitea: anonymous user can visit private user's project in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:51.457970Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68945.md) |
-| Gitea vulnerable to Cross-site Scripting in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:57:50.473303Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68946.md) |
-| Gitea vulnerable to Argument Injection in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:52:41.181693Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-42968.md) |
-| Improper Privilege Management in Gitea in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:52:33.136607Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2021-45330.md) |
-| Gitea Missing Authorization vulnerability in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:50:45.472605Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-0905.md) |
-| Stored Cross-site Scripting in gitea in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:50:45.577318Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-1928.md) |
-| Arbitrary file deletion in gitea in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:50:19.647131Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-27313.md) |
-| Shell command injection in gitea in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:50:23.949796Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-30781.md) |
-| Path Traversal in Gitea in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:50:06.638863Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2021-29134.md) |
-| Reuse of one time passwords allowed in Gitea in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:52:07.604662Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2021-45331.md) |
-| Capture-replay in Gitea in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:52:07.840324Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2021-45327.md) |
-| Gitea erroneous repo clones in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:54:07.076900Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-38795.md) |
-| Gitea allowed assignment of private issues in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:55:04.505871Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-38183.md) |
-| Buffer Overflow in gitea in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:55:15.307648Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2021-3382.md) |
-| Gitea Open Redirect in code.gitea.io/gitea | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-03T04:51:49.844240Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-1058.md) |
+| Gitea may send release notification emails for private repositories to users whose access has been revoked in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:54.518308Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-0798.md) |
+| Gitea has improper access control for uploaded attachments in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:53.977351Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20736.md) |
+| Gitea does not properly validate project ownership in organization project operations in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:57.697708Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20750.md) |
+| Gitea improperly exposes issue and pull request titles in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:54.012782Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20800.md) |
+| Gitea improperly exposes issue titles and repository names through previously started stopwatches in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:54.692700Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20883.md) |
+| Gitea does not properly verify authorization when canceling scheduled auto-merges via the web interface in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:56.025932Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20888.md) |
+| Gitea does not properly validate repository ownership when deleting Git LFS locks in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:55.339967Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20897.md) |
+| Gitea does not properly validate ownership when toggling OpenID URI visibility in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:54.244003Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20904.md) |
+| Gitea does not properly validate repository ownership when linking attachments to releases in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:55.747880Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20912.md) |
+| Gitea's /api/v1/user endpoint has different responses for failed authentication depending on whether a username exists in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:49.801641Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-69413.md) |
+| Gitea mishandles authorization for deletion of releases in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:49.095775Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68938.md) |
+| Gitea allows attackers to add attachments with forbidden file extensions in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:48.777563Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68939.md) |
+| Gitea doesn't adequately enforce branch deletion permissions after merging a pull request. in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:50.087298Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68940.md) |
+| Gitea mishandles access to a private resource upon receiving an API token with scope limited to public resources in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:50.339953Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68941.md) |
+| Gitea allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:49.781753Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68942.md) |
+| Gitea inadvertently discloses users' login times by allowing (for example) the lastlogintime explore/users sort order in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:49.213758Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68943.md) |
+| Gitea sometimes mishandles propagation of token scope for access control within one of its own package registries in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:50.526913Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68944.md) |
+| Gitea: anonymous user can visit private user's project in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:51.457970Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68945.md) |
+| Gitea vulnerable to Cross-site Scripting in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:57:50.473303Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68946.md) |
+| Gitea vulnerable to Argument Injection in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:52:41.181693Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-42968.md) |
