更新: 413 个文件 - 2026-03-24 03:45:07

07-framework-security/cms/directus/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `29`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/cms/discourse/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `30`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/cms/drupal/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `70`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/cms/ghost/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `23`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/cms/joomla/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `100`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/cms/mediawiki/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `70`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/cms/moodle/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `40`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/cms/strapi/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `26`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/cms/wordpress/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `140`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/ecommerce/adobe-commerce/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `81`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/ecommerce/magento-open-source/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `89`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/ecommerce/medusa/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `15`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/ecommerce/opencart/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `100`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/ecommerce/openmage/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `27`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/ecommerce/prestashop/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `112`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/ecommerce/saleor/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `24`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/ecommerce/shopware/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `71`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/ecommerce/woocommerce/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `111`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/angular/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `2`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/aspnet-core/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `3`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/astro/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `14`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/django/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `82`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/echo/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `2`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/esbuild/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `1`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/express/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `1`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/fastify/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `1`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/flask/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `1`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/gin/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `1`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/hapi/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `1`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/koa/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `1`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/laravel/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `2`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/nestjs/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `2`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/nextjs/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `40`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/nodejs/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `8`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/nuxt/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `28`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/rails/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `42`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/react/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `21`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/spring-boot/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `2`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/spring-framework/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `11`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/spring-security/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `4`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/sveltekit/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `3`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/symfony/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `9`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/undici/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `9`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/vite/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `30`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/vue/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `15`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/webpack/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `1`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/frameworks/werkzeug/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `1`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/platforms/adminer/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `2`
-- 最近渲染时间: `2026-03-23T09:54:10+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/platforms/gitea/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `13`
-- 最近渲染时间: `2026-03-23T09:54:10+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/platforms/gitlab-ce/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `55`
-- 最近渲染时间: `2026-03-23T09:54:10+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/platforms/grafana/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `60`
-- 最近渲染时间: `2026-03-23T09:54:10+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/platforms/jenkins/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `60`
-- 最近渲染时间: `2026-03-23T09:54:10+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/platforms/kibana/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `47`
-- 最近渲染时间: `2026-03-23T09:54:10+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/platforms/mattermost/INDEX.md

@@ -5,14 +5,14 @@
 - 系统 ID: `mattermost`
 - 分类: `platforms`
 - 覆盖策略: `rolling-24m`
-- 总案例数: `21`
+- 总案例数: `31`
-- 近 30 天新增/更新: `20`
+- 近 30 天新增/更新: `30`
-- 重点 Markdown 案例数: `21`
+- 重点 Markdown 案例数: `31`
 - 已实证(真实版本): `0`
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
-- 待人工/缺浏览器证据: `21`
+- 待人工/缺浏览器证据: `31`
-- 最近渲染时间: `2026-03-23T09:54:10+00:00`
+- 最近渲染时间: `2026-03-24T09:18:19+00:00`
 
 ## 目标约束
 
@@ -34,8 +34,18 @@
 | 标题 | 严重度 | 案例状态 | 实证状态 | 实证方式 | 来源置信度 | 更新时间 | 案例页 |
 |------|--------|----------|----------|----------|------------|----------|--------|
 | Issue Identifier | `severity` | `generated` | `triage-manual` | `synthetic` | `official` | `Fix Release Date` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-issue-identifier.md) |
-| Mattermost fails to validate user's authentication method when processing account auth type switch | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-19T19:31:20.982512Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-22545.md) |
+| Mattermost fails to validate user's authentication method when processing account auth type switch | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:56:23.696710Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-22545.md) |
-| MMSA-2025-00553 | `medium` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-16` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-4265.md) |
+| Mattermost fails to canonicalize IPv4-mapped IPv6 addresses before reserved IP validation | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:56:08.125706Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-2455.md) |
+| Mattermost fails to properly enforce read permissions in search API endpoints | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:55:57.125165Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-24692.md) |
+| Mattermost fails to use consistent error responses when handling the /mute command | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:56:15.398070Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-21386.md) |
+| Mattermost fails to validate team-specific upload_file permissions | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:56:04.837800Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-4265.md) |
+| Mattermost allows a removed team member to enumerate all public channels within a private team | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:56:02.455815Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-2458.md) |
+| Mattermost fails to filter invite IDs based on user permissions | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:56:08.610141Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-2463.md) |
+| Mattermost fails to preserve the redacted state of burn-on-read posts during deletion | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:56:01.583567Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-2578.md) |
+| Mattermost fails to properly handle very long passwords | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:56:03.732922Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-24458.md) |
+| Mattermost allows attackers to spoof permalink embeds | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:56:18.286997Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-2457.md) |
+| Mattermost fails to bound memory allocation when processing DOC files | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:56:18.467718Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-25780.md) |
+| Mattermost fails to bound memory allocation when processing PSD image files | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:56:08.918090Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-26246.md) |
 | MMSA-2026-00574 | `medium` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-16` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-mmsa-2026-00574.md) |
 | MMSA-2026-00603 | `low` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-16` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-mmsa-2026-00603.md) |
 | MMSA-2026-00624 | `medium` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-16` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-mmsa-2026-00624.md) |

07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-21386.md

@@ -0,0 +1,178 @@
+---
+title: "Mattermost fails to use consistent error responses when handling the /mute command"
+system_id: "mattermost"
+category: "platforms"
+advisory_mode: "core"
+published_date: "2026-03-16T15:30:46Z"
+updated_date: "2026-03-23T18:56:15.398070Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "ecosystem-authority"
+verification_status: "triage-manual"
+verification_mode: "synthetic"
+artifact_mode: "synthetic"
+last_run_id: ""
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2026-21386"
+  - "GO-2026-4744"
+  - "GHSA-5mr9-crcg-8wh2"
+affected_versions:
+  - "introduced=0, fixed<8.0.0-20260130144323-5bb5261c72fa"
+  - "introduced=0, fixed<5.3.2-0.20260130144323-5bb5261c72fa"
+  - "introduced=10.11.0-rc1, fixed<10.11.11"
+  - "introduced=11.2.0-rc1, fixed<11.2.3"
+  - "introduced=11.3.0-rc1, fixed<11.3.1"
+  - "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible"
+  - "introduced=0"
+fixed_versions:
+  - "8.0.0-20260130144323-5bb5261c72fa"
+  - "5.3.2-0.20260130144323-5bb5261c72fa"
+  - "10.11.11"
+  - "11.2.3"
+  - "11.3.1"
+  - "10.11.11+incompatible"
+  - "11.2.3+incompatible"
+  - "11.3.1+incompatible"
+entity_refs:
+  - "mattermost:system:root-system"
+  - "mattermost--repo--github-com-mattermost-mattermost-server:repo:affected-component"
+secure_code_topics:
+  - "authz-server-side-recheck"
+  - "xss-output-encoding"
+  - "token-cookie-storage"
+  - "dependency-upgrade-policy"
+primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-21386"
+---
+
+# Mattermost fails to use consistent error responses when handling the /mute command
+
+## 本地实证状态
+
+- 实证状态: `triage-manual`
+- 实证方式: `synthetic`
+- Artifact 模式: `synthetic`
+- 最近运行: `-`
+- 浏览器证据: `missing`
+- Run Bundle: `-`
+
+## 事件层
+
+- Canonical ID: `mattermost--CVE-2026-21386`
+- 系统: `mattermost`
+- 严重度: `low`
+- 来源置信度: `ecosystem-authority`
+- 官方主源: https://nvd.nist.gov/vuln/detail/CVE-2026-21386
+- 影响版本: `introduced=0, fixed<8.0.0-20260130144323-5bb5261c72fa, introduced=0, fixed<5.3.2-0.20260130144323-5bb5261c72fa, introduced=10.11.0-rc1, fixed<10.11.11, introduced=11.2.0-rc1, fixed<11.2.3, introduced=11.3.0-rc1, fixed<11.3.1, introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible, introduced=0`
+- 修复版本: `8.0.0-20260130144323-5bb5261c72fa, 5.3.2-0.20260130144323-5bb5261c72fa, 10.11.11, 11.2.3, 11.3.1, 10.11.11+incompatible, 11.2.3+incompatible, 11.3.1+incompatible`
+
+## 对象与版本映射
+
+- Advisory Scope: `repo`
+- 影响对象: `mattermost / mattermost-server`
+- Entity Refs: `mattermost, mattermost--repo--github-com-mattermost-mattermost-server`
+- 版本置信度: `high`
+- 版本缺口: `-`
+- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-21386, https://github.com/advisories/GHSA-5mr9-crcg-8wh2, https://github.com/mattermost/mattermost/commit/5bb5261c72faa476558a694c23581d24b734da41, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
+
+## 受控验证流程
+
+- Workflow ID: `mattermost--CVE-2026-21386--workflow`
+- 漏洞家族: `unknown`
+- 入口面: `repo-surface`
+- 需要角色: `unknown`
+- 触发向量: 对 `unknown` 家族入口投递最小化、可审计、可回滚的受控输入，比较修复前后差异。
+- 请求/页面入口: `/repo`
+- 输入形态: 提交最小化、可审计、可回滚的受控输入。
+- 预期不安全行为: 目标表现出超出设计边界的行为。
+
+## 其他来源
+
+- https://github.com/advisories/GHSA-5mr9-crcg-8wh2
+- https://github.com/mattermost/mattermost/commit/5bb5261c72faa476558a694c23581d24b734da41
+- https://github.com/mattermost/mattermost
+- https://mattermost.com/security-updates
+
+## 证据点与补丁验证
+
+### 服务端证据点
+
+- 应用日志中的命中路径、鉴权决策和异常栈
+- 反向代理或边界层日志中的请求头、来源 IP 与路由决策
+
+### 浏览器证据点
+
+- 基线截图与攻击后截图的 DOM/视觉差异
+- console、network 与 response metadata 中的异常信号
+
+### 数据库/文件系统证据点
+
+- 数据库中新增/越权读取的测试数据
+- 文件系统中新增上传样本、缓存条目或越权读取痕迹
+
+### 检测信号
+
+- WAF / reverse proxy 异常日志、访问日志和告警
+- 应用审计日志中的权限错误、重定向异常、模板渲染或上传落盘事件
+
+### 补丁验证步骤
+
+- 确认目标版本从 `introduced=0, fixed<8.0.0-20260130144323-5bb5261c72fa, introduced=0, fixed<5.3.2-0.20260130144323-5bb5261c72fa, introduced=10.11.0-rc1, fixed<10.11.11` 升级或回移到 `8.0.0-20260130144323-5bb5261c72fa`。
+- 保留同一组受控输入，在修复前后分别执行并比对响应、日志与浏览器证据。
+- 确认修复后仅保留预期业务行为，不再触发越权、回显、异常渲染或错误请求。
+- 补充 `unknown` 族自动化回归，避免同类路径在插件、主题或代理链中回归。
+
+### 实验安全备注
+
+- 只使用回环地址、哨兵目标、无害样本或可回滚测试数据。
+- 禁止造成持久破坏、越权下载真实数据或不可回滚 side effect。
+- 如需浏览器证据，保留 baseline / proof 两份快照以及 console / network 记录。
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/javascript-typescript/authz-server-side-recheck.md)
+- [nodejs:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/nodejs/authz-server-side-recheck.md)
+- [java:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/java/authz-server-side-recheck.md)
+- [php:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/php/authz-server-side-recheck.md)
+- [python:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/python/authz-server-side-recheck.md)
+- [ruby:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/ruby/authz-server-side-recheck.md)
+- [csharp:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/csharp/authz-server-side-recheck.md)
+- [go:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/go/authz-server-side-recheck.md)
+- [javascript-typescript:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/javascript-typescript/xss-output-encoding.md)
+- [nodejs:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/nodejs/xss-output-encoding.md)
+- [java:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/java/xss-output-encoding.md)
+- [php:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/php/xss-output-encoding.md)
+- [python:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/python/xss-output-encoding.md)
+- [ruby:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/ruby/xss-output-encoding.md)
+- [csharp:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/csharp/xss-output-encoding.md)
+- [go:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/go/xss-output-encoding.md)
+- [javascript-typescript:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/javascript-typescript/token-cookie-storage.md)
+- [nodejs:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/nodejs/token-cookie-storage.md)
+- [java:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/java/token-cookie-storage.md)
+- [php:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/php/token-cookie-storage.md)
+- [python:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/python/token-cookie-storage.md)
+- [ruby:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/ruby/token-cookie-storage.md)
+- [csharp:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/csharp/token-cookie-storage.md)
+- [go:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/go/token-cookie-storage.md)
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)

07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-22545.md

@@ -4,7 +4,7 @@ system_id: "mattermost"
 category: "platforms"
 advisory_mode: "core"
 published_date: "2026-03-16T15:30:47Z"
-updated_date: "2026-03-19T19:31:20.982512Z"
+updated_date: "2026-03-23T18:56:23.696710Z"
 severity: "low"
 exploit_status: "unknown"
 source_confidence: "ecosystem-authority"
@@ -21,6 +21,7 @@ authorization_prerequisite: "asset ownership proof or explicit written authoriza
 minimal_validation: "read-only probe, controlled payload, reversible test"
 aliases:
   - "CVE-2026-22545"
+  - "GO-2026-4786"
   - "GHSA-rv67-7w2g-7976"
 affected_versions:
   - "introduced=0, fixed<8.0.0-20260127144908-ced9a56e3988"
@@ -28,12 +29,17 @@ affected_versions:
   - "introduced=10.11.0-rc1, fixed<10.11.11"
   - "introduced=11.2.0-rc1, fixed<11.2.3"
   - "introduced=11.3.0-rc1, fixed<11.3.1"
+  - "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible"
+  - "introduced=0"
 fixed_versions:
   - "8.0.0-20260127144908-ced9a56e3988"
   - "5.3.2-0.20260127144908-ced9a56e3988"
   - "10.11.11"
   - "11.2.3"
   - "11.3.1"
+  - "10.11.11+incompatible"
+  - "11.2.3+incompatible"
+  - "11.3.1+incompatible"
 entity_refs:
   - "mattermost:system:root-system"
   - "mattermost--repo--github-com-mattermost-mattermost-server:repo:affected-component"
@@ -63,8 +69,8 @@ primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-22545"
 - 严重度: `low`
 - 来源置信度: `ecosystem-authority`
 - 官方主源: https://nvd.nist.gov/vuln/detail/CVE-2026-22545
-- 影响版本: `introduced=0, fixed<8.0.0-20260127144908-ced9a56e3988, introduced=0, fixed<5.3.2-0.20260127144908-ced9a56e3988, introduced=10.11.0-rc1, fixed<10.11.11, introduced=11.2.0-rc1, fixed<11.2.3, introduced=11.3.0-rc1, fixed<11.3.1`
+- 影响版本: `introduced=0, fixed<8.0.0-20260127144908-ced9a56e3988, introduced=0, fixed<5.3.2-0.20260127144908-ced9a56e3988, introduced=10.11.0-rc1, fixed<10.11.11, introduced=11.2.0-rc1, fixed<11.2.3, introduced=11.3.0-rc1, fixed<11.3.1, introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible, introduced=0`
-- 修复版本: `8.0.0-20260127144908-ced9a56e3988, 5.3.2-0.20260127144908-ced9a56e3988, 10.11.11, 11.2.3, 11.3.1`
+- 修复版本: `8.0.0-20260127144908-ced9a56e3988, 5.3.2-0.20260127144908-ced9a56e3988, 10.11.11, 11.2.3, 11.3.1, 10.11.11+incompatible, 11.2.3+incompatible, 11.3.1+incompatible`
 
 ## 对象与版本映射
 
@@ -73,21 +79,22 @@ primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-22545"
 - Entity Refs: `mattermost, mattermost--repo--github-com-mattermost-mattermost-server`
 - 版本置信度: `high`
 - 版本缺口: `-`
-- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-22545, https://github.com/mattermost/mattermost/commit/ced9a56e3988fe9fd4559d45f9971dbd562e2218, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
+- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-22545, https://github.com/advisories/GHSA-rv67-7w2g-7976, https://github.com/mattermost/mattermost/commit/ced9a56e3988fe9fd4559d45f9971dbd562e2218, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
 
 ## 受控验证流程
 
 - Workflow ID: `mattermost--CVE-2026-22545--workflow`
-- 漏洞家族: `xss`
+- 漏洞家族: `unknown`
-- 入口面: `web-ui-render-path`
+- 入口面: `repo-surface`
-- 需要角色: `editor-or-admin`
+- 需要角色: `unknown`
-- 触发向量: 对 `xss` 家族入口投递最小化、可审计、可回滚的受控输入，比较修复前后差异。
+- 触发向量: 对 `unknown` 家族入口投递最小化、可审计、可回滚的受控输入，比较修复前后差异。
-- 请求/页面入口: `/admin/editor, /preview, /rendered-content`
+- 请求/页面入口: `/repo`
-- 输入形态: 受控 HTML/Markdown/富文本输入，观察渲染上下文是否失去编码或净化。
+- 输入形态: 提交最小化、可审计、可回滚的受控输入。
-- 预期不安全行为: 输入在目标上下文执行或被浏览器解释为主动内容。
+- 预期不安全行为: 目标表现出超出设计边界的行为。
 
 ## 其他来源
 
+- https://github.com/advisories/GHSA-rv67-7w2g-7976
 - https://github.com/mattermost/mattermost/commit/ced9a56e3988fe9fd4559d45f9971dbd562e2218
 - https://github.com/mattermost/mattermost
 - https://mattermost.com/security-updates
@@ -119,7 +126,7 @@ primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-22545"
 - 确认目标版本从 `introduced=0, fixed<8.0.0-20260127144908-ced9a56e3988, introduced=0, fixed<5.3.2-0.20260127144908-ced9a56e3988, introduced=10.11.0-rc1, fixed<10.11.11` 升级或回移到 `8.0.0-20260127144908-ced9a56e3988`。
 - 保留同一组受控输入，在修复前后分别执行并比对响应、日志与浏览器证据。
 - 确认修复后仅保留预期业务行为，不再触发越权、回显、异常渲染或错误请求。
-- 补充 `xss` 族自动化回归，避免同类路径在插件、主题或代理链中回归。
+- 补充 `unknown` 族自动化回归，避免同类路径在插件、主题或代理链中回归。
 
