hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动

更新: 319 个文件 - 2026-03-31 03:06:10

浏览代码
这个提交包含在:
hao
2026-03-31 03:06:11 -07:00
父节点 e8a083bc68
当前提交 5beac32c48
修改 319 个文件,包含 14120 行新增3144 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

2
07-framework-security/cms/directus/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `29`
- 最近渲染时间: `2026-03-30T09:18:24+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/cms/discourse/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `30`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/cms/drupal/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `70`
- 最近渲染时间: `2026-03-30T09:18:24+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/cms/ghost/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `23`
- 最近渲染时间: `2026-03-30T09:18:24+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/cms/joomla/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `100`
- 最近渲染时间: `2026-03-30T09:18:24+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

7
07-framework-security/cms/mediawiki/INDEX.md
查看文件

@@ -5,14 +5,14 @@
- 系统 ID: `mediawiki`
- 分类: `cms`
- 覆盖策略: `rolling-24m`
- 总案例数: `70`
- 总案例数: `71`
- 近 30 天新增/更新: `0`
- 重点 Markdown 案例数: `0`
- 已实证(真实版本): `0`
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `70`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 待人工/缺浏览器证据: `71`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束
@@ -50,6 +50,7 @@
| [MediaWiki-announce] Security and maintenance release: 1.39.12 / 1.42.6 / 1.43.1 | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `Thu, 10 Apr 2025 16:23:30 +0000` | - |
| [MediaWiki-announce] Security and maintenance release: 1.39.14 / 1.43.4 / 1.44.1 | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `Thu, 02 Oct 2025 17:37:08 +0000` | - |
| [MediaWiki-announce] MediaWiki 1.41 is End of Life | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `Sat, 21 Dec 2024 10:46:44 +0000` | - |
| [MediaWiki-announce] Security pre-release announcement: 1.43.7 / 1.44.4 / 1.45.2 | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `Mon, 30 Mar 2026 17:50:26 +0000` | - |
| [MediaWiki-announce] MediaWiki 1.42 is End of Life | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `Mon, 30 Jun 2025 23:15:16 +0000` | - |
| [MediaWiki-announce] Security and maintenance release: 1.39.13 / 1.42.7 / 1.43.2 | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `Mon, 30 Jun 2025 18:02:30 +0000` | - |
| [MediaWiki-announce] MediaWiki 1.39 is End of Life | `unknown` | `triage` | `triage-manual` | `synthetic` | `official` | `Mon, 29 Dec 2025 20:36:35 +0000` | - |

2
07-framework-security/cms/moodle/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `40`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/cms/strapi/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `26`
- 最近渲染时间: `2026-03-30T09:18:24+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/cms/wordpress/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `140`
- 最近渲染时间: `2026-03-30T09:18:24+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/ecommerce/adobe-commerce/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `81`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/ecommerce/magento-open-source/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `89`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/ecommerce/medusa/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `15`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/ecommerce/opencart/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `100`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/ecommerce/openmage/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `27`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

6
07-framework-security/ecommerce/prestashop/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `114`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束
@@ -34,8 +34,8 @@
| 标题 | 严重度 | 案例状态 | 实证状态 | 实证方式 | 来源置信度 | 更新时间 | 案例页 |
|------|--------|----------|----------|----------|------------|----------|--------|
| PrestaShop has multiple stored XSS vulnerabilities via unprotected Template variables | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-27T21:52:37.272493Z` | [link](/Users/x/websafe/07-framework-security/ecommerce/prestashop/cases/prestashop-cve-2026-33673.md) |
| PrestaShop: Improper Use of Validation Framework | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-27T21:52:10.658795Z` | [link](/Users/x/websafe/07-framework-security/ecommerce/prestashop/cases/prestashop-cve-2026-33674.md) |
| PrestaShop has multiple stored XSS vulnerabilities via unprotected Template variables | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-30T12:26:07.105030Z` | [link](/Users/x/websafe/07-framework-security/ecommerce/prestashop/cases/prestashop-cve-2026-33673.md) |
| PrestaShop: Improper Use of Validation Framework | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-30T12:26:06.049752Z` | [link](/Users/x/websafe/07-framework-security/ecommerce/prestashop/cases/prestashop-cve-2026-33674.md) |
| CVE-2020-5294 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T05:33:51.140` | - |
| CVE-2020-5273 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T05:33:48.777` | - |
| CVE-2020-5266 | `medium` | `triage` | `triage-manual` | `synthetic` | `official` | `2024-11-21T05:33:47.980` | - |

3
07-framework-security/ecommerce/prestashop/cases/prestashop-cve-2026-33673.md
查看文件

@@ -4,7 +4,7 @@ system_id: "prestashop"
category: "ecommerce"
advisory_mode: "core"
published_date: "2026-03-25T19:41:50Z"
updated_date: "2026-03-27T21:52:37.272493Z"
updated_date: "2026-03-30T12:26:07.105030Z"
severity: "low"
exploit_status: "unknown"
source_confidence: "ecosystem-authority"
@@ -20,6 +20,7 @@ allow_public_validation: "yes, with ownership or explicit authorization"
authorization_prerequisite: "asset ownership proof or explicit written authorization"
minimal_validation: "read-only probe, controlled payload, reversible test"
aliases:
- "BIT-prestashop-2026-33673"
- "CVE-2026-33673"
- "GHSA-35pf-37c6-jxjv"
affected_versions:

3
07-framework-security/ecommerce/prestashop/cases/prestashop-cve-2026-33674.md
查看文件

@@ -4,7 +4,7 @@ system_id: "prestashop"
category: "ecommerce"
advisory_mode: "core"
published_date: "2026-03-25T19:40:42Z"
updated_date: "2026-03-27T21:52:10.658795Z"
updated_date: "2026-03-30T12:26:06.049752Z"
severity: "low"
exploit_status: "unknown"
source_confidence: "ecosystem-authority"
@@ -20,6 +20,7 @@ allow_public_validation: "yes, with ownership or explicit authorization"
authorization_prerequisite: "asset ownership proof or explicit written authorization"
minimal_validation: "read-only probe, controlled payload, reversible test"
aliases:
- "BIT-prestashop-2026-33674"
- "CVE-2026-33674"
- "GHSA-283w-xf3q-788v"
affected_versions:

2
07-framework-security/ecommerce/saleor/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `24`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/ecommerce/shopware/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `71`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/ecommerce/woocommerce/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `111`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/angular/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `2`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/aspnet-core/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `3`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/astro/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `15`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/django/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `82`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/echo/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `2`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/esbuild/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `1`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/express/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `1`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/fastify/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `2`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/flask/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `1`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/gin/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `1`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/hapi/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `1`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/koa/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `1`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/laravel/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `2`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/nestjs/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `2`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/nextjs/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `40`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/nodejs/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `8`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/nuxt/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `28`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/rails/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `42`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/react/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `21`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/spring-boot/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `2`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/spring-framework/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `11`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/spring-security/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `4`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/sveltekit/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `3`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/symfony/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `9`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/undici/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `9`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/vite/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `30`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/vue/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `15`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/webpack/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `1`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/frameworks/werkzeug/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `1`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/platforms/adminer/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `2`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/platforms/gitea/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `13`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/platforms/gitlab-ce/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `56`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/platforms/grafana/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `60`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/platforms/jenkins/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `60`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/platforms/kibana/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `47`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

12
07-framework-security/platforms/mattermost/INDEX.md
查看文件

@@ -5,14 +5,14 @@
- 系统 ID: `mattermost`
- 分类: `platforms`
- 覆盖策略: `rolling-24m`
- 总案例数: `33`
- 近 30 天新增/更新: `21`
- 重点 Markdown 案例数: `33`
- 总案例数: `35`
- 近 30 天新增/更新: `23`
- 重点 Markdown 案例数: `35`
- 已实证(真实版本): `0`
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `33`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 待人工/缺浏览器证据: `35`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束
@@ -34,6 +34,8 @@
| 标题 | 严重度 | 案例状态 | 实证状态 | 实证方式 | 来源置信度 | 更新时间 | 案例页 |
|------|--------|----------|----------|----------|------------|----------|--------|
| Issue Identifier | `severity` | `generated` | `triage-manual` | `synthetic` | `official` | `Fix Release Date` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-issue-identifier.md) |
| Mattermost allows attackers to take over arbitrary user accounts via overly permissive substring matching flaw | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-31T05:32:49.079377Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-27656.md) |
| Mattermost doesn't rate limit login requests, allowing DoS | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-31T05:31:41.869147Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-26233.md) |
| Mattermost fails to validate user's authentication method when processing account auth type switch | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:56:23.696710Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-22545.md) |
| Mattermost fails to canonicalize IPv4-mapped IPv6 addresses before reserved IP validation | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:56:08.125706Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-2455.md) |
| Mattermost fails to properly enforce read permissions in search API endpoints | `low` | `generated` | `triage-manual` | `synthetic` | `ecosystem-authority` | `2026-03-23T18:55:57.125165Z` | [link](/Users/x/websafe/07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-24692.md) |

170
07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-26233.md 普通文件
查看文件

@@ -0,0 +1,170 @@
---
title: "Mattermost doesn't rate limit login requests, allowing DoS"
system_id: "mattermost"
category: "platforms"
advisory_mode: "core"
published_date: "2026-03-25T18:31:52Z"
updated_date: "2026-03-31T05:31:41.869147Z"
severity: "low"
exploit_status: "unknown"
source_confidence: "ecosystem-authority"
verification_status: "triage-manual"
verification_mode: "synthetic"
artifact_mode: "synthetic"
last_run_id: ""
target_types:
- "lab-local"
- "lab-public"
- "authorized-third-party"
allow_public_validation: "yes, with ownership or explicit authorization"
authorization_prerequisite: "asset ownership proof or explicit written authorization"
minimal_validation: "read-only probe, controlled payload, reversible test"
aliases:
- "CVE-2026-26233"
- "GHSA-247x-7qw8-fp98"
affected_versions:
- "introduced=11.4.0-rc1, fixed<11.4.1"
- "introduced=11.3.0-rc1, fixed<11.3.2"
- "introduced=11.2.0-rc1, fixed<11.2.4"
- "introduced=10.11.0-rc1, fixed<10.11.12"
- "introduced=8.0.0-20260105080200-d27a2195068d, fixed<8.0.0-20260217110922-b7d4a1f1f59b"
fixed_versions:
- "11.4.1"
- "11.3.2"
- "11.2.4"
- "10.11.12"
- "8.0.0-20260217110922-b7d4a1f1f59b"
entity_refs:
- "mattermost:system:root-system"
- "mattermost--repo--github-com-mattermost-mattermost-server:repo:affected-component"
secure_code_topics:
- "authz-server-side-recheck"
- "xss-output-encoding"
- "token-cookie-storage"
- "dependency-upgrade-policy"
primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-26233"
---
# Mattermost doesn't rate limit login requests, allowing DoS
## 本地实证状态
- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
## 事件层
- Canonical ID: `mattermost--CVE-2026-26233`
- 系统: `mattermost`
- 严重度: `low`
- 来源置信度: `ecosystem-authority`
- 官方主源: https://nvd.nist.gov/vuln/detail/CVE-2026-26233
- 影响版本: `introduced=11.4.0-rc1, fixed<11.4.1, introduced=11.3.0-rc1, fixed<11.3.2, introduced=11.2.0-rc1, fixed<11.2.4, introduced=10.11.0-rc1, fixed<10.11.12, introduced=8.0.0-20260105080200-d27a2195068d, fixed<8.0.0-20260217110922-b7d4a1f1f59b`
- 修复版本: `11.4.1, 11.3.2, 11.2.4, 10.11.12, 8.0.0-20260217110922-b7d4a1f1f59b`
## 对象与版本映射
- Advisory Scope: `repo`
- 影响对象: `mattermost / mattermost-server`
- Entity Refs: `mattermost, mattermost--repo--github-com-mattermost-mattermost-server`
- 版本置信度: `high`
- 版本缺口: `-`
- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-26233, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
## 受控验证流程
- Workflow ID: `mattermost--CVE-2026-26233--workflow`
- 漏洞家族: `unknown`
- 入口面: `repo-surface`
- 需要角色: `unknown`
- 触发向量: 对 `unknown` 家族入口投递最小化、可审计、可回滚的受控输入,比较修复前后差异。
- 请求/页面入口: `/repo`
- 输入形态: 提交最小化、可审计、可回滚的受控输入。
- 预期不安全行为: 目标表现出超出设计边界的行为。
## 其他来源
- https://github.com/mattermost/mattermost
- https://mattermost.com/security-updates
## 证据点与补丁验证
### 服务端证据点
- 应用日志中的命中路径、鉴权决策和异常栈
- 反向代理或边界层日志中的请求头、来源 IP 与路由决策
### 浏览器证据点
- 基线截图与攻击后截图的 DOM/视觉差异
- console、network 与 response metadata 中的异常信号
### 数据库/文件系统证据点
- 数据库中新增/越权读取的测试数据
- 文件系统中新增上传样本、缓存条目或越权读取痕迹
### 检测信号
- WAF / reverse proxy 异常日志、访问日志和告警
- 应用审计日志中的权限错误、重定向异常、模板渲染或上传落盘事件
### 补丁验证步骤
- 确认目标版本从 `introduced=11.4.0-rc1, fixed<11.4.1, introduced=11.3.0-rc1, fixed<11.3.2, introduced=11.2.0-rc1, fixed<11.2.4` 升级或回移到 `11.4.1`
- 保留同一组受控输入,在修复前后分别执行并比对响应、日志与浏览器证据。
- 确认修复后仅保留预期业务行为,不再触发越权、回显、异常渲染或错误请求。
- 补充 `unknown` 族自动化回归,避免同类路径在插件、主题或代理链中回归。
### 实验安全备注
- 只使用回环地址、哨兵目标、无害样本或可回滚测试数据。
- 禁止造成持久破坏、越权下载真实数据或不可回滚 side effect。
- 如需浏览器证据,保留 baseline / proof 两份快照以及 console / network 记录。
## 实验层
- 仅用于自有资产、测试环境或已明确授权目标。
- 允许公网可达目标,但必须满足资产归属或明确授权前提。
- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
- 若该案例涉及插件、模块或扩展,应同时检查供应链与升级策略。
- 禁止场景: 无归属证明或无明确授权的公网目标;知名公共网站或与测试无关的第三方资产;会造成持久破坏、数据越权下载或不可回滚影响的动作
## 修复示例
- [javascript-typescript:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/javascript-typescript/authz-server-side-recheck.md)
- [nodejs:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/nodejs/authz-server-side-recheck.md)
- [java:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/java/authz-server-side-recheck.md)
- [php:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/php/authz-server-side-recheck.md)
- [python:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/python/authz-server-side-recheck.md)
- [ruby:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/ruby/authz-server-side-recheck.md)
- [csharp:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/csharp/authz-server-side-recheck.md)
- [go:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/go/authz-server-side-recheck.md)
- [javascript-typescript:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/javascript-typescript/xss-output-encoding.md)
- [nodejs:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/nodejs/xss-output-encoding.md)
- [java:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/java/xss-output-encoding.md)
- [php:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/php/xss-output-encoding.md)
- [python:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/python/xss-output-encoding.md)
- [ruby:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/ruby/xss-output-encoding.md)
- [csharp:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/csharp/xss-output-encoding.md)
- [go:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/go/xss-output-encoding.md)
- [javascript-typescript:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/javascript-typescript/token-cookie-storage.md)
- [nodejs:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/nodejs/token-cookie-storage.md)
- [java:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/java/token-cookie-storage.md)
- [php:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/php/token-cookie-storage.md)
- [python:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/python/token-cookie-storage.md)
- [ruby:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/ruby/token-cookie-storage.md)
- [csharp:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/csharp/token-cookie-storage.md)
- [go:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/go/token-cookie-storage.md)
- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)

170
07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-27656.md 普通文件
查看文件

@@ -0,0 +1,170 @@
---
title: "Mattermost allows attackers to take over arbitrary user accounts via overly permissive substring matching flaw"
system_id: "mattermost"
category: "platforms"
advisory_mode: "core"
published_date: "2026-03-25T18:31:53Z"
updated_date: "2026-03-31T05:32:49.079377Z"
severity: "low"
exploit_status: "unknown"
source_confidence: "ecosystem-authority"
verification_status: "triage-manual"
verification_mode: "synthetic"
artifact_mode: "synthetic"
last_run_id: ""
target_types:
- "lab-local"
- "lab-public"
- "authorized-third-party"
allow_public_validation: "yes, with ownership or explicit authorization"
authorization_prerequisite: "asset ownership proof or explicit written authorization"
minimal_validation: "read-only probe, controlled payload, reversible test"
aliases:
- "CVE-2026-27656"
- "GHSA-fg35-5rf6-qg3g"
affected_versions:
- "introduced=11.4.0-rc1, fixed<11.4.1"
- "introduced=11.3.0-rc1, fixed<11.3.2"
- "introduced=11.2.0-rc1, fixed<11.2.4"
- "introduced=10.11.0-rc1, fixed<10.11.12"
- "introduced=8.0.0-20260105080200-d27a2195068d, fixed<8.0.0-20260217110922-b7d4a1f1f59b"
fixed_versions:
- "11.4.1"
- "11.3.2"
- "11.2.4"
- "10.11.12"
- "8.0.0-20260217110922-b7d4a1f1f59b"
entity_refs:
- "mattermost:system:root-system"
- "mattermost--repo--github-com-mattermost-mattermost-server:repo:affected-component"
secure_code_topics:
- "authz-server-side-recheck"
- "xss-output-encoding"
- "token-cookie-storage"
- "dependency-upgrade-policy"
primary_source: "https://nvd.nist.gov/vuln/detail/CVE-2026-27656"
---
# Mattermost allows attackers to take over arbitrary user accounts via overly permissive substring matching flaw
## 本地实证状态
- 实证状态: `triage-manual`
- 实证方式: `synthetic`
- Artifact 模式: `synthetic`
- 最近运行: `-`
- 浏览器证据: `missing`
- Run Bundle: `-`
## 事件层
- Canonical ID: `mattermost--CVE-2026-27656`
- 系统: `mattermost`
- 严重度: `low`
- 来源置信度: `ecosystem-authority`
- 官方主源: https://nvd.nist.gov/vuln/detail/CVE-2026-27656
- 影响版本: `introduced=11.4.0-rc1, fixed<11.4.1, introduced=11.3.0-rc1, fixed<11.3.2, introduced=11.2.0-rc1, fixed<11.2.4, introduced=10.11.0-rc1, fixed<10.11.12, introduced=8.0.0-20260105080200-d27a2195068d, fixed<8.0.0-20260217110922-b7d4a1f1f59b`
- 修复版本: `11.4.1, 11.3.2, 11.2.4, 10.11.12, 8.0.0-20260217110922-b7d4a1f1f59b`
## 对象与版本映射
- Advisory Scope: `repo`
- 影响对象: `mattermost / mattermost-server`
- Entity Refs: `mattermost, mattermost--repo--github-com-mattermost-mattermost-server`
- 版本置信度: `high`
- 版本缺口: `-`
- 版本证据源: `https://nvd.nist.gov/vuln/detail/CVE-2026-27656, https://github.com/mattermost/mattermost, https://mattermost.com/security-updates`
## 受控验证流程
- Workflow ID: `mattermost--CVE-2026-27656--workflow`
- 漏洞家族: `unknown`
- 入口面: `repo-surface`
- 需要角色: `unknown`
- 触发向量: 对 `unknown` 家族入口投递最小化、可审计、可回滚的受控输入,比较修复前后差异。
- 请求/页面入口: `/repo`
- 输入形态: 提交最小化、可审计、可回滚的受控输入。
- 预期不安全行为: 目标表现出超出设计边界的行为。
## 其他来源
- https://github.com/mattermost/mattermost
- https://mattermost.com/security-updates
## 证据点与补丁验证
### 服务端证据点
- 应用日志中的命中路径、鉴权决策和异常栈
- 反向代理或边界层日志中的请求头、来源 IP 与路由决策
### 浏览器证据点
- 基线截图与攻击后截图的 DOM/视觉差异
- console、network 与 response metadata 中的异常信号
### 数据库/文件系统证据点
- 数据库中新增/越权读取的测试数据
- 文件系统中新增上传样本、缓存条目或越权读取痕迹
### 检测信号
- WAF / reverse proxy 异常日志、访问日志和告警
- 应用审计日志中的权限错误、重定向异常、模板渲染或上传落盘事件
### 补丁验证步骤
- 确认目标版本从 `introduced=11.4.0-rc1, fixed<11.4.1, introduced=11.3.0-rc1, fixed<11.3.2, introduced=11.2.0-rc1, fixed<11.2.4` 升级或回移到 `11.4.1`
- 保留同一组受控输入,在修复前后分别执行并比对响应、日志与浏览器证据。
- 确认修复后仅保留预期业务行为,不再触发越权、回显、异常渲染或错误请求。
- 补充 `unknown` 族自动化回归,避免同类路径在插件、主题或代理链中回归。
### 实验安全备注
- 只使用回环地址、哨兵目标、无害样本或可回滚测试数据。
- 禁止造成持久破坏、越权下载真实数据或不可回滚 side effect。
- 如需浏览器证据,保留 baseline / proof 两份快照以及 console / network 记录。
## 实验层
- 仅用于自有资产、测试环境或已明确授权目标。
- 允许公网可达目标,但必须满足资产归属或明确授权前提。
- 最小化验证方式: 最小化验证、只读探测、可审计回显、受控注入。
- 若该案例涉及插件、模块或扩展,应同时检查供应链与升级策略。
- 禁止场景: 无归属证明或无明确授权的公网目标;知名公共网站或与测试无关的第三方资产;会造成持久破坏、数据越权下载或不可回滚影响的动作
## 修复示例
- [javascript-typescript:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/javascript-typescript/authz-server-side-recheck.md)
- [nodejs:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/nodejs/authz-server-side-recheck.md)
- [java:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/java/authz-server-side-recheck.md)
- [php:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/php/authz-server-side-recheck.md)
- [python:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/python/authz-server-side-recheck.md)
- [ruby:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/ruby/authz-server-side-recheck.md)
- [csharp:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/csharp/authz-server-side-recheck.md)
- [go:authz-server-side-recheck](/Users/x/websafe/05-defense/secure-code/go/authz-server-side-recheck.md)
- [javascript-typescript:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/javascript-typescript/xss-output-encoding.md)
- [nodejs:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/nodejs/xss-output-encoding.md)
- [java:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/java/xss-output-encoding.md)
- [php:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/php/xss-output-encoding.md)
- [python:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/python/xss-output-encoding.md)
- [ruby:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/ruby/xss-output-encoding.md)
- [csharp:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/csharp/xss-output-encoding.md)
- [go:xss-output-encoding](/Users/x/websafe/05-defense/secure-code/go/xss-output-encoding.md)
- [javascript-typescript:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/javascript-typescript/token-cookie-storage.md)
- [nodejs:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/nodejs/token-cookie-storage.md)
- [java:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/java/token-cookie-storage.md)
- [php:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/php/token-cookie-storage.md)
- [python:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/python/token-cookie-storage.md)
- [ruby:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/ruby/token-cookie-storage.md)
- [csharp:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/csharp/token-cookie-storage.md)
- [go:token-cookie-storage](/Users/x/websafe/05-defense/secure-code/go/token-cookie-storage.md)
- [javascript-typescript:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/javascript-typescript/dependency-upgrade-policy.md)
- [nodejs:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/nodejs/dependency-upgrade-policy.md)
- [java:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/java/dependency-upgrade-policy.md)
- [php:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/php/dependency-upgrade-policy.md)
- [python:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/python/dependency-upgrade-policy.md)
- [ruby:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/ruby/dependency-upgrade-policy.md)
- [csharp:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/csharp/dependency-upgrade-policy.md)
- [go:dependency-upgrade-policy](/Users/x/websafe/05-defense/secure-code/go/dependency-upgrade-policy.md)

