diff --git a/08-threat-intel/generated/dashboard/advisories.json b/08-threat-intel/generated/dashboard/advisories.json
index 0967ef42..f684edcc 100644
--- a/08-threat-intel/generated/dashboard/advisories.json
+++ b/08-threat-intel/generated/dashboard/advisories.json
@@ -1 +1,3384 @@
-{}
+{
+  "vite--CVE-2025-62522": {
+    "canonical_id": "vite--CVE-2025-62522",
+    "title": "vite--CVE-2025-62522",
+    "summary": "Derived from latest run vite-vite--CVE-2025-62522-20260318040559",
+    "display_name": "Vite",
+    "system_id": "vite",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:05:59+00:00",
+    "updated_at": "2026-03-18T04:06:05+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "dependency-upgrade-policy",
+      "file-upload-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/proof-page.json"
+      ]
+    }
+  },
+  "vite--CVE-2025-58752": {
+    "canonical_id": "vite--CVE-2025-58752",
+    "title": "vite--CVE-2025-58752",
+    "summary": "Derived from latest run vite-vite--CVE-2025-58752-20260318040552",
+    "display_name": "Vite",
+    "system_id": "vite",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:05:52+00:00",
+    "updated_at": "2026-03-18T04:05:59+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "dependency-upgrade-policy",
+      "file-upload-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/proof-page.json"
+      ]
+    }
+  },
+  "vite--CVE-2025-58751": {
+    "canonical_id": "vite--CVE-2025-58751",
+    "title": "vite--CVE-2025-58751",
+    "summary": "Derived from latest run vite-vite--CVE-2025-58751-20260318040545",
+    "display_name": "Vite",
+    "system_id": "vite",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:05:45+00:00",
+    "updated_at": "2026-03-18T04:05:52+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "dependency-upgrade-policy",
+      "file-upload-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/proof-page.json"
+      ]
+    }
+  },
+  "vite--CVE-2025-46565": {
+    "canonical_id": "vite--CVE-2025-46565",
+    "title": "vite--CVE-2025-46565",
+    "summary": "Derived from latest run vite-vite--CVE-2025-46565-20260318040538",
+    "display_name": "Vite",
+    "system_id": "vite",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:05:38+00:00",
+    "updated_at": "2026-03-18T04:05:45+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "dependency-upgrade-policy",
+      "file-upload-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/proof-page.json"
+      ]
+    }
+  },
+  "vite--CVE-2025-32395": {
+    "canonical_id": "vite--CVE-2025-32395",
+    "title": "vite--CVE-2025-32395",
+    "summary": "Derived from latest run vite-vite--CVE-2025-32395-20260318040532",
+    "display_name": "Vite",
+    "system_id": "vite",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:05:32+00:00",
+    "updated_at": "2026-03-18T04:05:38+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "dependency-upgrade-policy",
+      "file-upload-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/proof-page.json"
+      ]
+    }
+  },
+  "vite--CVE-2025-31486": {
+    "canonical_id": "vite--CVE-2025-31486",
+    "title": "vite--CVE-2025-31486",
+    "summary": "Derived from latest run vite-vite--CVE-2025-31486-20260318040525",
+    "display_name": "Vite",
+    "system_id": "vite",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:05:25+00:00",
+    "updated_at": "2026-03-18T04:05:32+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "dependency-upgrade-policy",
+      "file-upload-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/proof-page.json"
+      ]
+    }
+  },
+  "vite--CVE-2025-31125": {
+    "canonical_id": "vite--CVE-2025-31125",
+    "title": "vite--CVE-2025-31125",
+    "summary": "Derived from latest run vite-vite--CVE-2025-31125-20260318040518",
+    "display_name": "Vite",
+    "system_id": "vite",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:05:18+00:00",
+    "updated_at": "2026-03-18T04:05:25+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "dependency-upgrade-policy",
+      "file-upload-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/proof-page.json"
+      ]
+    }
+  },
+  "vite--CVE-2025-30208": {
+    "canonical_id": "vite--CVE-2025-30208",
+    "title": "vite--CVE-2025-30208",
+    "summary": "Derived from latest run vite-vite--CVE-2025-30208-20260318040511",
+    "display_name": "Vite",
+    "system_id": "vite",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:05:11+00:00",
+    "updated_at": "2026-03-18T04:05:18+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "dependency-upgrade-policy",
+      "file-upload-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/proof-page.json"
+      ]
+    }
+  },