 ### 实验安全备注
 

07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-24458.md

@@ -0,0 +1,178 @@
+---
+title: "Mattermost fails to properly handle very long passwords"
+system_id: "mattermost"
+category: "platforms"
+advisory_mode: "core"
+published_date: "2026-03-16T15:30:42Z"
+updated_date: "2026-03-23T18:56:03.732922Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "ecosystem-authority"
+verification_status: "triage-manual"
+verification_mode: "synthetic"
+artifact_mode: "synthetic"
+last_run_id: ""
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2026-24458"
+  - "GO-2026-4731"
+  - "GHSA-m5rv-56xx-hfc6"
+affected_versions:
+  - "introduced=0, fixed<8.0.0-20260129164748-7201f42d955f"
+  - "introduced=0, fixed<5.3.2-0.20260129164748-7201f42d955f"
+  - "introduced=10.11.0-rc1, fixed<10.11.11"
+  - "introduced=11.2.0-rc1, fixed<11.2.3"
+  - "introduced=11.3.0-rc1, fixed<11.3.1"
+  - "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible"
+  - "introduced=0"
+fixed_versions:
+  - "8.0.0-20260129164748-7201f42d955f"
+  - "5.3.2-0.20260129164748-7201f42d955f"
+  - "10.11.11"
+  - "11.2.3"
+  - "11.3.1"
+  - "10.11.11+incompatible"
+  - "11.2.3+incompatible"
+  - "11.3.1+incompatible"
+entity_refs:
+  - "mattermost:system:root-system"
+  - "mattermost--repo--github-com-mattermost-mattermost-server:repo:affected-component"
+secure_code_topics:
+  - "authz-server-side-recheck"
+  - "xss-output-encoding"
+  - "token-cookie-storage"
+  - "dependency-upgrade-policy"
+primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-24458"
+---
+
+# Mattermost fails to properly handle very long passwords
+
+## 本地实证状态
+
+- 实证状态: `triage-manual`
+- 实证方式: `synthetic`
+- Artifact 模式: `synthetic`
+- 最近运行: `-`
+- 浏览器证据: `missing`
+- Run Bundle: `-`
+
+## 事件层
+
+- Canonical ID: `mattermost--CVE-2026-24458`
+- 系统: `mattermost`
+- 严重度: `low`
+- 来源置信度: `ecosystem-authority`
+- 官方主源: https://nvd.nist.gov/vuln/detail/CVE-2026-24458
+- 影响版本: `introduced=0, fixed<8.0.0-20260129164748-7201f42d955f, introduced=0, fixed<5.3.2-0.20260129164748-7201f42d955f, introduced=10.11.0-rc1, fixed<10.11.11, introduced=11.2.0-rc1, fixed<11.2.3, introduced=11.3.0-rc1, fixed<11.3.1, introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible, introduced=0`
+- 修复版本: `8.0.0-20260129164748-7201f42d955f, 5.3.2-0.20260129164748-7201f42d955f, 10.11.11, 11.2.3, 11.3.1, 10.11.11+incompatible, 11.2.3+incompatible, 11.3.1+incompatible`
+
+## 对象与版本映射
+
+- Advisory Scope: `repo`
+- 影响对象: `mattermost / mattermost-server`
+- Entity Refs: `mattermost, mattermost--repo--github-com-mattermost-mattermost-server`
+- 版本置信度: `high`
+- 版本缺口: `-`
+- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-24458, https://github.com/advisories/GHSA-m5rv-56xx-hfc6, https://github.com/mattermost/mattermost/commit/7201f42d955f1bc44719b862132546626b60a180, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
+
+## 受控验证流程
+
+- Workflow ID: `mattermost--CVE-2026-24458--workflow`
+- 漏洞家族: `unknown`
+- 入口面: `repo-surface`
+- 需要角色: `unknown`
+- 触发向量: 对 `unknown` 家族入口投递最小化、可审计、可回滚的受控输入，比较修复前后差异。
+- 请求/页面入口: `/repo`
+- 输入形态: 提交最小化、可审计、可回滚的受控输入。
+- 预期不安全行为: 目标表现出超出设计边界的行为。
+
+## 其他来源
+
+- https://github.com/advisories/GHSA-m5rv-56xx-hfc6
+- https://github.com/mattermost/mattermost/commit/7201f42d955f1bc44719b862132546626b60a180
+- https://github.com/mattermost/mattermost
+- https://mattermost.com/security-updates
+
+## 证据点与补丁验证
+
+### 服务端证据点
+
+- 应用日志中的命中路径、鉴权决策和异常栈
+- 反向代理或边界层日志中的请求头、来源 IP 与路由决策
+
+### 浏览器证据点
+
+- 基线截图与攻击后截图的 DOM/视觉差异
+- console、network 与 response metadata 中的异常信号
+
+### 数据库/文件系统证据点
+
+- 数据库中新增/越权读取的测试数据
+- 文件系统中新增上传样本、缓存条目或越权读取痕迹
+
+### 检测信号
+
+- WAF / reverse proxy 异常日志、访问日志和告警
+- 应用审计日志中的权限错误、重定向异常、模板渲染或上传落盘事件
+
+### 补丁验证步骤
+
+- 确认目标版本从 `introduced=0, fixed<8.0.0-20260129164748-7201f42d955f, introduced=0, fixed<5.3.2-0.20260129164748-7201f42d955f, introduced=10.11.0-rc1, fixed<10.11.11` 升级或回移到 `8.0.0-20260129164748-7201f42d955f`。
+- 保留同一组受控输入，在修复前后分别执行并比对响应、日志与浏览器证据。
+- 确认修复后仅保留预期业务行为，不再触发越权、回显、异常渲染或错误请求。
+- 补充 `unknown` 族自动化回归，避免同类路径在插件、主题或代理链中回归。
+
+### 实验安全备注
+
+- 只使用回环地址、哨兵目标、无害样本或可回滚测试数据。
+- 禁止造成持久破坏、越权下载真实数据或不可回滚 side effect。
+- 如需浏览器证据，保留 baseline / proof 两份快照以及 console / network 记录。
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/javascript-typescript/authz-server-side-recheck.md)
+- [nodejs:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/nodejs/authz-server-side-recheck.md)
+- [java:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/java/authz-server-side-recheck.md)
+- [php:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/php/authz-server-side-recheck.md)
+- [python:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/python/authz-server-side-recheck.md)
+- [ruby:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/ruby/authz-server-side-recheck.md)
+- [csharp:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/csharp/authz-server-side-recheck.md)
+- [go:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/go/authz-server-side-recheck.md)
+- [javascript-typescript:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/javascript-typescript/xss-output-encoding.md)
+- [nodejs:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/nodejs/xss-output-encoding.md)
+- [java:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/java/xss-output-encoding.md)
+- [php:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/php/xss-output-encoding.md)
+- [python:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/python/xss-output-encoding.md)
+- [ruby:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/ruby/xss-output-encoding.md)
+- [csharp:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/csharp/xss-output-encoding.md)
+- [go:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/go/xss-output-encoding.md)
+- [javascript-typescript:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/javascript-typescript/token-cookie-storage.md)
+- [nodejs:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/nodejs/token-cookie-storage.md)
+- [java:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/java/token-cookie-storage.md)
+- [php:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/php/token-cookie-storage.md)
+- [python:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/python/token-cookie-storage.md)
+- [ruby:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/ruby/token-cookie-storage.md)
+- [csharp:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/csharp/token-cookie-storage.md)
+- [go:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/go/token-cookie-storage.md)
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)

07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-2455.md

@@ -0,0 +1,187 @@
+---
+title: "Mattermost fails to canonicalize IPv4-mapped IPv6 addresses before reserved IP validation"
+system_id: "mattermost"
+category: "platforms"
+advisory_mode: "core"
+published_date: "2026-03-16T15:30:47Z"
+updated_date: "2026-03-23T18:56:08.125706Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "ecosystem-authority"
+verification_status: "triage-manual"
+verification_mode: "synthetic"
+artifact_mode: "synthetic"
+last_run_id: ""
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2026-2455"
+  - "GO-2026-4746"
+  - "GHSA-gqv7-j2j8-qmwq"
+affected_versions:
+  - "introduced=0, fixed<8.0.0-20260129133647-5d787969c2d5"
+  - "introduced=0, fixed<5.3.2-0.20260129133647-5d787969c2d5"
+  - "introduced=10.11.0-rc1, fixed<10.11.11"
+  - "introduced=11.2.0-rc1, fixed<11.2.3"
+  - "introduced=11.3.0-rc1, fixed<11.3.1"
+  - "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible"
+  - "introduced=0"
+fixed_versions:
+  - "8.0.0-20260129133647-5d787969c2d5"
+  - "5.3.2-0.20260129133647-5d787969c2d5"
+  - "10.11.11"
+  - "11.2.3"
+  - "11.3.1"
+  - "10.11.11+incompatible"
+  - "11.2.3+incompatible"
+  - "11.3.1+incompatible"
+entity_refs:
+  - "mattermost:system:root-system"
+  - "mattermost--repo--github-com-mattermost-mattermost-server:repo:affected-component"
+secure_code_topics:
+  - "authz-server-side-recheck"
+  - "xss-output-encoding"
+  - "token-cookie-storage"
+  - "ssrf-url-validation"
+  - "dependency-upgrade-policy"
+primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-2455"
+---
+
+# Mattermost fails to canonicalize IPv4-mapped IPv6 addresses before reserved IP validation
+
+## 本地实证状态
+
+- 实证状态: `triage-manual`
+- 实证方式: `synthetic`
+- Artifact 模式: `synthetic`
+- 最近运行: `-`
+- 浏览器证据: `missing`
+- Run Bundle: `-`
+
+## 事件层
+
+- Canonical ID: `mattermost--CVE-2026-2455`
+- 系统: `mattermost`
+- 严重度: `low`
+- 来源置信度: `ecosystem-authority`
+- 官方主源: https://nvd.nist.gov/vuln/detail/CVE-2026-2455
+- 影响版本: `introduced=0, fixed<8.0.0-20260129133647-5d787969c2d5, introduced=0, fixed<5.3.2-0.20260129133647-5d787969c2d5, introduced=10.11.0-rc1, fixed<10.11.11, introduced=11.2.0-rc1, fixed<11.2.3, introduced=11.3.0-rc1, fixed<11.3.1, introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible, introduced=0`
+- 修复版本: `8.0.0-20260129133647-5d787969c2d5, 5.3.2-0.20260129133647-5d787969c2d5, 10.11.11, 11.2.3, 11.3.1, 10.11.11+incompatible, 11.2.3+incompatible, 11.3.1+incompatible`
+
+## 对象与版本映射
+
+- Advisory Scope: `repo`
+- 影响对象: `mattermost / mattermost-server`
+- Entity Refs: `mattermost, mattermost--repo--github-com-mattermost-mattermost-server`
+- 版本置信度: `high`
+- 版本缺口: `-`
+- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-2455, https://github.com/advisories/GHSA-gqv7-j2j8-qmwq, https://github.com/mattermost/mattermost/commit/5d787969c2d5ab591a9dcd61b0810475eed7a646, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
+
+## 受控验证流程
+
+- Workflow ID: `mattermost--CVE-2026-2455--workflow`
+- 漏洞家族: `ssrf`
+- 入口面: `remote-fetch-or-webhook-endpoint`
+- 需要角色: `editor-or-admin`
+- 触发向量: 对 `ssrf` 家族入口投递最小化、可审计、可回滚的受控输入，比较修复前后差异。
+- 请求/页面入口: `/webhook/test, /remote-fetch, /import-url`
+- 输入形态: 提交受控回环或哨兵 URL，验证协议、主机、IP 与重定向限制。
+- 预期不安全行为: 服务端向受控目标发起非预期请求。
+
+## 其他来源
+
+- https://github.com/advisories/GHSA-gqv7-j2j8-qmwq
+- https://github.com/mattermost/mattermost/commit/5d787969c2d5ab591a9dcd61b0810475eed7a646
+- https://github.com/mattermost/mattermost
+- https://mattermost.com/security-updates
+
+## 证据点与补丁验证
+
+### 服务端证据点
+
+- 应用日志中的命中路径、鉴权决策和异常栈
+- 反向代理或边界层日志中的请求头、来源 IP 与路由决策
+
+### 浏览器证据点
+
+- 基线截图与攻击后截图的 DOM/视觉差异
+- console、network 与 response metadata 中的异常信号
+
+### 数据库/文件系统证据点
+
+- 数据库中新增/越权读取的测试数据
+- 文件系统中新增上传样本、缓存条目或越权读取痕迹
+
+### 检测信号
+
+- WAF / reverse proxy 异常日志、访问日志和告警
+- 应用审计日志中的权限错误、重定向异常、模板渲染或上传落盘事件
+
+### 补丁验证步骤
+
+- 确认目标版本从 `introduced=0, fixed<8.0.0-20260129133647-5d787969c2d5, introduced=0, fixed<5.3.2-0.20260129133647-5d787969c2d5, introduced=10.11.0-rc1, fixed<10.11.11` 升级或回移到 `8.0.0-20260129133647-5d787969c2d5`。
+- 保留同一组受控输入，在修复前后分别执行并比对响应、日志与浏览器证据。
+- 确认修复后仅保留预期业务行为，不再触发越权、回显、异常渲染或错误请求。
+- 补充 `ssrf` 族自动化回归，避免同类路径在插件、主题或代理链中回归。
+
+### 实验安全备注
+
+- 只使用回环地址、哨兵目标、无害样本或可回滚测试数据。
+- 禁止造成持久破坏、越权下载真实数据或不可回滚 side effect。
+- 如需浏览器证据，保留 baseline / proof 两份快照以及 console / network 记录。
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/javascript-typescript/authz-server-side-recheck.md)
+- [nodejs:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/nodejs/authz-server-side-recheck.md)
+- [java:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/java/authz-server-side-recheck.md)
+- [php:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/php/authz-server-side-recheck.md)
+- [python:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/python/authz-server-side-recheck.md)
+- [ruby:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/ruby/authz-server-side-recheck.md)
+- [csharp:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/csharp/authz-server-side-recheck.md)
+- [go:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/go/authz-server-side-recheck.md)
+- [javascript-typescript:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/javascript-typescript/xss-output-encoding.md)
+- [nodejs:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/nodejs/xss-output-encoding.md)
+- [java:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/java/xss-output-encoding.md)
+- [php:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/php/xss-output-encoding.md)
+- [python:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/python/xss-output-encoding.md)
+- [ruby:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/ruby/xss-output-encoding.md)
+- [csharp:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/csharp/xss-output-encoding.md)
+- [go:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/go/xss-output-encoding.md)
+- [javascript-typescript:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/javascript-typescript/token-cookie-storage.md)
+- [nodejs:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/nodejs/token-cookie-storage.md)
+- [java:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/java/token-cookie-storage.md)
+- [php:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/php/token-cookie-storage.md)
+- [python:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/python/token-cookie-storage.md)
+- [ruby:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/ruby/token-cookie-storage.md)
+- [csharp:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/csharp/token-cookie-storage.md)
+- [go:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/go/token-cookie-storage.md)
+- [javascript-typescript:ssrf-url-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/ssrf-url-validation.md)
+- [nodejs:ssrf-url-validation](/Users/x/websafe/05-defense/secure-code/nodejs/ssrf-url-validation.md)
+- [java:ssrf-url-validation](/Users/x/websafe/05-defense/secure-code/java/ssrf-url-validation.md)
+- [php:ssrf-url-validation](/Users/x/websafe/05-defense/secure-code/php/ssrf-url-validation.md)
+- [python:ssrf-url-validation](/Users/x/websafe/05-defense/secure-code/python/ssrf-url-validation.md)
+- [ruby:ssrf-url-validation](/Users/x/websafe/05-defense/secure-code/ruby/ssrf-url-validation.md)
+- [csharp:ssrf-url-validation](/Users/x/websafe/05-defense/secure-code/csharp/ssrf-url-validation.md)
+- [go:ssrf-url-validation](/Users/x/websafe/05-defense/secure-code/go/ssrf-url-validation.md)
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)

07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-2457.md

@@ -0,0 +1,178 @@
+---
+title: "Mattermost allows attackers to spoof permalink embeds"
+system_id: "mattermost"
+category: "platforms"
+advisory_mode: "core"
+published_date: "2026-03-16T15:30:42Z"
+updated_date: "2026-03-23T18:56:18.286997Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "ecosystem-authority"
+verification_status: "triage-manual"
+verification_mode: "synthetic"
+artifact_mode: "synthetic"
+last_run_id: ""
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2026-2457"
+  - "GO-2026-4732"
+  - "GHSA-ph22-fw5m-w2q9"
+affected_versions:
+  - "introduced=0, fixed<8.0.0-20260123211116-9efe617be8b8"
+  - "introduced=0, fixed<5.3.2-0.20260123211116-9efe617be8b8"
+  - "introduced=10.11.0-rc1, fixed<10.11.11"
+  - "introduced=11.2.0-rc1, fixed<11.2.3"
+  - "introduced=11.3.0-rc1, fixed<11.3.1"
+  - "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible"
+  - "introduced=0"
+fixed_versions:
+  - "8.0.0-20260123211116-9efe617be8b8"
+  - "5.3.2-0.20260123211116-9efe617be8b8"
+  - "10.11.11"
+  - "11.2.3"
+  - "11.3.1"
+  - "10.11.11+incompatible"
+  - "11.2.3+incompatible"
+  - "11.3.1+incompatible"
+entity_refs:
+  - "mattermost:system:root-system"
+  - "mattermost--repo--github-com-mattermost-mattermost-server:repo:affected-component"
+secure_code_topics:
+  - "authz-server-side-recheck"
+  - "xss-output-encoding"
+  - "token-cookie-storage"
+  - "dependency-upgrade-policy"
+primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-2457"
+---
+
+# Mattermost allows attackers to spoof permalink embeds
+
+## 本地实证状态
+
+- 实证状态: `triage-manual`
+- 实证方式: `synthetic`
+- Artifact 模式: `synthetic`
+- 最近运行: `-`
+- 浏览器证据: `missing`
+- Run Bundle: `-`
+
+## 事件层
+
+- Canonical ID: `mattermost--CVE-2026-2457`
+- 系统: `mattermost`
+- 严重度: `low`
+- 来源置信度: `ecosystem-authority`
+- 官方主源: https://nvd.nist.gov/vuln/detail/CVE-2026-2457
+- 影响版本: `introduced=0, fixed<8.0.0-20260123211116-9efe617be8b8, introduced=0, fixed<5.3.2-0.20260123211116-9efe617be8b8, introduced=10.11.0-rc1, fixed<10.11.11, introduced=11.2.0-rc1, fixed<11.2.3, introduced=11.3.0-rc1, fixed<11.3.1, introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible, introduced=0`
+- 修复版本: `8.0.0-20260123211116-9efe617be8b8, 5.3.2-0.20260123211116-9efe617be8b8, 10.11.11, 11.2.3, 11.3.1, 10.11.11+incompatible, 11.2.3+incompatible, 11.3.1+incompatible`
+
+## 对象与版本映射
+
+- Advisory Scope: `repo`
+- 影响对象: `mattermost / mattermost-server`
+- Entity Refs: `mattermost, mattermost--repo--github-com-mattermost-mattermost-server`
+- 版本置信度: `high`
+- 版本缺口: `-`
+- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-2457, https://github.com/advisories/GHSA-ph22-fw5m-w2q9, https://github.com/mattermost/mattermost/commit/9efe617be8b8f1d036e12721e8e73b69a543ed34, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
+
+## 受控验证流程
+
+- Workflow ID: `mattermost--CVE-2026-2457--workflow`
+- 漏洞家族: `unknown`
+- 入口面: `repo-surface`
+- 需要角色: `unknown`
+- 触发向量: 对 `unknown` 家族入口投递最小化、可审计、可回滚的受控输入，比较修复前后差异。
+- 请求/页面入口: `/repo`
+- 输入形态: 提交最小化、可审计、可回滚的受控输入。
+- 预期不安全行为: 目标表现出超出设计边界的行为。
+
+## 其他来源
+
+- https://github.com/advisories/GHSA-ph22-fw5m-w2q9
+- https://github.com/mattermost/mattermost/commit/9efe617be8b8f1d036e12721e8e73b69a543ed34
+- https://github.com/mattermost/mattermost
+- https://mattermost.com/security-updates
+
+## 证据点与补丁验证
+
+### 服务端证据点
+
+- 应用日志中的命中路径、鉴权决策和异常栈
+- 反向代理或边界层日志中的请求头、来源 IP 与路由决策
+
+### 浏览器证据点
+
+- 基线截图与攻击后截图的 DOM/视觉差异
+- console、network 与 response metadata 中的异常信号
+
+### 数据库/文件系统证据点
+
+- 数据库中新增/越权读取的测试数据
+- 文件系统中新增上传样本、缓存条目或越权读取痕迹
+
+### 检测信号
+
+- WAF / reverse proxy 异常日志、访问日志和告警
+- 应用审计日志中的权限错误、重定向异常、模板渲染或上传落盘事件
+
+### 补丁验证步骤
+
+- 确认目标版本从 `introduced=0, fixed<8.0.0-20260123211116-9efe617be8b8, introduced=0, fixed<5.3.2-0.20260123211116-9efe617be8b8, introduced=10.11.0-rc1, fixed<10.11.11` 升级或回移到 `8.0.0-20260123211116-9efe617be8b8`。
+- 保留同一组受控输入，在修复前后分别执行并比对响应、日志与浏览器证据。
+- 确认修复后仅保留预期业务行为，不再触发越权、回显、异常渲染或错误请求。
+- 补充 `unknown` 族自动化回归，避免同类路径在插件、主题或代理链中回归。
+
+### 实验安全备注
+
+- 只使用回环地址、哨兵目标、无害样本或可回滚测试数据。
+- 禁止造成持久破坏、越权下载真实数据或不可回滚 side effect。
+- 如需浏览器证据，保留 baseline / proof 两份快照以及 console / network 记录。
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/javascript-typescript/authz-server-side-recheck.md)
+- [nodejs:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/nodejs/authz-server-side-recheck.md)
+- [java:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/java/authz-server-side-recheck.md)
+- [php:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/php/authz-server-side-recheck.md)
+- [python:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/python/authz-server-side-recheck.md)
+- [ruby:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/ruby/authz-server-side-recheck.md)
+- [csharp:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/csharp/authz-server-side-recheck.md)
+- [go:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/go/authz-server-side-recheck.md)
+- [javascript-typescript:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/javascript-typescript/xss-output-encoding.md)
+- [nodejs:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/nodejs/xss-output-encoding.md)
+- [java:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/java/xss-output-encoding.md)
+- [php:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/php/xss-output-encoding.md)
+- [python:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/python/xss-output-encoding.md)
+- [ruby:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/ruby/xss-output-encoding.md)
+- [csharp:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/csharp/xss-output-encoding.md)
+- [go:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/go/xss-output-encoding.md)
+- [javascript-typescript:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/javascript-typescript/token-cookie-storage.md)
+- [nodejs:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/nodejs/token-cookie-storage.md)
+- [java:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/java/token-cookie-storage.md)
+- [php:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/php/token-cookie-storage.md)
+- [python:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/python/token-cookie-storage.md)
+- [ruby:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/ruby/token-cookie-storage.md)
+- [csharp:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/csharp/token-cookie-storage.md)
+- [go:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/go/token-cookie-storage.md)
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)