2
07-framework-security/platforms/phpmyadmin/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `50`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/platforms/redmine/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `50`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/servers/apache-httpd/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `135`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/servers/apache-tomcat/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `136`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/servers/caddy/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `29`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/servers/haproxy/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `7`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/servers/nginx/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `110`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

2
07-framework-security/servers/traefik/INDEX.md
查看文件

@@ -12,7 +12,7 @@
- 已实证(synthetic): `0`
- 阻塞数: `0`
- 待人工/缺浏览器证据: `48`
- 最近渲染时间: `2026-03-30T09:18:25+00:00`
- 最近渲染时间: `2026-03-31T09:18:20+00:00`
## 目标约束

6
08-threat-intel/generated/coverage-matrix.md
查看文件

@@ -32,8 +32,8 @@
| Koa | `frameworks` | `rolling-24m` | `-` | `yes` | `1` | `1` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-02-26T23:36:36.294040Z` |
| Laravel | `frameworks` | `rolling-24m` | `-` | `yes` | `2` | `2` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-13T22:15:34.333730Z` |
| Magento Open Source | `ecommerce` | `history-full` | `yes` | `yes` | `89` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2025-04-20T01:37:25.860` |
| Mattermost | `platforms` | `rolling-24m` | `-` | `yes` | `33` | `33` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `Fix Release Date` |
| MediaWiki | `cms` | `rolling-24m` | `-` | `yes` | `70` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `70` | `Wed, 22 Oct 2025 21:44:43 +0000` |
| Mattermost | `platforms` | `rolling-24m` | `-` | `yes` | `35` | `35` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `Fix Release Date` |
| MediaWiki | `cms` | `rolling-24m` | `-` | `yes` | `71` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `71` | `Wed, 22 Oct 2025 21:44:43 +0000` |
| Medusa | `ecommerce` | `rolling-24m` | `-` | `yes` | `15` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `15` | `` |
| Moodle | `cms` | `rolling-24m` | `-` | `yes` | `40` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `40` | `2025-04-09T00:30:58.490` |
| NestJS | `frameworks` | `rolling-24m` | `-` | `yes` | `2` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `2` | `2026-03-02T20:30:10.923` |
@@ -44,7 +44,7 @@
| OpenCart | `ecommerce` | `history-full` | `yes` | `yes` | `100` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `100` | `2025-05-15T19:15:54.980` |
| OpenMage / Mage-OS | `ecommerce` | `rolling-24m` | `-` | `yes` | `27` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `27` | `` |
| phpMyAdmin | `platforms` | `rolling-24m` | `-` | `yes` | `50` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `50` | `` |
| PrestaShop | `ecommerce` | `history-full` | `yes` | `yes` | `114` | `2` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `112` | `2026-03-27T21:52:37.272493Z` |
| PrestaShop | `ecommerce` | `history-full` | `yes` | `yes` | `114` | `2` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `112` | `2026-03-30T12:26:07.105030Z` |
| Ruby on Rails | `frameworks` | `rolling-24m` | `-` | `yes` | `42` | `10` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `32` | `2025-05-01T18:49:06.777708Z` |
| React | `frameworks` | `history-full` | `yes` | `yes` | `21` | `3` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `18` | `2023-11-08T04:00:21.209483Z` |
| Redmine | `platforms` | `rolling-24m` | `-` | `yes` | `50` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `50` | `` |