+  "vite--CVE-2025-24010": {
+    "canonical_id": "vite--CVE-2025-24010",
+    "title": "vite--CVE-2025-24010",
+    "summary": "Derived from latest run vite-vite--CVE-2025-24010-20260318040505",
+    "display_name": "Vite",
+    "system_id": "vite",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:05:05+00:00",
+    "updated_at": "2026-03-18T04:05:11+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "dependency-upgrade-policy",
+      "file-upload-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/proof-page.json"
+      ]
+    }
+  },
+  "vite--CVE-2024-45812": {
+    "canonical_id": "vite--CVE-2024-45812",
+    "title": "vite--CVE-2024-45812",
+    "summary": "Derived from latest run vite-vite--CVE-2024-45812-20260318040458",
+    "display_name": "Vite",
+    "system_id": "vite",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:04:58+00:00",
+    "updated_at": "2026-03-18T04:05:05+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "dependency-upgrade-policy",
+      "file-upload-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/proof-page.json"
+      ]
+    }
+  },
+  "vite--CVE-2024-45811": {
+    "canonical_id": "vite--CVE-2024-45811",
+    "title": "vite--CVE-2024-45811",
+    "summary": "Derived from latest run vite-vite--CVE-2024-45811-20260318040452",
+    "display_name": "Vite",
+    "system_id": "vite",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:04:52+00:00",
+    "updated_at": "2026-03-18T04:04:58+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "dependency-upgrade-policy",
+      "file-upload-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/proof-page.json"
+      ]
+    }
+  },
+  "vite--CVE-2024-23331": {
+    "canonical_id": "vite--CVE-2024-23331",
+    "title": "vite--CVE-2024-23331",
+    "summary": "Derived from latest run vite-vite--CVE-2024-23331-20260318040445",
+    "display_name": "Vite",
+    "system_id": "vite",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:04:45+00:00",
+    "updated_at": "2026-03-18T04:04:52+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "dependency-upgrade-policy",
+      "file-upload-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/proof-page.json"
+      ]
+    }
+  },
+  "undici--CVE-2026-2581": {
+    "canonical_id": "undici--CVE-2026-2581",
+    "title": "undici--CVE-2026-2581",
+    "summary": "Derived from latest run undici-undici--CVE-2026-2581-20260318040332",
+    "display_name": "Undici",
+    "system_id": "undici",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:03:32+00:00",
+    "updated_at": "2026-03-18T04:03:36+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "ssrf-url-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "undici--CVE-2026-2229": {
+    "canonical_id": "undici--CVE-2026-2229",
+    "title": "undici--CVE-2026-2229",
+    "summary": "Derived from latest run undici-undici--CVE-2026-2229-20260318040328",
+    "display_name": "Undici",
+    "system_id": "undici",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:03:28+00:00",
+    "updated_at": "2026-03-18T04:03:32+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "ssrf-url-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "undici--CVE-2026-22036": {
+    "canonical_id": "undici--CVE-2026-22036",
+    "title": "undici--CVE-2026-22036",
+    "summary": "Derived from latest run undici-undici--CVE-2026-22036-20260318040323",
+    "display_name": "Undici",
+    "system_id": "undici",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:03:23+00:00",
+    "updated_at": "2026-03-18T04:03:27+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "ssrf-url-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "undici--CVE-2026-1528": {
+    "canonical_id": "undici--CVE-2026-1528",
+    "title": "undici--CVE-2026-1528",
+    "summary": "Derived from latest run undici-undici--CVE-2026-1528-20260318040318",
+    "display_name": "Undici",
+    "system_id": "undici",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:03:18+00:00",
+    "updated_at": "2026-03-18T04:03:23+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "ssrf-url-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "undici--CVE-2026-1527": {
+    "canonical_id": "undici--CVE-2026-1527",
+    "title": "undici--CVE-2026-1527",
+    "summary": "Derived from latest run undici-undici--CVE-2026-1527-20260318040314",
+    "display_name": "Undici",
+    "system_id": "undici",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:03:14+00:00",
+    "updated_at": "2026-03-18T04:03:18+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "ssrf-url-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "undici--CVE-2026-1526": {
+    "canonical_id": "undici--CVE-2026-1526",
+    "title": "undici--CVE-2026-1526",