07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-2458.md

@@ -0,0 +1,178 @@
+---
+title: "Mattermost allows a removed team member to enumerate all public channels within a private team"
+system_id: "mattermost"
+category: "platforms"
+advisory_mode: "core"
+published_date: "2026-03-16T15:30:43Z"
+updated_date: "2026-03-23T18:56:02.455815Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "ecosystem-authority"
+verification_status: "triage-manual"
+verification_mode: "synthetic"
+artifact_mode: "synthetic"
+last_run_id: ""
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2026-2458"
+  - "GO-2026-4729"
+  - "GHSA-679f-wmrg-qf57"
+affected_versions:
+  - "introduced=0, fixed<8.0.0-20260113182106-a18b80ba4c32"
+  - "introduced=0, fixed<5.3.2-0.20260113182106-a18b80ba4c32"
+  - "introduced=10.11.0-rc1, fixed<10.11.11"
+  - "introduced=11.2.0-rc1, fixed<11.2.3"
+  - "introduced=11.3.0-rc1, fixed<11.3.1"
+  - "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible"
+  - "introduced=0"
+fixed_versions:
+  - "8.0.0-20260113182106-a18b80ba4c32"
+  - "5.3.2-0.20260113182106-a18b80ba4c32"
+  - "10.11.11"
+  - "11.2.3"
+  - "11.3.1"
+  - "10.11.11+incompatible"
+  - "11.2.3+incompatible"
+  - "11.3.1+incompatible"
+entity_refs:
+  - "mattermost:system:root-system"
+  - "mattermost--repo--github-com-mattermost-mattermost-server:repo:affected-component"
+secure_code_topics:
+  - "authz-server-side-recheck"
+  - "xss-output-encoding"
+  - "token-cookie-storage"
+  - "dependency-upgrade-policy"
+primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-2458"
+---
+
+# Mattermost allows a removed team member to enumerate all public channels within a private team
+
+## 本地实证状态
+
+- 实证状态: `triage-manual`
+- 实证方式: `synthetic`
+- Artifact 模式: `synthetic`
+- 最近运行: `-`
+- 浏览器证据: `missing`
+- Run Bundle: `-`
+
+## 事件层
+
+- Canonical ID: `mattermost--CVE-2026-2458`
+- 系统: `mattermost`
+- 严重度: `low`
+- 来源置信度: `ecosystem-authority`
+- 官方主源: https://nvd.nist.gov/vuln/detail/CVE-2026-2458
+- 影响版本: `introduced=0, fixed<8.0.0-20260113182106-a18b80ba4c32, introduced=0, fixed<5.3.2-0.20260113182106-a18b80ba4c32, introduced=10.11.0-rc1, fixed<10.11.11, introduced=11.2.0-rc1, fixed<11.2.3, introduced=11.3.0-rc1, fixed<11.3.1, introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible, introduced=0`
+- 修复版本: `8.0.0-20260113182106-a18b80ba4c32, 5.3.2-0.20260113182106-a18b80ba4c32, 10.11.11, 11.2.3, 11.3.1, 10.11.11+incompatible, 11.2.3+incompatible, 11.3.1+incompatible`
+
+## 对象与版本映射
+
+- Advisory Scope: `repo`
+- 影响对象: `mattermost / mattermost-server`
+- Entity Refs: `mattermost, mattermost--repo--github-com-mattermost-mattermost-server`
+- 版本置信度: `high`
+- 版本缺口: `-`
+- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-2458, https://github.com/advisories/GHSA-679f-wmrg-qf57, https://github.com/mattermost/mattermost/commit/a18b80ba4c324b74b3d47951c33957305af4a099, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
+
+## 受控验证流程
+
+- Workflow ID: `mattermost--CVE-2026-2458--workflow`
+- 漏洞家族: `unknown`
+- 入口面: `repo-surface`
+- 需要角色: `unknown`
+- 触发向量: 对 `unknown` 家族入口投递最小化、可审计、可回滚的受控输入，比较修复前后差异。
+- 请求/页面入口: `/repo`
+- 输入形态: 提交最小化、可审计、可回滚的受控输入。
+- 预期不安全行为: 目标表现出超出设计边界的行为。
+
+## 其他来源
+
+- https://github.com/advisories/GHSA-679f-wmrg-qf57
+- https://github.com/mattermost/mattermost/commit/a18b80ba4c324b74b3d47951c33957305af4a099
+- https://github.com/mattermost/mattermost
+- https://mattermost.com/security-updates
+
+## 证据点与补丁验证
+
+### 服务端证据点
+
+- 应用日志中的命中路径、鉴权决策和异常栈
+- 反向代理或边界层日志中的请求头、来源 IP 与路由决策
+
+### 浏览器证据点
+
+- 基线截图与攻击后截图的 DOM/视觉差异
+- console、network 与 response metadata 中的异常信号
+
+### 数据库/文件系统证据点
+
+- 数据库中新增/越权读取的测试数据
+- 文件系统中新增上传样本、缓存条目或越权读取痕迹
+
+### 检测信号
+
+- WAF / reverse proxy 异常日志、访问日志和告警
+- 应用审计日志中的权限错误、重定向异常、模板渲染或上传落盘事件
+
+### 补丁验证步骤
+
+- 确认目标版本从 `introduced=0, fixed<8.0.0-20260113182106-a18b80ba4c32, introduced=0, fixed<5.3.2-0.20260113182106-a18b80ba4c32, introduced=10.11.0-rc1, fixed<10.11.11` 升级或回移到 `8.0.0-20260113182106-a18b80ba4c32`。
+- 保留同一组受控输入，在修复前后分别执行并比对响应、日志与浏览器证据。
+- 确认修复后仅保留预期业务行为，不再触发越权、回显、异常渲染或错误请求。
+- 补充 `unknown` 族自动化回归，避免同类路径在插件、主题或代理链中回归。
+
+### 实验安全备注
+
+- 只使用回环地址、哨兵目标、无害样本或可回滚测试数据。
+- 禁止造成持久破坏、越权下载真实数据或不可回滚 side effect。
+- 如需浏览器证据，保留 baseline / proof 两份快照以及 console / network 记录。
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/javascript-typescript/authz-server-side-recheck.md)
+- [nodejs:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/nodejs/authz-server-side-recheck.md)
+- [java:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/java/authz-server-side-recheck.md)
+- [php:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/php/authz-server-side-recheck.md)
+- [python:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/python/authz-server-side-recheck.md)
+- [ruby:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/ruby/authz-server-side-recheck.md)
+- [csharp:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/csharp/authz-server-side-recheck.md)
+- [go:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/go/authz-server-side-recheck.md)
+- [javascript-typescript:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/javascript-typescript/xss-output-encoding.md)
+- [nodejs:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/nodejs/xss-output-encoding.md)
+- [java:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/java/xss-output-encoding.md)
+- [php:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/php/xss-output-encoding.md)
+- [python:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/python/xss-output-encoding.md)
+- [ruby:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/ruby/xss-output-encoding.md)
+- [csharp:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/csharp/xss-output-encoding.md)
+- [go:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/go/xss-output-encoding.md)
+- [javascript-typescript:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/javascript-typescript/token-cookie-storage.md)
+- [nodejs:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/nodejs/token-cookie-storage.md)
+- [java:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/java/token-cookie-storage.md)
+- [php:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/php/token-cookie-storage.md)
+- [python:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/python/token-cookie-storage.md)
+- [ruby:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/ruby/token-cookie-storage.md)
+- [csharp:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/csharp/token-cookie-storage.md)
+- [go:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/go/token-cookie-storage.md)
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)

07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-2463.md

@@ -0,0 +1,178 @@
+---
+title: "Mattermost fails to filter invite IDs based on user permissions"
+system_id: "mattermost"
+category: "platforms"
+advisory_mode: "core"
+published_date: "2026-03-16T15:30:43Z"
+updated_date: "2026-03-23T18:56:08.610141Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "ecosystem-authority"
+verification_status: "triage-manual"
+verification_mode: "synthetic"
+artifact_mode: "synthetic"
+last_run_id: ""
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2026-2463"
+  - "GO-2026-4735"
+  - "GHSA-fx49-m253-27jj"
+affected_versions:
+  - "introduced=0, fixed<8.0.0-20260105134819-cc427af41b2a"
+  - "introduced=0, fixed<5.3.2-0.20260105134819-cc427af41b2a"
+  - "introduced=10.11.0-rc1, fixed<10.11.11"
+  - "introduced=11.2.0-rc1, fixed<11.2.3"
+  - "introduced=11.3.0-rc1, fixed<11.3.1"
+  - "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible"
+  - "introduced=0"
+fixed_versions:
+  - "8.0.0-20260105134819-cc427af41b2a"
+  - "5.3.2-0.20260105134819-cc427af41b2a"
+  - "10.11.11"
+  - "11.2.3"
+  - "11.3.1"
+  - "10.11.11+incompatible"
+  - "11.2.3+incompatible"
+  - "11.3.1+incompatible"
+entity_refs:
+  - "mattermost:system:root-system"
+  - "mattermost--repo--github-com-mattermost-mattermost-server:repo:affected-component"
+secure_code_topics:
+  - "authz-server-side-recheck"
+  - "xss-output-encoding"
+  - "token-cookie-storage"
+  - "dependency-upgrade-policy"
+primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-2463"
+---
+
+# Mattermost fails to filter invite IDs based on user permissions
+
+## 本地实证状态
+
+- 实证状态: `triage-manual`
+- 实证方式: `synthetic`
+- Artifact 模式: `synthetic`
+- 最近运行: `-`
+- 浏览器证据: `missing`
+- Run Bundle: `-`
+
+## 事件层
+
+- Canonical ID: `mattermost--CVE-2026-2463`
+- 系统: `mattermost`
+- 严重度: `low`
+- 来源置信度: `ecosystem-authority`
+- 官方主源: https://nvd.nist.gov/vuln/detail/CVE-2026-2463
+- 影响版本: `introduced=0, fixed<8.0.0-20260105134819-cc427af41b2a, introduced=0, fixed<5.3.2-0.20260105134819-cc427af41b2a, introduced=10.11.0-rc1, fixed<10.11.11, introduced=11.2.0-rc1, fixed<11.2.3, introduced=11.3.0-rc1, fixed<11.3.1, introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible, introduced=0`
+- 修复版本: `8.0.0-20260105134819-cc427af41b2a, 5.3.2-0.20260105134819-cc427af41b2a, 10.11.11, 11.2.3, 11.3.1, 10.11.11+incompatible, 11.2.3+incompatible, 11.3.1+incompatible`
+
+## 对象与版本映射
+
+- Advisory Scope: `repo`
+- 影响对象: `mattermost / mattermost-server`
+- Entity Refs: `mattermost, mattermost--repo--github-com-mattermost-mattermost-server`
+- 版本置信度: `high`
+- 版本缺口: `-`
+- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-2463, https://github.com/advisories/GHSA-fx49-m253-27jj, https://github.com/mattermost/mattermost/commit/cc427af41b2a8d3a552d8dc42978831dcfecc1d8, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
+
+## 受控验证流程
+
+- Workflow ID: `mattermost--CVE-2026-2463--workflow`
+- 漏洞家族: `authz-bypass`
+- 入口面: `privileged-route-or-object-reference`
+- 需要角色: `cross-tenant-or-low-privileged-user`
+- 触发向量: 对 `authz-bypass` 家族入口投递最小化、可审计、可回滚的受控输入，比较修复前后差异。
+- 请求/页面入口: `/admin/*, /api/private/*, /tenant/*`
+- 输入形态: 使用低权限身份访问高权限对象或跨租户资源。
+- 预期不安全行为: 低权限身份可访问本不应可见的数据或操作。
+
+## 其他来源
+
+- https://github.com/advisories/GHSA-fx49-m253-27jj
+- https://github.com/mattermost/mattermost/commit/cc427af41b2a8d3a552d8dc42978831dcfecc1d8
+- https://github.com/mattermost/mattermost
+- https://mattermost.com/security-updates
+
+## 证据点与补丁验证
+
+### 服务端证据点
+
+- 应用日志中的命中路径、鉴权决策和异常栈
+- 反向代理或边界层日志中的请求头、来源 IP 与路由决策
+
+### 浏览器证据点
+
+- 基线截图与攻击后截图的 DOM/视觉差异
+- console、network 与 response metadata 中的异常信号
+
+### 数据库/文件系统证据点
+
+- 数据库中新增/越权读取的测试数据
+- 文件系统中新增上传样本、缓存条目或越权读取痕迹
+
+### 检测信号
+
+- WAF / reverse proxy 异常日志、访问日志和告警
+- 应用审计日志中的权限错误、重定向异常、模板渲染或上传落盘事件
+
+### 补丁验证步骤
+
+- 确认目标版本从 `introduced=0, fixed<8.0.0-20260105134819-cc427af41b2a, introduced=0, fixed<5.3.2-0.20260105134819-cc427af41b2a, introduced=10.11.0-rc1, fixed<10.11.11` 升级或回移到 `8.0.0-20260105134819-cc427af41b2a`。
+- 保留同一组受控输入，在修复前后分别执行并比对响应、日志与浏览器证据。
+- 确认修复后仅保留预期业务行为，不再触发越权、回显、异常渲染或错误请求。
+- 补充 `authz-bypass` 族自动化回归，避免同类路径在插件、主题或代理链中回归。
+
+### 实验安全备注
+
+- 只使用回环地址、哨兵目标、无害样本或可回滚测试数据。
+- 禁止造成持久破坏、越权下载真实数据或不可回滚 side effect。
+- 如需浏览器证据，保留 baseline / proof 两份快照以及 console / network 记录。
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/javascript-typescript/authz-server-side-recheck.md)
+- [nodejs:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/nodejs/authz-server-side-recheck.md)
+- [java:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/java/authz-server-side-recheck.md)
+- [php:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/php/authz-server-side-recheck.md)
+- [python:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/python/authz-server-side-recheck.md)
+- [ruby:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/ruby/authz-server-side-recheck.md)
+- [csharp:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/csharp/authz-server-side-recheck.md)
+- [go:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/go/authz-server-side-recheck.md)
+- [javascript-typescript:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/javascript-typescript/xss-output-encoding.md)
+- [nodejs:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/nodejs/xss-output-encoding.md)
+- [java:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/java/xss-output-encoding.md)
+- [php:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/php/xss-output-encoding.md)
+- [python:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/python/xss-output-encoding.md)
+- [ruby:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/ruby/xss-output-encoding.md)
+- [csharp:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/csharp/xss-output-encoding.md)
+- [go:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/go/xss-output-encoding.md)
+- [javascript-typescript:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/javascript-typescript/token-cookie-storage.md)
+- [nodejs:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/nodejs/token-cookie-storage.md)
+- [java:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/java/token-cookie-storage.md)
+- [php:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/php/token-cookie-storage.md)
+- [python:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/python/token-cookie-storage.md)
+- [ruby:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/ruby/token-cookie-storage.md)
+- [csharp:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/csharp/token-cookie-storage.md)
+- [go:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/go/token-cookie-storage.md)
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)

07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-24692.md

@@ -0,0 +1,178 @@
+---
+title: "Mattermost fails to properly enforce read permissions in search API endpoints"
+system_id: "mattermost"
+category: "platforms"
+advisory_mode: "core"
+published_date: "2026-03-16T15:30:47Z"
+updated_date: "2026-03-23T18:55:57.125165Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "ecosystem-authority"
+verification_status: "triage-manual"
+verification_mode: "synthetic"
+artifact_mode: "synthetic"
+last_run_id: ""
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2026-24692"
+  - "GO-2026-4745"
+  - "GHSA-cwfj-642j-gfh4"
+affected_versions:
+  - "introduced=0, fixed<8.0.0-20260107142155-0481bd1fb045"
+  - "introduced=0, fixed<5.3.2-0.20260107142155-0481bd1fb045"
+  - "introduced=10.11.0-rc1, fixed<10.11.11"
+  - "introduced=11.2.0-rc1, fixed<11.2.3"
+  - "introduced=11.3.0-rc1, fixed<11.3.1"
+  - "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible"
+  - "introduced=0"
+fixed_versions:
+  - "8.0.0-20260107142155-0481bd1fb045"
+  - "5.3.2-0.20260107142155-0481bd1fb045"
+  - "10.11.11"
+  - "11.2.3"
+  - "11.3.1"
+  - "10.11.11+incompatible"
+  - "11.2.3+incompatible"
+  - "11.3.1+incompatible"
+entity_refs:
+  - "mattermost:system:root-system"
+  - "mattermost--repo--github-com-mattermost-mattermost-server:repo:affected-component"
+secure_code_topics:
+  - "authz-server-side-recheck"
+  - "xss-output-encoding"
+  - "token-cookie-storage"
+  - "dependency-upgrade-policy"
+primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-24692"
+---
+
+# Mattermost fails to properly enforce read permissions in search API endpoints
+
+## 本地实证状态
+
+- 实证状态: `triage-manual`
+- 实证方式: `synthetic`
+- Artifact 模式: `synthetic`
+- 最近运行: `-`
+- 浏览器证据: `missing`
+- Run Bundle: `-`
+
+## 事件层
+
+- Canonical ID: `mattermost--CVE-2026-24692`
+- 系统: `mattermost`
+- 严重度: `low`
+- 来源置信度: `ecosystem-authority`
+- 官方主源: https://nvd.nist.gov/vuln/detail/CVE-2026-24692
+- 影响版本: `introduced=0, fixed<8.0.0-20260107142155-0481bd1fb045, introduced=0, fixed<5.3.2-0.20260107142155-0481bd1fb045, introduced=10.11.0-rc1, fixed<10.11.11, introduced=11.2.0-rc1, fixed<11.2.3, introduced=11.3.0-rc1, fixed<11.3.1, introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible, introduced=0`
+- 修复版本: `8.0.0-20260107142155-0481bd1fb045, 5.3.2-0.20260107142155-0481bd1fb045, 10.11.11, 11.2.3, 11.3.1, 10.11.11+incompatible, 11.2.3+incompatible, 11.3.1+incompatible`
+
+## 对象与版本映射
+
+- Advisory Scope: `repo`
+- 影响对象: `mattermost / mattermost-server`
+- Entity Refs: `mattermost, mattermost--repo--github-com-mattermost-mattermost-server`
+- 版本置信度: `high`
+- 版本缺口: `-`
+- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-24692, https://github.com/advisories/GHSA-cwfj-642j-gfh4, https://github.com/mattermost/mattermost/commit/0481bd1fb04584db97eca45fd58ebd06c8200df4, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
+
+## 受控验证流程
+
+- Workflow ID: `mattermost--CVE-2026-24692--workflow`
+- 漏洞家族: `unknown`
+- 入口面: `repo-surface`
+- 需要角色: `unknown`
+- 触发向量: 对 `unknown` 家族入口投递最小化、可审计、可回滚的受控输入，比较修复前后差异。
+- 请求/页面入口: `/repo`
+- 输入形态: 提交最小化、可审计、可回滚的受控输入。
+- 预期不安全行为: 目标表现出超出设计边界的行为。
+
+## 其他来源
+
+- https://github.com/advisories/GHSA-cwfj-642j-gfh4
+- https://github.com/mattermost/mattermost/commit/0481bd1fb04584db97eca45fd58ebd06c8200df4
+- https://github.com/mattermost/mattermost
+- https://mattermost.com/security-updates
+
+## 证据点与补丁验证
+
+### 服务端证据点
+
+- 应用日志中的命中路径、鉴权决策和异常栈
+- 反向代理或边界层日志中的请求头、来源 IP 与路由决策
+
+### 浏览器证据点
+
+- 基线截图与攻击后截图的 DOM/视觉差异
+- console、network 与 response metadata 中的异常信号
+
+### 数据库/文件系统证据点
+
+- 数据库中新增/越权读取的测试数据
+- 文件系统中新增上传样本、缓存条目或越权读取痕迹
+
+### 检测信号
+
+- WAF / reverse proxy 异常日志、访问日志和告警
+- 应用审计日志中的权限错误、重定向异常、模板渲染或上传落盘事件
+
+### 补丁验证步骤
+
+- 确认目标版本从 `introduced=0, fixed<8.0.0-20260107142155-0481bd1fb045, introduced=0, fixed<5.3.2-0.20260107142155-0481bd1fb045, introduced=10.11.0-rc1, fixed<10.11.11` 升级或回移到 `8.0.0-20260107142155-0481bd1fb045`。
+- 保留同一组受控输入，在修复前后分别执行并比对响应、日志与浏览器证据。
+- 确认修复后仅保留预期业务行为，不再触发越权、回显、异常渲染或错误请求。
+- 补充 `unknown` 族自动化回归，避免同类路径在插件、主题或代理链中回归。
+
+### 实验安全备注
+
+- 只使用回环地址、哨兵目标、无害样本或可回滚测试数据。
+- 禁止造成持久破坏、越权下载真实数据或不可回滚 side effect。
+- 如需浏览器证据，保留 baseline / proof 两份快照以及 console / network 记录。
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/javascript-typescript/authz-server-side-recheck.md)
+- [nodejs:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/nodejs/authz-server-side-recheck.md)
+- [java:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/java/authz-server-side-recheck.md)
+- [php:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/php/authz-server-side-recheck.md)
+- [python:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/python/authz-server-side-recheck.md)
+- [ruby:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/ruby/authz-server-side-recheck.md)
+- [csharp:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/csharp/authz-server-side-recheck.md)
+- [go:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/go/authz-server-side-recheck.md)
+- [javascript-typescript:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/javascript-typescript/xss-output-encoding.md)
+- [nodejs:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/nodejs/xss-output-encoding.md)
+- [java:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/java/xss-output-encoding.md)
+- [php:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/php/xss-output-encoding.md)
+- [python:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/python/xss-output-encoding.md)
+- [ruby:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/ruby/xss-output-encoding.md)
+- [csharp:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/csharp/xss-output-encoding.md)
+- [go:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/go/xss-output-encoding.md)
+- [javascript-typescript:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/javascript-typescript/token-cookie-storage.md)
+- [nodejs:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/nodejs/token-cookie-storage.md)
+- [java:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/java/token-cookie-storage.md)
+- [php:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/php/token-cookie-storage.md)
+- [python:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/python/token-cookie-storage.md)
+- [ruby:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/ruby/token-cookie-storage.md)
+- [csharp:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/csharp/token-cookie-storage.md)
+- [go:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/go/token-cookie-storage.md)
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)