488
08-threat-intel/generated/dashboard/advisories.json
查看文件

@@ -7676,6 +7676,114 @@
"review_state": "needs-version-gap-review"
}
},
"mediawiki--7a3e57910a": {
"canonical_id": "mediawiki--7a3e57910a",
"title": "[MediaWiki-announce] Security pre-release announcement: 1.43.7 / 1.44.4 / 1.45.2",
"summary": "Hi all,\n\nTomorrow we will be issuing a security and maintenance release to all\nsupported branches of MediaWiki.\n\nThe new releases will be:\n\n- 1.43.7\n- 1.44.4\n- 1.45.2\n\nThis will also resolve security issues in bundled extensions, along with\nbug fixes included for maintenance reasons.\n\nThese security issues also affect many unsupported versions of MediaWiki.\n\nWe will make the fixes available in the respective release branches and\nmaster in git. Tarballs will be available for the above mentioned point\nreleases as well.\n\nA summary of some of the security fixes that have gone into non-bundled\nMediaWiki extensions will also follow later.\n\nAs a reminder, MediaWiki 1.39 became EOL in December 2025 and MediaWiki\n1.42 became EOL in June 2025.\n\nMore information on these timelines can be viewed on the version lifecycle\npage at [1].\n\n[1] https://www.mediawiki.org/wiki/Version_lifecycle",
"display_name": "MediaWiki",
"system_id": "mediawiki",
"category": "cms",
"severity": "unknown",
"cvss_score": null,
"exploit_status": "unknown",
"published_at": "Mon, 30 Mar 2026 17:50:26 +0000",
"updated_at": "Mon, 30 Mar 2026 17:50:26 +0000",
"official_source_url": "https://lists.wikimedia.org/hyperkitty/list/mediawiki-announce@lists.wikimedia.org/message/FFD4KWZMOVZQJF4PIIVUTCEHDJLMNZEB/",
"secondary_source_urls": [],
"aliases": [],
"secure_code_topics": [
"xss-output-encoding",
"authz-server-side-recheck",
"file-upload-validation",
"plugin-extension-trust-policy"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"entity_refs": [
{
"entity_id": "mediawiki",
"entity_type": "system",
"relation": "root-system",
"root_system_id": "mediawiki",
"official": true
}
],
"affected_components": [
{
"name": "MediaWiki",
"entity_id": "mediawiki",
"scope": "core",
"package_name": null,
"official": true
}
],
"affected_version_ranges": [],
"fixed_version_ranges": [],
"introduced_version": null,
"patched_version": null,
"version_confidence": "low",
"version_gap_reason": "official bulletin or aggregated source did not expose explicit affected/fixed versions",
"version_resolution_needed": true,
"advisory_scope": "core",
"workflow": {
"workflow_id": "mediawiki--7a3e57910a--workflow",
"vuln_family": "plugin-extension",
"entry_surface": "extension-management-surface",
"preconditions": [
"\u4ec5\u5728 lab-local\u3001lab-public \u6216\u660e\u786e\u6388\u6743\u76ee\u6807\u4e2d\u6267\u884c\u3002",
"\u786e\u8ba4\u76ee\u6807\u547d\u4e2d\u7248\u672c\u65ad\u8a00: \u9700\u8981\u4ece\u516c\u544a\u3001\u9501\u6587\u4ef6\u3001\u7248\u672c\u9875\u6216\u5173\u4e8e\u9875\u9762\u4eba\u5de5\u786e\u8ba4\u7248\u672c\u547d\u4e2d",
"\u82e5\u5bf9\u8c61\u5c5e\u4e8e `core`\uff0c\u5148\u786e\u8ba4\u6269\u5c55/\u4ed3\u5e93/\u5305\u5df2\u542f\u7528\u5e76\u5904\u4e8e\u53d7\u5f71\u54cd\u7248\u672c\u3002"
],
"required_role": "plugin-manager-or-admin",
"affected_version_assertion": [
"\u9700\u8981\u4ece\u516c\u544a\u3001\u9501\u6587\u4ef6\u3001\u7248\u672c\u9875\u6216\u5173\u4e8e\u9875\u9762\u4eba\u5de5\u786e\u8ba4\u7248\u672c\u547d\u4e2d"
],
"trigger_vector": "\u5bf9 `plugin-extension` \u5bb6\u65cf\u5165\u53e3\u6295\u9012\u6700\u5c0f\u5316\u3001\u53ef\u5ba1\u8ba1\u3001\u53ef\u56de\u6eda\u7684\u53d7\u63a7\u8f93\u5165\uff0c\u6bd4\u8f83\u4fee\u590d\u524d\u540e\u5dee\u5f02\u3002",
"request_or_ui_path": [
"/plugins",
"/extensions",
"/themes"
],
"input_shape": "\u5728\u6269\u5c55\u7ba1\u7406\u6216\u6269\u5c55\u529f\u80fd\u5165\u53e3\u4e2d\u63d0\u4ea4\u53d7\u63a7\u914d\u7f6e/\u5185\u5bb9\u3002",
"expected_unsafe_behavior": "\u6269\u5c55\u5b89\u88c5\u3001\u914d\u7f6e\u6216\u8fd0\u884c\u7a81\u7834\u4e86\u4fe1\u4efb\u8fb9\u754c\u3002",
"server_evidence_points": [
"\u5e94\u7528\u65e5\u5fd7\u4e2d\u7684\u547d\u4e2d\u8def\u5f84\u3001\u9274\u6743\u51b3\u7b56\u548c\u5f02\u5e38\u6808",
"\u53cd\u5411\u4ee3\u7406\u6216\u8fb9\u754c\u5c42\u65e5\u5fd7\u4e2d\u7684\u8bf7\u6c42\u5934\u3001\u6765\u6e90 IP \u4e0e\u8def\u7531\u51b3\u7b56"
],
"browser_evidence_points": [
"\u57fa\u7ebf\u622a\u56fe\u4e0e\u653b\u51fb\u540e\u622a\u56fe\u7684 DOM/\u89c6\u89c9\u5dee\u5f02",
"console\u3001network \u4e0e response metadata \u4e2d\u7684\u5f02\u5e38\u4fe1\u53f7"
],
"db_or_fs_evidence_points": [
"\u6570\u636e\u5e93\u4e2d\u65b0\u589e/\u8d8a\u6743\u8bfb\u53d6\u7684\u6d4b\u8bd5\u6570\u636e",
"\u6587\u4ef6\u7cfb\u7edf\u4e2d\u65b0\u589e\u4e0a\u4f20\u6837\u672c\u3001\u7f13\u5b58\u6761\u76ee\u6216\u8d8a\u6743\u8bfb\u53d6\u75d5\u8ff9"
],
"detection_signals": [
"WAF / reverse proxy \u5f02\u5e38\u65e5\u5fd7\u3001\u8bbf\u95ee\u65e5\u5fd7\u548c\u544a\u8b66",
"\u5e94\u7528\u5ba1\u8ba1\u65e5\u5fd7\u4e2d\u7684\u6743\u9650\u9519\u8bef\u3001\u91cd\u5b9a\u5411\u5f02\u5e38\u3001\u6a21\u677f\u6e32\u67d3\u6216\u4e0a\u4f20\u843d\u76d8\u4e8b\u4ef6"
],
"mitigation_summary": "\u4f18\u5148\u5347\u7ea7\u5230\u4fee\u590d\u7248\u672c\uff0c\u5e76\u540c\u65f6\u6536\u7d27\u8f93\u5165\u6821\u9a8c\u3001\u670d\u52a1\u7aef\u9274\u6743\u3001\u4ee3\u7406\u4fe1\u4efb\u8fb9\u754c\u3001\u6269\u5c55\u5b89\u88c5\u4fe1\u4efb\u548c\u5ba1\u8ba1\u65e5\u5fd7\u3002",
"patch_validation_steps": [
"\u786e\u8ba4\u76ee\u6807\u7248\u672c\u4ece `\u53d7\u5f71\u54cd\u7248\u672c\u533a\u95f4` \u5347\u7ea7\u6216\u56de\u79fb\u5230 `\u4fee\u590d\u7248\u672c`\u3002",
"\u4fdd\u7559\u540c\u4e00\u7ec4\u53d7\u63a7\u8f93\u5165\uff0c\u5728\u4fee\u590d\u524d\u540e\u5206\u522b\u6267\u884c\u5e76\u6bd4\u5bf9\u54cd\u5e94\u3001\u65e5\u5fd7\u4e0e\u6d4f\u89c8\u5668\u8bc1\u636e\u3002",
"\u786e\u8ba4\u4fee\u590d\u540e\u4ec5\u4fdd\u7559\u9884\u671f\u4e1a\u52a1\u884c\u4e3a\uff0c\u4e0d\u518d\u89e6\u53d1\u8d8a\u6743\u3001\u56de\u663e\u3001\u5f02\u5e38\u6e32\u67d3\u6216\u9519\u8bef\u8bf7\u6c42\u3002",
"\u8865\u5145 `plugin-extension` \u65cf\u81ea\u52a8\u5316\u56de\u5f52\uff0c\u907f\u514d\u540c\u7c7b\u8def\u5f84\u5728\u63d2\u4ef6\u3001\u4e3b\u9898\u6216\u4ee3\u7406\u94fe\u4e2d\u56de\u5f52\u3002"
],
"lab_safety_notes": [
"\u53ea\u4f7f\u7528\u56de\u73af\u5730\u5740\u3001\u54e8\u5175\u76ee\u6807\u3001\u65e0\u5bb3\u6837\u672c\u6216\u53ef\u56de\u6eda\u6d4b\u8bd5\u6570\u636e\u3002",
"\u7981\u6b62\u9020\u6210\u6301\u4e45\u7834\u574f\u3001\u8d8a\u6743\u4e0b\u8f7d\u771f\u5b9e\u6570\u636e\u6216\u4e0d\u53ef\u56de\u6eda side effect\u3002",
"\u5982\u9700\u6d4f\u89c8\u5668\u8bc1\u636e\uff0c\u4fdd\u7559 baseline / proof \u4e24\u4efd\u5feb\u7167\u4ee5\u53ca console / network \u8bb0\u5f55\u3002"
],
"review_state": "needs-version-gap-review"
}
},
"mediawiki--57ad4abb33": {
"canonical_id": "mediawiki--57ad4abb33",
"title": "[MediaWiki-announce] MediaWiki 1.42 is End of Life",
@@ -10165,34 +10273,31 @@
"review_state": "ready"
}
},
"traefik--GHSA-46wh-3698-f2cx": {
"canonical_id": "traefik--GHSA-46wh-3698-f2cx",
"title": "Traefik: Deny Rule Bypass via Unauthenticated Malicious gRPC Requests in gRPC-Go Dependency (CVE-2026-33186)",
"summary": "## Summary\n\nThere is a potential vulnerability in Traefik due to its dependency on an affected version of gRPC-Go (CVE-2026-33186).\n\nA remote, unauthenticated attacker can send gRPC requests with a malformed HTTP/2 `:path` pseudo-header omitting the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server routes such requests correctly, path-based authorization interceptors evaluate the raw non-canonical path and fail to match \"deny\" rules, allowing the request to bypass the policy entirely if a fallback \"allow\" rule is present.\n\n## Patches\n\n- https://github.com/traefik/traefik/releases/tag/v2.11.42\n- https://github.com/traefik/traefik/releases/tag/v3.6.12\n- https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.3\n\n## For more information\n\nIf there are any questions or comments about this advisory, please [open an issue](https://github.com/traefik/traefik/issues).\n\n<details>\n<summary>Original Description</summary>\n\n### Summary\nThis CVE hits traefik until Version 3.6.11 and 2.11.41.\ngRPC-Go has an authorization bypass via missing leading slash in :path\n### Details\nAs described in https://github.com/advisories/GHSA-p77j-4mvh-x3m3\n### PoC\nUpdate library version in \nhttps://github.com/traefik/traefik/blob/67c64ed9b25fbb90f1086977a62827133a7aa01b/go.mod#L108\n### Impact\nIs described in https://github.com/advisories/GHSA-p77j-4mvh-x3m3\n\n</details>\n\n\n----------",
"display_name": "Traefik",
"system_id": "traefik",
"category": "servers",
"severity": "medium",
"cvss_score": 4.0,
"mattermost--CVE-2026-27656": {
"canonical_id": "mattermost--CVE-2026-27656",
"title": "Mattermost allows attackers to take over arbitrary user accounts via overly permissive substring matching flaw",
"summary": "Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to properly validate user identity in the OpenID {{IsSameUser()}} comparison logic, which allows an attacker to take over arbitrary user accounts via an overly permissive substring matching flaw in the user discovery flow. Mattermost Advisory ID: MMSA-2026-00590",
"display_name": "Mattermost",
"system_id": "mattermost",
"category": "platforms",
"severity": "low",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-29T15:37:28Z",
"updated_at": "2026-03-29T15:49:22.073498Z",
"official_source_url": "https://github.com/traefik/traefik/security/advisories/GHSA-46wh-3698-f2cx",
"published_at": "2026-03-25T18:31:53Z",
"updated_at": "2026-03-31T05:32:49.079377Z",
"official_source_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27656",
"secondary_source_urls": [
"https://github.com/advisories/GHSA-p77j-4mvh-x3m3",
"https://github.com/traefik/traefik",
"https://github.com/traefik/traefik/blob/67c64ed9b25fbb90f1086977a62827133a7aa01b/go.mod#L108",
"https://github.com/traefik/traefik/releases/tag/v2.11.42",
"https://github.com/traefik/traefik/releases/tag/v3.6.12",
"https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.3"
"https://github.com/mattermost/mattermost",
"https://mattermost.com/security-updates"
],
"aliases": [
"GHSA-46wh-3698-f2cx"
"CVE-2026-27656",
"GHSA-fg35-5rf6-qg3g"
],
"secure_code_topics": [
"proxy-trust-boundary",
"request-smuggling-boundary",
"authz-server-side-recheck",
"xss-output-encoding",
"token-cookie-storage",
"dependency-upgrade-policy"
],
"verification_status": "triage-manual",
@@ -10206,68 +10311,72 @@
},
"entity_refs": [
{
"entity_id": "traefik",
"entity_id": "mattermost",
"entity_type": "system",
"relation": "root-system",
"root_system_id": "traefik",
"root_system_id": "mattermost",
"official": true
},
{
"entity_id": "traefik--repo--github-com-traefik-traefik-v3",
"entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
"entity_type": "repo",
"relation": "affected-component",
"root_system_id": "traefik",
"root_system_id": "mattermost",
"official": false
}
],
"affected_components": [
{
"name": "traefik / traefik / v3",
"entity_id": "traefik--repo--github-com-traefik-traefik-v3",
"name": "mattermost / mattermost-server",
"entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
"scope": "repo",
"package_name": "github.com/traefik/traefik/v3",
"package_name": "github.com/mattermost/mattermost-server",
"official": false
}
],
"affected_version_ranges": [
"introduced=0, fixed<2.11.42",
"introduced=3.0.0-beta3, fixed<3.6.12",
"introduced=3.7.0-ea.1, fixed<3.7.0-ea.3"
"introduced=11.4.0-rc1, fixed<11.4.1",
"introduced=11.3.0-rc1, fixed<11.3.2",
"introduced=11.2.0-rc1, fixed<11.2.4",
"introduced=10.11.0-rc1, fixed<10.11.12",
"introduced=8.0.0-20260105080200-d27a2195068d, fixed<8.0.0-20260217110922-b7d4a1f1f59b"
],
"fixed_version_ranges": [
"2.11.42",
"3.6.12",
"3.7.0-ea.3"
"11.4.1",
"11.3.2",
"11.2.4",
"10.11.12",
"8.0.0-20260217110922-b7d4a1f1f59b"
],
"introduced_version": "introduced=3.7.0-ea.1, fixed<3.7.0-ea.3",
"patched_version": "2.11.42",
"introduced_version": "introduced=8.0.0-20260105080200-d27a2195068d, fixed<8.0.0-20260217110922-b7d4a1f1f59b",
"patched_version": "11.4.1",
"version_confidence": "high",
"version_gap_reason": "",
"version_resolution_needed": false,
"advisory_scope": "repo",
"workflow": {
"workflow_id": "traefik--GHSA-46wh-3698-f2cx--workflow",
"vuln_family": "authz-bypass",
"entry_surface": "privileged-route-or-object-reference",
"workflow_id": "mattermost--CVE-2026-27656--workflow",
"vuln_family": "unknown",
"entry_surface": "repo-surface",
"preconditions": [
"\u4ec5\u5728 lab-local\u3001lab-public \u6216\u660e\u786e\u6388\u6743\u76ee\u6807\u4e2d\u6267\u884c\u3002",
"\u786e\u8ba4\u76ee\u6807\u547d\u4e2d\u7248\u672c\u65ad\u8a00: introduced=0, fixed<2.11.42, introduced=3.0.0-beta3, fixed<3.6.12, introduced=3.7.0-ea.1, fixed<3.7.0-ea.3",
"\u786e\u8ba4\u76ee\u6807\u547d\u4e2d\u7248\u672c\u65ad\u8a00: introduced=11.4.0-rc1, fixed<11.4.1, introduced=11.3.0-rc1, fixed<11.3.2, introduced=11.2.0-rc1, fixed<11.2.4",
"\u82e5\u5bf9\u8c61\u5c5e\u4e8e `repo`\uff0c\u5148\u786e\u8ba4\u6269\u5c55/\u4ed3\u5e93/\u5305\u5df2\u542f\u7528\u5e76\u5904\u4e8e\u53d7\u5f71\u54cd\u7248\u672c\u3002"
],
"required_role": "cross-tenant-or-low-privileged-user",
"required_role": "unknown",
"affected_version_assertion": [
"introduced=0, fixed<2.11.42",
"introduced=3.0.0-beta3, fixed<3.6.12",
"introduced=3.7.0-ea.1, fixed<3.7.0-ea.3"
"introduced=11.4.0-rc1, fixed<11.4.1",
"introduced=11.3.0-rc1, fixed<11.3.2",
"introduced=11.2.0-rc1, fixed<11.2.4",
"introduced=10.11.0-rc1, fixed<10.11.12",
"introduced=8.0.0-20260105080200-d27a2195068d, fixed<8.0.0-20260217110922-b7d4a1f1f59b"
],
"trigger_vector": "\u5bf9 `authz-bypass` \u5bb6\u65cf\u5165\u53e3\u6295\u9012\u6700\u5c0f\u5316\u3001\u53ef\u5ba1\u8ba1\u3001\u53ef\u56de\u6eda\u7684\u53d7\u63a7\u8f93\u5165\uff0c\u6bd4\u8f83\u4fee\u590d\u524d\u540e\u5dee\u5f02\u3002",
"trigger_vector": "\u5bf9 `unknown` \u5bb6\u65cf\u5165\u53e3\u6295\u9012\u6700\u5c0f\u5316\u3001\u53ef\u5ba1\u8ba1\u3001\u53ef\u56de\u6eda\u7684\u53d7\u63a7\u8f93\u5165\uff0c\u6bd4\u8f83\u4fee\u590d\u524d\u540e\u5dee\u5f02\u3002",
"request_or_ui_path": [
"/admin/*",
"/api/private/*",
"/tenant/*"
"/repo"
],
"input_shape": "\u4f7f\u7528\u4f4e\u6743\u9650\u8eab\u4efd\u8bbf\u95ee\u9ad8\u6743\u9650\u5bf9\u8c61\u6216\u8de8\u79df\u6237\u8d44\u6e90\u3002",
"expected_unsafe_behavior": "\u4f4e\u6743\u9650\u8eab\u4efd\u53ef\u8bbf\u95ee\u672c\u4e0d\u5e94\u53ef\u89c1\u7684\u6570\u636e\u6216\u64cd\u4f5c\u3002",
"input_shape": "\u63d0\u4ea4\u6700\u5c0f\u5316\u3001\u53ef\u5ba1\u8ba1\u3001\u53ef\u56de\u6eda\u7684\u53d7\u63a7\u8f93\u5165\u3002",
"expected_unsafe_behavior": "\u76ee\u6807\u8868\u73b0\u51fa\u8d85\u51fa\u8bbe\u8ba1\u8fb9\u754c\u7684\u884c\u4e3a\u3002",
"server_evidence_points": [
"\u5e94\u7528\u65e5\u5fd7\u4e2d\u7684\u547d\u4e2d\u8def\u5f84\u3001\u9274\u6743\u51b3\u7b56\u548c\u5f02\u5e38\u6808",
"\u53cd\u5411\u4ee3\u7406\u6216\u8fb9\u754c\u5c42\u65e5\u5fd7\u4e2d\u7684\u8bf7\u6c42\u5934\u3001\u6765\u6e90 IP \u4e0e\u8def\u7531\u51b3\u7b56"
@@ -10286,10 +10395,145 @@
],
"mitigation_summary": "\u4f18\u5148\u5347\u7ea7\u5230\u4fee\u590d\u7248\u672c\uff0c\u5e76\u540c\u65f6\u6536\u7d27\u8f93\u5165\u6821\u9a8c\u3001\u670d\u52a1\u7aef\u9274\u6743\u3001\u4ee3\u7406\u4fe1\u4efb\u8fb9\u754c\u3001\u6269\u5c55\u5b89\u88c5\u4fe1\u4efb\u548c\u5ba1\u8ba1\u65e5\u5fd7\u3002",
"patch_validation_steps": [
"\u786e\u8ba4\u76ee\u6807\u7248\u672c\u4ece `introduced=0, fixed<2.11.42, introduced=3.0.0-beta3, fixed<3.6.12, introduced=3.7.0-ea.1, fixed<3.7.0-ea.3` \u5347\u7ea7\u6216\u56de\u79fb\u5230 `2.11.42`\u3002",
"\u786e\u8ba4\u76ee\u6807\u7248\u672c\u4ece `introduced=11.4.0-rc1, fixed<11.4.1, introduced=11.3.0-rc1, fixed<11.3.2, introduced=11.2.0-rc1, fixed<11.2.4` \u5347\u7ea7\u6216\u56de\u79fb\u5230 `11.4.1`\u3002",
"\u4fdd\u7559\u540c\u4e00\u7ec4\u53d7\u63a7\u8f93\u5165\uff0c\u5728\u4fee\u590d\u524d\u540e\u5206\u522b\u6267\u884c\u5e76\u6bd4\u5bf9\u54cd\u5e94\u3001\u65e5\u5fd7\u4e0e\u6d4f\u89c8\u5668\u8bc1\u636e\u3002",
"\u786e\u8ba4\u4fee\u590d\u540e\u4ec5\u4fdd\u7559\u9884\u671f\u4e1a\u52a1\u884c\u4e3a\uff0c\u4e0d\u518d\u89e6\u53d1\u8d8a\u6743\u3001\u56de\u663e\u3001\u5f02\u5e38\u6e32\u67d3\u6216\u9519\u8bef\u8bf7\u6c42\u3002",
"\u8865\u5145 `authz-bypass` \u65cf\u81ea\u52a8\u5316\u56de\u5f52\uff0c\u907f\u514d\u540c\u7c7b\u8def\u5f84\u5728\u63d2\u4ef6\u3001\u4e3b\u9898\u6216\u4ee3\u7406\u94fe\u4e2d\u56de\u5f52\u3002"
"\u8865\u5145 `unknown` \u65cf\u81ea\u52a8\u5316\u56de\u5f52\uff0c\u907f\u514d\u540c\u7c7b\u8def\u5f84\u5728\u63d2\u4ef6\u3001\u4e3b\u9898\u6216\u4ee3\u7406\u94fe\u4e2d\u56de\u5f52\u3002"
],
"lab_safety_notes": [
"\u53ea\u4f7f\u7528\u56de\u73af\u5730\u5740\u3001\u54e8\u5175\u76ee\u6807\u3001\u65e0\u5bb3\u6837\u672c\u6216\u53ef\u56de\u6eda\u6d4b\u8bd5\u6570\u636e\u3002",
"\u7981\u6b62\u9020\u6210\u6301\u4e45\u7834\u574f\u3001\u8d8a\u6743\u4e0b\u8f7d\u771f\u5b9e\u6570\u636e\u6216\u4e0d\u53ef\u56de\u6eda side effect\u3002",
"\u5982\u9700\u6d4f\u89c8\u5668\u8bc1\u636e\uff0c\u4fdd\u7559 baseline / proof \u4e24\u4efd\u5feb\u7167\u4ee5\u53ca console / network \u8bb0\u5f55\u3002"
],
"review_state": "ready"
}
},
"mattermost--CVE-2026-26233": {
"canonical_id": "mattermost--CVE-2026-26233",
"title": "Mattermost doesn't rate limit login requests, allowing DoS",
"summary": "Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to rate limit login requests which allows unauthenticated remote attackers to cause denial of service (server crash and restart) via HTTP/2 single packet attack with 100+ parallel login requests.. Mattermost Advisory ID: MMSA-2025-00566",
"display_name": "Mattermost",
"system_id": "mattermost",
"category": "platforms",
"severity": "low",
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-25T18:31:52Z",
"updated_at": "2026-03-31T05:31:41.869147Z",
"official_source_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26233",
"secondary_source_urls": [
"https://github.com/mattermost/mattermost",
"https://mattermost.com/security-updates"
],
"aliases": [
"CVE-2026-26233",
"GHSA-247x-7qw8-fp98"
],
"secure_code_topics": [
"authz-server-side-recheck",
"xss-output-encoding",
"token-cookie-storage",
"dependency-upgrade-policy"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"entity_refs": [
{
"entity_id": "mattermost",
"entity_type": "system",
"relation": "root-system",
"root_system_id": "mattermost",
"official": true
},
{
"entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
"entity_type": "repo",
"relation": "affected-component",
"root_system_id": "mattermost",
"official": false
}
],
"affected_components": [
{
"name": "mattermost / mattermost-server",
"entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
"scope": "repo",
"package_name": "github.com/mattermost/mattermost-server",
"official": false
}
],
"affected_version_ranges": [
"introduced=11.4.0-rc1, fixed<11.4.1",
"introduced=11.3.0-rc1, fixed<11.3.2",
"introduced=11.2.0-rc1, fixed<11.2.4",
"introduced=10.11.0-rc1, fixed<10.11.12",
"introduced=8.0.0-20260105080200-d27a2195068d, fixed<8.0.0-20260217110922-b7d4a1f1f59b"
],
"fixed_version_ranges": [
"11.4.1",
"11.3.2",
"11.2.4",
"10.11.12",
"8.0.0-20260217110922-b7d4a1f1f59b"
],
"introduced_version": "introduced=8.0.0-20260105080200-d27a2195068d, fixed<8.0.0-20260217110922-b7d4a1f1f59b",
"patched_version": "11.4.1",
"version_confidence": "high",
"version_gap_reason": "",
"version_resolution_needed": false,
"advisory_scope": "repo",
"workflow": {
"workflow_id": "mattermost--CVE-2026-26233--workflow",
"vuln_family": "unknown",
"entry_surface": "repo-surface",
"preconditions": [
"\u4ec5\u5728 lab-local\u3001lab-public \u6216\u660e\u786e\u6388\u6743\u76ee\u6807\u4e2d\u6267\u884c\u3002",
"\u786e\u8ba4\u76ee\u6807\u547d\u4e2d\u7248\u672c\u65ad\u8a00: introduced=11.4.0-rc1, fixed<11.4.1, introduced=11.3.0-rc1, fixed<11.3.2, introduced=11.2.0-rc1, fixed<11.2.4",
"\u82e5\u5bf9\u8c61\u5c5e\u4e8e `repo`\uff0c\u5148\u786e\u8ba4\u6269\u5c55/\u4ed3\u5e93/\u5305\u5df2\u542f\u7528\u5e76\u5904\u4e8e\u53d7\u5f71\u54cd\u7248\u672c\u3002"
],
"required_role": "unknown",
"affected_version_assertion": [
"introduced=11.4.0-rc1, fixed<11.4.1",
"introduced=11.3.0-rc1, fixed<11.3.2",
"introduced=11.2.0-rc1, fixed<11.2.4",
"introduced=10.11.0-rc1, fixed<10.11.12",
"introduced=8.0.0-20260105080200-d27a2195068d, fixed<8.0.0-20260217110922-b7d4a1f1f59b"
],
"trigger_vector": "\u5bf9 `unknown` \u5bb6\u65cf\u5165\u53e3\u6295\u9012\u6700\u5c0f\u5316\u3001\u53ef\u5ba1\u8ba1\u3001\u53ef\u56de\u6eda\u7684\u53d7\u63a7\u8f93\u5165\uff0c\u6bd4\u8f83\u4fee\u590d\u524d\u540e\u5dee\u5f02\u3002",
"request_or_ui_path": [
"/repo"
],
"input_shape": "\u63d0\u4ea4\u6700\u5c0f\u5316\u3001\u53ef\u5ba1\u8ba1\u3001\u53ef\u56de\u6eda\u7684\u53d7\u63a7\u8f93\u5165\u3002",
"expected_unsafe_behavior": "\u76ee\u6807\u8868\u73b0\u51fa\u8d85\u51fa\u8bbe\u8ba1\u8fb9\u754c\u7684\u884c\u4e3a\u3002",
"server_evidence_points": [
"\u5e94\u7528\u65e5\u5fd7\u4e2d\u7684\u547d\u4e2d\u8def\u5f84\u3001\u9274\u6743\u51b3\u7b56\u548c\u5f02\u5e38\u6808",
"\u53cd\u5411\u4ee3\u7406\u6216\u8fb9\u754c\u5c42\u65e5\u5fd7\u4e2d\u7684\u8bf7\u6c42\u5934\u3001\u6765\u6e90 IP \u4e0e\u8def\u7531\u51b3\u7b56"
],
"browser_evidence_points": [
"\u57fa\u7ebf\u622a\u56fe\u4e0e\u653b\u51fb\u540e\u622a\u56fe\u7684 DOM/\u89c6\u89c9\u5dee\u5f02",
"console\u3001network \u4e0e response metadata \u4e2d\u7684\u5f02\u5e38\u4fe1\u53f7"
],
"db_or_fs_evidence_points": [
"\u6570\u636e\u5e93\u4e2d\u65b0\u589e/\u8d8a\u6743\u8bfb\u53d6\u7684\u6d4b\u8bd5\u6570\u636e",
"\u6587\u4ef6\u7cfb\u7edf\u4e2d\u65b0\u589e\u4e0a\u4f20\u6837\u672c\u3001\u7f13\u5b58\u6761\u76ee\u6216\u8d8a\u6743\u8bfb\u53d6\u75d5\u8ff9"
],
"detection_signals": [
"WAF / reverse proxy \u5f02\u5e38\u65e5\u5fd7\u3001\u8bbf\u95ee\u65e5\u5fd7\u548c\u544a\u8b66",
"\u5e94\u7528\u5ba1\u8ba1\u65e5\u5fd7\u4e2d\u7684\u6743\u9650\u9519\u8bef\u3001\u91cd\u5b9a\u5411\u5f02\u5e38\u3001\u6a21\u677f\u6e32\u67d3\u6216\u4e0a\u4f20\u843d\u76d8\u4e8b\u4ef6"
],
"mitigation_summary": "\u4f18\u5148\u5347\u7ea7\u5230\u4fee\u590d\u7248\u672c\uff0c\u5e76\u540c\u65f6\u6536\u7d27\u8f93\u5165\u6821\u9a8c\u3001\u670d\u52a1\u7aef\u9274\u6743\u3001\u4ee3\u7406\u4fe1\u4efb\u8fb9\u754c\u3001\u6269\u5c55\u5b89\u88c5\u4fe1\u4efb\u548c\u5ba1\u8ba1\u65e5\u5fd7\u3002",
"patch_validation_steps": [
"\u786e\u8ba4\u76ee\u6807\u7248\u672c\u4ece `introduced=11.4.0-rc1, fixed<11.4.1, introduced=11.3.0-rc1, fixed<11.3.2, introduced=11.2.0-rc1, fixed<11.2.4` \u5347\u7ea7\u6216\u56de\u79fb\u5230 `11.4.1`\u3002",
"\u4fdd\u7559\u540c\u4e00\u7ec4\u53d7\u63a7\u8f93\u5165\uff0c\u5728\u4fee\u590d\u524d\u540e\u5206\u522b\u6267\u884c\u5e76\u6bd4\u5bf9\u54cd\u5e94\u3001\u65e5\u5fd7\u4e0e\u6d4f\u89c8\u5668\u8bc1\u636e\u3002",
"\u786e\u8ba4\u4fee\u590d\u540e\u4ec5\u4fdd\u7559\u9884\u671f\u4e1a\u52a1\u884c\u4e3a\uff0c\u4e0d\u518d\u89e6\u53d1\u8d8a\u6743\u3001\u56de\u663e\u3001\u5f02\u5e38\u6e32\u67d3\u6216\u9519\u8bef\u8bf7\u6c42\u3002",
"\u8865\u5145 `unknown` \u65cf\u81ea\u52a8\u5316\u56de\u5f52\uff0c\u907f\u514d\u540c\u7c7b\u8def\u5f84\u5728\u63d2\u4ef6\u3001\u4e3b\u9898\u6216\u4ee3\u7406\u94fe\u4e2d\u56de\u5f52\u3002"
],
"lab_safety_notes": [
"\u53ea\u4f7f\u7528\u56de\u73af\u5730\u5740\u3001\u54e8\u5175\u76ee\u6807\u3001\u65e0\u5bb3\u6837\u672c\u6216\u53ef\u56de\u6eda\u6d4b\u8bd5\u6570\u636e\u3002",
@@ -10310,7 +10554,7 @@
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-25T19:41:50Z",
"updated_at": "2026-03-27T21:52:37.272493Z",
"updated_at": "2026-03-30T12:26:07.105030Z",
"official_source_url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-35pf-37c6-jxjv",
"secondary_source_urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2026-33673",
@@ -10319,6 +10563,7 @@
"https://github.com/PrestaShop/PrestaShop/releases/tag/9.1.0"
],
"aliases": [
"BIT-prestashop-2026-33673",
"CVE-2026-33673",
"GHSA-35pf-37c6-jxjv"
],
@@ -10498,7 +10743,7 @@
"cvss_score": 3.1,
"exploit_status": "unknown",
"published_at": "2026-03-25T19:40:42Z",
"updated_at": "2026-03-27T21:52:10.658795Z",
"updated_at": "2026-03-30T12:26:06.049752Z",
"official_source_url": "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-283w-xf3q-788v",
"secondary_source_urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2026-33674",
@@ -10507,6 +10752,7 @@
"https://github.com/PrestaShop/PrestaShop/releases/tag/9.1.0"
],
"aliases": [
"BIT-prestashop-2026-33674",
"CVE-2026-33674",
"GHSA-283w-xf3q-788v"
],
@@ -10672,6 +10918,140 @@
"review_state": "ready"
}
},
"traefik--GHSA-46wh-3698-f2cx": {
"canonical_id": "traefik--GHSA-46wh-3698-f2cx",
"title": "Traefik: Deny Rule Bypass via Unauthenticated Malicious gRPC Requests in gRPC-Go Dependency (CVE-2026-33186)",
"summary": "## Summary\n\nThere is a potential vulnerability in Traefik due to its dependency on an affected version of gRPC-Go (CVE-2026-33186).\n\nA remote, unauthenticated attacker can send gRPC requests with a malformed HTTP/2 `:path` pseudo-header omitting the mandatory leading slash (e.g., `Service/Method` instead of `/Service/Method`). While the server routes such requests correctly, path-based authorization interceptors evaluate the raw non-canonical path and fail to match \"deny\" rules, allowing the request to bypass the policy entirely if a fallback \"allow\" rule is present.\n\n## Patches\n\n- https://github.com/traefik/traefik/releases/tag/v2.11.42\n- https://github.com/traefik/traefik/releases/tag/v3.6.12\n- https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.3\n\n## For more information\n\nIf there are any questions or comments about this advisory, please [open an issue](https://github.com/traefik/traefik/issues).\n\n<details>\n<summary>Original Description</summary>\n\n### Summary\nThis CVE hits traefik until Version 3.6.11 and 2.11.41.\ngRPC-Go has an authorization bypass via missing leading slash in :path\n### Details\nAs described in https://github.com/advisories/GHSA-p77j-4mvh-x3m3\n### PoC\nUpdate library version in \nhttps://github.com/traefik/traefik/blob/67c64ed9b25fbb90f1086977a62827133a7aa01b/go.mod#L108\n### Impact\nIs described in https://github.com/advisories/GHSA-p77j-4mvh-x3m3\n\n</details>\n\n\n----------",
"display_name": "Traefik",
"system_id": "traefik",
"category": "servers",
"severity": "medium",
"cvss_score": 4.0,
"exploit_status": "unknown",
"published_at": "2026-03-29T15:37:28Z",
"updated_at": "2026-03-29T15:49:22.073498Z",
"official_source_url": "https://github.com/traefik/traefik/security/advisories/GHSA-46wh-3698-f2cx",
"secondary_source_urls": [
"https://github.com/advisories/GHSA-p77j-4mvh-x3m3",
"https://github.com/traefik/traefik",
"https://github.com/traefik/traefik/blob/67c64ed9b25fbb90f1086977a62827133a7aa01b/go.mod#L108",
"https://github.com/traefik/traefik/releases/tag/v2.11.42",
"https://github.com/traefik/traefik/releases/tag/v3.6.12",
"https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.3"
],
"aliases": [
"GHSA-46wh-3698-f2cx"
],
"secure_code_topics": [
"proxy-trust-boundary",
"request-smuggling-boundary",
"authz-server-side-recheck",
"dependency-upgrade-policy"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"artifact_mode": "synthetic",
"blocked_reason": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"entity_refs": [
{
"entity_id": "traefik",
"entity_type": "system",
"relation": "root-system",
"root_system_id": "traefik",
"official": true
},
{
"entity_id": "traefik--repo--github-com-traefik-traefik-v3",
"entity_type": "repo",
"relation": "affected-component",
"root_system_id": "traefik",
"official": false
}
],
"affected_components": [
{
"name": "traefik / traefik / v3",
"entity_id": "traefik--repo--github-com-traefik-traefik-v3",
"scope": "repo",
"package_name": "github.com/traefik/traefik/v3",
"official": false
}
],
"affected_version_ranges": [
"introduced=0, fixed<2.11.42",
"introduced=3.0.0-beta3, fixed<3.6.12",
"introduced=3.7.0-ea.1, fixed<3.7.0-ea.3"
],
"fixed_version_ranges": [
"2.11.42",
"3.6.12",
"3.7.0-ea.3"
],
"introduced_version": "introduced=3.7.0-ea.1, fixed<3.7.0-ea.3",
"patched_version": "2.11.42",
"version_confidence": "high",
"version_gap_reason": "",
"version_resolution_needed": false,
"advisory_scope": "repo",
"workflow": {
"workflow_id": "traefik--GHSA-46wh-3698-f2cx--workflow",
"vuln_family": "authz-bypass",
"entry_surface": "privileged-route-or-object-reference",
"preconditions": [
"\u4ec5\u5728 lab-local\u3001lab-public \u6216\u660e\u786e\u6388\u6743\u76ee\u6807\u4e2d\u6267\u884c\u3002",
"\u786e\u8ba4\u76ee\u6807\u547d\u4e2d\u7248\u672c\u65ad\u8a00: introduced=0, fixed<2.11.42, introduced=3.0.0-beta3, fixed<3.6.12, introduced=3.7.0-ea.1, fixed<3.7.0-ea.3",
"\u82e5\u5bf9\u8c61\u5c5e\u4e8e `repo`\uff0c\u5148\u786e\u8ba4\u6269\u5c55/\u4ed3\u5e93/\u5305\u5df2\u542f\u7528\u5e76\u5904\u4e8e\u53d7\u5f71\u54cd\u7248\u672c\u3002"
],
"required_role": "cross-tenant-or-low-privileged-user",
"affected_version_assertion": [
"introduced=0, fixed<2.11.42",
"introduced=3.0.0-beta3, fixed<3.6.12",
"introduced=3.7.0-ea.1, fixed<3.7.0-ea.3"
],
"trigger_vector": "\u5bf9 `authz-bypass` \u5bb6\u65cf\u5165\u53e3\u6295\u9012\u6700\u5c0f\u5316\u3001\u53ef\u5ba1\u8ba1\u3001\u53ef\u56de\u6eda\u7684\u53d7\u63a7\u8f93\u5165\uff0c\u6bd4\u8f83\u4fee\u590d\u524d\u540e\u5dee\u5f02\u3002",
"request_or_ui_path": [
"/admin/*",
"/api/private/*",
"/tenant/*"
],
"input_shape": "\u4f7f\u7528\u4f4e\u6743\u9650\u8eab\u4efd\u8bbf\u95ee\u9ad8\u6743\u9650\u5bf9\u8c61\u6216\u8de8\u79df\u6237\u8d44\u6e90\u3002",
"expected_unsafe_behavior": "\u4f4e\u6743\u9650\u8eab\u4efd\u53ef\u8bbf\u95ee\u672c\u4e0d\u5e94\u53ef\u89c1\u7684\u6570\u636e\u6216\u64cd\u4f5c\u3002",
"server_evidence_points": [
"\u5e94\u7528\u65e5\u5fd7\u4e2d\u7684\u547d\u4e2d\u8def\u5f84\u3001\u9274\u6743\u51b3\u7b56\u548c\u5f02\u5e38\u6808",
"\u53cd\u5411\u4ee3\u7406\u6216\u8fb9\u754c\u5c42\u65e5\u5fd7\u4e2d\u7684\u8bf7\u6c42\u5934\u3001\u6765\u6e90 IP \u4e0e\u8def\u7531\u51b3\u7b56"
],
"browser_evidence_points": [
"\u57fa\u7ebf\u622a\u56fe\u4e0e\u653b\u51fb\u540e\u622a\u56fe\u7684 DOM/\u89c6\u89c9\u5dee\u5f02",
"console\u3001network \u4e0e response metadata \u4e2d\u7684\u5f02\u5e38\u4fe1\u53f7"
],
"db_or_fs_evidence_points": [
"\u6570\u636e\u5e93\u4e2d\u65b0\u589e/\u8d8a\u6743\u8bfb\u53d6\u7684\u6d4b\u8bd5\u6570\u636e",
"\u6587\u4ef6\u7cfb\u7edf\u4e2d\u65b0\u589e\u4e0a\u4f20\u6837\u672c\u3001\u7f13\u5b58\u6761\u76ee\u6216\u8d8a\u6743\u8bfb\u53d6\u75d5\u8ff9"
],
"detection_signals": [
"WAF / reverse proxy \u5f02\u5e38\u65e5\u5fd7\u3001\u8bbf\u95ee\u65e5\u5fd7\u548c\u544a\u8b66",
"\u5e94\u7528\u5ba1\u8ba1\u65e5\u5fd7\u4e2d\u7684\u6743\u9650\u9519\u8bef\u3001\u91cd\u5b9a\u5411\u5f02\u5e38\u3001\u6a21\u677f\u6e32\u67d3\u6216\u4e0a\u4f20\u843d\u76d8\u4e8b\u4ef6"
],
"mitigation_summary": "\u4f18\u5148\u5347\u7ea7\u5230\u4fee\u590d\u7248\u672c\uff0c\u5e76\u540c\u65f6\u6536\u7d27\u8f93\u5165\u6821\u9a8c\u3001\u670d\u52a1\u7aef\u9274\u6743\u3001\u4ee3\u7406\u4fe1\u4efb\u8fb9\u754c\u3001\u6269\u5c55\u5b89\u88c5\u4fe1\u4efb\u548c\u5ba1\u8ba1\u65e5\u5fd7\u3002",
"patch_validation_steps": [
"\u786e\u8ba4\u76ee\u6807\u7248\u672c\u4ece `introduced=0, fixed<2.11.42, introduced=3.0.0-beta3, fixed<3.6.12, introduced=3.7.0-ea.1, fixed<3.7.0-ea.3` \u5347\u7ea7\u6216\u56de\u79fb\u5230 `2.11.42`\u3002",
"\u4fdd\u7559\u540c\u4e00\u7ec4\u53d7\u63a7\u8f93\u5165\uff0c\u5728\u4fee\u590d\u524d\u540e\u5206\u522b\u6267\u884c\u5e76\u6bd4\u5bf9\u54cd\u5e94\u3001\u65e5\u5fd7\u4e0e\u6d4f\u89c8\u5668\u8bc1\u636e\u3002",
"\u786e\u8ba4\u4fee\u590d\u540e\u4ec5\u4fdd\u7559\u9884\u671f\u4e1a\u52a1\u884c\u4e3a\uff0c\u4e0d\u518d\u89e6\u53d1\u8d8a\u6743\u3001\u56de\u663e\u3001\u5f02\u5e38\u6e32\u67d3\u6216\u9519\u8bef\u8bf7\u6c42\u3002",
"\u8865\u5145 `authz-bypass` \u65cf\u81ea\u52a8\u5316\u56de\u5f52\uff0c\u907f\u514d\u540c\u7c7b\u8def\u5f84\u5728\u63d2\u4ef6\u3001\u4e3b\u9898\u6216\u4ee3\u7406\u94fe\u4e2d\u56de\u5f52\u3002"
],
"lab_safety_notes": [
"\u53ea\u4f7f\u7528\u56de\u73af\u5730\u5740\u3001\u54e8\u5175\u76ee\u6807\u3001\u65e0\u5bb3\u6837\u672c\u6216\u53ef\u56de\u6eda\u6d4b\u8bd5\u6570\u636e\u3002",
"\u7981\u6b62\u9020\u6210\u6301\u4e45\u7834\u574f\u3001\u8d8a\u6743\u4e0b\u8f7d\u771f\u5b9e\u6570\u636e\u6216\u4e0d\u53ef\u56de\u6eda side effect\u3002",
"\u5982\u9700\u6d4f\u89c8\u5668\u8bc1\u636e\uff0c\u4fdd\u7559 baseline / proof \u4e24\u4efd\u5feb\u7167\u4ee5\u53ca console / network \u8bb0\u5f55\u3002"
],
"review_state": "ready"
}
},
"traefik--CVE-2026-33433": {
"canonical_id": "traefik--CVE-2026-33433",
"title": "Traefik Vulnerable to BasicAuth/DigestAuth Identity Spoofing via Non-Canonical headerField",