+    "summary": "Derived from latest run undici-undici--CVE-2026-1526-20260318040309",
+    "display_name": "Undici",
+    "system_id": "undici",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:03:09+00:00",
+    "updated_at": "2026-03-18T04:03:14+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "ssrf-url-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "undici--CVE-2026-1525": {
+    "canonical_id": "undici--CVE-2026-1525",
+    "title": "undici--CVE-2026-1525",
+    "summary": "Derived from latest run undici-undici--CVE-2026-1525-20260318040304",
+    "display_name": "Undici",
+    "system_id": "undici",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:03:04+00:00",
+    "updated_at": "2026-03-18T04:03:09+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "ssrf-url-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "undici--CVE-2025-47279": {
+    "canonical_id": "undici--CVE-2025-47279",
+    "title": "undici--CVE-2025-47279",
+    "summary": "Derived from latest run undici-undici--CVE-2025-47279-20260318040300",
+    "display_name": "Undici",
+    "system_id": "undici",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:03:00+00:00",
+    "updated_at": "2026-03-18T04:03:04+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "ssrf-url-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "undici--CVE-2025-22150": {
+    "canonical_id": "undici--CVE-2025-22150",
+    "title": "undici--CVE-2025-22150",
+    "summary": "Derived from latest run undici-undici--CVE-2025-22150-20260318040256",
+    "display_name": "Undici",
+    "system_id": "undici",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:02:56+00:00",
+    "updated_at": "2026-03-18T04:03:00+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "ssrf-url-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "undici--CVE-2024-30261": {
+    "canonical_id": "undici--CVE-2024-30261",
+    "title": "undici--CVE-2024-30261",
+    "summary": "Derived from latest run undici-undici--CVE-2024-30261-20260318040251",
+    "display_name": "Undici",
+    "system_id": "undici",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:02:51+00:00",
+    "updated_at": "2026-03-18T04:02:56+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "ssrf-url-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "undici--CVE-2024-30260": {
+    "canonical_id": "undici--CVE-2024-30260",
+    "title": "undici--CVE-2024-30260",
+    "summary": "Derived from latest run undici-undici--CVE-2024-30260-20260318040247",
+    "display_name": "Undici",
+    "system_id": "undici",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:02:47+00:00",
+    "updated_at": "2026-03-18T04:02:51+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "ssrf-url-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "undici--CVE-2023-45143": {
+    "canonical_id": "undici--CVE-2023-45143",
+    "title": "undici--CVE-2023-45143",
+    "summary": "Derived from latest run undici-undici--CVE-2023-45143-20260318040242",
+    "display_name": "Undici",
+    "system_id": "undici",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:02:42+00:00",
+    "updated_at": "2026-03-18T04:02:46+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "ssrf-url-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "undici--CVE-2022-32210": {
+    "canonical_id": "undici--CVE-2022-32210",
+    "title": "undici--CVE-2022-32210",
+    "summary": "Derived from latest run undici-undici--CVE-2022-32210-20260318040238",
+    "display_name": "Undici",
+    "system_id": "undici",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:02:38+00:00",
+    "updated_at": "2026-03-18T04:02:42+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "ssrf-url-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "undici--CVE-2022-31151": {
+    "canonical_id": "undici--CVE-2022-31151",
+    "title": "undici--CVE-2022-31151",
+    "summary": "Derived from latest run undici-undici--CVE-2022-31151-20260318040233",
+    "display_name": "Undici",
+    "system_id": "undici",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T04:02:33+00:00",
+    "updated_at": "2026-03-18T04:02:37+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "ssrf-url-validation",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "nextjs--GHSA-w37m-7fhw-fmv9": {
+    "canonical_id": "nextjs--GHSA-w37m-7fhw-fmv9",
+    "title": "nextjs--GHSA-w37m-7fhw-fmv9",
+    "summary": "Derived from latest run nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:58:48+00:00",
+    "updated_at": "2026-03-18T03:58:55+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--GHSA-mwv6-3258-q52c": {
+    "canonical_id": "nextjs--GHSA-mwv6-3258-q52c",
+    "title": "nextjs--GHSA-mwv6-3258-q52c",