07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-2578.md

@@ -0,0 +1,178 @@
+---
+title: "Mattermost fails to preserve the redacted state of burn-on-read posts during deletion"
+system_id: "mattermost"
+category: "platforms"
+advisory_mode: "core"
+published_date: "2026-03-16T15:30:43Z"
+updated_date: "2026-03-23T18:56:01.583567Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "ecosystem-authority"
+verification_status: "triage-manual"
+verification_mode: "synthetic"
+artifact_mode: "synthetic"
+last_run_id: ""
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2026-2578"
+  - "GO-2026-4734"
+  - "GHSA-3rhr-jr63-hwq5"
+affected_versions:
+  - "introduced=0, fixed<8.0.0-20260127062706-c6b205f0d770"
+  - "introduced=0, fixed<5.3.2-0.20260127062706-c6b205f0d770"
+  - "introduced=10.11.0-rc1, fixed<10.11.11"
+  - "introduced=11.2.0-rc1, fixed<11.2.3"
+  - "introduced=11.3.0-rc1, fixed<11.3.1"
+  - "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible"
+  - "introduced=0"
+fixed_versions:
+  - "8.0.0-20260127062706-c6b205f0d770"
+  - "5.3.2-0.20260127062706-c6b205f0d770"
+  - "10.11.11"
+  - "11.2.3"
+  - "11.3.1"
+  - "10.11.11+incompatible"
+  - "11.2.3+incompatible"
+  - "11.3.1+incompatible"
+entity_refs:
+  - "mattermost:system:root-system"
+  - "mattermost--repo--github-com-mattermost-mattermost-server:repo:affected-component"
+secure_code_topics:
+  - "authz-server-side-recheck"
+  - "xss-output-encoding"
+  - "token-cookie-storage"
+  - "dependency-upgrade-policy"
+primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-2578"
+---
+
+# Mattermost fails to preserve the redacted state of burn-on-read posts during deletion
+
+## 本地实证状态
+
+- 实证状态: `triage-manual`
+- 实证方式: `synthetic`
+- Artifact 模式: `synthetic`
+- 最近运行: `-`
+- 浏览器证据: `missing`
+- Run Bundle: `-`
+
+## 事件层
+
+- Canonical ID: `mattermost--CVE-2026-2578`
+- 系统: `mattermost`
+- 严重度: `low`
+- 来源置信度: `ecosystem-authority`
+- 官方主源: https://nvd.nist.gov/vuln/detail/CVE-2026-2578
+- 影响版本: `introduced=0, fixed<8.0.0-20260127062706-c6b205f0d770, introduced=0, fixed<5.3.2-0.20260127062706-c6b205f0d770, introduced=10.11.0-rc1, fixed<10.11.11, introduced=11.2.0-rc1, fixed<11.2.3, introduced=11.3.0-rc1, fixed<11.3.1, introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible, introduced=0`
+- 修复版本: `8.0.0-20260127062706-c6b205f0d770, 5.3.2-0.20260127062706-c6b205f0d770, 10.11.11, 11.2.3, 11.3.1, 10.11.11+incompatible, 11.2.3+incompatible, 11.3.1+incompatible`
+
+## 对象与版本映射
+
+- Advisory Scope: `repo`
+- 影响对象: `mattermost / mattermost-server`
+- Entity Refs: `mattermost, mattermost--repo--github-com-mattermost-mattermost-server`
+- 版本置信度: `high`
+- 版本缺口: `-`
+- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-2578, https://github.com/advisories/GHSA-3rhr-jr63-hwq5, https://github.com/mattermost/mattermost/commit/c6b205f0d77080ef805783de0628b9526af7faec, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
+
+## 受控验证流程
+
+- Workflow ID: `mattermost--CVE-2026-2578--workflow`
+- 漏洞家族: `unknown`
+- 入口面: `repo-surface`
+- 需要角色: `unknown`
+- 触发向量: 对 `unknown` 家族入口投递最小化、可审计、可回滚的受控输入，比较修复前后差异。
+- 请求/页面入口: `/repo`
+- 输入形态: 提交最小化、可审计、可回滚的受控输入。
+- 预期不安全行为: 目标表现出超出设计边界的行为。
+
+## 其他来源
+
+- https://github.com/advisories/GHSA-3rhr-jr63-hwq5
+- https://github.com/mattermost/mattermost/commit/c6b205f0d77080ef805783de0628b9526af7faec
+- https://github.com/mattermost/mattermost
+- https://mattermost.com/security-updates
+
+## 证据点与补丁验证
+
+### 服务端证据点
+
+- 应用日志中的命中路径、鉴权决策和异常栈
+- 反向代理或边界层日志中的请求头、来源 IP 与路由决策
+
+### 浏览器证据点
+
+- 基线截图与攻击后截图的 DOM/视觉差异
+- console、network 与 response metadata 中的异常信号
+
+### 数据库/文件系统证据点
+
+- 数据库中新增/越权读取的测试数据
+- 文件系统中新增上传样本、缓存条目或越权读取痕迹
+
+### 检测信号
+
+- WAF / reverse proxy 异常日志、访问日志和告警
+- 应用审计日志中的权限错误、重定向异常、模板渲染或上传落盘事件
+
+### 补丁验证步骤
+
+- 确认目标版本从 `introduced=0, fixed<8.0.0-20260127062706-c6b205f0d770, introduced=0, fixed<5.3.2-0.20260127062706-c6b205f0d770, introduced=10.11.0-rc1, fixed<10.11.11` 升级或回移到 `8.0.0-20260127062706-c6b205f0d770`。
+- 保留同一组受控输入，在修复前后分别执行并比对响应、日志与浏览器证据。
+- 确认修复后仅保留预期业务行为，不再触发越权、回显、异常渲染或错误请求。
+- 补充 `unknown` 族自动化回归，避免同类路径在插件、主题或代理链中回归。
+
+### 实验安全备注
+
+- 只使用回环地址、哨兵目标、无害样本或可回滚测试数据。
+- 禁止造成持久破坏、越权下载真实数据或不可回滚 side effect。
+- 如需浏览器证据，保留 baseline / proof 两份快照以及 console / network 记录。
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/javascript-typescript/authz-server-side-recheck.md)
+- [nodejs:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/nodejs/authz-server-side-recheck.md)
+- [java:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/java/authz-server-side-recheck.md)
+- [php:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/php/authz-server-side-recheck.md)
+- [python:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/python/authz-server-side-recheck.md)
+- [ruby:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/ruby/authz-server-side-recheck.md)
+- [csharp:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/csharp/authz-server-side-recheck.md)
+- [go:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/go/authz-server-side-recheck.md)
+- [javascript-typescript:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/javascript-typescript/xss-output-encoding.md)
+- [nodejs:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/nodejs/xss-output-encoding.md)
+- [java:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/java/xss-output-encoding.md)
+- [php:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/php/xss-output-encoding.md)
+- [python:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/python/xss-output-encoding.md)
+- [ruby:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/ruby/xss-output-encoding.md)
+- [csharp:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/csharp/xss-output-encoding.md)
+- [go:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/go/xss-output-encoding.md)
+- [javascript-typescript:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/javascript-typescript/token-cookie-storage.md)
+- [nodejs:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/nodejs/token-cookie-storage.md)
+- [java:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/java/token-cookie-storage.md)
+- [php:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/php/token-cookie-storage.md)
+- [python:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/python/token-cookie-storage.md)
+- [ruby:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/ruby/token-cookie-storage.md)
+- [csharp:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/csharp/token-cookie-storage.md)
+- [go:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/go/token-cookie-storage.md)
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)

07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-25780.md

@@ -0,0 +1,187 @@
+---
+title: "Mattermost fails to bound memory allocation when processing DOC files"
+system_id: "mattermost"
+category: "platforms"
+advisory_mode: "core"
+published_date: "2026-03-16T15:30:42Z"
+updated_date: "2026-03-23T18:56:18.467718Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "ecosystem-authority"
+verification_status: "triage-manual"
+verification_mode: "synthetic"
+artifact_mode: "synthetic"
+last_run_id: ""
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2026-25780"
+  - "GO-2026-4733"
+  - "GHSA-xv2p-wchj-qjhp"
+affected_versions:
+  - "introduced=0, fixed<8.0.0-20260123215601-86797c508c44"
+  - "introduced=0, fixed<5.3.2-0.20260123215601-86797c508c44"
+  - "introduced=10.11.0-rc1, fixed<10.11.11"
+  - "introduced=11.2.0-rc1, fixed<11.2.3"
+  - "introduced=11.3.0-rc1, fixed<11.3.1"
+  - "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible"
+  - "introduced=0"
+fixed_versions:
+  - "8.0.0-20260123215601-86797c508c44"
+  - "5.3.2-0.20260123215601-86797c508c44"
+  - "10.11.11"
+  - "11.2.3"
+  - "11.3.1"
+  - "10.11.11+incompatible"
+  - "11.2.3+incompatible"
+  - "11.3.1+incompatible"
+entity_refs:
+  - "mattermost:system:root-system"
+  - "mattermost--repo--github-com-mattermost-mattermost-server:repo:affected-component"
+secure_code_topics:
+  - "authz-server-side-recheck"
+  - "xss-output-encoding"
+  - "token-cookie-storage"
+  - "file-upload-validation"
+  - "dependency-upgrade-policy"
+primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-25780"
+---
+
+# Mattermost fails to bound memory allocation when processing DOC files
+
+## 本地实证状态
+
+- 实证状态: `triage-manual`
+- 实证方式: `synthetic`
+- Artifact 模式: `synthetic`
+- 最近运行: `-`
+- 浏览器证据: `missing`
+- Run Bundle: `-`
+
+## 事件层
+
+- Canonical ID: `mattermost--CVE-2026-25780`
+- 系统: `mattermost`
+- 严重度: `low`
+- 来源置信度: `ecosystem-authority`
+- 官方主源: https://nvd.nist.gov/vuln/detail/CVE-2026-25780
+- 影响版本: `introduced=0, fixed<8.0.0-20260123215601-86797c508c44, introduced=0, fixed<5.3.2-0.20260123215601-86797c508c44, introduced=10.11.0-rc1, fixed<10.11.11, introduced=11.2.0-rc1, fixed<11.2.3, introduced=11.3.0-rc1, fixed<11.3.1, introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible, introduced=0`
+- 修复版本: `8.0.0-20260123215601-86797c508c44, 5.3.2-0.20260123215601-86797c508c44, 10.11.11, 11.2.3, 11.3.1, 10.11.11+incompatible, 11.2.3+incompatible, 11.3.1+incompatible`
+
+## 对象与版本映射
+
+- Advisory Scope: `repo`
+- 影响对象: `mattermost / mattermost-server`
+- Entity Refs: `mattermost, mattermost--repo--github-com-mattermost-mattermost-server`
+- 版本置信度: `high`
+- 版本缺口: `-`
+- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-25780, https://github.com/advisories/GHSA-xv2p-wchj-qjhp, https://github.com/mattermost/mattermost/commit/86797c508c444e299b20889ce241fde505a402cc, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
+
+## 受控验证流程
+
+- Workflow ID: `mattermost--CVE-2026-25780--workflow`
+- 漏洞家族: `unknown`
+- 入口面: `repo-surface`
+- 需要角色: `unknown`
+- 触发向量: 对 `unknown` 家族入口投递最小化、可审计、可回滚的受控输入，比较修复前后差异。
+- 请求/页面入口: `/repo`
+- 输入形态: 提交最小化、可审计、可回滚的受控输入。
+- 预期不安全行为: 目标表现出超出设计边界的行为。
+
+## 其他来源
+
+- https://github.com/advisories/GHSA-xv2p-wchj-qjhp
+- https://github.com/mattermost/mattermost/commit/86797c508c444e299b20889ce241fde505a402cc
+- https://github.com/mattermost/mattermost
+- https://mattermost.com/security-updates
+
+## 证据点与补丁验证
+
+### 服务端证据点
+
+- 应用日志中的命中路径、鉴权决策和异常栈
+- 反向代理或边界层日志中的请求头、来源 IP 与路由决策
+
+### 浏览器证据点
+
+- 基线截图与攻击后截图的 DOM/视觉差异
+- console、network 与 response metadata 中的异常信号
+
+### 数据库/文件系统证据点
+
+- 数据库中新增/越权读取的测试数据
+- 文件系统中新增上传样本、缓存条目或越权读取痕迹
+
+### 检测信号
+
+- WAF / reverse proxy 异常日志、访问日志和告警
+- 应用审计日志中的权限错误、重定向异常、模板渲染或上传落盘事件
+
+### 补丁验证步骤
+
+- 确认目标版本从 `introduced=0, fixed<8.0.0-20260123215601-86797c508c44, introduced=0, fixed<5.3.2-0.20260123215601-86797c508c44, introduced=10.11.0-rc1, fixed<10.11.11` 升级或回移到 `8.0.0-20260123215601-86797c508c44`。
+- 保留同一组受控输入，在修复前后分别执行并比对响应、日志与浏览器证据。
+- 确认修复后仅保留预期业务行为，不再触发越权、回显、异常渲染或错误请求。
+- 补充 `unknown` 族自动化回归，避免同类路径在插件、主题或代理链中回归。
+
+### 实验安全备注
+
+- 只使用回环地址、哨兵目标、无害样本或可回滚测试数据。
+- 禁止造成持久破坏、越权下载真实数据或不可回滚 side effect。
+- 如需浏览器证据，保留 baseline / proof 两份快照以及 console / network 记录。
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/javascript-typescript/authz-server-side-recheck.md)
+- [nodejs:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/nodejs/authz-server-side-recheck.md)
+- [java:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/java/authz-server-side-recheck.md)
+- [php:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/php/authz-server-side-recheck.md)
+- [python:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/python/authz-server-side-recheck.md)
+- [ruby:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/ruby/authz-server-side-recheck.md)
+- [csharp:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/csharp/authz-server-side-recheck.md)
+- [go:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/go/authz-server-side-recheck.md)
+- [javascript-typescript:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/javascript-typescript/xss-output-encoding.md)
+- [nodejs:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/nodejs/xss-output-encoding.md)
+- [java:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/java/xss-output-encoding.md)
+- [php:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/php/xss-output-encoding.md)
+- [python:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/python/xss-output-encoding.md)
+- [ruby:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/ruby/xss-output-encoding.md)
+- [csharp:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/csharp/xss-output-encoding.md)
+- [go:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/go/xss-output-encoding.md)
+- [javascript-typescript:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/javascript-typescript/token-cookie-storage.md)
+- [nodejs:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/nodejs/token-cookie-storage.md)
+- [java:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/java/token-cookie-storage.md)
+- [php:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/php/token-cookie-storage.md)
+- [python:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/python/token-cookie-storage.md)
+- [ruby:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/ruby/token-cookie-storage.md)
+- [csharp:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/csharp/token-cookie-storage.md)
+- [go:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/go/token-cookie-storage.md)
+- [javascript-typescript:file-upload-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/file-upload-validation.md)
+- [nodejs:file-upload-validation](/Users/x/websafe/05-defense/secure-code/nodejs/file-upload-validation.md)
+- [java:file-upload-validation](/Users/x/websafe/05-defense/secure-code/java/file-upload-validation.md)
+- [php:file-upload-validation](/Users/x/websafe/05-defense/secure-code/php/file-upload-validation.md)
+- [python:file-upload-validation](/Users/x/websafe/05-defense/secure-code/python/file-upload-validation.md)
+- [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
+- [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
+- [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)