12
08-threat-intel/generated/dashboard/architecture.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-30T09:18:27+00:00",
"generated_at": "2026-03-31T09:18:21+00:00",
"title": "\u5f53\u524d\u67b6\u6784\u5e93",
"summary": "\u5de5\u4f5c\u53f0\u3001\u63a7\u5236\u9762\u3001\u6570\u636e\u5c42\u3001\u6388\u6743\u8fb9\u754c\u4e0e\u7cfb\u7edf\u8986\u76d6\u7684\u5f53\u524d\u771f\u503c\u89c6\u56fe\u3002",
"sections": [
@@ -39,7 +39,7 @@
},
{
"label": "\u5f53\u524d\u6f0f\u6d1e\u6761\u76ee",
"value": "2425"
"value": "2428"
}
],
"fields": [
@@ -57,7 +57,7 @@
},
{
"label": "\u751f\u6210\u65f6\u95f4",
"value": "2026-03-30T09:18:27+00:00"
"value": "2026-03-31T09:18:21+00:00"
}
],
"links": [
@@ -5973,7 +5973,7 @@
},
{
"label": "Advisory \u6570",
"value": "2425"
"value": "2428"
},
{
"label": "\u72b6\u6001\u7c7b\u578b",
@@ -5992,7 +5992,7 @@
"items": [
{
"title": "\u4eba\u5de5\u5206\u8bca",
"summary": "\u5f53\u524d\u7d2f\u8ba1 2336 \u6761\u3002",
"summary": "\u5f53\u524d\u7d2f\u8ba1 2339 \u6761\u3002",
"open": false,
"fields": [
{
@@ -6001,7 +6001,7 @@
},
{
"label": "\u6570\u91cf",
"value": "2336"
"value": "2339"
}
]
},

32
08-threat-intel/generated/dashboard/data/completeness.json
查看文件

@@ -1,7 +1,7 @@
{
"generated_at": "2026-03-30T09:18:27+00:00",
"generated_at": "2026-03-31T09:18:21+00:00",
"advisory_total": 89,
"registry_advisory_total": 2425,
"registry_advisory_total": 2428,
"scope": "latest-run-backed-advisories",
"latest_statuses": {
"verified-real": 89
@@ -175,12 +175,12 @@
"active_source_count": 102,
"green_source_count": 102,
"failure_count": 0,
"last_fully_green_run": "2026-03-30T09:18:10+00:00",
"last_fully_green_run": "2026-03-31T09:18:05+00:00",
"open_alert_count": 0,
"resolved_alert_count": 101
},
"entity_coverage": {
"generated_at": "2026-03-30T09:18:25+00:00",
"generated_at": "2026-03-31T09:18:20+00:00",
"cataloged_entity_total": 110,
"candidate_entity_total": 7,
"history_full_complete_count": 41,
@@ -990,7 +990,7 @@
"entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
"entity_type": "repo",
"display_name": "mattermost / mattermost-server",
"advisory_count": 14,
"advisory_count": 16,
"history_backfill_status": "seeded",
"latest_sync_status": "green"
},
@@ -1950,28 +1950,30 @@
"discovery_queue": 7,
"history_queue": 27,
"latest_queue": 10,
"workflow_queue": 2178
"workflow_queue": 2179
}
},
"monitor_summary": {
"generated_at": "2026-03-30T09:18:10+00:00",
"generated_at": "2026-03-31T09:18:05+00:00",
"active_source_count": 102,
"green_source_count": 102,
"source_failure_count": 0,
"open_alert_count": 0,
"resolved_alert_count": 101,
"last_fully_green_run": "2026-03-30T09:18:10+00:00",
"last_fully_green_run": "2026-03-31T09:18:05+00:00",
"source_catalog": {
"system_count": 62,
"source_count": 179,
"retired_source_count": 77
},
"ingest": {
"new_count": 1,
"updated_count": 0,
"new_count": 3,
"updated_count": 2,
"failure_count": 0,
"systems_touched": [
"traefik"
"mattermost",
"mediawiki",
"prestashop"
]
},
"validation": {
@@ -1991,14 +1993,14 @@
"cataloged_entity_total": 110,
"latest_version_synced_count": 95,
"source_gap_count": 15,
"security_version_total": 6308,
"security_version_total": 6290,
"security_version_entity_count": 83,
"auto_promoted_entity_count": 10,
"lab_enqueued_count": 1
"lab_enqueued_count": 3
},
"lab_enqueue": {
"enqueued": 1,
"queue_total": 2381,
"enqueued": 3,
"queue_total": 2384,
"pending_count": 0
}
},

6
08-threat-intel/generated/dashboard/data/entity-completeness.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-30T09:18:25+00:00",
"generated_at": "2026-03-31T09:18:20+00:00",
"cataloged_entity_total": 110,
"candidate_entity_total": 7,
"history_full_complete_count": 41,
@@ -809,7 +809,7 @@
"entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
"entity_type": "repo",
"display_name": "mattermost / mattermost-server",
"advisory_count": 14,
"advisory_count": 16,
"history_backfill_status": "seeded",
"latest_sync_status": "green"
},
@@ -1769,6 +1769,6 @@
"discovery_queue": 7,
"history_queue": 27,
"latest_queue": 10,
"workflow_queue": 2178
"workflow_queue": 2179
}
}

4
08-threat-intel/generated/dashboard/data/entity-queues.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-30T09:18:25+00:00",
"generated_at": "2026-03-31T09:18:20+00:00",
"discovery_queue": {
"count": 7,
"items": [
@@ -408,7 +408,7 @@
]
},
"workflow_queue": {
"count": 2178,
"count": 2179,
"items": [
{
"canonical_id": "adminer--CVE-2026-25878",

26
08-threat-intel/generated/dashboard/data/lab-enqueue-summary.json
查看文件

@@ -1,7 +1,7 @@
{
"generated_at": "2026-03-30T09:18:18+00:00",
"enqueued": 1,
"queue_total": 2381,
"generated_at": "2026-03-31T09:18:14+00:00",
"enqueued": 3,
"queue_total": 2384,
"items": [
{
"advisory_id": "directus--05a97ef95a",
@@ -1093,6 +1093,21 @@
"system_id": "magento-open-source",
"priority": "version-sync"
},
{
"advisory_id": "mattermost--CVE-2026-26233",
"system_id": "mattermost",
"priority": "version-sync"
},
{
"advisory_id": "mattermost--CVE-2026-27656",
"system_id": "mattermost",
"priority": "version-sync"
},
{
"advisory_id": "mediawiki--7a3e57910a",
"system_id": "mediawiki",
"priority": "version-sync"
},
{
"advisory_id": "opencart--139edfb591",
"system_id": "opencart",
@@ -2758,11 +2773,6 @@
"system_id": "strapi",
"priority": "version-sync"
},
{
"advisory_id": "traefik--GHSA-46wh-3698-f2cx",
"system_id": "traefik",
"priority": "version-sync"
},
{
"advisory_id": "woocommerce--05da41121f",
"system_id": "woocommerce",

20
08-threat-intel/generated/dashboard/data/monitor-summary.json
查看文件

@@ -1,22 +1,24 @@
{
"generated_at": "2026-03-30T09:18:10+00:00",
"generated_at": "2026-03-31T09:18:05+00:00",
"active_source_count": 102,
"green_source_count": 102,
"source_failure_count": 0,
"open_alert_count": 0,
"resolved_alert_count": 101,
"last_fully_green_run": "2026-03-30T09:18:10+00:00",
"last_fully_green_run": "2026-03-31T09:18:05+00:00",
"source_catalog": {
"system_count": 62,
"source_count": 179,
"retired_source_count": 77
},
"ingest": {
"new_count": 1,
"updated_count": 0,
"new_count": 3,
"updated_count": 2,
"failure_count": 0,
"systems_touched": [
"traefik"
"mattermost",
"mediawiki",
"prestashop"
]
},
"validation": {
@@ -36,14 +38,14 @@
"cataloged_entity_total": 110,
"latest_version_synced_count": 95,
"source_gap_count": 15,
"security_version_total": 6308,
"security_version_total": 6290,
"security_version_entity_count": 83,
"auto_promoted_entity_count": 10,
"lab_enqueued_count": 1
"lab_enqueued_count": 3
},
"lab_enqueue": {
"enqueued": 1,
"queue_total": 2381,
"enqueued": 3,
"queue_total": 2384,
"pending_count": 0
}
}

998
08-threat-intel/generated/dashboard/data/release-index.json
查看文件

文件差异内容过多而无法显示 加载差异

2
08-threat-intel/generated/dashboard/data/source-catalog-audit.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-30T09:17:05+00:00",
"generated_at": "2026-03-31T09:17:00+00:00",
"system_count": 62,
"source_count": 179,
"active_source_count": 102,