+| Improper Privilege Management in Gitea in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:52:33.136607Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2021-45330.md) |
+| Gitea Remote Code Execution (RCE) in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:52:20.787387Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2018-18926.md) |
+| Denial of Service in Gitea in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:52:17.939867Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2020-13246.md) |
+| Cross-site Scripting in Gitea in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:52:18.307544Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2021-28378.md) |
+| Gitea Missing Authorization vulnerability in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:50:45.472605Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-0905.md) |
+| Stored Cross-site Scripting in gitea in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:50:45.577318Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-1928.md) |
+| Arbitrary file deletion in gitea in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:50:19.647131Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-27313.md) |
+| Shell command injection in gitea in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:50:23.949796Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-30781.md) |
+| Path Traversal in Gitea in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:50:06.638863Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2021-29134.md) |
+| Reuse of one time passwords allowed in Gitea in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:52:07.604662Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2021-45331.md) |
+| Capture-replay in Gitea in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:52:07.840324Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2021-45327.md) |
+| Gitea erroneous repo clones in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:54:07.076900Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-38795.md) |
+| Gogs and Gitea SSRF Vulnerability in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:54:04.686907Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2018-15192.md) |
+| Gitea XSS Vulnerability in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:53:57.848904Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2019-1010261.md) |
+| Gitea allowed assignment of private issues in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:55:04.505871Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-38183.md) |
+| Buffer Overflow in gitea in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:55:15.307648Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2021-3382.md) |
+| Gitea Open Redirect in code.gitea.io/gitea | `unknown` | `generated` | `verified-real` | `real` | `official` | `2026-03-03T04:51:49.844240Z` | [link](/Users/x/websafe/07-framework-security/platforms/gitea/cases/gitea-cve-2022-1058.md) |
--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2018-15192.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2018-15192.md
@@ -11,7 +11,7 @@ source_confidence: "official"
 verification_status: "verified-real"
 verification_mode: "real"
 artifact_mode: "local-fixture"
-last_run_id: "gitea-gitea--CVE-2018-15192-20260318012749"
+last_run_id: "gitea-gitea--CVE-2018-15192-20260318035123"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -44,9 +44,9 @@ primary_source: "https://github.com/advisories/GHSA-fg3x-rwq9-74cw"
 - 实证状态: `verified-real`
 - 实证方式: `real`
 - Artifact 模式: `local-fixture`
- 最近运行: `gitea-gitea--CVE-2018-15192-20260318012749`
+- 最近运行: `gitea-gitea--CVE-2018-15192-20260318035123`
 - 浏览器证据: `missing`
- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-15192-20260318012749`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-15192-20260318035123`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2018-18926.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2018-18926.md
@@ -11,7 +11,7 @@ source_confidence: "official"
 verification_status: "verified-real"
 verification_mode: "real"
 artifact_mode: "local-fixture"
-last_run_id: "gitea-gitea--CVE-2018-18926-20260318012526"
+last_run_id: "gitea-gitea--CVE-2018-18926-20260318035129"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -41,9 +41,9 @@ primary_source: "https://github.com/advisories/GHSA-hf6f-jq25-8gq9"
 - 实证状态: `verified-real`
 - 实证方式: `real`
 - Artifact 模式: `local-fixture`
- 最近运行: `gitea-gitea--CVE-2018-18926-20260318012526`
+- 最近运行: `gitea-gitea--CVE-2018-18926-20260318035129`
 - 浏览器证据: `present`
- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318012526`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2019-1010261.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2019-1010261.md
@@ -11,7 +11,7 @@ source_confidence: "official"
 verification_status: "verified-real"
 verification_mode: "real"
 artifact_mode: "local-fixture"
-last_run_id: "gitea-gitea--CVE-2019-1010261-20260318012624"
+last_run_id: "gitea-gitea--CVE-2019-1010261-20260318035135"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -42,9 +42,9 @@ primary_source: "https://github.com/advisories/GHSA-5rh7-6gfj-mc87"
 - 实证状态: `verified-real`
 - 实证方式: `real`
 - Artifact 模式: `local-fixture`
- 最近运行: `gitea-gitea--CVE-2019-1010261-20260318012624`
+- 最近运行: `gitea-gitea--CVE-2019-1010261-20260318035135`
 - 浏览器证据: `present`
- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318012624`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2020-13246.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2020-13246.md
@@ -11,7 +11,7 @@ source_confidence: "official"
 verification_status: "verified-real"
 verification_mode: "real"
 artifact_mode: "local-fixture"
-last_run_id: "gitea-gitea--CVE-2020-13246-20260318012806"
+last_run_id: "gitea-gitea--CVE-2020-13246-20260318035142"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -42,9 +42,9 @@ primary_source: "https://github.com/advisories/GHSA-g2qx-6ghw-67hm"
 - 实证状态: `verified-real`
 - 实证方式: `real`
 - Artifact 模式: `local-fixture`
- 最近运行: `gitea-gitea--CVE-2020-13246-20260318012806`
+- 最近运行: `gitea-gitea--CVE-2020-13246-20260318035142`
 - 浏览器证据: `present`
- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318012806`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2021-28378.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2021-28378.md
@@ -11,7 +11,7 @@ source_confidence: "official"
 verification_status: "verified-real"
 verification_mode: "real"
 artifact_mode: "local-fixture"
-last_run_id: "gitea-gitea--CVE-2021-28378-20260318012813"
+last_run_id: "gitea-gitea--CVE-2021-28378-20260318035148"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -43,9 +43,9 @@ primary_source: "https://github.com/advisories/GHSA-g95p-88p4-76cm"