07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-26246.md

@@ -0,0 +1,186 @@
+---
+title: "Mattermost fails to bound memory allocation when processing PSD image files"
+system_id: "mattermost"
+category: "platforms"
+advisory_mode: "core"
+published_date: "2026-03-16T15:30:42Z"
+updated_date: "2026-03-23T18:56:08.918090Z"
+severity: "low"
+exploit_status: "unknown"
+source_confidence: "ecosystem-authority"
+verification_status: "triage-manual"
+verification_mode: "synthetic"
+artifact_mode: "synthetic"
+last_run_id: ""
+target_types:
+  - "lab-local"
+  - "lab-public"
+  - "authorized-third-party"
+allow_public_validation: "yes, with ownership or explicit authorization"
+authorization_prerequisite: "asset ownership proof or explicit written authorization"
+minimal_validation: "read-only probe, controlled payload, reversible test"
+aliases:
+  - "CVE-2026-26246"
+  - "GO-2026-4727"
+  - "GHSA-44mv-jq72-gj49"
+affected_versions:
+  - "introduced=0, fixed<8.0.0-20260115183946-38b413a27604"
+  - "introduced=0, fixed<5.3.2-0.20260115183946-38b413a27604"
+  - "introduced=10.11.0-rc1, fixed<10.11.11"
+  - "introduced=11.2.0-rc1, fixed<11.2.3"
+  - "introduced=11.3.0-rc1, fixed<11.3.1"
+  - "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible"
+  - "introduced=0"
+fixed_versions:
+  - "8.0.0-20260115183946-38b413a27604"
+  - "5.3.2-0.20260115183946-38b413a27604"
+  - "10.11.11"
+  - "11.2.3"
+  - "11.3.1"
+  - "10.11.11+incompatible"
+  - "11.2.3+incompatible"
+  - "11.3.1+incompatible"
+entity_refs:
+  - "mattermost:system:root-system"
+  - "mattermost--repo--github-com-mattermost-mattermost-server:repo:affected-component"
+secure_code_topics:
+  - "authz-server-side-recheck"
+  - "xss-output-encoding"
+  - "token-cookie-storage"
+  - "file-upload-validation"
+  - "dependency-upgrade-policy"
+primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-26246"
+---
+
+# Mattermost fails to bound memory allocation when processing PSD image files
+
+## 本地实证状态
+
+- 实证状态: `triage-manual`
+- 实证方式: `synthetic`
+- Artifact 模式: `synthetic`
+- 最近运行: `-`
+- 浏览器证据: `missing`
+- Run Bundle: `-`
+
+## 事件层
+
+- Canonical ID: `mattermost--CVE-2026-26246`
+- 系统: `mattermost`
+- 严重度: `low`
+- 来源置信度: `ecosystem-authority`
+- 官方主源: https://nvd.nist.gov/vuln/detail/CVE-2026-26246
+- 影响版本: `introduced=0, fixed<8.0.0-20260115183946-38b413a27604, introduced=0, fixed<5.3.2-0.20260115183946-38b413a27604, introduced=10.11.0-rc1, fixed<10.11.11, introduced=11.2.0-rc1, fixed<11.2.3, introduced=11.3.0-rc1, fixed<11.3.1, introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible, introduced=0`
+- 修复版本: `8.0.0-20260115183946-38b413a27604, 5.3.2-0.20260115183946-38b413a27604, 10.11.11, 11.2.3, 11.3.1, 10.11.11+incompatible, 11.2.3+incompatible, 11.3.1+incompatible`
+
+## 对象与版本映射
+
+- Advisory Scope: `repo`
+- 影响对象: `mattermost / mattermost-server`
+- Entity Refs: `mattermost, mattermost--repo--github-com-mattermost-mattermost-server`
+- 版本置信度: `high`
+- 版本缺口: `-`
+- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-26246, https://github.com/mattermost/mattermost/commit/38b413a27604e8721fbe008f8ec4b4e6c47ad4f0, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
+
+## 受控验证流程
+
+- Workflow ID: `mattermost--CVE-2026-26246--workflow`
+- 漏洞家族: `unknown`
+- 入口面: `repo-surface`
+- 需要角色: `unknown`
+- 触发向量: 对 `unknown` 家族入口投递最小化、可审计、可回滚的受控输入，比较修复前后差异。
+- 请求/页面入口: `/repo`
+- 输入形态: 提交最小化、可审计、可回滚的受控输入。
+- 预期不安全行为: 目标表现出超出设计边界的行为。
+
+## 其他来源
+
+- https://github.com/mattermost/mattermost/commit/38b413a27604e8721fbe008f8ec4b4e6c47ad4f0
+- https://github.com/mattermost/mattermost
+- https://mattermost.com/security-updates
+
+## 证据点与补丁验证
+
+### 服务端证据点
+
+- 应用日志中的命中路径、鉴权决策和异常栈
+- 反向代理或边界层日志中的请求头、来源 IP 与路由决策
+
+### 浏览器证据点
+
+- 基线截图与攻击后截图的 DOM/视觉差异
+- console、network 与 response metadata 中的异常信号
+
+### 数据库/文件系统证据点
+
+- 数据库中新增/越权读取的测试数据
+- 文件系统中新增上传样本、缓存条目或越权读取痕迹
+
+### 检测信号
+
+- WAF / reverse proxy 异常日志、访问日志和告警
+- 应用审计日志中的权限错误、重定向异常、模板渲染或上传落盘事件
+
+### 补丁验证步骤
+
+- 确认目标版本从 `introduced=0, fixed<8.0.0-20260115183946-38b413a27604, introduced=0, fixed<5.3.2-0.20260115183946-38b413a27604, introduced=10.11.0-rc1, fixed<10.11.11` 升级或回移到 `8.0.0-20260115183946-38b413a27604`。
+- 保留同一组受控输入，在修复前后分别执行并比对响应、日志与浏览器证据。
+- 确认修复后仅保留预期业务行为，不再触发越权、回显、异常渲染或错误请求。
+- 补充 `unknown` 族自动化回归，避免同类路径在插件、主题或代理链中回归。
+
+### 实验安全备注
+
+- 只使用回环地址、哨兵目标、无害样本或可回滚测试数据。
+- 禁止造成持久破坏、越权下载真实数据或不可回滚 side effect。
+- 如需浏览器证据，保留 baseline / proof 两份快照以及 console / network 记录。
+
+## 实验层
+
+- 仅用于自有资产、测试环境或已明确授权目标。
+- 允许公网可达目标，但必须满足资产归属或明确授权前提。
+- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
+- 若该案例涉及插件、模块或扩展，应同时检查供应链与升级策略。
+- 禁止场景: 无归属证明或无明确授权的公网目标；知名公共网站或与测试无关的第三方资产；会造成持久破坏、数据越权下载或不可回滚影响的动作
+
+## 修复示例
+
+- [javascript-typescript:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/javascript-typescript/authz-server-side-recheck.md)
+- [nodejs:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/nodejs/authz-server-side-recheck.md)
+- [java:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/java/authz-server-side-recheck.md)
+- [php:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/php/authz-server-side-recheck.md)
+- [python:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/python/authz-server-side-recheck.md)
+- [ruby:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/ruby/authz-server-side-recheck.md)
+- [csharp:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/csharp/authz-server-side-recheck.md)
+- [go:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/go/authz-server-side-recheck.md)
+- [javascript-typescript:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/javascript-typescript/xss-output-encoding.md)
+- [nodejs:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/nodejs/xss-output-encoding.md)
+- [java:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/java/xss-output-encoding.md)
+- [php:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/php/xss-output-encoding.md)
+- [python:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/python/xss-output-encoding.md)
+- [ruby:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/ruby/xss-output-encoding.md)
+- [csharp:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/csharp/xss-output-encoding.md)
+- [go:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/go/xss-output-encoding.md)
+- [javascript-typescript:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/javascript-typescript/token-cookie-storage.md)
+- [nodejs:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/nodejs/token-cookie-storage.md)
+- [java:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/java/token-cookie-storage.md)
+- [php:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/php/token-cookie-storage.md)
+- [python:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/python/token-cookie-storage.md)
+- [ruby:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/ruby/token-cookie-storage.md)
+- [csharp:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/csharp/token-cookie-storage.md)
+- [go:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/go/token-cookie-storage.md)
+- [javascript-typescript:file-upload-validation](/Users/x/websafe/05-defense/secure-code/javascript-typescript/file-upload-validation.md)
+- [nodejs:file-upload-validation](/Users/x/websafe/05-defense/secure-code/nodejs/file-upload-validation.md)
+- [java:file-upload-validation](/Users/x/websafe/05-defense/secure-code/java/file-upload-validation.md)
+- [php:file-upload-validation](/Users/x/websafe/05-defense/secure-code/php/file-upload-validation.md)
+- [python:file-upload-validation](/Users/x/websafe/05-defense/secure-code/python/file-upload-validation.md)
+- [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
+- [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
+- [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)

07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-4265.md

@@ -1,13 +1,13 @@
 ---
-title: "MMSA-2025-00553"
+title: "Mattermost fails to validate team-specific upload_file permissions"
 system_id: "mattermost"
 category: "platforms"
 advisory_mode: "core"
-published_date: "2026-03-16"
+published_date: "2026-03-16T15:30:46Z"
-updated_date: "2026-03-16"
+updated_date: "2026-03-23T18:56:04.837800Z"
-severity: "medium"
+severity: "low"
 exploit_status: "unknown"
-source_confidence: "official"
+source_confidence: "ecosystem-authority"
 verification_status: "triage-manual"
 verification_mode: "synthetic"
 artifact_mode: "synthetic"
@@ -20,29 +20,39 @@ allow_public_validation: "yes, with ownership or explicit authorization"
 authorization_prerequisite: "asset ownership proof or explicit written authorization"
 minimal_validation: "read-only probe, controlled payload, reversible test"
 aliases:
-  - "MMSA-2025-00553"
   - "CVE-2026-4265"
+  - "GO-2026-4749"
+  - "GHSA-xpvf-6qcc-9jqc"
 affected_versions:
-  - "11.3.x <= 11.3.0"
+  - "introduced=0, fixed<8.0.0-20260107144005-c7f6efdfb035"
-  - "11.2.x <= 11.2.2"
+  - "introduced=0, fixed<5.3.2-0.20260107144005-c7f6efdfb035"
-  - "10.11.x <= 10.11.10"
+  - "introduced=10.11.0-rc1, fixed<10.11.11"
+  - "introduced=11.2.0-rc1, fixed<11.2.3"
+  - "introduced=11.3.0-rc1, fixed<11.3.1"
+  - "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible"
+  - "introduced=0"
 fixed_versions:
-  - "11.4.0"
+  - "8.0.0-20260107144005-c7f6efdfb035"
-  - "11.3.1"
+  - "5.3.2-0.20260107144005-c7f6efdfb035"
-  - "11.2.3"
   - "10.11.11"
+  - "11.2.3"
+  - "11.3.1"
+  - "10.11.11+incompatible"
+  - "11.2.3+incompatible"
+  - "11.3.1+incompatible"
 entity_refs:
   - "mattermost:system:root-system"
-  - "mattermost--project--mattermost-server:project:affected-component"
+  - "mattermost--repo--github-com-mattermost-mattermost-server:repo:affected-component"
 secure_code_topics:
   - "authz-server-side-recheck"
   - "xss-output-encoding"
   - "token-cookie-storage"
   - "file-upload-validation"
-primary_source: "https://securityupdates.mattermost.com/security_updates.json"
+  - "dependency-upgrade-policy"
+primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-4265"
 ---
 
-# MMSA-2025-00553
+# Mattermost fails to validate team-specific upload_file permissions
 
 ## 本地实证状态
 
@@ -57,35 +67,38 @@ primary_source: "https://securityupdates.mattermost.com/security_updates.json"
 
 - Canonical ID: `mattermost--CVE-2026-4265`
 - 系统: `mattermost`
-- 严重度: `medium`
+- 严重度: `low`
-- 来源置信度: `official`
+- 来源置信度: `ecosystem-authority`
-- 官方主源: https://securityupdates.mattermost.com/security_updates.json
+- 官方主源: https://nvd.nist.gov/vuln/detail/CVE-2026-4265
-- 影响版本: `11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10`
+- 影响版本: `introduced=0, fixed<8.0.0-20260107144005-c7f6efdfb035, introduced=0, fixed<5.3.2-0.20260107144005-c7f6efdfb035, introduced=10.11.0-rc1, fixed<10.11.11, introduced=11.2.0-rc1, fixed<11.2.3, introduced=11.3.0-rc1, fixed<11.3.1, introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible, introduced=0`
-- 修复版本: `11.4.0, 11.3.1, 11.2.3, 10.11.11`
+- 修复版本: `8.0.0-20260107144005-c7f6efdfb035, 5.3.2-0.20260107144005-c7f6efdfb035, 10.11.11, 11.2.3, 11.3.1, 10.11.11+incompatible, 11.2.3+incompatible, 11.3.1+incompatible`
 
 ## 对象与版本映射
 
-- Advisory Scope: `package`
+- Advisory Scope: `repo`
-- 影响对象: `Mattermost Server`
+- 影响对象: `mattermost / mattermost-server`
-- Entity Refs: `mattermost, mattermost--project--mattermost-server`
+- Entity Refs: `mattermost, mattermost--repo--github-com-mattermost-mattermost-server`
 - 版本置信度: `high`
 - 版本缺口: `-`
-- 版本证据源: `https://securityupdates.mattermost.com/security_updates.json`
+- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-4265, https://github.com/advisories/GHSA-xpvf-6qcc-9jqc, https://github.com/mattermost/mattermost/commit/c7f6efdfb035490f494b3177996ee5f4b278c988, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
 
 ## 受控验证流程
 
 - Workflow ID: `mattermost--CVE-2026-4265--workflow`
-- 漏洞家族: `xss`
+- 漏洞家族: `unknown`
-- 入口面: `web-ui-render-path`
+- 入口面: `repo-surface`
-- 需要角色: `editor-or-admin`
+- 需要角色: `unknown`
-- 触发向量: 对 `xss` 家族入口投递最小化、可审计、可回滚的受控输入，比较修复前后差异。
+- 触发向量: 对 `unknown` 家族入口投递最小化、可审计、可回滚的受控输入，比较修复前后差异。
-- 请求/页面入口: `/admin/editor, /preview, /rendered-content`
+- 请求/页面入口: `/repo`
-- 输入形态: 受控 HTML/Markdown/富文本输入，观察渲染上下文是否失去编码或净化。
+- 输入形态: 提交最小化、可审计、可回滚的受控输入。
-- 预期不安全行为: 输入在目标上下文执行或被浏览器解释为主动内容。
+- 预期不安全行为: 目标表现出超出设计边界的行为。
 
 ## 其他来源
 
-- 无额外来源
+- https://github.com/advisories/GHSA-xpvf-6qcc-9jqc
+- https://github.com/mattermost/mattermost/commit/c7f6efdfb035490f494b3177996ee5f4b278c988
+- https://github.com/mattermost/mattermost
+- https://mattermost.com/security-updates
 
 ## 证据点与补丁验证
 
@@ -111,10 +124,10 @@ primary_source: "https://securityupdates.mattermost.com/security_updates.json"
 
 ### 补丁验证步骤
 
-- 确认目标版本从 `11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10` 升级或回移到 `11.4.0`。
+- 确认目标版本从 `introduced=0, fixed<8.0.0-20260107144005-c7f6efdfb035, introduced=0, fixed<5.3.2-0.20260107144005-c7f6efdfb035, introduced=10.11.0-rc1, fixed<10.11.11` 升级或回移到 `8.0.0-20260107144005-c7f6efdfb035`。
 - 保留同一组受控输入，在修复前后分别执行并比对响应、日志与浏览器证据。
 - 确认修复后仅保留预期业务行为，不再触发越权、回显、异常渲染或错误请求。
-- 补充 `xss` 族自动化回归，避免同类路径在插件、主题或代理链中回归。
+- 补充 `unknown` 族自动化回归，避免同类路径在插件、主题或代理链中回归。
 
 ### 实验安全备注
 
@@ -164,3 +177,11 @@ primary_source: "https://securityupdates.mattermost.com/security_updates.json"
 - [ruby:file-upload-validation](/Users/x/websafe/05-defense/secure-code/ruby/file-upload-validation.md)
 - [csharp:file-upload-validation](/Users/x/websafe/05-defense/secure-code/csharp/file-upload-validation.md)
 - [go:file-upload-validation](/Users/x/websafe/05-defense/secure-code/go/file-upload-validation.md)
+- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
+- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
+- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
+- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
+- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
+- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
+- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
+- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)

07-framework-security/platforms/phpmyadmin/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `50`
-- 最近渲染时间: `2026-03-23T09:54:10+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/platforms/redmine/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `50`
-- 最近渲染时间: `2026-03-23T09:54:10+00:00`
+- 最近渲染时间: `2026-03-24T09:18:19+00:00`
 
 ## 目标约束
 

07-framework-security/servers/apache-httpd/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `135`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/servers/apache-tomcat/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `136`
-- 最近渲染时间: `2026-03-23T09:54:10+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/servers/caddy/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `29`
-- 最近渲染时间: `2026-03-23T09:54:10+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/servers/haproxy/INDEX.md

@@ -5,14 +5,14 @@
 - 系统 ID: `haproxy`
 - 分类: `servers`
 - 覆盖策略: `rolling-24m`
-- 总案例数: `6`
+- 总案例数: `7`
 - 近 30 天新增/更新: `0`
 - 重点 Markdown 案例数: `0`
 - 已实证(真实版本): `0`
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
-- 待人工/缺浏览器证据: `6`
+- 待人工/缺浏览器证据: `7`
-- 最近渲染时间: `2026-03-23T09:54:10+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 
@@ -33,6 +33,7 @@
 | 标题 | 严重度 | 案例状态 | 实证状态 | 实证方式 | 来源置信度 | 更新时间 | 案例页 |
 |------|--------|----------|----------|----------|------------|----------|--------|
 | Omnissa Horizon alternative: how HAProxy solves UDP load balancing | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `Wed, 25 Feb 2026 14:00:00 +0000` | - |
+| Announcing HAProxy Unified Gateway 1.0 | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `Tue, 24 Mar 2026 00:00:00 +0000` | - |
 | Don't panic: a low-risk strategy for Ingress NGINX retirement | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `Thu, 19 Feb 2026 09:00:00 +0000` | - |
 | Announcing HAProxy Fusion 2.0 | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `Mon, 16 Mar 2026 08:00:00 +0000` | - |
 | Load balancing VMware Horizon's UDP and TCP traffic: a guide with HAProxy | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `Fri, 27 Feb 2026 09:59:00 +0000` | - |

07-framework-security/servers/nginx/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `110`
-- 最近渲染时间: `2026-03-23T09:54:09+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 

07-framework-security/servers/traefik/INDEX.md

@@ -12,7 +12,7 @@
 - 已实证(synthetic): `0`
 - 阻塞数: `0`
 - 待人工/缺浏览器证据: `45`
-- 最近渲染时间: `2026-03-23T09:54:10+00:00`
+- 最近渲染时间: `2026-03-24T09:18:18+00:00`
 
 ## 目标约束
 
@@ -31,8 +31,8 @@
 
 | 标题 | 严重度 | 案例状态 | 实证状态 | 实证方式 | 来源置信度 | 更新时间 | 案例页 |
 |------|--------|----------|----------|----------|------------|----------|--------|
-| Traefik Affected by BasicAuth Middleware Timing Attack Allows Username Enumeration | `medium` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-20T15:46:26.940872Z` | - |
+| Traefik Affected by BasicAuth Middleware Timing Attack Allows Username Enumeration | `medium` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-23T18:56:05.020639Z` | - |
-| Traefik has a Potential mTLS Bypass via Fragmented TLS ClientHello Causing Pre-SNI Sniff Fallback to Default Non-mTLS TLS Config | `medium` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-20T15:46:41.715568Z` | - |
+| Traefik has a Potential mTLS Bypass via Fragmented TLS ClientHello Causing Pre-SNI Sniff Fallback to Default Non-mTLS TLS Config | `medium` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-23T18:56:07.286130Z` | - |
 | Traefik: kubernetes gateway rule injection via unescaped backticks in HTTPRoute match values in github.com/traefik/traefik | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-23T04:52:53.505590Z` | - |
 | Traefik: HTTP/2 frames can cause a running server to panic in github.com/traefik/traefik | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-23T04:52:55.119301Z` | - |
 | Traefik has unbounded io.ReadAll on auth server response body that causes OOM DOS in github.com/traefik/traefik | `unknown` | `generated` | `triage-manual` | `synthetic` | `official` | `2026-03-23T04:53:12.392934Z` | - |

08-threat-intel/generated/coverage-matrix.md

@@ -25,14 +25,14 @@
 | GitLab CE | `platforms` | `rolling-24m` | `-` | `yes` | `55` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
 | Grafana | `platforms` | `rolling-24m` | `-` | `yes` | `60` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
 | Hapi | `frameworks` | `history-full` | `yes` | `yes` | `1` | `1` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2020-08-31T19:00:56Z` |
-| HAProxy | `servers` | `rolling-24m` | `-` | `yes` | `6` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `Wed, 25 Feb 2026 14:00:00 +0000` |
+| HAProxy | `servers` | `rolling-24m` | `-` | `yes` | `7` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `1` | `Wed, 25 Feb 2026 14:00:00 +0000` |
 | Jenkins | `platforms` | `rolling-24m` | `-` | `yes` | `60` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
 | Joomla | `cms` | `history-full` | `yes` | `yes` | `100` | `0` | `4` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2025-04-03T01:03:51.193` |
 | Kibana | `platforms` | `rolling-24m` | `-` | `yes` | `47` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `6` | `Thu, 19 Mar 2026 16:59:58 +0000` |
 | Koa | `frameworks` | `rolling-24m` | `-` | `yes` | `1` | `1` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-02-26T23:36:36.294040Z` |
 | Laravel | `frameworks` | `rolling-24m` | `-` | `yes` | `2` | `2` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-13T22:15:34.333730Z` |
 | Magento Open Source | `ecommerce` | `history-full` | `yes` | `yes` | `89` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2025-04-20T01:37:25.860` |
-| Mattermost | `platforms` | `rolling-24m` | `-` | `yes` | `21` | `21` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `Fix Release Date` |
+| Mattermost | `platforms` | `rolling-24m` | `-` | `yes` | `31` | `31` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `Fix Release Date` |
 | MediaWiki | `cms` | `rolling-24m` | `-` | `yes` | `70` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `70` | `Wed, 22 Oct 2025 21:44:43 +0000` |
 | Medusa | `ecommerce` | `rolling-24m` | `-` | `yes` | `15` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `15` | `` |
 | Moodle | `cms` | `rolling-24m` | `-` | `yes` | `40` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `40` | `2025-04-09T00:30:58.490` |
@@ -56,7 +56,7 @@
 | Strapi | `cms` | `rolling-24m` | `-` | `yes` | `26` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `26` | `` |
 | SvelteKit | `frameworks` | `rolling-24m` | `-` | `yes` | `3` | `3` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-02-28T06:27:26.115188Z` |
 | Symfony | `frameworks` | `rolling-24m` | `-` | `yes` | `9` | `9` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-13T22:16:14.858636Z` |
-| Traefik | `servers` | `rolling-24m` | `-` | `yes` | `45` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `27` | `2026-03-23T04:53:13.381024Z` |
+| Traefik | `servers` | `rolling-24m` | `-` | `yes` | `45` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `27` | `2026-03-23T18:56:07.286130Z` |
 | Undici | `frameworks` | `rolling-24m` | `-` | `yes` | `16` | `15` | `2` | `seeded` | `real:7/synthetic:0/blocked:0` | `0` | `7` | `1` | `2026-03-18T23:58:57.714731Z` |
 | Vite | `frameworks` | `history-full` | `yes` | `yes` | `42` | `16` | `3` | `seeded` | `real:12/synthetic:0/blocked:0` | `12` | `12` | `26` | `2026-02-04T04:37:24.129476Z` |
 | Vue | `frameworks` | `history-full` | `yes` | `yes` | `15` | `1` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `14` | `2024-10-24T19:12:14.925352Z` |