302
08-threat-intel/generated/dashboard/data/source-health.json
查看文件

@@ -1,17 +1,17 @@
{
"generated_at": "2026-03-30T09:18:10+00:00",
"generated_at": "2026-03-31T09:18:05+00:00",
"active_source_count": 102,
"green_source_count": 102,
"failure_count": 0,
"all_green": true,
"last_fully_green_run": "2026-03-30T09:18:10+00:00",
"last_fully_green_run": "2026-03-31T09:18:05+00:00",
"retries_performed": 0,
"probes": [
{
"system_id": "adminer",
"source_name": "OSV Adminer",
"source_kind": "osv-batch",
"elapsed_seconds": 3.746,
"elapsed_seconds": 3.959,
"kind": "osv-batch",
"items_seen": 1
},
@@ -19,7 +19,7 @@
"system_id": "adobe-commerce",
"source_name": "Adobe Magento Security Index",
"source_kind": "vendor-index",
"elapsed_seconds": 0.036,
"elapsed_seconds": 0.028,
"kind": "vendor-index",
"items_seen": 46
},
@@ -27,7 +27,7 @@
"system_id": "angular",
"source_name": "OSV Angular",
"source_kind": "osv-batch",
"elapsed_seconds": 2.422,
"elapsed_seconds": 2.141,
"kind": "osv-batch",
"items_seen": 1
},
@@ -35,7 +35,7 @@
"system_id": "apache-httpd",
"source_name": "Apache HTTPD Security",
"source_kind": "html-links",
"elapsed_seconds": 2.532,
"elapsed_seconds": 2.563,
"kind": "html-links",
"items_seen": 182
},
@@ -43,15 +43,15 @@
"system_id": "apache-httpd",
"source_name": "CISA KEV Apache HTTPD",
"source_kind": "kev-json",
"elapsed_seconds": 2.532,
"elapsed_seconds": 2.563,
"kind": "kev-json",
"items_seen": 1554
"items_seen": 1555
},
{
"system_id": "apache-tomcat",
"source_name": "Apache Tomcat Security",
"source_kind": "html-links",
"elapsed_seconds": 2.532,
"elapsed_seconds": 2.563,
"kind": "html-links",
"items_seen": 270
},
@@ -59,15 +59,15 @@
"system_id": "apache-tomcat",
"source_name": "CISA KEV Tomcat",
"source_kind": "kev-json",
"elapsed_seconds": 2.532,
"elapsed_seconds": 2.563,
"kind": "kev-json",
"items_seen": 1554
"items_seen": 1555
},
{
"system_id": "aspnet-core",
"source_name": "OSV ASP.NET Core",
"source_kind": "osv-batch",
"elapsed_seconds": 3.475,
"elapsed_seconds": 3.397,
"kind": "osv-batch",
"items_seen": 1
},
@@ -75,7 +75,7 @@
"system_id": "astro",
"source_name": "OSV Astro",
"source_kind": "osv-batch",
"elapsed_seconds": 2.216,
"elapsed_seconds": 2.584,
"kind": "osv-batch",
"items_seen": 1
},
@@ -83,7 +83,7 @@
"system_id": "caddy",
"source_name": "OSV Caddy",
"source_kind": "osv-batch",
"elapsed_seconds": 3.652,
"elapsed_seconds": 4.228,
"kind": "osv-batch",
"items_seen": 1
},
@@ -91,7 +91,7 @@
"system_id": "directus",
"source_name": "Directus GitHub Advisories",
"source_kind": "html-links",
"elapsed_seconds": 0.039,
"elapsed_seconds": 0.031,
"kind": "html-links",
"items_seen": 127
},
@@ -99,7 +99,7 @@
"system_id": "directus",
"source_name": "OSV Directus",
"source_kind": "osv-batch",
"elapsed_seconds": 1.1,
"elapsed_seconds": 1.191,
"kind": "osv-batch",
"items_seen": 1
},
@@ -107,7 +107,7 @@
"system_id": "discourse",
"source_name": "Discourse Release Notes RSS",
"source_kind": "rss-feed",
"elapsed_seconds": 0.036,
"elapsed_seconds": 0.029,
"kind": "rss-feed",
"items_seen": 30
},
@@ -115,7 +115,7 @@
"system_id": "discourse",
"source_name": "Discourse Security RSS",
"source_kind": "rss-feed",
"elapsed_seconds": 0.036,
"elapsed_seconds": 0.028,
"kind": "rss-feed",
"items_seen": 3
},
@@ -123,7 +123,7 @@
"system_id": "discourse",
"source_name": "OSV Discourse",
"source_kind": "osv-batch",
"elapsed_seconds": 0.933,
"elapsed_seconds": 1.199,
"kind": "osv-batch",
"items_seen": 1
},
@@ -131,7 +131,7 @@
"system_id": "django",
"source_name": "Django Security Releases Archive",
"source_kind": "vendor-index",
"elapsed_seconds": 2.263,
"elapsed_seconds": 2.154,
"kind": "vendor-index",
"items_seen": 1276
},
@@ -139,7 +139,7 @@
"system_id": "django",
"source_name": "Django Security Weblog",
"source_kind": "vendor-index",
"elapsed_seconds": 2.232,
"elapsed_seconds": 2.141,
"kind": "vendor-index",
"items_seen": 332
},
@@ -147,7 +147,7 @@
"system_id": "django",
"source_name": "OSV Django",
"source_kind": "osv-batch",
"elapsed_seconds": 4.51,
"elapsed_seconds": 4.98,
"kind": "osv-batch",
"items_seen": 1
},
@@ -155,7 +155,7 @@
"system_id": "drupal",
"source_name": "Drupal Security Advisories RSS",
"source_kind": "rss-feed",
"elapsed_seconds": 0.042,
"elapsed_seconds": 0.033,
"kind": "rss-feed",
"items_seen": 20
},
@@ -163,7 +163,7 @@
"system_id": "drupal",
"source_name": "OSV Drupal",
"source_kind": "osv-batch",
"elapsed_seconds": 2.378,
"elapsed_seconds": 2.139,
"kind": "osv-batch",
"items_seen": 1
},
@@ -171,7 +171,7 @@
"system_id": "echo",
"source_name": "OSV Echo",
"source_kind": "osv-batch",
"elapsed_seconds": 3.684,
"elapsed_seconds": 3.808,
"kind": "osv-batch",
"items_seen": 1
},
@@ -179,7 +179,7 @@
"system_id": "esbuild",
"source_name": "OSV esbuild",
"source_kind": "osv-batch",
"elapsed_seconds": 2.895,
"elapsed_seconds": 2.903,
"kind": "osv-batch",
"items_seen": 1
},
@@ -187,7 +187,7 @@
"system_id": "express",
"source_name": "OSV Express",
"source_kind": "osv-batch",
"elapsed_seconds": 2.587,
"elapsed_seconds": 2.283,
"kind": "osv-batch",
"items_seen": 1
},
@@ -195,7 +195,7 @@
"system_id": "fastify",
"source_name": "OSV Fastify",
"source_kind": "osv-batch",
"elapsed_seconds": 2.591,
"elapsed_seconds": 2.631,
"kind": "osv-batch",
"items_seen": 1
},
@@ -203,7 +203,7 @@
"system_id": "flask",
"source_name": "OSV Flask",
"source_kind": "osv-batch",
"elapsed_seconds": 3.512,
"elapsed_seconds": 3.393,
"kind": "osv-batch",
"items_seen": 1
},
@@ -211,7 +211,7 @@
"system_id": "ghost",
"source_name": "Ghost GitHub Advisories",
"source_kind": "html-links",
"elapsed_seconds": 0.041,
"elapsed_seconds": 0.033,
"kind": "html-links",
"items_seen": 119
},
@@ -219,7 +219,7 @@
"system_id": "ghost",
"source_name": "OSV Ghost",
"source_kind": "osv-batch",
"elapsed_seconds": 1.102,
"elapsed_seconds": 1.307,
"kind": "osv-batch",
"items_seen": 1
},
@@ -227,7 +227,7 @@
"system_id": "gin",
"source_name": "OSV Gin",
"source_kind": "osv-batch",
"elapsed_seconds": 3.608,
"elapsed_seconds": 3.38,
"kind": "osv-batch",
"items_seen": 1
},
@@ -235,7 +235,7 @@
"system_id": "gitea",
"source_name": "OSV Gitea",
"source_kind": "osv-batch",
"elapsed_seconds": 3.71,
"elapsed_seconds": 3.896,
"kind": "osv-batch",
"items_seen": 1
},
@@ -243,7 +243,7 @@
"system_id": "gitlab-ce",
"source_name": "GitLab Advisory Database",
"source_kind": "html-links",
"elapsed_seconds": 2.623,
"elapsed_seconds": 2.815,
"kind": "html-links",
"items_seen": 5
},
@@ -251,7 +251,7 @@
"system_id": "gitlab-ce",
"source_name": "GitLab Security Releases Atom",
"source_kind": "atom-feed",
"elapsed_seconds": 2.623,
"elapsed_seconds": 2.815,
"kind": "atom-feed",
"items_seen": 187
},
@@ -259,15 +259,15 @@
"system_id": "grafana",
"source_name": "CISA KEV Grafana",
"source_kind": "kev-json",
"elapsed_seconds": 2.623,
"elapsed_seconds": 2.815,
"kind": "kev-json",
"items_seen": 1554
"items_seen": 1555
},
{
"system_id": "grafana",
"source_name": "Grafana Security Advisories",
"source_kind": "html-links",
"elapsed_seconds": 2.623,
"elapsed_seconds": 2.815,
"kind": "html-links",
"items_seen": 159
},
@@ -275,7 +275,7 @@
"system_id": "hapi",
"source_name": "OSV Hapi",
"source_kind": "osv-batch",
"elapsed_seconds": 2.411,
"elapsed_seconds": 2.815,
"kind": "osv-batch",
"items_seen": 1
},
@@ -283,7 +283,7 @@
"system_id": "haproxy",
"source_name": "HAProxy Blog Feed",
"source_kind": "rss-feed",
"elapsed_seconds": 2.534,
"elapsed_seconds": 2.631,
"kind": "rss-feed",
"items_seen": 10
},
@@ -291,7 +291,7 @@
"system_id": "jenkins",
"source_name": "Jenkins Security Advisories RSS",
"source_kind": "rss-feed",
"elapsed_seconds": 2.623,
"elapsed_seconds": 2.815,
"kind": "rss-feed",
"items_seen": 96
},
@@ -299,7 +299,7 @@
"system_id": "joomla",
"source_name": "Joomla Security Centre",
"source_kind": "html-links",
"elapsed_seconds": 0.042,
"elapsed_seconds": 0.033,
"kind": "html-links",
"items_seen": 139
},
@@ -307,7 +307,7 @@
"system_id": "joomla",
"source_name": "OSV Joomla",
"source_kind": "osv-batch",
"elapsed_seconds": 0.999,
"elapsed_seconds": 1.342,
"kind": "osv-batch",
"items_seen": 1
},
@@ -315,7 +315,7 @@
"system_id": "kibana",
"source_name": "Elastic Product Security",
"source_kind": "html-links",
"elapsed_seconds": 2.623,
"elapsed_seconds": 2.815,
"kind": "html-links",
"items_seen": 66
},
@@ -323,7 +323,7 @@
"system_id": "kibana",
"source_name": "NVD Kibana",
"source_kind": "nvd-search",
"elapsed_seconds": 4.081,
"elapsed_seconds": 4.196,
"kind": "nvd-search",
"items_seen": 1
},
@@ -331,7 +331,7 @@
"system_id": "koa",
"source_name": "OSV Koa",
"source_kind": "osv-batch",
"elapsed_seconds": 2.783,
"elapsed_seconds": 2.426,
"kind": "osv-batch",
"items_seen": 1
},
@@ -339,7 +339,7 @@
"system_id": "laravel",
"source_name": "OSV Laravel",
"source_kind": "osv-batch",
"elapsed_seconds": 3.054,
"elapsed_seconds": 3.686,
"kind": "osv-batch",
"items_seen": 1
},
@@ -347,7 +347,7 @@
"system_id": "magento-open-source",
"source_name": "Magento GitHub Advisories",
"source_kind": "html-links",
"elapsed_seconds": 0.028,
"elapsed_seconds": 0.02,
"kind": "html-links",
"items_seen": 99
},
@@ -355,7 +355,7 @@
"system_id": "magento-open-source",
"source_name": "OSV Magento Open Source",
"source_kind": "osv-batch",
"elapsed_seconds": 1.018,
"elapsed_seconds": 1.085,
"kind": "osv-batch",
"items_seen": 1
},
@@ -363,15 +363,15 @@
"system_id": "magento-open-source",
"source_name": "Sansec Research",
"source_kind": "html-links",
"elapsed_seconds": 0.028,
"elapsed_seconds": 0.02,
"kind": "html-links",
"items_seen": 135
"items_seen": 136
},
{
"system_id": "mattermost",
"source_name": "Mattermost Security Updates JSON",
"source_kind": "json-feed",
"elapsed_seconds": 2.783,
"elapsed_seconds": 2.815,
"kind": "json-feed",
"items_seen": 594
},
@@ -379,7 +379,7 @@
"system_id": "mattermost",
"source_name": "OSV Mattermost",
"source_kind": "osv-batch",
"elapsed_seconds": 5.098,
"elapsed_seconds": 5.583,
"kind": "osv-batch",
"items_seen": 1
},
@@ -387,7 +387,7 @@
"system_id": "mediawiki",
"source_name": "MediaWiki Announce RSS",
"source_kind": "rss-feed",
"elapsed_seconds": 0.038,
"elapsed_seconds": 0.03,
"kind": "rss-feed",
"items_seen": 30
},
@@ -395,7 +395,7 @@
"system_id": "mediawiki",
"source_name": "OSV MediaWiki",
"source_kind": "osv-batch",
"elapsed_seconds": 1.32,
"elapsed_seconds": 1.383,
"kind": "osv-batch",
"items_seen": 1
},
@@ -403,7 +403,7 @@
"system_id": "medusa",
"source_name": "OSV Medusa",
"source_kind": "osv-batch",
"elapsed_seconds": 1.437,
"elapsed_seconds": 1.067,
"kind": "osv-batch",
"items_seen": 1
},
@@ -411,7 +411,7 @@
"system_id": "moodle",
"source_name": "OSV Moodle",
"source_kind": "osv-batch",
"elapsed_seconds": 3.955,
"elapsed_seconds": 4.35,
"kind": "osv-batch",
"items_seen": 1
},
@@ -419,7 +419,7 @@
"system_id": "nestjs",
"source_name": "OSV NestJS",
"source_kind": "osv-batch",
"elapsed_seconds": 2.27,
"elapsed_seconds": 2.26,
"kind": "osv-batch",
"items_seen": 1
},
@@ -427,7 +427,7 @@
"system_id": "nextjs",
"source_name": "OSV Next.js",
"source_kind": "osv-batch",
"elapsed_seconds": 1.15,
"elapsed_seconds": 1.537,
"kind": "osv-batch",
"items_seen": 1
},
@@ -435,15 +435,15 @@
"system_id": "nginx",
"source_name": "CISA KEV NGINX",
"source_kind": "kev-json",
"elapsed_seconds": 2.532,
"elapsed_seconds": 2.563,
"kind": "kev-json",
"items_seen": 1554
"items_seen": 1555
},
{
"system_id": "nginx",
"source_name": "NGINX Security Advisories",
"source_kind": "html-links",
"elapsed_seconds": 2.521,
"elapsed_seconds": 2.563,
"kind": "html-links",
"items_seen": 150
},
@@ -451,23 +451,23 @@
"system_id": "nodejs",
"source_name": "CISA KEV Node.js",
"source_kind": "kev-json",
"elapsed_seconds": 2.274,
"elapsed_seconds": 2.563,
"kind": "kev-json",
"items_seen": 1554
"items_seen": 1555
},
{
"system_id": "nodejs",
"source_name": "Node.js Security Releases",
"source_kind": "html-links",
"elapsed_seconds": 1.248,
"elapsed_seconds": 1.31,
"kind": "html-links",
"items_seen": 74
"items_seen": 73
},
{
"system_id": "nuxt",
"source_name": "OSV Nuxt",
"source_kind": "osv-batch",
"elapsed_seconds": 2.088,
"elapsed_seconds": 2.246,
"kind": "osv-batch",
"items_seen": 1
},
@@ -475,7 +475,7 @@
"system_id": "opencart",
"source_name": "OSV OpenCart",
"source_kind": "osv-batch",
"elapsed_seconds": 1.154,
"elapsed_seconds": 1.326,
"kind": "osv-batch",
"items_seen": 1
},
@@ -483,7 +483,7 @@
"system_id": "opencart",
"source_name": "OpenCart Releases",
"source_kind": "html-links",
"elapsed_seconds": 0.015,
"elapsed_seconds": 0.01,
"kind": "html-links",
"items_seen": 1500
},
@@ -491,7 +491,7 @@
"system_id": "openmage",
"source_name": "OSV OpenMage",
"source_kind": "osv-batch",
"elapsed_seconds": 1.392,
"elapsed_seconds": 1.117,
"kind": "osv-batch",
"items_seen": 1
},
@@ -499,7 +499,7 @@
"system_id": "openmage",
"source_name": "OpenMage GitHub Advisories",
"source_kind": "html-links",
"elapsed_seconds": 0.025,
"elapsed_seconds": 0.02,
"kind": "html-links",
"items_seen": 125
},
@@ -507,7 +507,7 @@
"system_id": "phpmyadmin",
"source_name": "OSV phpMyAdmin",
"source_kind": "osv-batch",
"elapsed_seconds": 4.051,
"elapsed_seconds": 4.196,
"kind": "osv-batch",
"items_seen": 1
},
@@ -515,7 +515,7 @@
"system_id": "phpmyadmin",
"source_name": "phpMyAdmin Security Page",
"source_kind": "html-links",
"elapsed_seconds": 2.534,
"elapsed_seconds": 2.631,
"kind": "html-links",
"items_seen": 263
},
@@ -523,7 +523,7 @@
"system_id": "prestashop",
"source_name": "Friends Of Presta Security",
"source_kind": "html-links",
"elapsed_seconds": 0.018,
"elapsed_seconds": 0.012,
"kind": "html-links",
"items_seen": 38
},
@@ -531,7 +531,7 @@
"system_id": "prestashop",
"source_name": "GitHub PrestaShop Advisories",
"source_kind": "html-links",
"elapsed_seconds": 0.02,
"elapsed_seconds": 0.012,
"kind": "html-links",
"items_seen": 127
},
@@ -539,7 +539,7 @@
"system_id": "prestashop",
"source_name": "OSV PrestaShop",
"source_kind": "osv-batch",
"elapsed_seconds": 1.24,
"elapsed_seconds": 1.159,
"kind": "osv-batch",
"items_seen": 1
},
@@ -547,7 +547,7 @@
"system_id": "prestashop",
"source_name": "PrestaShop Security Page",
"source_kind": "html-links",
"elapsed_seconds": 0.02,
"elapsed_seconds": 0.012,
"kind": "html-links",
"items_seen": 60
},
@@ -555,7 +555,7 @@
"system_id": "rails",
"source_name": "OSV Rails",
"source_kind": "osv-batch",
"elapsed_seconds": 3.667,
"elapsed_seconds": 3.323,
"kind": "osv-batch",
"items_seen": 1
},
@@ -563,7 +563,7 @@
"system_id": "react",
"source_name": "OSV React",
"source_kind": "osv-batch",
"elapsed_seconds": 1.739,
"elapsed_seconds": 1.274,
"kind": "osv-batch",
"items_seen": 1
},
@@ -571,7 +571,7 @@
"system_id": "redmine",
"source_name": "OSV Redmine",
"source_kind": "osv-batch",
"elapsed_seconds": 3.91,
"elapsed_seconds": 4.913,
"kind": "osv-batch",
"items_seen": 1
},
@@ -579,7 +579,7 @@
"system_id": "redmine",
"source_name": "Redmine Security Advisories",
"source_kind": "html-links",
"elapsed_seconds": 2.822,
"elapsed_seconds": 2.885,
"kind": "html-links",
"items_seen": 371
},
@@ -587,7 +587,7 @@
"system_id": "saleor",
"source_name": "GitHub Saleor Advisories",
"source_kind": "html-links",
"elapsed_seconds": 0.005,
"elapsed_seconds": 0.006,
"kind": "html-links",
"items_seen": 120
},
@@ -595,7 +595,7 @@
"system_id": "saleor",
"source_name": "OSV Saleor",
"source_kind": "osv-batch",
"elapsed_seconds": 1.47,
"elapsed_seconds": 1.453,
"kind": "osv-batch",
"items_seen": 1
},
@@ -603,7 +603,7 @@
"system_id": "shopware",
"source_name": "OSV Shopware",
"source_kind": "osv-batch",
"elapsed_seconds": 1.369,
"elapsed_seconds": 1.661,
"kind": "osv-batch",
"items_seen": 1
},
@@ -611,7 +611,7 @@
"system_id": "shopware",
"source_name": "Shopware Security Advisories",
"source_kind": "html-links",
"elapsed_seconds": 0.018,
"elapsed_seconds": 0.01,
"kind": "html-links",
"items_seen": 129
},
@@ -619,7 +619,7 @@
"system_id": "spring-boot",
"source_name": "OSV Spring Boot",
"source_kind": "osv-batch",
"elapsed_seconds": 2.616,
"elapsed_seconds": 2.815,
"kind": "osv-batch",
"items_seen": 1
},
@@ -627,7 +627,7 @@
"system_id": "spring-boot",
"source_name": "Spring Security Advisories",
"source_kind": "html-links",
"elapsed_seconds": 1.465,
"elapsed_seconds": 1.652,
"kind": "html-links",
"items_seen": 118
},
@@ -635,7 +635,7 @@
"system_id": "spring-framework",
"source_name": "OSV Spring Framework",
"source_kind": "osv-batch",
"elapsed_seconds": 2.534,
"elapsed_seconds": 2.643,
"kind": "osv-batch",
"items_seen": 1
},
@@ -643,7 +643,7 @@
"system_id": "spring-framework",
"source_name": "Spring Security Advisories",
"source_kind": "html-links",
"elapsed_seconds": 1.432,
"elapsed_seconds": 1.447,
"kind": "html-links",
"items_seen": 118
},
@@ -651,7 +651,7 @@
"system_id": "spring-security",
"source_name": "OSV Spring Security",
"source_kind": "osv-batch",
"elapsed_seconds": 3.001,
"elapsed_seconds": 2.897,
"kind": "osv-batch",
"items_seen": 1
},
@@ -659,7 +659,7 @@
"system_id": "spring-security",
"source_name": "Spring Security Advisories",
"source_kind": "html-links",
"elapsed_seconds": 1.437,
"elapsed_seconds": 1.536,
"kind": "html-links",
"items_seen": 118
},
@@ -667,7 +667,7 @@
"system_id": "strapi",
"source_name": "OSV Strapi",
"source_kind": "osv-batch",
"elapsed_seconds": 1.056,
"elapsed_seconds": 1.347,
"kind": "osv-batch",
"items_seen": 1
},
@@ -675,7 +675,7 @@
"system_id": "strapi",
"source_name": "Strapi GitHub Advisories",
"source_kind": "html-links",
"elapsed_seconds": 0.04,
"elapsed_seconds": 0.032,
"kind": "html-links",
"items_seen": 124
},
@@ -683,7 +683,7 @@
"system_id": "sveltekit",
"source_name": "OSV SvelteKit",
"source_kind": "osv-batch",
"elapsed_seconds": 2.446,
"elapsed_seconds": 2.244,
"kind": "osv-batch",
"items_seen": 1
},
@@ -691,7 +691,7 @@
"system_id": "symfony",
"source_name": "OSV Symfony",
"source_kind": "osv-batch",
"elapsed_seconds": 3.578,
"elapsed_seconds": 4.892,
"kind": "osv-batch",
"items_seen": 1
},
@@ -699,7 +699,7 @@
"system_id": "traefik",
"source_name": "OSV Traefik",
"source_kind": "osv-batch",
"elapsed_seconds": 8.58,
"elapsed_seconds": 3.748,
"kind": "osv-batch",
"items_seen": 1
},
@@ -707,7 +707,7 @@
"system_id": "undici",
"source_name": "OSV Undici",
"source_kind": "osv-batch",
"elapsed_seconds": 2.521,
"elapsed_seconds": 2.886,
"kind": "osv-batch",
"items_seen": 1
},
@@ -715,7 +715,7 @@
"system_id": "vite",
"source_name": "OSV Vite",
"source_kind": "osv-batch",
"elapsed_seconds": 2.535,
"elapsed_seconds": 2.174,
"kind": "osv-batch",
"items_seen": 1
},
@@ -723,7 +723,7 @@
"system_id": "vue",
"source_name": "OSV Vue",
"source_kind": "osv-batch",
"elapsed_seconds": 1.248,
"elapsed_seconds": 1.059,
"kind": "osv-batch",
"items_seen": 1
},
@@ -731,7 +731,7 @@
"system_id": "webpack",
"source_name": "OSV webpack",
"source_kind": "osv-batch",
"elapsed_seconds": 2.823,
"elapsed_seconds": 2.695,
"kind": "osv-batch",
"items_seen": 1
},
@@ -739,7 +739,7 @@
"system_id": "werkzeug",
"source_name": "OSV Werkzeug",
"source_kind": "osv-batch",
"elapsed_seconds": 3.652,
"elapsed_seconds": 3.637,
"kind": "osv-batch",
"items_seen": 1
},
@@ -747,7 +747,7 @@
"system_id": "woocommerce",
"source_name": "GitHub WooCommerce Advisories",
"source_kind": "html-links",
"elapsed_seconds": 0.022,
"elapsed_seconds": 0.016,
"kind": "html-links",
"items_seen": 107
},
@@ -755,7 +755,7 @@
"system_id": "woocommerce",
"source_name": "OSV WooCommerce",
"source_kind": "osv-batch",
"elapsed_seconds": 1.178,
"elapsed_seconds": 1.062,
"kind": "osv-batch",
"items_seen": 1
},
@@ -763,7 +763,7 @@
"system_id": "woocommerce",
"source_name": "Patchstack Database",
"source_kind": "html-links",
"elapsed_seconds": 0.023,
"elapsed_seconds": 0.014,
"kind": "html-links",
"items_seen": 193
},
@@ -771,7 +771,7 @@
"system_id": "woocommerce",
"source_name": "Woo Developer Advisories",
"source_kind": "html-links",
"elapsed_seconds": 0.025,
"elapsed_seconds": 0.017,
"kind": "html-links",
"items_seen": 121
},
@@ -779,7 +779,7 @@
"system_id": "woocommerce",
"source_name": "Wordfence Vulnerability Database",
"source_kind": "html-links",
"elapsed_seconds": 0.02,
"elapsed_seconds": 0.014,
"kind": "html-links",
"items_seen": 0
},
@@ -787,7 +787,7 @@
"system_id": "wordpress",
"source_name": "Patchstack Database",
"source_kind": "html-links",
"elapsed_seconds": 0.043,
"elapsed_seconds": 0.035,
"kind": "html-links",
"items_seen": 193
},
@@ -795,7 +795,7 @@
"system_id": "wordpress",
"source_name": "PortSwigger Research",
"source_kind": "html-links",
"elapsed_seconds": 1.479,
"elapsed_seconds": 1.803,
"kind": "html-links",
"items_seen": 99
},
@@ -803,7 +803,7 @@
"system_id": "wordpress",
"source_name": "WPScan Vulnerability Database",
"source_kind": "html-links",
"elapsed_seconds": 0.043,
"elapsed_seconds": 0.035,
"kind": "html-links",
"items_seen": 74
},
@@ -811,7 +811,7 @@
"system_id": "wordpress",
"source_name": "WordPress Security News RSS",
"source_kind": "rss-feed",
"elapsed_seconds": 0.045,
"elapsed_seconds": 0.036,
"kind": "rss-feed",
"items_seen": 10
},
@@ -819,81 +819,81 @@
"system_id": "wordpress",
"source_name": "Wordfence Vulnerability Database",
"source_kind": "html-links",
"elapsed_seconds": 0.045,
"elapsed_seconds": 0.036,
"kind": "html-links",
"items_seen": 0
}
],
"failures": [],
"slow_sources": [
{
"system_id": "traefik",
"source_name": "OSV Traefik",
"source_kind": "osv-batch",
"elapsed_seconds": 8.58,
"status": "ok"
},
{
"system_id": "mattermost",
"source_name": "OSV Mattermost",
"source_kind": "osv-batch",
"elapsed_seconds": 5.098,
"elapsed_seconds": 5.583,
"status": "ok"
},
{
"system_id": "django",
"source_name": "OSV Django",
"source_kind": "osv-batch",
"elapsed_seconds": 4.51,
"status": "ok"
},
{
"system_id": "kibana",
"source_name": "NVD Kibana",
"source_kind": "nvd-search",
"elapsed_seconds": 4.081,
"status": "ok"
},
{
"system_id": "phpmyadmin",
"source_name": "OSV phpMyAdmin",
"source_kind": "osv-batch",
"elapsed_seconds": 4.051,
"status": "ok"
},
{
"system_id": "moodle",
"source_name": "OSV Moodle",
"source_kind": "osv-batch",
"elapsed_seconds": 3.955,
"elapsed_seconds": 4.98,
"status": "ok"
},
{
"system_id": "redmine",
"source_name": "OSV Redmine",
"source_kind": "osv-batch",
"elapsed_seconds": 3.91,
"elapsed_seconds": 4.913,
"status": "ok"
},
{
"system_id": "symfony",
"source_name": "OSV Symfony",
"source_kind": "osv-batch",
"elapsed_seconds": 4.892,
"status": "ok"
},
{
"system_id": "moodle",
"source_name": "OSV Moodle",
"source_kind": "osv-batch",
"elapsed_seconds": 4.35,
"status": "ok"
},
{
"system_id": "caddy",
"source_name": "OSV Caddy",
"source_kind": "osv-batch",
"elapsed_seconds": 4.228,
"status": "ok"
},
{
"system_id": "kibana",
"source_name": "NVD Kibana",
"source_kind": "nvd-search",
"elapsed_seconds": 4.196,
"status": "ok"
},
{
"system_id": "phpmyadmin",
"source_name": "OSV phpMyAdmin",
"source_kind": "osv-batch",
"elapsed_seconds": 4.196,
"status": "ok"
},
{
"system_id": "adminer",
"source_name": "OSV Adminer",
"source_kind": "osv-batch",
"elapsed_seconds": 3.746,
"elapsed_seconds": 3.959,
"status": "ok"
},
{
"system_id": "gitea",
"source_name": "OSV Gitea",
"source_kind": "osv-batch",
"elapsed_seconds": 3.71,
"status": "ok"
},
{
"system_id": "echo",
"source_name": "OSV Echo",
"source_kind": "osv-batch",
"elapsed_seconds": 3.684,
"elapsed_seconds": 3.896,
"status": "ok"
}
],