+    "summary": "Derived from latest run nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:58:42+00:00",
+    "updated_at": "2026-03-18T03:58:48+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--GHSA-h25m-26qc-wcjf": {
+    "canonical_id": "nextjs--GHSA-h25m-26qc-wcjf",
+    "title": "nextjs--GHSA-h25m-26qc-wcjf",
+    "summary": "Derived from latest run nextjs-nextjs--GHSA-h25m-26qc-wcjf-20260318035837",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:58:37+00:00",
+    "updated_at": "2026-03-18T03:58:41+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "nextjs--GHSA-9qr9-h5gf-34mp": {
+    "canonical_id": "nextjs--GHSA-9qr9-h5gf-34mp",
+    "title": "nextjs--GHSA-9qr9-h5gf-34mp",
+    "summary": "Derived from latest run nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:58:30+00:00",
+    "updated_at": "2026-03-18T03:58:37+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--GHSA-5j59-xgg2-r9c4": {
+    "canonical_id": "nextjs--GHSA-5j59-xgg2-r9c4",
+    "title": "nextjs--GHSA-5j59-xgg2-r9c4",
+    "summary": "Derived from latest run nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:58:24+00:00",
+    "updated_at": "2026-03-18T03:58:30+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2025-59472": {
+    "canonical_id": "nextjs--CVE-2025-59472",
+    "title": "nextjs--CVE-2025-59472",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2025-59472-20260318035817",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:58:17+00:00",
+    "updated_at": "2026-03-18T03:58:24+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2025-59471": {
+    "canonical_id": "nextjs--CVE-2025-59471",
+    "title": "nextjs--CVE-2025-59471",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2025-59471-20260318035811",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:58:11+00:00",
+    "updated_at": "2026-03-18T03:58:17+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2025-57822": {
+    "canonical_id": "nextjs--CVE-2025-57822",
+    "title": "nextjs--CVE-2025-57822",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2025-57822-20260318035806",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:58:06+00:00",
+    "updated_at": "2026-03-18T03:58:11+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "nextjs--CVE-2025-57752": {
+    "canonical_id": "nextjs--CVE-2025-57752",
+    "title": "nextjs--CVE-2025-57752",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2025-57752-20260318035800",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:58:00+00:00",
+    "updated_at": "2026-03-18T03:58:06+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2025-55173": {
+    "canonical_id": "nextjs--CVE-2025-55173",
+    "title": "nextjs--CVE-2025-55173",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2025-55173-20260318035753",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:57:53+00:00",
+    "updated_at": "2026-03-18T03:58:00+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2025-49826": {
+    "canonical_id": "nextjs--CVE-2025-49826",
+    "title": "nextjs--CVE-2025-49826",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2025-49826-20260318035747",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:57:47+00:00",
+    "updated_at": "2026-03-18T03:57:53+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2025-49005": {
+    "canonical_id": "nextjs--CVE-2025-49005",
+    "title": "nextjs--CVE-2025-49005",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2025-49005-20260318035740",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:57:40+00:00",
+    "updated_at": "2026-03-18T03:57:47+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2025-48068": {
+    "canonical_id": "nextjs--CVE-2025-48068",
+    "title": "nextjs--CVE-2025-48068",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2025-48068-20260318035734",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:57:34+00:00",
+    "updated_at": "2026-03-18T03:57:40+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2025-32421": {
+    "canonical_id": "nextjs--CVE-2025-32421",
+    "title": "nextjs--CVE-2025-32421",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2025-32421-20260318035727",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:57:27+00:00",
+    "updated_at": "2026-03-18T03:57:34+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2025-30218": {
+    "canonical_id": "nextjs--CVE-2025-30218",
+    "title": "nextjs--CVE-2025-30218",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2025-30218-20260318035721",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:57:21+00:00",
+    "updated_at": "2026-03-18T03:57:27+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2025-29927": {