08-threat-intel/generated/dashboard/architecture.json

@@ -1,5 +1,5 @@
 {
-  "generated_at": "2026-03-23T09:54:11+00:00",
+  "generated_at": "2026-03-24T09:18:20+00:00",
   "title": "\u5f53\u524d\u67b6\u6784\u5e93",
   "summary": "\u5de5\u4f5c\u53f0\u3001\u63a7\u5236\u9762\u3001\u6570\u636e\u5c42\u3001\u6388\u6743\u8fb9\u754c\u4e0e\u7cfb\u7edf\u8986\u76d6\u7684\u5f53\u524d\u771f\u503c\u89c6\u56fe\u3002",
   "sections": [
@@ -39,7 +39,7 @@
         },
         {
           "label": "\u5f53\u524d\u6f0f\u6d1e\u6761\u76ee",
-          "value": "2404"
+          "value": "2415"
         }
       ],
       "fields": [
@@ -57,7 +57,7 @@
         },
         {
           "label": "\u751f\u6210\u65f6\u95f4",
-          "value": "2026-03-23T09:54:11+00:00"
+          "value": "2026-03-24T09:18:20+00:00"
         }
       ],
       "links": [
@@ -5973,7 +5973,7 @@
         },
         {
           "label": "Advisory \u6570",
-          "value": "2404"
+          "value": "2415"
         },
         {
           "label": "\u72b6\u6001\u7c7b\u578b",
@@ -5992,7 +5992,7 @@
           "items": [
             {
               "title": "\u4eba\u5de5\u5206\u8bca",
-              "summary": "\u5f53\u524d\u7d2f\u8ba1 2315 \u6761\u3002",
+              "summary": "\u5f53\u524d\u7d2f\u8ba1 2326 \u6761\u3002",
               "open": false,
               "fields": [
                 {
@@ -6001,7 +6001,7 @@
                 },
                 {
                   "label": "\u6570\u91cf",
-                  "value": "2315"
+                  "value": "2326"
                 }
               ]
             },

08-threat-intel/generated/dashboard/data/completeness.json

@@ -1,7 +1,7 @@
 {
-  "generated_at": "2026-03-23T09:54:11+00:00",
+  "generated_at": "2026-03-24T09:18:20+00:00",
   "advisory_total": 89,
-  "registry_advisory_total": 2404,
+  "registry_advisory_total": 2415,
   "scope": "latest-run-backed-advisories",
   "latest_statuses": {
     "verified-real": 89
@@ -175,12 +175,12 @@
     "active_source_count": 102,
     "green_source_count": 102,
     "failure_count": 0,
-    "last_fully_green_run": "2026-03-23T09:53:46+00:00",
+    "last_fully_green_run": "2026-03-24T09:17:44+00:00",
     "open_alert_count": 0,
     "resolved_alert_count": 101
   },
   "entity_coverage": {
-    "generated_at": "2026-03-23T09:54:10+00:00",
+    "generated_at": "2026-03-24T09:18:19+00:00",
     "cataloged_entity_total": 109,
     "candidate_entity_total": 7,
     "history_full_complete_count": 40,
@@ -990,10 +990,18 @@
             "entity_id": "mattermost--project--mattermost-server",
             "entity_type": "project",
             "display_name": "Mattermost Server",
-            "advisory_count": 14,
+            "advisory_count": 13,
             "history_backfill_status": "complete",
             "latest_sync_status": "green"
           },
+          {
+            "entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
+            "entity_type": "repo",
+            "display_name": "mattermost / mattermost-server",
+            "advisory_count": 12,
+            "history_backfill_status": "seeded",
+            "latest_sync_status": "green"
+          },
           {
             "entity_id": "mattermost--plugin--mattermost-plugins",
             "entity_type": "plugin",
@@ -1009,14 +1017,6 @@
             "advisory_count": 1,
             "history_backfill_status": "seeded",
             "latest_sync_status": "green"
-          },
-          {
-            "entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
-            "entity_type": "repo",
-            "display_name": "mattermost / mattermost-server",
-            "advisory_count": 1,
-            "history_backfill_status": "seeded",
-            "latest_sync_status": "green"
           }
         ],
         "backlog_preview": []
@@ -1941,28 +1941,29 @@
       "discovery_queue": 7,
       "history_queue": 27,
       "latest_queue": 10,
-      "workflow_queue": 2176
+      "workflow_queue": 2177
     }
   },
   "monitor_summary": {
-    "generated_at": "2026-03-23T09:53:46+00:00",
+    "generated_at": "2026-03-24T09:17:44+00:00",
     "active_source_count": 102,
     "green_source_count": 102,
     "source_failure_count": 0,
     "open_alert_count": 0,
     "resolved_alert_count": 101,
-    "last_fully_green_run": "2026-03-23T09:53:46+00:00",
+    "last_fully_green_run": "2026-03-24T09:17:44+00:00",
     "source_catalog": {
       "system_count": 62,
       "source_count": 179,
       "retired_source_count": 77
     },
     "ingest": {
-      "new_count": 2,
+      "new_count": 11,
-      "updated_count": 5,
+      "updated_count": 4,
       "failure_count": 0,
       "systems_touched": [
-        "caddy",
+        "haproxy",
+        "mattermost",
         "traefik"
       ]
     },
@@ -1983,14 +1984,14 @@
       "cataloged_entity_total": 109,
       "latest_version_synced_count": 94,
       "source_gap_count": 15,
-      "security_version_total": 6180,
+      "security_version_total": 6242,
       "security_version_entity_count": 82,
       "auto_promoted_entity_count": 10,
-      "lab_enqueued_count": 2
+      "lab_enqueued_count": 11
     },
     "lab_enqueue": {
-      "enqueued": 2,
+      "enqueued": 11,
-      "queue_total": 2360,
+      "queue_total": 2371,
       "pending_count": 0
     }
   },

08-threat-intel/generated/dashboard/data/entity-completeness.json

@@ -1,5 +1,5 @@
 {
-  "generated_at": "2026-03-23T09:54:10+00:00",
+  "generated_at": "2026-03-24T09:18:19+00:00",
   "cataloged_entity_total": 109,
   "candidate_entity_total": 7,
   "history_full_complete_count": 40,
@@ -809,10 +809,18 @@
           "entity_id": "mattermost--project--mattermost-server",
           "entity_type": "project",
           "display_name": "Mattermost Server",
-          "advisory_count": 14,
+          "advisory_count": 13,
           "history_backfill_status": "complete",
           "latest_sync_status": "green"
         },
+        {
+          "entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
+          "entity_type": "repo",
+          "display_name": "mattermost / mattermost-server",
+          "advisory_count": 12,
+          "history_backfill_status": "seeded",
+          "latest_sync_status": "green"
+        },
         {
           "entity_id": "mattermost--plugin--mattermost-plugins",
           "entity_type": "plugin",
@@ -828,14 +836,6 @@
           "advisory_count": 1,
           "history_backfill_status": "seeded",
           "latest_sync_status": "green"
-        },
-        {
-          "entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
-          "entity_type": "repo",
-          "display_name": "mattermost / mattermost-server",
-          "advisory_count": 1,
-          "history_backfill_status": "seeded",
-          "latest_sync_status": "green"
         }
       ],
       "backlog_preview": []
@@ -1760,6 +1760,6 @@
     "discovery_queue": 7,
     "history_queue": 27,
     "latest_queue": 10,
-    "workflow_queue": 2176
+    "workflow_queue": 2177
   }
 }

08-threat-intel/generated/dashboard/data/entity-queues.json

@@ -1,5 +1,5 @@
 {
-  "generated_at": "2026-03-23T09:54:10+00:00",
+  "generated_at": "2026-03-24T09:18:19+00:00",
   "discovery_queue": {
     "count": 7,
     "items": [
@@ -408,7 +408,7 @@
     ]
   },
   "workflow_queue": {
-    "count": 2176,
+    "count": 2177,
     "items": [
       {
         "canonical_id": "adminer--CVE-2026-25878",

08-threat-intel/generated/dashboard/data/monitor-summary.json

@@ -1,22 +1,23 @@
 {
-  "generated_at": "2026-03-23T09:53:46+00:00",
+  "generated_at": "2026-03-24T09:17:44+00:00",
   "active_source_count": 102,
   "green_source_count": 102,
   "source_failure_count": 0,
   "open_alert_count": 0,
   "resolved_alert_count": 101,
-  "last_fully_green_run": "2026-03-23T09:53:46+00:00",
+  "last_fully_green_run": "2026-03-24T09:17:44+00:00",
   "source_catalog": {
     "system_count": 62,
     "source_count": 179,
     "retired_source_count": 77
   },
   "ingest": {
-    "new_count": 2,
+    "new_count": 11,
-    "updated_count": 5,
+    "updated_count": 4,
     "failure_count": 0,
     "systems_touched": [
-      "caddy",
+      "haproxy",
+      "mattermost",
       "traefik"
     ]
   },
@@ -37,14 +38,14 @@
     "cataloged_entity_total": 109,
     "latest_version_synced_count": 94,
     "source_gap_count": 15,
-    "security_version_total": 6180,
+    "security_version_total": 6242,
     "security_version_entity_count": 82,
     "auto_promoted_entity_count": 10,
-    "lab_enqueued_count": 2
+    "lab_enqueued_count": 11
   },
   "lab_enqueue": {
-    "enqueued": 2,
+    "enqueued": 11,
-    "queue_total": 2360,
+    "queue_total": 2371,
     "pending_count": 0
   }
 }

08-threat-intel/generated/dashboard/data/source-catalog-audit.json

@@ -1,5 +1,5 @@
 {
-  "generated_at": "2026-03-23T09:26:43+00:00",
+  "generated_at": "2026-03-24T09:17:05+00:00",
   "system_count": 62,
   "source_count": 179,
   "active_source_count": 102,