2
08-threat-intel/generated/dashboard/data/version-backlog.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-30T09:18:25+00:00",
"generated_at": "2026-03-31T09:18:20+00:00",
"source_gap_entities": [
{
"entity_id": "adminer",

34
08-threat-intel/generated/dashboard/data/version-completeness.json
查看文件

@@ -1,12 +1,12 @@
{
"generated_at": "2026-03-30T09:18:25+00:00",
"generated_at": "2026-03-31T09:18:20+00:00",
"cataloged_entity_total": 110,
"latest_version_synced_count": 95,
"source_gap_count": 15,
"security_version_total": 6308,
"security_version_total": 6290,
"security_version_entity_count": 83,
"auto_promoted_entity_count": 10,
"lab_enqueued_count": 1,
"lab_enqueued_count": 3,
"systems": [
{
"system_id": "adminer",
@@ -116,7 +116,7 @@
"entity_id": "astro",
"display_name": "Astro",
"entity_type": "system",
"latest_version": "6.1.1",
"latest_version": "6.1.2",
"latest_release_at": "2025-11-20T14:43:59.624508Z",
"version_sync_status": "green"
},
@@ -124,7 +124,7 @@
"entity_id": "astro--project--astro",
"display_name": "astro",
"entity_type": "project",
"latest_version": "6.1.1",
"latest_version": "6.1.2",
"latest_release_at": "2025-11-27T08:22:36.525875Z",
"version_sync_status": "green"
},
@@ -132,7 +132,7 @@
"entity_id": "astro--module--astro",
"display_name": "astro",
"entity_type": "module",
"latest_version": "6.1.1",
"latest_version": "6.1.2",
"latest_release_at": "2025-11-20T14:43:59.624508Z",
"version_sync_status": "green"
}
@@ -186,16 +186,16 @@
"entity_id": "directus",
"display_name": "Directus",
"entity_type": "system",
"latest_version": "11.17.0",
"latest_release_at": "2026-03-24T23:17:51Z",
"latest_version": "11.17.1",
"latest_release_at": "2026-03-30T16:37:32Z",
"version_sync_status": "green"
},
{
"entity_id": "directus--repo--directus-directus",
"display_name": "directus / directus",
"entity_type": "repo",
"latest_version": "11.17.0",
"latest_release_at": "2026-03-24T23:17:51Z",
"latest_version": "11.17.1",
"latest_release_at": "2026-03-30T16:37:32Z",
"version_sync_status": "green"
}
]
@@ -648,7 +648,7 @@
"cataloged_entity_total": 5,
"latest_version_synced_count": 5,
"source_gap_count": 0,
"security_version_count": 3848,
"security_version_count": 3854,
"auto_promoted_count": 0,
"latest_versions": [
{
@@ -699,7 +699,7 @@
"cataloged_entity_total": 1,
"latest_version_synced_count": 1,
"source_gap_count": 0,
"security_version_count": 252,
"security_version_count": 228,
"auto_promoted_count": 0,
"latest_versions": [
{
@@ -1018,16 +1018,16 @@
"entity_id": "saleor",
"display_name": "Saleor",
"entity_type": "system",
"latest_version": "3.22.44",
"latest_release_at": "2026-03-24T13:34:33Z",
"latest_version": "3.22.45",
"latest_release_at": "2026-03-30T14:56:59Z",
"version_sync_status": "green"
},
{
"entity_id": "saleor--repo--saleor-saleor",
"display_name": "saleor / saleor",
"entity_type": "repo",
"latest_version": "3.22.44",
"latest_release_at": "2026-03-24T13:34:33Z",
"latest_version": "3.22.45",
"latest_release_at": "2026-03-30T14:56:59Z",
"version_sync_status": "green"
}
]
@@ -1429,7 +1429,7 @@
"entity_id": "wordpress",
"display_name": "WordPress",
"entity_type": "system",
"latest_version": "9.1.2",
"latest_version": "7.9",
"latest_release_at": "",
"version_sync_status": "green"
}

12
08-threat-intel/generated/dashboard/docs/architecture-library.html
查看文件

@@ -87,7 +87,7 @@
<h1>当前架构库镜像</h1>
<div class="meta">工作台内置镜像页:当前架构库结构化数据镜像。</div>
<pre>{
&quot;generated_at&quot;: &quot;2026-03-30T09:18:27+00:00&quot;,
&quot;generated_at&quot;: &quot;2026-03-31T09:18:21+00:00&quot;,
&quot;title&quot;: &quot;当前架构库&quot;,
&quot;summary&quot;: &quot;工作台、控制面、数据层、授权边界与系统覆盖的当前真值视图。&quot;,
&quot;sections&quot;: [
@@ -127,7 +127,7 @@
},
{
&quot;label&quot;: &quot;当前漏洞条目&quot;,
&quot;value&quot;: &quot;2425&quot;
&quot;value&quot;: &quot;2428&quot;
}
],
&quot;fields&quot;: [
@@ -145,7 +145,7 @@
},
{
&quot;label&quot;: &quot;生成时间&quot;,
&quot;value&quot;: &quot;2026-03-30T09:18:27+00:00&quot;
&quot;value&quot;: &quot;2026-03-31T09:18:21+00:00&quot;
}
],
&quot;links&quot;: [
@@ -6061,7 +6061,7 @@
},
{
&quot;label&quot;: &quot;Advisory 数&quot;,
&quot;value&quot;: &quot;2425&quot;
&quot;value&quot;: &quot;2428&quot;
},
{
&quot;label&quot;: &quot;状态类型&quot;,
@@ -6080,7 +6080,7 @@
&quot;items&quot;: [
{
&quot;title&quot;: &quot;人工分诊&quot;,
&quot;summary&quot;: &quot;当前累计 2336 条。&quot;,
&quot;summary&quot;: &quot;当前累计 2339 条。&quot;,
&quot;open&quot;: false,
&quot;fields&quot;: [
{
@@ -6089,7 +6089,7 @@
},
{
&quot;label&quot;: &quot;数量&quot;,
&quot;value&quot;: &quot;2336&quot;
&quot;value&quot;: &quot;2339&quot;
}
]
},

6
08-threat-intel/generated/dashboard/docs/coverage-matrix.html
查看文件

@@ -120,8 +120,8 @@
| Koa | `frameworks` | `rolling-24m` | `-` | `yes` | `1` | `1` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-02-26T23:36:36.294040Z` |
| Laravel | `frameworks` | `rolling-24m` | `-` | `yes` | `2` | `2` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2026-03-13T22:15:34.333730Z` |
| Magento Open Source | `ecommerce` | `history-full` | `yes` | `yes` | `89` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `2025-04-20T01:37:25.860` |
| Mattermost | `platforms` | `rolling-24m` | `-` | `yes` | `33` | `33` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `Fix Release Date` |
| MediaWiki | `cms` | `rolling-24m` | `-` | `yes` | `70` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `70` | `Wed, 22 Oct 2025 21:44:43 +0000` |
| Mattermost | `platforms` | `rolling-24m` | `-` | `yes` | `35` | `35` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `0` | `Fix Release Date` |
| MediaWiki | `cms` | `rolling-24m` | `-` | `yes` | `71` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `71` | `Wed, 22 Oct 2025 21:44:43 +0000` |
| Medusa | `ecommerce` | `rolling-24m` | `-` | `yes` | `15` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `15` | `` |
| Moodle | `cms` | `rolling-24m` | `-` | `yes` | `40` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `40` | `2025-04-09T00:30:58.490` |
| NestJS | `frameworks` | `rolling-24m` | `-` | `yes` | `2` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `2` | `2026-03-02T20:30:10.923` |
@@ -132,7 +132,7 @@
| OpenCart | `ecommerce` | `history-full` | `yes` | `yes` | `100` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `100` | `2025-05-15T19:15:54.980` |
| OpenMage / Mage-OS | `ecommerce` | `rolling-24m` | `-` | `yes` | `27` | `0` | `2` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `27` | `` |
| phpMyAdmin | `platforms` | `rolling-24m` | `-` | `yes` | `50` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `50` | `` |
| PrestaShop | `ecommerce` | `history-full` | `yes` | `yes` | `114` | `2` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `112` | `2026-03-27T21:52:37.272493Z` |
| PrestaShop | `ecommerce` | `history-full` | `yes` | `yes` | `114` | `2` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `112` | `2026-03-30T12:26:07.105030Z` |
| Ruby on Rails | `frameworks` | `rolling-24m` | `-` | `yes` | `42` | `10` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `32` | `2025-05-01T18:49:06.777708Z` |
| React | `frameworks` | `history-full` | `yes` | `yes` | `21` | `3` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `18` | `2023-11-08T04:00:21.209483Z` |
| Redmine | `platforms` | `rolling-24m` | `-` | `yes` | `50` | `0` | `3` | `seeded` | `real:0/synthetic:0/blocked:0` | `0` | `0` | `50` | `` |

2
08-threat-intel/generated/dashboard/docs/entity-catalog-report.html
查看文件

@@ -88,7 +88,7 @@
<div class="meta">工作台内置镜像页分层实体覆盖、history-full 完整度和 workflow 统计。</div>
<pre># 分层实体覆盖与完整度报告
- 生成时间: `2026-03-30T09:18:25+00:00`
- 生成时间: `2026-03-31T09:18:20+00:00`
- 已编目实体: `110`
- 待编目 backlog: `7`
- history-full 已完成: `41`

2
08-threat-intel/generated/dashboard/docs/entity-discovery-backlog.html
查看文件

@@ -88,7 +88,7 @@
<div class="meta">工作台内置镜像页:待编目 repo / 插件 / 包 backlog 与等待原因。</div>
<pre># 分层实体发现 Backlog
- 生成时间: `2026-03-30T09:18:25+00:00`
- 生成时间: `2026-03-31T09:18:20+00:00`
- 待编目数量: `7`
| candidate_id | root_system | entity_type | risk | reason | waiting_for | source |

2
08-threat-intel/generated/dashboard/docs/source-catalog-audit.html
查看文件

@@ -88,7 +88,7 @@
<div class="meta">工作台内置镜像页active/retired source、replacement map 与覆盖摘要。</div>
<pre># Source Catalog Audit
- generated_at: `2026-03-30T09:17:05+00:00`
- generated_at: `2026-03-31T09:17:00+00:00`
- systems: `62`
- sources: `179`
- active_sources: `102`

4
08-threat-intel/generated/dashboard/docs/testing-completeness-report.html
查看文件

@@ -88,7 +88,7 @@
<div class="meta">工作台内置镜像页89 条 advisory 最新完整度、family 矩阵与 ingest 健康度。</div>
<pre># 全库 Advisory 完整度报告
- 生成时间: `2026-03-30T09:18:27+00:00`
- 生成时间: `2026-03-31T09:18:21+00:00`
- 最新 advisory 完整度: `89/89` `verified-real`
- 合成验证数量: `0`
- 阻塞数量: `0`
@@ -96,7 +96,7 @@
- 完整度百分比: `100.0%`
- active source 全绿: `102/102`
- source open alerts: `0`
- 最近一次 source 全绿: `2026-03-30T09:18:10+00:00`
- 最近一次 source 全绿: `2026-03-31T09:18:05+00:00`
- 已编目实体: `110`
- 待编目 backlog: `7`

10
08-threat-intel/generated/dashboard/docs/version-sync-report.html
查看文件

@@ -88,14 +88,14 @@
<div class="meta">工作台内置镜像页安全相关版本历史、source-gap 与版本驱动 lab enqueue 摘要。</div>
<pre># 安全相关版本同步报告
- 生成时间: `2026-03-30T09:18:25+00:00`
- 生成时间: `2026-03-31T09:18:20+00:00`
- 已编目实体: `110`
- 最新版本已同步: `95`
- 版本 source-gap: `15`
- 安全相关版本记录: `6308`
- 安全相关版本记录: `6290`
- 存在安全版本历史的实体: `83`
- 自动升级实体: `10`
- 因版本变化触发 lab 入队: `1`
- 因版本变化触发 lab 入队: `3`
## 系统版本摘要
@@ -131,8 +131,8 @@
| koa | 2 | 2 | 0 | 4 | 0 |
| laravel | 2 | 2 | 0 | 103 | 0 |
| magento-open-source | 2 | 2 | 0 | 6 | 1 |
| mattermost | 5 | 5 | 0 | 3848 | 0 |
| mediawiki | 1 | 1 | 0 | 252 | 0 |
| mattermost | 5 | 5 | 0 | 3854 | 0 |
| mediawiki | 1 | 1 | 0 | 228 | 0 |
| medusa | 1 | 0 | 1 | 0 | 0 |
| moodle | 1 | 0 | 1 | 0 | 0 |
| nestjs | 1 | 0 | 1 | 0 | 0 |