 - 实证状态: `verified-real`
 - 实证方式: `real`
 - Artifact 模式: `local-fixture`
- 最近运行: `gitea-gitea--CVE-2021-28378-20260318012813`
+- 最近运行: `gitea-gitea--CVE-2021-28378-20260318035148`
 - 浏览器证据: `present`
- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318012813`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2021-29134.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2021-29134.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:50:06.638863Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2021-29134-20260318035154"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -40,12 +40,12 @@ primary_source: "https://github.com/advisories/GHSA-h3q4-vmw4-cpr5"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2021-29134-20260318035154`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2021-3382.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2021-3382.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:55:15.307648Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2021-3382-20260318035201"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-9f8c-pfvv-p4gm"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2021-3382-20260318035201`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2021-45327.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2021-45327.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:52:07.840324Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2021-45327-20260318035207"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-jrpg-35hw-m4p9"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2021-45327-20260318035207`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2021-45330.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2021-45330.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:52:33.136607Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2021-45330-20260318035214"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-pg38-r834-g45j"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2021-45330-20260318035214`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2021-45331.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2021-45331.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:52:07.604662Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2021-45331-20260318035220"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-hfmf-q69j-6m5p"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2021-45331-20260318035220`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2022-0905.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2022-0905.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:50:45.472605Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2022-0905-20260318035226"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-jr9c-h74f-2v28"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2022-0905-20260318035226`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2022-1058.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2022-1058.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:51:49.844240Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2022-1058-20260318035233"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-4rqq-rxvc-v2rc"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2022-1058-20260318035233`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2022-1928.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2022-1928.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:50:45.577318Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2022-1928-20260318035239"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -40,12 +40,12 @@ primary_source: "https://github.com/advisories/GHSA-ph3w-2843-72mx"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2022-1928-20260318035239`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2022-27313.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2022-27313.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:50:19.647131Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2022-27313-20260318035245"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-g7p7-x6w7-w6qg"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2022-27313-20260318035245`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2022-30781.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2022-30781.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:50:23.949796Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2022-30781-20260318035252"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-p5f9-c9j9-g8qx"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2022-30781-20260318035252`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2022-38183.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2022-38183.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:55:04.505871Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2022-38183-20260318035258"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-fhv8-m4j4-cww2"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2022-38183-20260318035258`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2022-38795.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2022-38795.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:54:07.076900Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2022-38795-20260318035304"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-8j3v-68w3-3848"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2022-38795-20260318035304`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2022-42968.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2022-42968.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:52:41.181693Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2022-42968-20260318035311"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-w8xw-7crf-h23x"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2022-42968-20260318035311`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68938.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68938.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:49.095775Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2025-68938-20260318035317"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-cm54-pfmc-xrwx"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2025-68938-20260318035317`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68939.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68939.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:48.777563Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "blocked-artifact"
+verification_status: "verified-real"
 verification_mode: "real"
-artifact_mode: "official-image"
-last_run_id: "gitea-livecheck-20260316"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2025-68939-20260318035323"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-263q-5cv3-xq9g"