08-threat-intel/generated/dashboard/data/source-health.json

@@ -1,17 +1,17 @@
 {
-  "generated_at": "2026-03-23T09:53:46+00:00",
+  "generated_at": "2026-03-24T09:17:44+00:00",
   "active_source_count": 102,
   "green_source_count": 102,
   "failure_count": 0,
   "all_green": true,
-  "last_fully_green_run": "2026-03-23T09:53:46+00:00",
+  "last_fully_green_run": "2026-03-24T09:17:44+00:00",
   "retries_performed": 0,
   "probes": [
     {
       "system_id": "adminer",
       "source_name": "OSV Adminer",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 5.754,
+      "elapsed_seconds": 2.321,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -19,7 +19,7 @@
       "system_id": "adobe-commerce",
       "source_name": "Adobe Magento Security Index",
       "source_kind": "vendor-index",
-      "elapsed_seconds": 0.028,
+      "elapsed_seconds": 0.029,
       "kind": "vendor-index",
       "items_seen": 46
     },
@@ -27,7 +27,7 @@
       "system_id": "angular",
       "source_name": "OSV Angular",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 3.837,
+      "elapsed_seconds": 1.538,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -35,7 +35,7 @@
       "system_id": "apache-httpd",
       "source_name": "Apache HTTPD Security",
       "source_kind": "html-links",
-      "elapsed_seconds": 3.3,
+      "elapsed_seconds": 1.611,
       "kind": "html-links",
       "items_seen": 182
     },
@@ -43,7 +43,7 @@
       "system_id": "apache-httpd",
       "source_name": "CISA KEV Apache HTTPD",
       "source_kind": "kev-json",
-      "elapsed_seconds": 4.396,
+      "elapsed_seconds": 1.7,
       "kind": "kev-json",
       "items_seen": 1551
     },
@@ -51,7 +51,7 @@
       "system_id": "apache-tomcat",
       "source_name": "Apache Tomcat Security",
       "source_kind": "html-links",
-      "elapsed_seconds": 3.608,
+      "elapsed_seconds": 1.614,
       "kind": "html-links",
       "items_seen": 270
     },
@@ -59,7 +59,7 @@
       "system_id": "apache-tomcat",
       "source_name": "CISA KEV Tomcat",
       "source_kind": "kev-json",
-      "elapsed_seconds": 4.382,
+      "elapsed_seconds": 1.728,
       "kind": "kev-json",
       "items_seen": 1551
     },
@@ -67,7 +67,7 @@
       "system_id": "aspnet-core",
       "source_name": "OSV ASP.NET Core",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 5.42,
+      "elapsed_seconds": 2.176,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -75,7 +75,7 @@
       "system_id": "astro",
       "source_name": "OSV Astro",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 3.608,
+      "elapsed_seconds": 1.536,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -83,7 +83,7 @@
       "system_id": "caddy",
       "source_name": "OSV Caddy",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 5.339,
+      "elapsed_seconds": 2.207,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -91,7 +91,7 @@
       "system_id": "directus",
       "source_name": "Directus GitHub Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.034,
+      "elapsed_seconds": 0.049,
       "kind": "html-links",
       "items_seen": 127
     },
@@ -99,7 +99,7 @@
       "system_id": "directus",
       "source_name": "OSV Directus",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 1.656,
+      "elapsed_seconds": 0.954,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -115,7 +115,7 @@
       "system_id": "discourse",
       "source_name": "Discourse Security RSS",
       "source_kind": "rss-feed",
-      "elapsed_seconds": 0.03,
+      "elapsed_seconds": 0.029,
       "kind": "rss-feed",
       "items_seen": 3
     },
@@ -123,7 +123,7 @@
       "system_id": "discourse",
       "source_name": "OSV Discourse",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 1.516,
+      "elapsed_seconds": 0.824,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -131,7 +131,7 @@
       "system_id": "django",
       "source_name": "Django Security Releases Archive",
       "source_kind": "vendor-index",
-      "elapsed_seconds": 2.863,
+      "elapsed_seconds": 1.532,
       "kind": "vendor-index",
       "items_seen": 1276
     },
@@ -139,7 +139,7 @@
       "system_id": "django",
       "source_name": "Django Security Weblog",
       "source_kind": "vendor-index",
-      "elapsed_seconds": 2.84,
+      "elapsed_seconds": 1.508,
       "kind": "vendor-index",
       "items_seen": 332
     },
@@ -147,7 +147,7 @@
       "system_id": "django",
       "source_name": "OSV Django",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 5.346,
+      "elapsed_seconds": 3.099,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -155,7 +155,7 @@
       "system_id": "drupal",
       "source_name": "Drupal Security Advisories RSS",
       "source_kind": "rss-feed",
-      "elapsed_seconds": 0.038,
+      "elapsed_seconds": 0.051,
       "kind": "rss-feed",
       "items_seen": 20
     },
@@ -163,7 +163,7 @@
       "system_id": "drupal",
       "source_name": "OSV Drupal",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 2.965,
+      "elapsed_seconds": 1.795,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -171,7 +171,7 @@
       "system_id": "echo",
       "source_name": "OSV Echo",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 4.843,
+      "elapsed_seconds": 2.15,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -179,7 +179,7 @@
       "system_id": "esbuild",
       "source_name": "OSV esbuild",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 3.612,
+      "elapsed_seconds": 1.611,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -187,7 +187,7 @@
       "system_id": "express",
       "source_name": "OSV Express",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 3.3,
+      "elapsed_seconds": 1.536,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -195,7 +195,7 @@
       "system_id": "fastify",
       "source_name": "OSV Fastify",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 3.056,
+      "elapsed_seconds": 1.551,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -203,7 +203,7 @@
       "system_id": "flask",
       "source_name": "OSV Flask",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 4.622,
+      "elapsed_seconds": 2.195,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -211,7 +211,7 @@
       "system_id": "ghost",
       "source_name": "Ghost GitHub Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.037,
+      "elapsed_seconds": 0.051,
       "kind": "html-links",
       "items_seen": 119
     },
@@ -219,7 +219,7 @@
       "system_id": "ghost",
       "source_name": "OSV Ghost",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 2.059,
+      "elapsed_seconds": 0.956,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -227,7 +227,7 @@
       "system_id": "gin",
       "source_name": "OSV Gin",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 4.398,
+      "elapsed_seconds": 2.154,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -235,7 +235,7 @@
       "system_id": "gitea",
       "source_name": "OSV Gitea",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 5.337,
+      "elapsed_seconds": 2.382,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -243,7 +243,7 @@
       "system_id": "gitlab-ce",
       "source_name": "GitLab Advisory Database",
       "source_kind": "html-links",
-      "elapsed_seconds": 3.842,
+      "elapsed_seconds": 1.737,
       "kind": "html-links",
       "items_seen": 5
     },
@@ -251,7 +251,7 @@
       "system_id": "gitlab-ce",
       "source_name": "GitLab Security Releases Atom",
       "source_kind": "atom-feed",
-      "elapsed_seconds": 3.842,
+      "elapsed_seconds": 1.737,
       "kind": "atom-feed",
       "items_seen": 186
     },
@@ -259,7 +259,7 @@
       "system_id": "grafana",
       "source_name": "CISA KEV Grafana",
       "source_kind": "kev-json",
-      "elapsed_seconds": 4.395,
+      "elapsed_seconds": 1.738,
       "kind": "kev-json",
       "items_seen": 1551
     },
@@ -267,7 +267,7 @@
       "system_id": "grafana",
       "source_name": "Grafana Security Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 3.842,
+      "elapsed_seconds": 1.737,
       "kind": "html-links",
       "items_seen": 159
     },
@@ -275,7 +275,7 @@
       "system_id": "hapi",
       "source_name": "OSV Hapi",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 2.84,
+      "elapsed_seconds": 1.744,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -283,7 +283,7 @@
       "system_id": "haproxy",
       "source_name": "HAProxy Blog Feed",
       "source_kind": "rss-feed",
-      "elapsed_seconds": 3.618,
+      "elapsed_seconds": 1.7,
       "kind": "rss-feed",
       "items_seen": 10
     },
@@ -291,7 +291,7 @@
       "system_id": "jenkins",
       "source_name": "Jenkins Security Advisories RSS",
       "source_kind": "rss-feed",
-      "elapsed_seconds": 3.842,
+      "elapsed_seconds": 1.737,
       "kind": "rss-feed",
       "items_seen": 96
     },
@@ -299,7 +299,7 @@
       "system_id": "joomla",
       "source_name": "Joomla Security Centre",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.038,
+      "elapsed_seconds": 0.051,
       "kind": "html-links",
       "items_seen": 139
     },
@@ -307,7 +307,7 @@
       "system_id": "joomla",
       "source_name": "OSV Joomla",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 1.648,
+      "elapsed_seconds": 0.899,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -315,7 +315,7 @@
       "system_id": "kibana",
       "source_name": "Elastic Product Security",
       "source_kind": "html-links",
-      "elapsed_seconds": 4.01,
+      "elapsed_seconds": 1.738,
       "kind": "html-links",
       "items_seen": 66
     },
@@ -323,7 +323,7 @@
       "system_id": "kibana",
       "source_name": "NVD Kibana",
       "source_kind": "nvd-search",
-      "elapsed_seconds": 6.119,
+      "elapsed_seconds": 3.279,
       "kind": "nvd-search",
       "items_seen": 1
     },
@@ -331,7 +331,7 @@
       "system_id": "koa",
       "source_name": "OSV Koa",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 2.84,
+      "elapsed_seconds": 1.535,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -339,7 +339,7 @@
       "system_id": "laravel",
       "source_name": "OSV Laravel",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 3.633,
+      "elapsed_seconds": 2.335,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -347,7 +347,7 @@
       "system_id": "magento-open-source",
       "source_name": "Magento GitHub Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.02,
+      "elapsed_seconds": 0.022,
       "kind": "html-links",
       "items_seen": 99
     },
@@ -355,7 +355,7 @@
       "system_id": "magento-open-source",
       "source_name": "OSV Magento Open Source",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 1.648,
+      "elapsed_seconds": 0.855,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -363,7 +363,7 @@
       "system_id": "magento-open-source",
       "source_name": "Sansec Research",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.02,
+      "elapsed_seconds": 0.022,
       "kind": "html-links",
       "items_seen": 134
     },
@@ -371,7 +371,7 @@
       "system_id": "mattermost",
       "source_name": "Mattermost Security Updates JSON",
       "source_kind": "json-feed",
-      "elapsed_seconds": 4.201,
+      "elapsed_seconds": 1.742,
       "kind": "json-feed",
       "items_seen": 594
     },
@@ -379,7 +379,7 @@
       "system_id": "mattermost",
       "source_name": "OSV Mattermost",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 6.79,
+      "elapsed_seconds": 3.206,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -387,7 +387,7 @@
       "system_id": "mediawiki",
       "source_name": "MediaWiki Announce RSS",
       "source_kind": "rss-feed",
-      "elapsed_seconds": 0.033,
+      "elapsed_seconds": 0.048,
       "kind": "rss-feed",
       "items_seen": 30
     },
@@ -395,7 +395,7 @@
       "system_id": "mediawiki",
       "source_name": "OSV MediaWiki",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 1.657,
+      "elapsed_seconds": 1.007,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -403,7 +403,7 @@
       "system_id": "medusa",
       "source_name": "OSV Medusa",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 1.493,
+      "elapsed_seconds": 0.852,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -411,7 +411,7 @@
       "system_id": "moodle",
       "source_name": "OSV Moodle",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 4.487,
+      "elapsed_seconds": 3.854,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -419,7 +419,7 @@
       "system_id": "nestjs",
       "source_name": "OSV NestJS",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 2.84,
+      "elapsed_seconds": 1.535,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -427,7 +427,7 @@
       "system_id": "nextjs",
       "source_name": "OSV Next.js",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 2.255,
+      "elapsed_seconds": 0.918,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -435,7 +435,7 @@
       "system_id": "nginx",
       "source_name": "CISA KEV NGINX",
       "source_kind": "kev-json",
-      "elapsed_seconds": 4.382,
+      "elapsed_seconds": 1.7,
       "kind": "kev-json",
       "items_seen": 1551
     },
@@ -443,7 +443,7 @@
       "system_id": "nginx",
       "source_name": "NGINX Security Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 3.293,
+      "elapsed_seconds": 1.551,
       "kind": "html-links",
       "items_seen": 138
     },
@@ -451,7 +451,7 @@
       "system_id": "nodejs",
       "source_name": "CISA KEV Node.js",
       "source_kind": "kev-json",
-      "elapsed_seconds": 4.382,
+      "elapsed_seconds": 1.728,
       "kind": "kev-json",
       "items_seen": 1551
     },
@@ -459,15 +459,15 @@
       "system_id": "nodejs",
       "source_name": "Node.js Security Releases",
       "source_kind": "html-links",
-      "elapsed_seconds": 1.723,
+      "elapsed_seconds": 0.906,
       "kind": "html-links",
-      "items_seen": 74
+      "items_seen": 73
     },
     {
       "system_id": "nuxt",
       "source_name": "OSV Nuxt",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 3.294,
+      "elapsed_seconds": 1.452,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -475,7 +475,7 @@
       "system_id": "opencart",
       "source_name": "OSV OpenCart",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 2.259,
+      "elapsed_seconds": 0.887,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -483,7 +483,7 @@
       "system_id": "opencart",
       "source_name": "OpenCart Releases",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.006,
+      "elapsed_seconds": 0.012,
       "kind": "html-links",
       "items_seen": 1500
     },
@@ -491,7 +491,7 @@
       "system_id": "openmage",
       "source_name": "OSV OpenMage",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 1.636,
+      "elapsed_seconds": 0.93,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -499,7 +499,7 @@
       "system_id": "openmage",
       "source_name": "OpenMage GitHub Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.017,
+      "elapsed_seconds": 0.019,
       "kind": "html-links",
       "items_seen": 125
     },
@@ -507,7 +507,7 @@
       "system_id": "phpmyadmin",
       "source_name": "OSV phpMyAdmin",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 5.654,
+      "elapsed_seconds": 2.616,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -515,7 +515,7 @@
       "system_id": "phpmyadmin",
       "source_name": "phpMyAdmin Security Page",
       "source_kind": "html-links",
-      "elapsed_seconds": 3.618,
+      "elapsed_seconds": 1.7,
       "kind": "html-links",
       "items_seen": 263
     },
@@ -523,7 +523,7 @@
       "system_id": "prestashop",
       "source_name": "Friends Of Presta Security",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.012,
+      "elapsed_seconds": 0.014,
       "kind": "html-links",
       "items_seen": 38
     },
@@ -531,7 +531,7 @@
       "system_id": "prestashop",
       "source_name": "GitHub PrestaShop Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.011,
+      "elapsed_seconds": 0.015,
       "kind": "html-links",
       "items_seen": 127
     },
@@ -539,7 +539,7 @@
       "system_id": "prestashop",
       "source_name": "OSV PrestaShop",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 1.734,
+      "elapsed_seconds": 0.919,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -547,7 +547,7 @@
       "system_id": "prestashop",
       "source_name": "PrestaShop Security Page",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.011,
+      "elapsed_seconds": 0.015,
       "kind": "html-links",
       "items_seen": 60
     },
@@ -555,7 +555,7 @@
       "system_id": "rails",
       "source_name": "OSV Rails",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 4.201,
+      "elapsed_seconds": 2.182,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -563,7 +563,7 @@
       "system_id": "react",
       "source_name": "OSV React",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 1.949,
+      "elapsed_seconds": 0.873,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -571,7 +571,7 @@
       "system_id": "redmine",
       "source_name": "OSV Redmine",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 5.985,
+      "elapsed_seconds": 2.275,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -579,7 +579,7 @@
       "system_id": "redmine",
       "source_name": "Redmine Security Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 4.382,
+      "elapsed_seconds": 1.744,
       "kind": "html-links",
       "items_seen": 371
     },
@@ -587,7 +587,7 @@
       "system_id": "saleor",
       "source_name": "GitHub Saleor Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.005,
+      "elapsed_seconds": 0.006,
       "kind": "html-links",
       "items_seen": 120
     },
@@ -595,7 +595,7 @@
       "system_id": "saleor",
       "source_name": "OSV Saleor",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 1.493,
+      "elapsed_seconds": 0.881,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -603,7 +603,7 @@
       "system_id": "shopware",
       "source_name": "OSV Shopware",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 1.731,
+      "elapsed_seconds": 1.146,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -611,7 +611,7 @@
       "system_id": "shopware",
       "source_name": "Shopware Security Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.01,
+      "elapsed_seconds": 0.014,
       "kind": "html-links",
       "items_seen": 129
     },
@@ -619,7 +619,7 @@
       "system_id": "spring-boot",
       "source_name": "OSV Spring Boot",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 4.783,
+      "elapsed_seconds": 1.809,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -627,7 +627,7 @@
       "system_id": "spring-boot",
       "source_name": "Spring Security Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 2.254,
+      "elapsed_seconds": 1.134,
       "kind": "html-links",
       "items_seen": 118
     },
@@ -635,7 +635,7 @@
       "system_id": "spring-framework",
       "source_name": "OSV Spring Framework",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 3.609,
+      "elapsed_seconds": 1.673,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -643,7 +643,7 @@
       "system_id": "spring-framework",
       "source_name": "Spring Security Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 2.024,
+      "elapsed_seconds": 0.951,
       "kind": "html-links",
       "items_seen": 118
     },
@@ -651,7 +651,7 @@
       "system_id": "spring-security",
       "source_name": "OSV Spring Security",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 3.676,
+      "elapsed_seconds": 1.742,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -659,7 +659,7 @@
       "system_id": "spring-security",
       "source_name": "Spring Security Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 2.088,
+      "elapsed_seconds": 0.977,
       "kind": "html-links",
       "items_seen": 118
     },
@@ -667,7 +667,7 @@
       "system_id": "strapi",
       "source_name": "OSV Strapi",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 1.539,
+      "elapsed_seconds": 1.0,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -675,7 +675,7 @@
       "system_id": "strapi",
       "source_name": "Strapi GitHub Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.036,
+      "elapsed_seconds": 0.05,
       "kind": "html-links",
       "items_seen": 124
     },
@@ -683,7 +683,7 @@
       "system_id": "sveltekit",
       "source_name": "OSV SvelteKit",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 3.062,
+      "elapsed_seconds": 1.508,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -691,7 +691,7 @@
       "system_id": "symfony",
       "source_name": "OSV Symfony",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 5.456,
+      "elapsed_seconds": 2.93,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -699,7 +699,7 @@
       "system_id": "traefik",
       "source_name": "OSV Traefik",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 4.843,
+      "elapsed_seconds": 2.341,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -707,7 +707,7 @@
       "system_id": "undici",
       "source_name": "OSV Undici",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 3.618,
+      "elapsed_seconds": 1.614,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -715,7 +715,7 @@
       "system_id": "vite",
       "source_name": "OSV Vite",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 2.612,
+      "elapsed_seconds": 1.538,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -723,7 +723,7 @@
       "system_id": "vue",
       "source_name": "OSV Vue",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 1.616,
+      "elapsed_seconds": 0.835,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -731,7 +731,7 @@
       "system_id": "webpack",
       "source_name": "OSV webpack",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 3.048,
+      "elapsed_seconds": 1.614,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -739,7 +739,7 @@
       "system_id": "werkzeug",
       "source_name": "OSV Werkzeug",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 4.011,
+      "elapsed_seconds": 2.177,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -747,7 +747,7 @@
       "system_id": "woocommerce",
       "source_name": "GitHub WooCommerce Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.013,
+      "elapsed_seconds": 0.017,
       "kind": "html-links",
       "items_seen": 107
     },
@@ -755,7 +755,7 @@
       "system_id": "woocommerce",
       "source_name": "OSV WooCommerce",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 1.961,
+      "elapsed_seconds": 0.802,
       "kind": "osv-batch",
       "items_seen": 1
     },
@@ -763,7 +763,7 @@
       "system_id": "woocommerce",
       "source_name": "Patchstack Database",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.014,
+      "elapsed_seconds": 0.017,
       "kind": "html-links",
       "items_seen": 193
     },
@@ -771,7 +771,7 @@
       "system_id": "woocommerce",
       "source_name": "Woo Developer Advisories",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.017,
+      "elapsed_seconds": 0.019,
       "kind": "html-links",
       "items_seen": 121
     },
@@ -779,7 +779,7 @@
       "system_id": "woocommerce",
       "source_name": "Wordfence Vulnerability Database",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.013,
+      "elapsed_seconds": 0.015,
       "kind": "html-links",
       "items_seen": 0
     },
@@ -787,7 +787,7 @@
       "system_id": "wordpress",
       "source_name": "Patchstack Database",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.04,
+      "elapsed_seconds": 0.053,
       "kind": "html-links",
       "items_seen": 193
     },
@@ -795,7 +795,7 @@
       "system_id": "wordpress",
       "source_name": "PortSwigger Research",
       "source_kind": "html-links",
-      "elapsed_seconds": 2.128,
+      "elapsed_seconds": 1.509,
       "kind": "html-links",
       "items_seen": 99
     },
@@ -803,7 +803,7 @@
       "system_id": "wordpress",
       "source_name": "WPScan Vulnerability Database",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.041,
+      "elapsed_seconds": 0.053,
       "kind": "html-links",
       "items_seen": 74
     },
@@ -811,7 +811,7 @@
       "system_id": "wordpress",
       "source_name": "WordPress Security News RSS",
       "source_kind": "rss-feed",
-      "elapsed_seconds": 0.043,
+      "elapsed_seconds": 0.055,
       "kind": "rss-feed",
       "items_seen": 10
     },
@@ -819,7 +819,7 @@
       "system_id": "wordpress",
       "source_name": "Wordfence Vulnerability Database",
       "source_kind": "html-links",
-      "elapsed_seconds": 0.043,
+      "elapsed_seconds": 0.055,
       "kind": "html-links",
       "items_seen": 0
     }
@@ -827,73 +827,73 @@
   "failures": [],
   "slow_sources": [
     {
-      "system_id": "mattermost",
+      "system_id": "moodle",
-      "source_name": "OSV Mattermost",
+      "source_name": "OSV Moodle",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 6.79,
+      "elapsed_seconds": 3.854,
       "status": "ok"
     },
     {
       "system_id": "kibana",
       "source_name": "NVD Kibana",
       "source_kind": "nvd-search",
-      "elapsed_seconds": 6.119,
+      "elapsed_seconds": 3.279,
       "status": "ok"
     },
     {
-      "system_id": "redmine",
+      "system_id": "mattermost",
-      "source_name": "OSV Redmine",
+      "source_name": "OSV Mattermost",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 5.985,
+      "elapsed_seconds": 3.206,
-      "status": "ok"
-    },
-    {
-      "system_id": "adminer",
-      "source_name": "OSV Adminer",
-      "source_kind": "osv-batch",
-      "elapsed_seconds": 5.754,
-      "status": "ok"
-    },
-    {
-      "system_id": "phpmyadmin",
-      "source_name": "OSV phpMyAdmin",
-      "source_kind": "osv-batch",
-      "elapsed_seconds": 5.654,
-      "status": "ok"
-    },
-    {
-      "system_id": "symfony",
-      "source_name": "OSV Symfony",
-      "source_kind": "osv-batch",
-      "elapsed_seconds": 5.456,
-      "status": "ok"
-    },
-    {
-      "system_id": "aspnet-core",
-      "source_name": "OSV ASP.NET Core",
-      "source_kind": "osv-batch",
-      "elapsed_seconds": 5.42,
       "status": "ok"
     },
     {
       "system_id": "django",
       "source_name": "OSV Django",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 5.346,
+      "elapsed_seconds": 3.099,
       "status": "ok"
     },
     {
-      "system_id": "caddy",
+      "system_id": "symfony",
-      "source_name": "OSV Caddy",
+      "source_name": "OSV Symfony",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 5.339,
+      "elapsed_seconds": 2.93,
+      "status": "ok"
+    },
+    {
+      "system_id": "phpmyadmin",
+      "source_name": "OSV phpMyAdmin",
+      "source_kind": "osv-batch",
+      "elapsed_seconds": 2.616,
       "status": "ok"
     },
     {
       "system_id": "gitea",
       "source_name": "OSV Gitea",
       "source_kind": "osv-batch",
-      "elapsed_seconds": 5.337,
+      "elapsed_seconds": 2.382,
+      "status": "ok"
+    },
+    {
+      "system_id": "traefik",
+      "source_name": "OSV Traefik",
+      "source_kind": "osv-batch",
+      "elapsed_seconds": 2.341,
+      "status": "ok"
+    },
+    {
+      "system_id": "laravel",
+      "source_name": "OSV Laravel",
+      "source_kind": "osv-batch",
+      "elapsed_seconds": 2.335,
+      "status": "ok"
+    },
+    {
+      "system_id": "adminer",
+      "source_name": "OSV Adminer",
+      "source_kind": "osv-batch",
+      "elapsed_seconds": 2.321,
       "status": "ok"
     }
   ],

08-threat-intel/generated/dashboard/data/version-backlog.json

@@ -1,5 +1,5 @@
 {
-  "generated_at": "2026-03-23T09:54:10+00:00",
+  "generated_at": "2026-03-24T09:18:19+00:00",
   "source_gap_entities": [
     {
       "entity_id": "adminer",

08-threat-intel/generated/dashboard/data/version-completeness.json

@@ -1,12 +1,12 @@
 {
-  "generated_at": "2026-03-23T09:54:10+00:00",
+  "generated_at": "2026-03-24T09:18:19+00:00",
   "cataloged_entity_total": 109,
   "latest_version_synced_count": 94,
   "source_gap_count": 15,
-  "security_version_total": 6180,
+  "security_version_total": 6242,
   "security_version_entity_count": 82,
   "auto_promoted_entity_count": 10,
-  "lab_enqueued_count": 2,
+  "lab_enqueued_count": 11,
   "systems": [
     {
       "system_id": "adminer",
@@ -151,8 +151,8 @@
           "entity_id": "caddy",
           "display_name": "Caddy",
           "entity_type": "system",
-          "latest_version": "2.11.2",
+          "latest_version": "2.11.1",
-          "latest_release_at": "2026-03-06T02:43:43Z",
+          "latest_release_at": "2026-02-27T19:55:10Z",
           "version_sync_status": "green"
         },
         {
@@ -160,15 +160,15 @@
           "display_name": "caddyserver / caddy / v2",
           "entity_type": "repo",
           "latest_version": "2.11.2",
-          "latest_release_at": "2026-03-06T02:43:43Z",
+          "latest_release_at": "2026-03-23T04:52:47.652974Z",
           "version_sync_status": "green"
         },
         {
           "entity_id": "caddy--extension--github-com-caddyserver-caddy-v2",
           "display_name": "caddyserver / caddy / v2",
           "entity_type": "extension",
-          "latest_version": "2.11.2",
+          "latest_version": "2.11.1",
-          "latest_release_at": "2026-03-06T02:43:43Z",
+          "latest_release_at": "2026-02-27T19:55:10Z",
           "version_sync_status": "green"
         }
       ]
@@ -186,7 +186,7 @@
           "entity_id": "directus",
           "display_name": "Directus",
           "entity_type": "system",
-          "latest_version": "11.16.1",
+          "latest_version": "3573-4c68-g8cc",
           "latest_release_at": "2026-03-10T22:20:52Z",
           "version_sync_status": "green"
         },
@@ -194,7 +194,7 @@
           "entity_id": "directus--repo--directus-directus",
           "display_name": "directus  /  directus",
           "entity_type": "repo",
-          "latest_version": "11.16.1",
+          "latest_version": "3573-4c68-g8cc",
           "latest_release_at": "2026-03-10T22:20:52Z",
           "version_sync_status": "green"
         }
@@ -278,16 +278,16 @@
           "entity_id": "echo",
           "display_name": "Echo",
           "entity_type": "system",
-          "latest_version": "5.0.4",
+          "latest_version": "4.9.0",
-          "latest_release_at": "2026-02-15T15:55:53Z",
+          "latest_release_at": "2024-05-20T16:03:47Z",
           "version_sync_status": "green"
         },
         {
           "entity_id": "echo--repo--github-com-labstack-echo-v4",
           "display_name": "labstack / echo / v4",
           "entity_type": "repo",
-          "latest_version": "5.0.4",
+          "latest_version": "4.9.0",
-          "latest_release_at": "2026-02-15T15:55:53Z",
+          "latest_release_at": "2024-05-20T16:03:47Z",
           "version_sync_status": "green"
         }
       ]
@@ -342,7 +342,7 @@
           "entity_id": "fastify",
           "display_name": "Fastify",
           "entity_type": "system",
-          "latest_version": "5.8.2",
+          "latest_version": "5.8.4",
           "latest_release_at": "",
           "version_sync_status": "green"
         },
@@ -350,7 +350,7 @@
           "entity_id": "fastify--project--fastify",
           "display_name": "fastify",
           "entity_type": "project",
-          "latest_version": "5.8.2",
+          "latest_version": "5.8.4",
           "latest_release_at": "",
           "version_sync_status": "green"
         }
@@ -396,7 +396,7 @@
           "entity_id": "ghost",
           "display_name": "Ghost",
           "entity_type": "system",
-          "latest_version": "6.22.1",
+          "latest_version": "52.1k",
           "latest_release_at": "2026-03-20T15:25:05Z",
           "version_sync_status": "green"
         },
@@ -404,7 +404,7 @@
           "entity_id": "ghost--repo--tryghost-ghost",
           "display_name": "TryGhost  /  Ghost",
           "entity_type": "repo",
-          "latest_version": "6.22.1",
+          "latest_version": "52.1k",
           "latest_release_at": "2026-03-20T15:25:05Z",
           "version_sync_status": "green"
         }
@@ -423,16 +423,16 @@
           "entity_id": "gin",
           "display_name": "Gin",
           "entity_type": "system",
-          "latest_version": "1.12.0",
+          "latest_version": "1.7.7",
-          "latest_release_at": "2026-02-28T10:12:25Z",
+          "latest_release_at": "2026-03-14T10:41:18.820930Z",
           "version_sync_status": "green"
         },
         {
           "entity_id": "gin--repo--github-com-gin-gonic-gin",
           "display_name": "gin-gonic / gin",
           "entity_type": "repo",
-          "latest_version": "1.12.0",
+          "latest_version": "1.7.7",
-          "latest_release_at": "2026-02-28T10:12:25Z",
+          "latest_release_at": "2026-03-14T10:41:18.820930Z",
           "version_sync_status": "green"
         }
       ]
@@ -509,7 +509,7 @@
       "cataloged_entity_total": 1,
       "latest_version_synced_count": 1,
       "source_gap_count": 0,
-      "security_version_count": 1,
+      "security_version_count": 2,
       "auto_promoted_count": 0,
       "latest_versions": [
         {
@@ -628,7 +628,7 @@
           "entity_id": "magento-open-source",
           "display_name": "Magento Open Source",
           "entity_type": "system",
-          "latest_version": "2.4.9-beta1",
+          "latest_version": "300.000",
           "latest_release_at": "2026-03-10T14:04:22Z",
           "version_sync_status": "green"
         },
@@ -636,7 +636,7 @@
           "entity_id": "magento-open-source--repo--magento-magento2",
           "display_name": "magento  /  magento2",
           "entity_type": "repo",
-          "latest_version": "2.4.9-beta1",
+          "latest_version": "300.000",
           "latest_release_at": "2026-03-10T14:04:22Z",
           "version_sync_status": "green"
         }
@@ -648,7 +648,7 @@
       "cataloged_entity_total": 5,
       "latest_version_synced_count": 5,
       "source_gap_count": 0,
-      "security_version_count": 3792,
+      "security_version_count": 3840,
       "auto_promoted_count": 0,
       "latest_versions": [
         {
@@ -667,6 +667,14 @@
           "latest_release_at": "2023-10-03",
           "version_sync_status": "green"
         },
+        {
+          "entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
+          "display_name": "mattermost / mattermost-server",
+          "entity_type": "repo",
+          "latest_version": "26.2.1",
+          "latest_release_at": "2023-10-03",
+          "version_sync_status": "green"
+        },
         {
           "entity_id": "mattermost--plugin--mattermost-plugins",
           "display_name": "Mattermost Plugins",
@@ -682,14 +690,6 @@
           "latest_version": "26.2.1",
           "latest_release_at": "2023-10-03",
           "version_sync_status": "green"
-        },
-        {
-          "entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
-          "display_name": "mattermost / mattermost-server",
-          "entity_type": "repo",
-          "latest_version": "11.4.3",
-          "latest_release_at": "2026-03-16T08:26:52Z",
-          "version_sync_status": "green"
         }
       ]
     },
@@ -829,7 +829,7 @@
           "entity_id": "opencart",
           "display_name": "OpenCart",
           "entity_type": "system",
-          "latest_version": "3.0.5.0",
+          "latest_version": "8.1k",
           "latest_release_at": "2025-12-12T10:27:11Z",
           "version_sync_status": "green"
         },
@@ -837,7 +837,7 @@
           "entity_id": "opencart--repo--opencart-opencart",
           "display_name": "opencart  /  opencart",
           "entity_type": "repo",
-          "latest_version": "3.0.5.0",
+          "latest_version": "8.1k",
           "latest_release_at": "2025-12-12T10:27:11Z",
           "version_sync_status": "green"
         }
@@ -902,7 +902,7 @@
           "entity_id": "prestashop",
           "display_name": "PrestaShop",
           "entity_type": "system",
-          "latest_version": "9.0.3",
+          "latest_version": "3366-9287-7qpr",
           "latest_release_at": "2026-02-03T10:01:48Z",
           "version_sync_status": "green"
         },
@@ -910,7 +910,7 @@
           "entity_id": "prestashop--repo--prestashop-prestashop",
           "display_name": "PrestaShop  /  PrestaShop",
           "entity_type": "repo",
-          "latest_version": "9.0.3",
+          "latest_version": "3366-9287-7qpr",
           "latest_release_at": "2026-02-03T10:01:48Z",
           "version_sync_status": "green"
         }
@@ -1010,7 +1010,7 @@
           "entity_id": "saleor",
           "display_name": "Saleor",
           "entity_type": "system",
-          "latest_version": "3.22.43",
+          "latest_version": "22.7k",
           "latest_release_at": "2026-03-19T13:13:39Z",
           "version_sync_status": "green"
         },
@@ -1018,7 +1018,7 @@
           "entity_id": "saleor--repo--saleor-saleor",
           "display_name": "saleor  /  saleor",
           "entity_type": "repo",
-          "latest_version": "3.22.43",
+          "latest_version": "22.7k",
           "latest_release_at": "2026-03-19T13:13:39Z",
           "version_sync_status": "green"
         }
@@ -1037,7 +1037,7 @@
           "entity_id": "shopware",
           "display_name": "Shopware",
           "entity_type": "system",
-          "latest_version": "6.7.8.2",
+          "latest_version": "3.3k",
           "latest_release_at": "2026-03-18T15:05:49Z",
           "version_sync_status": "green"
         },
@@ -1045,7 +1045,7 @@
           "entity_id": "shopware--repo--shopware-shopware",
           "display_name": "shopware  /  shopware",
           "entity_type": "repo",
-          "latest_version": "6.7.8.2",
+          "latest_version": "3.3k",
           "latest_release_at": "2026-03-18T15:05:49Z",
           "version_sync_status": "green"
         }
@@ -1128,7 +1128,7 @@
           "entity_id": "strapi",
           "display_name": "Strapi",
           "entity_type": "system",
-          "latest_version": "5.40.0",
+          "latest_version": "71.7k",
           "latest_release_at": "2026-03-18T13:33:01Z",
           "version_sync_status": "green"
         },
@@ -1136,7 +1136,7 @@
           "entity_id": "strapi--repo--strapi-strapi",
           "display_name": "strapi  /  strapi",
           "entity_type": "repo",
-          "latest_version": "5.40.0",
+          "latest_version": "71.7k",
           "latest_release_at": "2026-03-18T13:33:01Z",
           "version_sync_status": "green"
         }
@@ -1202,7 +1202,7 @@
       "cataloged_entity_total": 3,
       "latest_version_synced_count": 3,
       "source_gap_count": 0,
-      "security_version_count": 62,
+      "security_version_count": 63,
       "auto_promoted_count": 0,
       "latest_versions": [
         {
@@ -1210,7 +1210,7 @@
           "display_name": "Traefik",
           "entity_type": "system",
           "latest_version": "3.7.0-ea.2",
-          "latest_release_at": "2026-03-19T15:29:46Z",
+          "latest_release_at": "2026-03-23T18:56:07.286130Z",
           "version_sync_status": "green"
         },
         {
@@ -1218,7 +1218,7 @@
           "display_name": "traefik / traefik / v3",
           "entity_type": "repo",
           "latest_version": "3.7.0-ea.2",
-          "latest_release_at": "2026-03-19T15:29:46Z",
+          "latest_release_at": "2026-03-23T18:56:05.020639Z",
           "version_sync_status": "green"
         },
         {
@@ -1226,7 +1226,7 @@
           "display_name": "traefik / traefik / v3",
           "entity_type": "extension",
           "latest_version": "3.7.0-ea.2",
-          "latest_release_at": "2026-03-19T15:29:46Z",
+          "latest_release_at": "2026-03-23T18:56:07.286130Z",
           "version_sync_status": "green"
         }
       ]
@@ -1279,7 +1279,7 @@
           "entity_id": "vite",
           "display_name": "Vite",
           "entity_type": "system",
-          "latest_version": "8.0.1",
+          "latest_version": "8.0.2",
           "latest_release_at": "",
           "version_sync_status": "green"
         },
@@ -1287,7 +1287,7 @@
           "entity_id": "vite--project--vite",
           "display_name": "vite",
           "entity_type": "project",
-          "latest_version": "8.0.1",
+          "latest_version": "8.0.2",
           "latest_release_at": "",
           "version_sync_status": "green"
         },
@@ -1295,7 +1295,7 @@
           "entity_id": "vite--plugin--vite",
           "display_name": "vite",
           "entity_type": "plugin",
-          "latest_version": "8.0.1",
+          "latest_version": "8.0.2",
           "latest_release_at": "",
           "version_sync_status": "green"
         },
@@ -1303,7 +1303,7 @@
           "entity_id": "vite--extension--vite",
           "display_name": "vite",
           "entity_type": "extension",
-          "latest_version": "8.0.1",
+          "latest_version": "8.0.2",
           "latest_release_at": "",
           "version_sync_status": "green"
         },
@@ -1311,7 +1311,7 @@
           "entity_id": "vite--module--vite",
           "display_name": "vite",
           "entity_type": "module",
-          "latest_version": "8.0.1",
+          "latest_version": "8.0.2",
           "latest_release_at": "",
           "version_sync_status": "green"
         }
@@ -1387,14 +1387,14 @@
       "cataloged_entity_total": 2,
       "latest_version_synced_count": 2,
       "source_gap_count": 0,
-      "security_version_count": 2,
+      "security_version_count": 14,
       "auto_promoted_count": 1,
       "latest_versions": [
         {
           "entity_id": "woocommerce",
           "display_name": "WooCommerce",
           "entity_type": "system",
-          "latest_version": "10.6.1",
+          "latest_version": "10.7",
           "latest_release_at": "2026-03-12T19:14:25Z",
           "version_sync_status": "green"
         },
@@ -1402,7 +1402,7 @@
           "entity_id": "woocommerce--repo--woocommerce-woocommerce",
           "display_name": "woocommerce  /  woocommerce",
           "entity_type": "repo",
-          "latest_version": "10.6.1",
+          "latest_version": "10.7",
           "latest_release_at": "2026-03-12T19:14:25Z",
           "version_sync_status": "green"
         }
@@ -1421,7 +1421,7 @@
           "entity_id": "wordpress",
           "display_name": "WordPress",
           "entity_type": "system",
-          "latest_version": "7.9",
+          "latest_version": "27.1.1",
           "latest_release_at": "",
           "version_sync_status": "green"
         }