311
08-threat-intel/generated/dashboard/entities.json
查看文件

文件差异内容过多而无法显示 加载差异

370
08-threat-intel/generated/dashboard/summary.json
查看文件

@@ -1,9 +1,9 @@
{
"generated_at": "2026-03-30T09:18:27+00:00",
"advisory_count": 2425,
"generated_at": "2026-03-31T09:18:21+00:00",
"advisory_count": 2428,
"run_count": 140,
"statuses": {
"triage-manual": 2336,
"triage-manual": 2339,
"verified-real": 89
},
"run_statuses": {
@@ -158,10 +158,10 @@
"green_source_count": 102,
"source_failure_count": 0,
"open_alert_count": 0,
"last_fully_green_run": "2026-03-30T09:18:10+00:00"
"last_fully_green_run": "2026-03-31T09:18:05+00:00"
},
"entity_coverage": {
"generated_at": "2026-03-30T09:18:25+00:00",
"generated_at": "2026-03-31T09:18:20+00:00",
"cataloged_entity_total": 110,
"candidate_entity_total": 7,
"history_full_complete_count": 41,
@@ -971,7 +971,7 @@
"entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
"entity_type": "repo",
"display_name": "mattermost / mattermost-server",
"advisory_count": 14,
"advisory_count": 16,
"history_backfill_status": "seeded",
"latest_sync_status": "green"
},
@@ -1931,18 +1931,18 @@
"discovery_queue": 7,
"history_queue": 27,
"latest_queue": 10,
"workflow_queue": 2178
"workflow_queue": 2179
}
},
"version_coverage": {
"generated_at": "2026-03-30T09:18:25+00:00",
"generated_at": "2026-03-31T09:18:20+00:00",
"cataloged_entity_total": 110,
"latest_version_synced_count": 95,
"source_gap_count": 15,
"security_version_total": 6308,
"security_version_total": 6290,
"security_version_entity_count": 83,
"auto_promoted_entity_count": 10,
"lab_enqueued_count": 1,
"lab_enqueued_count": 3,
"systems": [
{
"system_id": "adminer",
@@ -2052,7 +2052,7 @@
"entity_id": "astro",
"display_name": "Astro",
"entity_type": "system",
"latest_version": "6.1.1",
"latest_version": "6.1.2",
"latest_release_at": "2025-11-20T14:43:59.624508Z",
"version_sync_status": "green"
},
@@ -2060,7 +2060,7 @@
"entity_id": "astro--project--astro",
"display_name": "astro",
"entity_type": "project",
"latest_version": "6.1.1",
"latest_version": "6.1.2",
"latest_release_at": "2025-11-27T08:22:36.525875Z",
"version_sync_status": "green"
},
@@ -2068,7 +2068,7 @@
"entity_id": "astro--module--astro",
"display_name": "astro",
"entity_type": "module",
"latest_version": "6.1.1",
"latest_version": "6.1.2",
"latest_release_at": "2025-11-20T14:43:59.624508Z",
"version_sync_status": "green"
}
@@ -2122,16 +2122,16 @@
"entity_id": "directus",
"display_name": "Directus",
"entity_type": "system",
"latest_version": "11.17.0",
"latest_release_at": "2026-03-24T23:17:51Z",
"latest_version": "11.17.1",
"latest_release_at": "2026-03-30T16:37:32Z",
"version_sync_status": "green"
},
{
"entity_id": "directus--repo--directus-directus",
"display_name": "directus / directus",
"entity_type": "repo",
"latest_version": "11.17.0",
"latest_release_at": "2026-03-24T23:17:51Z",
"latest_version": "11.17.1",
"latest_release_at": "2026-03-30T16:37:32Z",
"version_sync_status": "green"
}
]
@@ -2584,7 +2584,7 @@
"cataloged_entity_total": 5,
"latest_version_synced_count": 5,
"source_gap_count": 0,
"security_version_count": 3848,
"security_version_count": 3854,
"auto_promoted_count": 0,
"latest_versions": [
{
@@ -2635,7 +2635,7 @@
"cataloged_entity_total": 1,
"latest_version_synced_count": 1,
"source_gap_count": 0,
"security_version_count": 252,
"security_version_count": 228,
"auto_promoted_count": 0,
"latest_versions": [
{
@@ -2954,16 +2954,16 @@
"entity_id": "saleor",
"display_name": "Saleor",
"entity_type": "system",
"latest_version": "3.22.44",
"latest_release_at": "2026-03-24T13:34:33Z",
"latest_version": "3.22.45",
"latest_release_at": "2026-03-30T14:56:59Z",
"version_sync_status": "green"
},
{
"entity_id": "saleor--repo--saleor-saleor",
"display_name": "saleor / saleor",
"entity_type": "repo",
"latest_version": "3.22.44",
"latest_release_at": "2026-03-24T13:34:33Z",
"latest_version": "3.22.45",
"latest_release_at": "2026-03-30T14:56:59Z",
"version_sync_status": "green"
}
]
@@ -3365,7 +3365,7 @@
"entity_id": "wordpress",
"display_name": "WordPress",
"entity_type": "system",
"latest_version": "9.1.2",
"latest_version": "7.9",
"latest_release_at": "",
"version_sync_status": "green"
}
@@ -3429,7 +3429,7 @@
"entity_id": "wordpress",
"display_name": "WordPress",
"entity_type": "system",
"latest_version": "9.1.2",
"latest_version": "7.9",
"latest_release_at": "",
"version_sync_status": "green"
}
@@ -3442,8 +3442,8 @@
"entity_type_counts": {
"system": 1
},
"latest_version": "9.1.2",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"latest_version": "7.9",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 55
},
@@ -3552,7 +3552,7 @@
"system": 1
},
"latest_version": "11.0-doc",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 2
},
@@ -3649,7 +3649,7 @@
"system": 1
},
"latest_version": "2.4.x",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 1
},
@@ -3663,7 +3663,7 @@
"manual": 114,
"browser_required": 0,
"browser_present": 0,
"latest_update": "2026-03-27T21:52:37.272493Z",
"latest_update": "2026-03-30T12:26:07.105030Z",
"category": "ecommerce",
"tier": "history-full",
"output_dir": "07-framework-security/ecommerce/prestashop",
@@ -3794,7 +3794,7 @@
"repo": 1
},
"latest_version": "8.2.5",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 59
},
@@ -3895,7 +3895,7 @@
"repo": 1
},
"latest_version": "10.6.1",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 2
},
@@ -3971,7 +3971,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -4044,7 +4044,7 @@
"system": 1
},
"latest_version": "1017-20260102-core-xss-vector-in-the-pagebreak-plugin.html",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 5
},
@@ -4175,7 +4175,7 @@
"repo": 1
},
"latest_version": "3.0.5.0",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 4
},
@@ -4300,7 +4300,7 @@
"repo": 1
},
"latest_version": "2.4.9-beta1",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 6
},
@@ -4401,7 +4401,7 @@
"project": 1
},
"latest_version": "1.0.0",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 182
},
@@ -4465,10 +4465,83 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
{
"system_id": "mediawiki",
"display_name": "MediaWiki",
"total": 71,
"verified_real": 0,
"verified_synthetic": 0,
"blocked": 0,
"manual": 71,
"browser_required": 0,
"browser_present": 0,
"latest_update": "Wed, 22 Oct 2025 21:44:43 +0000",
"category": "cms",
"tier": "rolling-24m",
"output_dir": "07-framework-security/cms/mediawiki",
"families": [
{
"family": "xss",
"total": 71,
"verified_real": 0,
"manual": 71
}
],
"entity_summary": {
"system_id": "mediawiki",
"display_name": "MediaWiki",
"cataloged_entity_total": 1,
"child_entity_total": 0,
"candidate_entity_total": 0,
"workflow_complete_count": 1,
"version_mapped_count": 0,
"official_source_covered_count": 1,
"history_full_complete_count": 0,
"latest_green_count": 1,
"version_gap_entity_count": 1,
"workflow_gap_entity_count": 0,
"plugin_total": 0,
"entity_type_counts": {
"system": 1
},
"top_entities": [],
"backlog_preview": []
},
"version_summary": {
"system_id": "mediawiki",
"display_name": "MediaWiki",
"cataloged_entity_total": 1,
"latest_version_synced_count": 1,
"source_gap_count": 0,
"security_version_count": 228,
"auto_promoted_count": 0,
"latest_versions": [
{
"entity_id": "mediawiki",
"display_name": "MediaWiki",
"entity_type": "system",
"latest_version": "28-10-2025",
"latest_release_at": "Tue, 07 Oct 2025 15:18:36 +0000",
"version_sync_status": "green"
}
]
},
"top_entities": [],
"backlog_preview": [],
"entity_total": 1,
"entity_backlog": 0,
"entity_type_counts": {
"system": 1
},
"latest_version": "28-10-2025",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 228
},
{
"system_id": "shopware",
"display_name": "Shopware",
@@ -4596,7 +4669,7 @@
"repo": 1
},
"latest_version": "6.7.8.2",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 0
},
@@ -4669,83 +4742,10 @@
"system": 1
},
"latest_version": "11.2.8",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 74
},
{
"system_id": "mediawiki",
"display_name": "MediaWiki",
"total": 70,
"verified_real": 0,
"verified_synthetic": 0,
"blocked": 0,
"manual": 70,
"browser_required": 0,
"browser_present": 0,
"latest_update": "Wed, 22 Oct 2025 21:44:43 +0000",
"category": "cms",
"tier": "rolling-24m",
"output_dir": "07-framework-security/cms/mediawiki",
"families": [
{
"family": "xss",
"total": 70,
"verified_real": 0,
"manual": 70
}
],
"entity_summary": {
"system_id": "mediawiki",
"display_name": "MediaWiki",
"cataloged_entity_total": 1,
"child_entity_total": 0,
"candidate_entity_total": 0,
"workflow_complete_count": 1,
"version_mapped_count": 0,
"official_source_covered_count": 1,
"history_full_complete_count": 0,
"latest_green_count": 1,
"version_gap_entity_count": 1,
"workflow_gap_entity_count": 0,
"plugin_total": 0,
"entity_type_counts": {
"system": 1
},
"top_entities": [],
"backlog_preview": []
},
"version_summary": {
"system_id": "mediawiki",
"display_name": "MediaWiki",
"cataloged_entity_total": 1,
"latest_version_synced_count": 1,
"source_gap_count": 0,
"security_version_count": 252,
"auto_promoted_count": 0,
"latest_versions": [
{
"entity_id": "mediawiki",
"display_name": "MediaWiki",
"entity_type": "system",
"latest_version": "28-10-2025",
"latest_release_at": "Tue, 07 Oct 2025 15:18:36 +0000",
"version_sync_status": "green"
}
]
},
"top_entities": [],
"backlog_preview": [],
"entity_total": 1,
"entity_backlog": 0,
"entity_type_counts": {
"system": 1
},
"latest_version": "28-10-2025",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"version_sync_status": "green",
"security_version_count": 252
},
{
"system_id": "nextjs",
"display_name": "Next.js",
@@ -4887,7 +4887,7 @@
"project": 1
},
"latest_version": "16.2.1",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 168
},
@@ -4951,7 +4951,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -5015,7 +5015,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -5094,7 +5094,7 @@
"system": 1
},
"latest_version": "2026-4363---incorrect-authorization-issue-in-authorization-caching-impacts-gitlab-ee",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 625
},
@@ -5196,7 +5196,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -5269,7 +5269,7 @@
"system": 1
},
"latest_version": "5.2.3-all-languages.zip",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 0
},
@@ -5342,7 +5342,7 @@
"system": 1
},
"latest_version": "6.1.2",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 0
},
@@ -5481,7 +5481,7 @@
"extension": 1
},
"latest_version": "3.7.0-ea.3",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 71
},
@@ -5545,7 +5545,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -5646,7 +5646,7 @@
"project": 1
},
"latest_version": "4.1.0-beta",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 102
},
@@ -5845,7 +5845,7 @@
"extension": 1
},
"latest_version": "8.0.3",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 150
},
@@ -5909,18 +5909,18 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
{
"system_id": "mattermost",
"display_name": "Mattermost",
"total": 33,
"total": 35,
"verified_real": 0,
"verified_synthetic": 0,
"blocked": 0,
"manual": 33,
"manual": 35,
"browser_required": 0,
"browser_present": 0,
"latest_update": "Fix Release Date",
@@ -5930,9 +5930,9 @@
"families": [
{
"family": "xss",
"total": 33,
"total": 35,
"verified_real": 0,
"manual": 33
"manual": 35
}
],
"entity_summary": {
@@ -5960,7 +5960,7 @@
"entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
"entity_type": "repo",
"display_name": "mattermost / mattermost-server",
"advisory_count": 14,
"advisory_count": 16,
"history_backfill_status": "seeded",
"latest_sync_status": "green"
},
@@ -5997,7 +5997,7 @@
"cataloged_entity_total": 5,
"latest_version_synced_count": 5,
"source_gap_count": 0,
"security_version_count": 3848,
"security_version_count": 3854,
"auto_promoted_count": 0,
"latest_versions": [
{
@@ -6047,7 +6047,7 @@
"entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
"entity_type": "repo",
"display_name": "mattermost / mattermost-server",
"advisory_count": 14,
"advisory_count": 16,
"history_backfill_status": "seeded",
"latest_sync_status": "green"
},
@@ -6086,9 +6086,9 @@
"plugin": 1
},
"latest_version": "26.2.1",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 3848
"security_version_count": 3854
},
{
"system_id": "discourse",
@@ -6159,7 +6159,7 @@
"system": 1
},
"latest_version": "2502-05-2023-143713-1.zip",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 80
},
@@ -6298,7 +6298,7 @@
"extension": 1
},
"latest_version": "2.11.2",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 7
},
@@ -6385,16 +6385,16 @@
"entity_id": "directus",
"display_name": "Directus",
"entity_type": "system",
"latest_version": "11.17.0",
"latest_release_at": "2026-03-24T23:17:51Z",
"latest_version": "11.17.1",
"latest_release_at": "2026-03-30T16:37:32Z",
"version_sync_status": "green"
},
{
"entity_id": "directus--repo--directus-directus",
"display_name": "directus / directus",
"entity_type": "repo",
"latest_version": "11.17.0",
"latest_release_at": "2026-03-24T23:17:51Z",
"latest_version": "11.17.1",
"latest_release_at": "2026-03-30T16:37:32Z",
"version_sync_status": "green"
}
]
@@ -6416,8 +6416,8 @@
"system": 1,
"repo": 1
},
"latest_version": "11.17.0",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"latest_version": "11.17.1",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 2
},
@@ -6538,7 +6538,7 @@
"project": 1
},
"latest_version": "4.4.2",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 11
},
@@ -6645,7 +6645,7 @@
"repo": 1
},
"latest_version": "20.16.0",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 0
},
@@ -6752,7 +6752,7 @@
"repo": 1
},
"latest_version": "5.40.0",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 0
},
@@ -6833,16 +6833,16 @@
"entity_id": "saleor",
"display_name": "Saleor",
"entity_type": "system",
"latest_version": "3.22.44",
"latest_release_at": "2026-03-24T13:34:33Z",
"latest_version": "3.22.45",
"latest_release_at": "2026-03-30T14:56:59Z",
"version_sync_status": "green"
},
{
"entity_id": "saleor--repo--saleor-saleor",
"display_name": "saleor / saleor",
"entity_type": "repo",
"latest_version": "3.22.44",
"latest_release_at": "2026-03-24T13:34:33Z",
"latest_version": "3.22.45",
"latest_release_at": "2026-03-30T14:56:59Z",
"version_sync_status": "green"
}
]
@@ -6864,8 +6864,8 @@
"system": 1,
"repo": 1
},
"latest_version": "3.22.44",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"latest_version": "3.22.45",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 0
},
@@ -6966,7 +6966,7 @@
"repo": 1
},
"latest_version": "6.24.0",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 0
},
@@ -7099,7 +7099,7 @@
"extension": 1
},
"latest_version": "7.24.6",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 25
},
@@ -7238,7 +7238,7 @@
"project": 2
},
"latest_version": "19.2.4",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 18
},
@@ -7346,7 +7346,7 @@
"entity_id": "astro",
"display_name": "Astro",
"entity_type": "system",
"latest_version": "6.1.1",
"latest_version": "6.1.2",
"latest_release_at": "2025-11-20T14:43:59.624508Z",
"version_sync_status": "green"
},
@@ -7354,7 +7354,7 @@
"entity_id": "astro--project--astro",
"display_name": "astro",
"entity_type": "project",
"latest_version": "6.1.1",
"latest_version": "6.1.2",
"latest_release_at": "2025-11-27T08:22:36.525875Z",
"version_sync_status": "green"
},
@@ -7362,7 +7362,7 @@
"entity_id": "astro--module--astro",
"display_name": "astro",
"entity_type": "module",
"latest_version": "6.1.1",
"latest_version": "6.1.2",
"latest_release_at": "2025-11-20T14:43:59.624508Z",
"version_sync_status": "green"
}
@@ -7394,8 +7394,8 @@
"module": 1,
"project": 1
},
"latest_version": "6.1.1",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"latest_version": "6.1.2",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 32
},
@@ -7473,7 +7473,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -7588,7 +7588,7 @@
"project": 1
},
"latest_version": "3.5.31",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 2
},
@@ -7664,7 +7664,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:17+00:00",
"last_version_synced_at": "2026-03-31T09:18:13+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -7765,7 +7765,7 @@
"package": 1
},
"latest_version": "8.0.7",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 220
},
@@ -7829,7 +7829,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -7902,7 +7902,7 @@
"system": 1
},
"latest_version": "2.0",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 2
},
@@ -8009,7 +8009,7 @@
"project": 1
},
"latest_version": "7.0.4",
"last_version_synced_at": "2026-03-30T09:18:17+00:00",
"last_version_synced_at": "2026-03-31T09:18:13+00:00",
"version_sync_status": "green",
"security_version_count": 92
},
@@ -8073,7 +8073,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -8174,7 +8174,7 @@
"package": 1
},
"latest_version": "2.55.0",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 4
},
@@ -8238,7 +8238,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -8339,7 +8339,7 @@
"package": 1
},
"latest_version": "21.2.6",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 18
},
@@ -8446,7 +8446,7 @@
"repo": 1
},
"latest_version": "5.0.4",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 4
},
@@ -8547,7 +8547,7 @@
"project": 1
},
"latest_version": "5.8.4",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 4
},
@@ -8648,7 +8648,7 @@
"package": 1
},
"latest_version": "13.2.0",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 103
},
@@ -8712,7 +8712,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -8819,7 +8819,7 @@
"project": 1
},
"latest_version": "2.2.11.RELEASE",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 22
},
@@ -8920,7 +8920,7 @@
"project": 1
},
"latest_version": "0.27.4",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 2
},
@@ -8984,7 +8984,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -9085,7 +9085,7 @@
"project": 1
},
"latest_version": "0.2.10",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 22
},
@@ -9186,7 +9186,7 @@
"repo": 1
},
"latest_version": "1.12.0",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 2
},
@@ -9287,7 +9287,7 @@
"package": 1
},
"latest_version": "21.4.7",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 4
},
@@ -9388,7 +9388,7 @@
"project": 1
},
"latest_version": "3.2.0",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 4
},
@@ -9452,7 +9452,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -9553,7 +9553,7 @@
"project": 1
},
"latest_version": "0.0.15",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 22
}
@@ -9575,7 +9575,7 @@
"version_mapped_count": 52,
"latest_version_synced_count": 95,
"version_source_gap_count": 15,
"security_version_total": 6308,
"lab_enqueued_count": 1
"security_version_total": 6290,
"lab_enqueued_count": 3
}
}