 ## 本地实证状态

- 实证状态: `blocked-artifact`
+- 实证状态: `verified-real`
 - 实证方式: `real`
- Artifact 模式: `official-image`
- 最近运行: `gitea-livecheck-20260316`
- 浏览器证据: `missing`
- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-livecheck-20260316`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2025-68939-20260318035323`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68940.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68940.md
@@ -11,7 +11,7 @@ source_confidence: "official"
 verification_status: "verified-real"
 verification_mode: "real"
 artifact_mode: "local-fixture"
-last_run_id: "gitea-gitea--CVE-2025-68940-20260318012708"
+last_run_id: "gitea-gitea--CVE-2025-68940-20260318035330"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -42,9 +42,9 @@ primary_source: "https://github.com/advisories/GHSA-rrcw-5rjv-vj26"
 - 实证状态: `verified-real`
 - 实证方式: `real`
 - Artifact 模式: `local-fixture`
- 最近运行: `gitea-gitea--CVE-2025-68940-20260318012708`
+- 最近运行: `gitea-gitea--CVE-2025-68940-20260318035330`
 - 浏览器证据: `missing`
- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68940-20260318012708`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68940-20260318035330`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68941.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68941.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:50.339953Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2025-68941-20260318035334"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-xfq3-qj7j-4565"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2025-68941-20260318035334`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68942.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68942.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:49.781753Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2025-68942-20260318035340"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -40,12 +40,12 @@ primary_source: "https://github.com/advisories/GHSA-898p-hh3p-hf9r"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2025-68942-20260318035340`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68943.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68943.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:49.213758Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2025-68943-20260318035347"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-jhx5-4vr4-f327"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2025-68943-20260318035347`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68944.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68944.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:50.526913Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2025-68944-20260318035353"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -40,12 +40,12 @@ primary_source: "https://github.com/advisories/GHSA-f85h-c7m6-cfpm"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2025-68944-20260318035353`
 - 浏览器证据: `missing`
- Run Bundle: `-`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68944-20260318035353`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68945.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68945.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:51.457970Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2025-68945-20260318035358"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-7xq4-mwcp-q8fx"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2025-68945-20260318035358`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68946.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2025-68946.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:50.473303Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2025-68946-20260318035404"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -40,12 +40,12 @@ primary_source: "https://github.com/advisories/GHSA-hq57-c72x-4774"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2025-68946-20260318035404`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2025-69413.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2025-69413.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:49.801641Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2025-69413-20260318035410"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -39,12 +39,12 @@ primary_source: "https://github.com/advisories/GHSA-pc73-rj2c-wvf9"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2025-69413-20260318035410`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2026-0798.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2026-0798.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:54.518308Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2026-0798-20260318035416"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -40,12 +40,12 @@ primary_source: "https://github.com/advisories/GHSA-8fwc-qjw5-rvgp"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2026-0798-20260318035416`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20736.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20736.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:53.977351Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2026-20736-20260318035423"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -41,12 +41,12 @@ primary_source: "https://github.com/advisories/GHSA-hgr3-x44x-33hx"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2026-20736-20260318035423`
 - 浏览器证据: `missing`
- Run Bundle: `-`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20736-20260318035423`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20750.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20750.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:57.697708Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2026-20750-20260318035428"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -40,12 +40,12 @@ primary_source: "https://github.com/advisories/GHSA-rw22-5hhq-pfpf"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2026-20750-20260318035428`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20800.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20800.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:54.012782Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2026-20800-20260318035434"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -40,12 +40,12 @@ primary_source: "https://github.com/advisories/GHSA-2vgv-hgv4-22mh"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2026-20800-20260318035434`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20883.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20883.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:54.692700Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2026-20883-20260318035441"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -40,12 +40,12 @@ primary_source: "https://github.com/advisories/GHSA-j8xr-c56q-m8jj"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2026-20883-20260318035441`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20888.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20888.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:56.025932Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2026-20888-20260318035447"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -40,12 +40,12 @@ primary_source: "https://github.com/advisories/GHSA-9cgq-wp42-4rpq"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2026-20888-20260318035447`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20897.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20897.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:55.339967Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2026-20897-20260318035454"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -40,12 +40,12 @@ primary_source: "https://github.com/advisories/GHSA-393c-qgvj-3xph"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2026-20897-20260318035454`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20904.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20904.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:54.244003Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2026-20904-20260318035500"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -40,12 +40,12 @@ primary_source: "https://github.com/advisories/GHSA-qqgv-v353-cv8p"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2026-20904-20260318035500`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500`