08-threat-intel/generated/dashboard/docs/architecture-library.html

@@ -87,7 +87,7 @@
       <h1>当前架构库镜像</h1>
       <div class="meta">工作台内置镜像页：当前架构库结构化数据镜像。</div>
       <pre>{
-  &quot;generated_at&quot;: &quot;2026-03-23T09:54:11+00:00&quot;,
+  &quot;generated_at&quot;: &quot;2026-03-24T09:18:20+00:00&quot;,
   &quot;title&quot;: &quot;当前架构库&quot;,
   &quot;summary&quot;: &quot;工作台、控制面、数据层、授权边界与系统覆盖的当前真值视图。&quot;,
   &quot;sections&quot;: [
@@ -127,7 +127,7 @@
         },
         {
           &quot;label&quot;: &quot;当前漏洞条目&quot;,
-          &quot;value&quot;: &quot;2404&quot;
+          &quot;value&quot;: &quot;2415&quot;
         }
       ],
       &quot;fields&quot;: [
@@ -145,7 +145,7 @@
         },
         {
           &quot;label&quot;: &quot;生成时间&quot;,
-          &quot;value&quot;: &quot;2026-03-23T09:54:11+00:00&quot;
+          &quot;value&quot;: &quot;2026-03-24T09:18:20+00:00&quot;
         }
       ],
       &quot;links&quot;: [
@@ -6061,7 +6061,7 @@
         },
         {
           &quot;label&quot;: &quot;Advisory 数&quot;,
-          &quot;value&quot;: &quot;2404&quot;
+          &quot;value&quot;: &quot;2415&quot;
         },
         {
           &quot;label&quot;: &quot;状态类型&quot;,
@@ -6080,7 +6080,7 @@
           &quot;items&quot;: [
             {
               &quot;title&quot;: &quot;人工分诊&quot;,
-              &quot;summary&quot;: &quot;当前累计 2315 条。&quot;,
+              &quot;summary&quot;: &quot;当前累计 2326 条。&quot;,
               &quot;open&quot;: false,
               &quot;fields&quot;: [
                 {
@@ -6089,7 +6089,7 @@
                 },
                 {
                   &quot;label&quot;: &quot;数量&quot;,
-                  &quot;value&quot;: &quot;2315&quot;
+                  &quot;value&quot;: &quot;2326&quot;
                 }
               ]
             },

08-threat-intel/generated/dashboard/docs/coverage-matrix.html

@@ -113,14 +113,14 @@
 | GitLab CE | `platforms` | `rolling-24m` | `-` | `yes` | `55` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
 | Grafana | `platforms` | `rolling-24m` | `-` | `yes` | `60` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
 | Hapi | `frameworks` | `history-full` | `yes` | `yes` | `1` | `1` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2020-08-31T19:00:56Z` |
-| HAProxy | `servers` | `rolling-24m` | `-` | `yes` | `6` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `Wed, 25 Feb 2026 14:00:00 +0000` |
+| HAProxy | `servers` | `rolling-24m` | `-` | `yes` | `7` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `1` | `Wed, 25 Feb 2026 14:00:00 +0000` |
 | Jenkins | `platforms` | `rolling-24m` | `-` | `yes` | `60` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `` |
 | Joomla | `cms` | `history-full` | `yes` | `yes` | `100` | `0` | `4` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2025-04-03T01:03:51.193` |
 | Kibana | `platforms` | `rolling-24m` | `-` | `yes` | `47` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `6` | `Thu, 19 Mar 2026 16:59:58 +0000` |
 | Koa | `frameworks` | `rolling-24m` | `-` | `yes` | `1` | `1` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-02-26T23:36:36.294040Z` |
 | Laravel | `frameworks` | `rolling-24m` | `-` | `yes` | `2` | `2` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-13T22:15:34.333730Z` |
 | Magento Open Source | `ecommerce` | `history-full` | `yes` | `yes` | `89` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2025-04-20T01:37:25.860` |
-| Mattermost | `platforms` | `rolling-24m` | `-` | `yes` | `21` | `21` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `Fix Release Date` |
+| Mattermost | `platforms` | `rolling-24m` | `-` | `yes` | `31` | `31` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `Fix Release Date` |
 | MediaWiki | `cms` | `rolling-24m` | `-` | `yes` | `70` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `70` | `Wed, 22 Oct 2025 21:44:43 +0000` |
 | Medusa | `ecommerce` | `rolling-24m` | `-` | `yes` | `15` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `15` | `` |
 | Moodle | `cms` | `rolling-24m` | `-` | `yes` | `40` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `40` | `2025-04-09T00:30:58.490` |
@@ -144,7 +144,7 @@
 | Strapi | `cms` | `rolling-24m` | `-` | `yes` | `26` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `26` | `` |
 | SvelteKit | `frameworks` | `rolling-24m` | `-` | `yes` | `3` | `3` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-02-28T06:27:26.115188Z` |
 | Symfony | `frameworks` | `rolling-24m` | `-` | `yes` | `9` | `9` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-13T22:16:14.858636Z` |
-| Traefik | `servers` | `rolling-24m` | `-` | `yes` | `45` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `27` | `2026-03-23T04:53:13.381024Z` |
+| Traefik | `servers` | `rolling-24m` | `-` | `yes` | `45` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `27` | `2026-03-23T18:56:07.286130Z` |
 | Undici | `frameworks` | `rolling-24m` | `-` | `yes` | `16` | `15` | `2` | `seeded` | `real:7/synthetic:0/blocked:0` | `0` | `7` | `1` | `2026-03-18T23:58:57.714731Z` |
 | Vite | `frameworks` | `history-full` | `yes` | `yes` | `42` | `16` | `3` | `seeded` | `real:12/synthetic:0/blocked:0` | `12` | `12` | `26` | `2026-02-04T04:37:24.129476Z` |
 | Vue | `frameworks` | `history-full` | `yes` | `yes` | `15` | `1` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `14` | `2024-10-24T19:12:14.925352Z` |

08-threat-intel/generated/dashboard/docs/entity-catalog-report.html

@@ -88,7 +88,7 @@
       <div class="meta">工作台内置镜像页：分层实体覆盖、history-full 完整度和 workflow 统计。</div>
       <pre># 分层实体覆盖与完整度报告
 
-- 生成时间: `2026-03-23T09:54:10+00:00`
+- 生成时间: `2026-03-24T09:18:19+00:00`
 - 已编目实体: `109`
 - 待编目 backlog: `7`
 - history-full 已完成: `40`

08-threat-intel/generated/dashboard/docs/entity-discovery-backlog.html

@@ -88,7 +88,7 @@
       <div class="meta">工作台内置镜像页：待编目 repo / 插件 / 包 backlog 与等待原因。</div>
       <pre># 分层实体发现 Backlog
 
-- 生成时间: `2026-03-23T09:54:10+00:00`
+- 生成时间: `2026-03-24T09:18:19+00:00`
 - 待编目数量: `7`
 
 | candidate_id | root_system | entity_type | risk | reason | waiting_for | source |

08-threat-intel/generated/dashboard/docs/source-catalog-audit.html

@@ -88,7 +88,7 @@
       <div class="meta">工作台内置镜像页：active/retired source、replacement map 与覆盖摘要。</div>
       <pre># Source Catalog Audit
 
-- generated_at: `2026-03-23T09:26:43+00:00`
+- generated_at: `2026-03-24T09:17:05+00:00`
 - systems: `62`
 - sources: `179`
 - active_sources: `102`

08-threat-intel/generated/dashboard/docs/testing-completeness-report.html

@@ -88,7 +88,7 @@
       <div class="meta">工作台内置镜像页：89 条 advisory 最新完整度、family 矩阵与 ingest 健康度。</div>
       <pre># 全库 Advisory 完整度报告
 
-- 生成时间: `2026-03-23T09:54:11+00:00`
+- 生成时间: `2026-03-24T09:18:20+00:00`
 - 最新 advisory 完整度: `89/89` `verified-real`
 - 合成验证数量: `0`
 - 阻塞数量: `0`
@@ -96,7 +96,7 @@
 - 完整度百分比: `100.0%`
 - active source 全绿: `102/102`
 - source open alerts: `0`
-- 最近一次 source 全绿: `2026-03-23T09:53:46+00:00`
+- 最近一次 source 全绿: `2026-03-24T09:17:44+00:00`
 - 已编目实体: `109`
 - 待编目 backlog: `7`
 

08-threat-intel/generated/dashboard/docs/version-sync-report.html

@@ -88,14 +88,14 @@
       <div class="meta">工作台内置镜像页：安全相关版本历史、source-gap 与版本驱动 lab enqueue 摘要。</div>
       <pre># 安全相关版本同步报告
 
-- 生成时间: `2026-03-23T09:54:10+00:00`
+- 生成时间: `2026-03-24T09:18:19+00:00`
 - 已编目实体: `109`
 - 最新版本已同步: `94`
 - 版本 source-gap: `15`
-- 安全相关版本记录: `6180`
+- 安全相关版本记录: `6242`
 - 存在安全版本历史的实体: `82`
 - 自动升级实体: `10`
-- 因版本变化触发 lab 入队: `2`
+- 因版本变化触发 lab 入队: `11`
 
 ## 系统版本摘要
 
@@ -124,14 +124,14 @@
 | gitlab-ce | 1 | 1 | 0 | 612 | 0 |
 | grafana | 1 | 0 | 1 | 0 | 0 |
 | hapi | 2 | 2 | 0 | 4 | 0 |
-| haproxy | 1 | 1 | 0 | 1 | 0 |
+| haproxy | 1 | 1 | 0 | 2 | 0 |
 | jenkins | 1 | 0 | 1 | 0 | 0 |
 | joomla | 1 | 1 | 0 | 5 | 0 |
 | kibana | 1 | 0 | 1 | 0 | 0 |
 | koa | 2 | 2 | 0 | 4 | 0 |
 | laravel | 2 | 2 | 0 | 103 | 0 |
 | magento-open-source | 2 | 2 | 0 | 6 | 1 |
-| mattermost | 5 | 5 | 0 | 3792 | 0 |
+| mattermost | 5 | 5 | 0 | 3840 | 0 |
 | mediawiki | 1 | 1 | 0 | 252 | 0 |
 | medusa | 1 | 0 | 1 | 0 | 0 |
 | moodle | 1 | 0 | 1 | 0 | 0 |
@@ -155,13 +155,13 @@
 | strapi | 2 | 2 | 0 | 0 | 1 |
 | sveltekit | 2 | 2 | 0 | 4 | 0 |
 | symfony | 2 | 2 | 0 | 220 | 0 |
-| traefik | 3 | 3 | 0 | 62 | 0 |
+| traefik | 3 | 3 | 0 | 63 | 0 |
 | undici | 3 | 3 | 0 | 25 | 0 |
 | vite | 5 | 5 | 0 | 150 | 0 |
 | vue | 2 | 2 | 0 | 2 | 0 |
 | webpack | 1 | 0 | 1 | 0 | 0 |
 | werkzeug | 2 | 2 | 0 | 22 | 0 |
-| woocommerce | 2 | 2 | 0 | 2 | 1 |
+| woocommerce | 2 | 2 | 0 | 14 | 1 |
 | wordpress | 1 | 1 | 0 | 53 | 0 |
 </pre>
     </div>

08-threat-intel/generated/entity-catalog-report.md

@@ -1,6 +1,6 @@
 # 分层实体覆盖与完整度报告
 
-- 生成时间: `2026-03-23T09:54:10+00:00`
+- 生成时间: `2026-03-24T09:18:19+00:00`
 - 已编目实体: `109`
 - 待编目 backlog: `7`
 - history-full 已完成: `40`

08-threat-intel/generated/entity-completeness.json

@@ -1,5 +1,5 @@
 {
-  "generated_at": "2026-03-23T09:54:10+00:00",
+  "generated_at": "2026-03-24T09:18:19+00:00",
   "cataloged_entity_total": 109,
   "candidate_entity_total": 7,
   "history_full_complete_count": 40,
@@ -809,10 +809,18 @@
           "entity_id": "mattermost--project--mattermost-server",
           "entity_type": "project",
           "display_name": "Mattermost Server",
-          "advisory_count": 14,
+          "advisory_count": 13,
           "history_backfill_status": "complete",
           "latest_sync_status": "green"
         },
+        {
+          "entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
+          "entity_type": "repo",
+          "display_name": "mattermost / mattermost-server",
+          "advisory_count": 12,
+          "history_backfill_status": "seeded",
+          "latest_sync_status": "green"
+        },
         {
           "entity_id": "mattermost--plugin--mattermost-plugins",
           "entity_type": "plugin",
@@ -828,14 +836,6 @@
           "advisory_count": 1,
           "history_backfill_status": "seeded",
           "latest_sync_status": "green"
-        },
-        {
-          "entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
-          "entity_type": "repo",
-          "display_name": "mattermost / mattermost-server",
-          "advisory_count": 1,
-          "history_backfill_status": "seeded",
-          "latest_sync_status": "green"
         }
       ],
       "backlog_preview": []
@@ -1760,6 +1760,6 @@
     "discovery_queue": 7,
     "history_queue": 27,
     "latest_queue": 10,
-    "workflow_queue": 2176
+    "workflow_queue": 2177
   }
 }

08-threat-intel/generated/entity-discovery-backlog.md

@@ -1,6 +1,6 @@
 # 分层实体发现 Backlog
 
-- 生成时间: `2026-03-23T09:54:10+00:00`
+- 生成时间: `2026-03-24T09:18:19+00:00`
 - 待编目数量: `7`
 
 | candidate_id | root_system | entity_type | risk | reason | waiting_for | source |