318
08-threat-intel/generated/dashboard/systems.json
查看文件

@@ -54,7 +54,7 @@
"entity_id": "wordpress",
"display_name": "WordPress",
"entity_type": "system",
"latest_version": "9.1.2",
"latest_version": "7.9",
"latest_release_at": "",
"version_sync_status": "green"
}
@@ -67,8 +67,8 @@
"entity_type_counts": {
"system": 1
},
"latest_version": "9.1.2",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"latest_version": "7.9",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 55
},
@@ -177,7 +177,7 @@
"system": 1
},
"latest_version": "11.0-doc",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 2
},
@@ -274,7 +274,7 @@
"system": 1
},
"latest_version": "2.4.x",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 1
},
@@ -288,7 +288,7 @@
"manual": 114,
"browser_required": 0,
"browser_present": 0,
"latest_update": "2026-03-27T21:52:37.272493Z",
"latest_update": "2026-03-30T12:26:07.105030Z",
"category": "ecommerce",
"tier": "history-full",
"output_dir": "07-framework-security/ecommerce/prestashop",
@@ -419,7 +419,7 @@
"repo": 1
},
"latest_version": "8.2.5",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 59
},
@@ -520,7 +520,7 @@
"repo": 1
},
"latest_version": "10.6.1",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 2
},
@@ -596,7 +596,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -669,7 +669,7 @@
"system": 1
},
"latest_version": "1017-20260102-core-xss-vector-in-the-pagebreak-plugin.html",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 5
},
@@ -800,7 +800,7 @@
"repo": 1
},
"latest_version": "3.0.5.0",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 4
},
@@ -925,7 +925,7 @@
"repo": 1
},
"latest_version": "2.4.9-beta1",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 6
},
@@ -1026,7 +1026,7 @@
"project": 1
},
"latest_version": "1.0.0",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 182
},
@@ -1090,10 +1090,83 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
{
"system_id": "mediawiki",
"display_name": "MediaWiki",
"total": 71,
"verified_real": 0,
"verified_synthetic": 0,
"blocked": 0,
"manual": 71,
"browser_required": 0,
"browser_present": 0,
"latest_update": "Wed, 22 Oct 2025 21:44:43 +0000",
"category": "cms",
"tier": "rolling-24m",
"output_dir": "07-framework-security/cms/mediawiki",
"families": [
{
"family": "xss",
"total": 71,
"verified_real": 0,
"manual": 71
}
],
"entity_summary": {
"system_id": "mediawiki",
"display_name": "MediaWiki",
"cataloged_entity_total": 1,
"child_entity_total": 0,
"candidate_entity_total": 0,
"workflow_complete_count": 1,
"version_mapped_count": 0,
"official_source_covered_count": 1,
"history_full_complete_count": 0,
"latest_green_count": 1,
"version_gap_entity_count": 1,
"workflow_gap_entity_count": 0,
"plugin_total": 0,
"entity_type_counts": {
"system": 1
},
"top_entities": [],
"backlog_preview": []
},
"version_summary": {
"system_id": "mediawiki",
"display_name": "MediaWiki",
"cataloged_entity_total": 1,
"latest_version_synced_count": 1,
"source_gap_count": 0,
"security_version_count": 228,
"auto_promoted_count": 0,
"latest_versions": [
{
"entity_id": "mediawiki",
"display_name": "MediaWiki",
"entity_type": "system",
"latest_version": "28-10-2025",
"latest_release_at": "Tue, 07 Oct 2025 15:18:36 +0000",
"version_sync_status": "green"
}
]
},
"top_entities": [],
"backlog_preview": [],
"entity_total": 1,
"entity_backlog": 0,
"entity_type_counts": {
"system": 1
},
"latest_version": "28-10-2025",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 228
},
{
"system_id": "shopware",
"display_name": "Shopware",
@@ -1221,7 +1294,7 @@
"repo": 1
},
"latest_version": "6.7.8.2",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 0
},
@@ -1294,83 +1367,10 @@
"system": 1
},
"latest_version": "11.2.8",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 74
},
{
"system_id": "mediawiki",
"display_name": "MediaWiki",
"total": 70,
"verified_real": 0,
"verified_synthetic": 0,
"blocked": 0,
"manual": 70,
"browser_required": 0,
"browser_present": 0,
"latest_update": "Wed, 22 Oct 2025 21:44:43 +0000",
"category": "cms",
"tier": "rolling-24m",
"output_dir": "07-framework-security/cms/mediawiki",
"families": [
{
"family": "xss",
"total": 70,
"verified_real": 0,
"manual": 70
}
],
"entity_summary": {
"system_id": "mediawiki",
"display_name": "MediaWiki",
"cataloged_entity_total": 1,
"child_entity_total": 0,
"candidate_entity_total": 0,
"workflow_complete_count": 1,
"version_mapped_count": 0,
"official_source_covered_count": 1,
"history_full_complete_count": 0,
"latest_green_count": 1,
"version_gap_entity_count": 1,
"workflow_gap_entity_count": 0,
"plugin_total": 0,
"entity_type_counts": {
"system": 1
},
"top_entities": [],
"backlog_preview": []
},
"version_summary": {
"system_id": "mediawiki",
"display_name": "MediaWiki",
"cataloged_entity_total": 1,
"latest_version_synced_count": 1,
"source_gap_count": 0,
"security_version_count": 252,
"auto_promoted_count": 0,
"latest_versions": [
{
"entity_id": "mediawiki",
"display_name": "MediaWiki",
"entity_type": "system",
"latest_version": "28-10-2025",
"latest_release_at": "Tue, 07 Oct 2025 15:18:36 +0000",
"version_sync_status": "green"
}
]
},
"top_entities": [],
"backlog_preview": [],
"entity_total": 1,
"entity_backlog": 0,
"entity_type_counts": {
"system": 1
},
"latest_version": "28-10-2025",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"version_sync_status": "green",
"security_version_count": 252
},
{
"system_id": "nextjs",
"display_name": "Next.js",
@@ -1512,7 +1512,7 @@
"project": 1
},
"latest_version": "16.2.1",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 168
},
@@ -1576,7 +1576,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -1640,7 +1640,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -1719,7 +1719,7 @@
"system": 1
},
"latest_version": "2026-4363---incorrect-authorization-issue-in-authorization-caching-impacts-gitlab-ee",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 625
},
@@ -1821,7 +1821,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -1894,7 +1894,7 @@
"system": 1
},
"latest_version": "5.2.3-all-languages.zip",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 0
},
@@ -1967,7 +1967,7 @@
"system": 1
},
"latest_version": "6.1.2",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 0
},
@@ -2106,7 +2106,7 @@
"extension": 1
},
"latest_version": "3.7.0-ea.3",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 71
},
@@ -2170,7 +2170,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -2271,7 +2271,7 @@
"project": 1
},
"latest_version": "4.1.0-beta",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 102
},
@@ -2470,7 +2470,7 @@
"extension": 1
},
"latest_version": "8.0.3",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 150
},
@@ -2534,18 +2534,18 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
{
"system_id": "mattermost",
"display_name": "Mattermost",
"total": 33,
"total": 35,
"verified_real": 0,
"verified_synthetic": 0,
"blocked": 0,
"manual": 33,
"manual": 35,
"browser_required": 0,
"browser_present": 0,
"latest_update": "Fix Release Date",
@@ -2555,9 +2555,9 @@
"families": [
{
"family": "xss",
"total": 33,
"total": 35,
"verified_real": 0,
"manual": 33
"manual": 35
}
],
"entity_summary": {
@@ -2585,7 +2585,7 @@
"entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
"entity_type": "repo",
"display_name": "mattermost / mattermost-server",
"advisory_count": 14,
"advisory_count": 16,
"history_backfill_status": "seeded",
"latest_sync_status": "green"
},
@@ -2622,7 +2622,7 @@
"cataloged_entity_total": 5,
"latest_version_synced_count": 5,
"source_gap_count": 0,
"security_version_count": 3848,
"security_version_count": 3854,
"auto_promoted_count": 0,
"latest_versions": [
{
@@ -2672,7 +2672,7 @@
"entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
"entity_type": "repo",
"display_name": "mattermost / mattermost-server",
"advisory_count": 14,
"advisory_count": 16,
"history_backfill_status": "seeded",
"latest_sync_status": "green"
},
@@ -2711,9 +2711,9 @@
"plugin": 1
},
"latest_version": "26.2.1",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 3848
"security_version_count": 3854
},
{
"system_id": "discourse",
@@ -2784,7 +2784,7 @@
"system": 1
},
"latest_version": "2502-05-2023-143713-1.zip",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 80
},
@@ -2923,7 +2923,7 @@
"extension": 1
},
"latest_version": "2.11.2",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 7
},
@@ -3010,16 +3010,16 @@
"entity_id": "directus",
"display_name": "Directus",
"entity_type": "system",
"latest_version": "11.17.0",
"latest_release_at": "2026-03-24T23:17:51Z",
"latest_version": "11.17.1",
"latest_release_at": "2026-03-30T16:37:32Z",
"version_sync_status": "green"
},
{
"entity_id": "directus--repo--directus-directus",
"display_name": "directus / directus",
"entity_type": "repo",
"latest_version": "11.17.0",
"latest_release_at": "2026-03-24T23:17:51Z",
"latest_version": "11.17.1",
"latest_release_at": "2026-03-30T16:37:32Z",
"version_sync_status": "green"
}
]
@@ -3041,8 +3041,8 @@
"system": 1,
"repo": 1
},
"latest_version": "11.17.0",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"latest_version": "11.17.1",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 2
},
@@ -3163,7 +3163,7 @@
"project": 1
},
"latest_version": "4.4.2",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 11
},
@@ -3270,7 +3270,7 @@
"repo": 1
},
"latest_version": "20.16.0",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 0
},
@@ -3377,7 +3377,7 @@
"repo": 1
},
"latest_version": "5.40.0",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 0
},
@@ -3458,16 +3458,16 @@
"entity_id": "saleor",
"display_name": "Saleor",
"entity_type": "system",
"latest_version": "3.22.44",
"latest_release_at": "2026-03-24T13:34:33Z",
"latest_version": "3.22.45",
"latest_release_at": "2026-03-30T14:56:59Z",
"version_sync_status": "green"
},
{
"entity_id": "saleor--repo--saleor-saleor",
"display_name": "saleor / saleor",
"entity_type": "repo",
"latest_version": "3.22.44",
"latest_release_at": "2026-03-24T13:34:33Z",
"latest_version": "3.22.45",
"latest_release_at": "2026-03-30T14:56:59Z",
"version_sync_status": "green"
}
]
@@ -3489,8 +3489,8 @@
"system": 1,
"repo": 1
},
"latest_version": "3.22.44",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"latest_version": "3.22.45",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 0
},
@@ -3591,7 +3591,7 @@
"repo": 1
},
"latest_version": "6.24.0",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 0
},
@@ -3724,7 +3724,7 @@
"extension": 1
},
"latest_version": "7.24.6",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 25
},
@@ -3863,7 +3863,7 @@
"project": 2
},
"latest_version": "19.2.4",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 18
},
@@ -3971,7 +3971,7 @@
"entity_id": "astro",
"display_name": "Astro",
"entity_type": "system",
"latest_version": "6.1.1",
"latest_version": "6.1.2",
"latest_release_at": "2025-11-20T14:43:59.624508Z",
"version_sync_status": "green"
},
@@ -3979,7 +3979,7 @@
"entity_id": "astro--project--astro",
"display_name": "astro",
"entity_type": "project",
"latest_version": "6.1.1",
"latest_version": "6.1.2",
"latest_release_at": "2025-11-27T08:22:36.525875Z",
"version_sync_status": "green"
},
@@ -3987,7 +3987,7 @@
"entity_id": "astro--module--astro",
"display_name": "astro",
"entity_type": "module",
"latest_version": "6.1.1",
"latest_version": "6.1.2",
"latest_release_at": "2025-11-20T14:43:59.624508Z",
"version_sync_status": "green"
}
@@ -4019,8 +4019,8 @@
"module": 1,
"project": 1
},
"latest_version": "6.1.1",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"latest_version": "6.1.2",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 32
},
@@ -4098,7 +4098,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -4213,7 +4213,7 @@
"project": 1
},
"latest_version": "3.5.31",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 2
},
@@ -4289,7 +4289,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:17+00:00",
"last_version_synced_at": "2026-03-31T09:18:13+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -4390,7 +4390,7 @@
"package": 1
},
"latest_version": "8.0.7",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 220
},
@@ -4454,7 +4454,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -4527,7 +4527,7 @@
"system": 1
},
"latest_version": "2.0",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 2
},
@@ -4634,7 +4634,7 @@
"project": 1
},
"latest_version": "7.0.4",
"last_version_synced_at": "2026-03-30T09:18:17+00:00",
"last_version_synced_at": "2026-03-31T09:18:13+00:00",
"version_sync_status": "green",
"security_version_count": 92
},
@@ -4698,7 +4698,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -4799,7 +4799,7 @@
"package": 1
},
"latest_version": "2.55.0",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 4
},
@@ -4863,7 +4863,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -4964,7 +4964,7 @@
"package": 1
},
"latest_version": "21.2.6",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 18
},
@@ -5071,7 +5071,7 @@
"repo": 1
},
"latest_version": "5.0.4",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 4
},
@@ -5172,7 +5172,7 @@
"project": 1
},
"latest_version": "5.8.4",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 4
},
@@ -5273,7 +5273,7 @@
"package": 1
},
"latest_version": "13.2.0",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 103
},
@@ -5337,7 +5337,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -5444,7 +5444,7 @@
"project": 1
},
"latest_version": "2.2.11.RELEASE",
"last_version_synced_at": "2026-03-30T09:18:16+00:00",
"last_version_synced_at": "2026-03-31T09:18:12+00:00",
"version_sync_status": "green",
"security_version_count": 22
},
@@ -5545,7 +5545,7 @@
"project": 1
},
"latest_version": "0.27.4",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 2
},
@@ -5609,7 +5609,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -5710,7 +5710,7 @@
"project": 1
},
"latest_version": "0.2.10",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 22
},
@@ -5811,7 +5811,7 @@
"repo": 1
},
"latest_version": "1.12.0",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 2
},
@@ -5912,7 +5912,7 @@
"package": 1
},
"latest_version": "21.4.7",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 4
},
@@ -6013,7 +6013,7 @@
"project": 1
},
"latest_version": "3.2.0",
"last_version_synced_at": "2026-03-30T09:18:14+00:00",
"last_version_synced_at": "2026-03-31T09:18:09+00:00",
"version_sync_status": "green",
"security_version_count": 4
},
@@ -6077,7 +6077,7 @@
"system": 1
},
"latest_version": "",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "source-gap",
"security_version_count": 0
},
@@ -6178,7 +6178,7 @@
"project": 1
},
"latest_version": "0.0.15",
"last_version_synced_at": "2026-03-30T09:18:18+00:00",
"last_version_synced_at": "2026-03-31T09:18:14+00:00",
"version_sync_status": "green",
"security_version_count": 22
}

2
08-threat-intel/generated/entity-catalog-report.md
查看文件

@@ -1,6 +1,6 @@
# 分层实体覆盖与完整度报告
- 生成时间: `2026-03-30T09:18:25+00:00`
- 生成时间: `2026-03-31T09:18:20+00:00`
- 已编目实体: `110`
- 待编目 backlog: `7`
- history-full 已完成: `41`

6
08-threat-intel/generated/entity-completeness.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-30T09:18:25+00:00",
"generated_at": "2026-03-31T09:18:20+00:00",
"cataloged_entity_total": 110,
"candidate_entity_total": 7,
"history_full_complete_count": 41,
@@ -809,7 +809,7 @@
"entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
"entity_type": "repo",
"display_name": "mattermost / mattermost-server",
"advisory_count": 14,
"advisory_count": 16,
"history_backfill_status": "seeded",
"latest_sync_status": "green"
},
@@ -1769,6 +1769,6 @@
"discovery_queue": 7,
"history_queue": 27,
"latest_queue": 10,
"workflow_queue": 2178
"workflow_queue": 2179
}
}

2
08-threat-intel/generated/entity-discovery-backlog.md
查看文件

@@ -1,6 +1,6 @@
# 分层实体发现 Backlog
- 生成时间: `2026-03-30T09:18:25+00:00`
- 生成时间: `2026-03-31T09:18:20+00:00`
- 待编目数量: `7`
| candidate_id | root_system | entity_type | risk | reason | waiting_for | source |

4
08-threat-intel/generated/entity-queues.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-30T09:18:25+00:00",
"generated_at": "2026-03-31T09:18:20+00:00",
"discovery_queue": {
"count": 7,
"items": [
@@ -408,7 +408,7 @@
]
},
"workflow_queue": {
"count": 2178,
"count": 2179,
"items": [
{
"canonical_id": "adminer--CVE-2026-25878",

26
08-threat-intel/generated/lab-enqueue-summary.json
查看文件

@@ -1,7 +1,7 @@
{
"generated_at": "2026-03-30T09:18:18+00:00",
"enqueued": 1,
"queue_total": 2381,
"generated_at": "2026-03-31T09:18:14+00:00",
"enqueued": 3,
"queue_total": 2384,
"items": [
{
"advisory_id": "directus--05a97ef95a",
@@ -1093,6 +1093,21 @@
"system_id": "magento-open-source",
"priority": "version-sync"
},
{
"advisory_id": "mattermost--CVE-2026-26233",
"system_id": "mattermost",
"priority": "version-sync"
},
{
"advisory_id": "mattermost--CVE-2026-27656",
"system_id": "mattermost",
"priority": "version-sync"
},
{
"advisory_id": "mediawiki--7a3e57910a",
"system_id": "mediawiki",
"priority": "version-sync"
},
{
"advisory_id": "opencart--139edfb591",
"system_id": "opencart",
@@ -2758,11 +2773,6 @@
"system_id": "strapi",
"priority": "version-sync"
},
{
"advisory_id": "traefik--GHSA-46wh-3698-f2cx",
"system_id": "traefik",
"priority": "version-sync"
},
{
"advisory_id": "woocommerce--05da41121f",
"system_id": "woocommerce",

12
08-threat-intel/generated/latest-ingest.md
查看文件

@@ -1,13 +1,13 @@
# 最新同步摘要
- 渲染时间: `2026-03-30T09:18:25+00:00`
- 渲染时间: `2026-03-31T09:18:20+00:00`
- 系统数量: `62`
- Advisory 数量: `2381`
- Advisory 数量: `2384`
- 已编目实体数量: `110`
- 待编目 backlog 数量: `7`
- 重点 Markdown 数量: `174`
- 重点 Markdown 数量: `176`
- Run Bundle 数量: `89`
- 新增记录: `1`
- 更新记录: `0`
- Triage 数量: `1177`
- 新增记录: `3`
- 更新记录: `2`
- Triage 数量: `1178`
- 失败的 source adapter: `0`

20
08-threat-intel/generated/monitor-summary.json
查看文件

@@ -1,22 +1,24 @@
{
"generated_at": "2026-03-30T09:18:10+00:00",
"generated_at": "2026-03-31T09:18:05+00:00",
"active_source_count": 102,
"green_source_count": 102,
"source_failure_count": 0,
"open_alert_count": 0,
"resolved_alert_count": 101,
"last_fully_green_run": "2026-03-30T09:18:10+00:00",
"last_fully_green_run": "2026-03-31T09:18:05+00:00",
"source_catalog": {
"system_count": 62,
"source_count": 179,
"retired_source_count": 77
},
"ingest": {
"new_count": 1,
"updated_count": 0,
"new_count": 3,
"updated_count": 2,
"failure_count": 0,
"systems_touched": [
"traefik"
"mattermost",
"mediawiki",
"prestashop"
]
},
"validation": {
@@ -36,14 +38,14 @@
"cataloged_entity_total": 110,
"latest_version_synced_count": 95,
"source_gap_count": 15,
"security_version_total": 6308,
"security_version_total": 6290,
"security_version_entity_count": 83,
"auto_promoted_entity_count": 10,
"lab_enqueued_count": 1
"lab_enqueued_count": 3
},
"lab_enqueue": {
"enqueued": 1,
"queue_total": 2381,
"enqueued": 3,
"queue_total": 2384,
"pending_count": 0
}
}

998
08-threat-intel/generated/release-index.json
查看文件

文件差异内容过多而无法显示 加载差异

16
08-threat-intel/generated/run-summary.json
查看文件

@@ -1,16 +1,18 @@
{
"generated_at": "2026-03-30T09:18:25+00:00",
"generated_at": "2026-03-31T09:18:20+00:00",
"system_count": 62,
"advisory_count": 2381,
"advisory_count": 2384,
"cataloged_entity_total": 110,
"candidate_entity_total": 7,
"markdown_count": 174,
"new_count": 1,
"updated_count": 0,
"markdown_count": 176,
"new_count": 3,
"updated_count": 2,
"systems_touched": [
"traefik"
"mattermost",
"mediawiki",
"prestashop"
],
"triage_count": 1177,
"triage_count": 1178,
"run_bundle_count": 89,
"failures": []
}

2
08-threat-intel/generated/source-catalog-audit.json
查看文件

@@ -1,5 +1,5 @@
{
"generated_at": "2026-03-30T09:17:05+00:00",
"generated_at": "2026-03-31T09:17:00+00:00",
"system_count": 62,
"source_count": 179,
"active_source_count": 102,

2
08-threat-intel/generated/source-catalog-audit.md
查看文件

@@ -1,6 +1,6 @@
# Source Catalog Audit
- generated_at: `2026-03-30T09:17:05+00:00`
- generated_at: `2026-03-31T09:17:00+00:00`
- systems: `62`
- sources: `179`
- active_sources: `102`

某些文件未显示,因为此 diff 中更改的文件太多 显示更多