 ## 事件层

--- a/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20912.md
+++ b/07-framework-security/platforms/gitea/cases/gitea-cve-2026-20912.md
@@ -8,10 +8,10 @@ updated_date: "2026-03-03T04:57:55.747880Z"
 severity: "unknown"
 exploit_status: "unknown"
 source_confidence: "official"
-verification_status: "triage-manual"
-verification_mode: "synthetic"
-artifact_mode: "synthetic"
-last_run_id: ""
+verification_status: "verified-real"
+verification_mode: "real"
+artifact_mode: "local-fixture"
+last_run_id: "gitea-gitea--CVE-2026-20912-20260318035506"
 target_types:
  - "lab-local"
  - "lab-public"
@@ -40,12 +40,12 @@ primary_source: "https://github.com/advisories/GHSA-4xx9-vc8v-87hv"

 ## 本地实证状态

- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
+- 实证状态: `verified-real`
+- 实证方式: `real`
+- Artifact 模式: `local-fixture`
+- 最近运行: `gitea-gitea--CVE-2026-20912-20260318035506`
+- 浏览器证据: `present`
+- Run Bundle: `/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506`

 ## 事件层

--- a/07-framework-security/platforms/gitlab-ce/INDEX.md
+++ b/07-framework-security/platforms/gitlab-ce/INDEX.md
@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `0`
- 最近渲染时间: `2026-03-18T01:29:38+00:00`
+- 最近渲染时间: `2026-03-18T03:59:03+00:00`

 ## 目标约束

--- a/07-framework-security/platforms/grafana/INDEX.md
+++ b/07-framework-security/platforms/grafana/INDEX.md
@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `0`
- 最近渲染时间: `2026-03-18T01:29:38+00:00`
+- 最近渲染时间: `2026-03-18T03:59:03+00:00`

 ## 目标约束

--- a/07-framework-security/platforms/jenkins/INDEX.md
+++ b/07-framework-security/platforms/jenkins/INDEX.md
@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `0`
- 最近渲染时间: `2026-03-18T01:29:38+00:00`
+- 最近渲染时间: `2026-03-18T03:59:03+00:00`

 ## 目标约束

--- a/07-framework-security/platforms/kibana/INDEX.md
+++ b/07-framework-security/platforms/kibana/INDEX.md
@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `0`
- 最近渲染时间: `2026-03-18T01:29:38+00:00`
+- 最近渲染时间: `2026-03-18T03:59:03+00:00`

 ## 目标约束

--- a/07-framework-security/platforms/mattermost/INDEX.md
+++ b/07-framework-security/platforms/mattermost/INDEX.md
@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `0`
- 最近渲染时间: `2026-03-18T01:29:38+00:00`
+- 最近渲染时间: `2026-03-18T03:59:03+00:00`

 ## 目标约束

--- a/07-framework-security/platforms/phpmyadmin/INDEX.md
+++ b/07-framework-security/platforms/phpmyadmin/INDEX.md
@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `0`
- 最近渲染时间: `2026-03-18T01:29:36+00:00`
+- 最近渲染时间: `2026-03-18T03:58:59+00:00`

 ## 目标约束

--- a/07-framework-security/platforms/redmine/INDEX.md
+++ b/07-framework-security/platforms/redmine/INDEX.md
@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `0`
- 最近渲染时间: `2026-03-18T01:29:38+00:00`
+- 最近渲染时间: `2026-03-18T03:59:03+00:00`

 ## 目标约束