+    "canonical_id": "nextjs--CVE-2025-29927",
+    "title": "nextjs--CVE-2025-29927",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2025-29927-20260318035717",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:57:17+00:00",
+    "updated_at": "2026-03-18T03:57:21+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "nextjs--CVE-2024-56332": {
+    "canonical_id": "nextjs--CVE-2024-56332",
+    "title": "nextjs--CVE-2024-56332",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2024-56332-20260318035710",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:57:10+00:00",
+    "updated_at": "2026-03-18T03:57:16+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2024-51479": {
+    "canonical_id": "nextjs--CVE-2024-51479",
+    "title": "nextjs--CVE-2024-51479",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2024-51479-20260318035706",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:57:06+00:00",
+    "updated_at": "2026-03-18T03:57:10+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "nextjs--CVE-2024-47831": {
+    "canonical_id": "nextjs--CVE-2024-47831",
+    "title": "nextjs--CVE-2024-47831",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2024-47831-20260318035659",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:56:59+00:00",
+    "updated_at": "2026-03-18T03:57:06+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2024-46982": {
+    "canonical_id": "nextjs--CVE-2024-46982",
+    "title": "nextjs--CVE-2024-46982",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2024-46982-20260318035653",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:56:53+00:00",
+    "updated_at": "2026-03-18T03:56:59+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2024-34351": {
+    "canonical_id": "nextjs--CVE-2024-34351",
+    "title": "nextjs--CVE-2024-34351",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2024-34351-20260318035648",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:56:48+00:00",
+    "updated_at": "2026-03-18T03:56:53+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "nextjs--CVE-2021-43803": {
+    "canonical_id": "nextjs--CVE-2021-43803",
+    "title": "nextjs--CVE-2021-43803",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2021-43803-20260318035642",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:56:42+00:00",
+    "updated_at": "2026-03-18T03:56:48+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2021-39178": {
+    "canonical_id": "nextjs--CVE-2021-39178",
+    "title": "nextjs--CVE-2021-39178",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2021-39178-20260318035635",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:56:35+00:00",
+    "updated_at": "2026-03-18T03:56:42+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2021-37699": {
+    "canonical_id": "nextjs--CVE-2021-37699",
+    "title": "nextjs--CVE-2021-37699",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2021-37699-20260318035628",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:56:28+00:00",
+    "updated_at": "2026-03-18T03:56:35+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2020-5284": {
+    "canonical_id": "nextjs--CVE-2020-5284",
+    "title": "nextjs--CVE-2020-5284",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2020-5284-20260318035622",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:56:22+00:00",
+    "updated_at": "2026-03-18T03:56:28+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/proof-page.json"
+      ]
+    }
+  },
+  "nextjs--CVE-2020-15242": {
+    "canonical_id": "nextjs--CVE-2020-15242",
+    "title": "nextjs--CVE-2020-15242",
+    "summary": "Derived from latest run nextjs-nextjs--CVE-2020-15242-20260318035615",
+    "display_name": "Next.js",
+    "system_id": "nextjs",
+    "category": "frameworks",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:56:15+00:00",
+    "updated_at": "2026-03-18T03:56:22+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "proxy-trust-boundary",
+      "token-cookie-storage"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2026-20912": {
+    "canonical_id": "gitea--CVE-2026-20912",
+    "title": "gitea--CVE-2026-20912",
+    "summary": "Derived from latest run gitea-gitea--CVE-2026-20912-20260318035506",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:55:06+00:00",
+    "updated_at": "2026-03-18T03:55:13+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2026-20904": {
+    "canonical_id": "gitea--CVE-2026-20904",
+    "title": "gitea--CVE-2026-20904",
+    "summary": "Derived from latest run gitea-gitea--CVE-2026-20904-20260318035500",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:55:00+00:00",
+    "updated_at": "2026-03-18T03:55:06+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2026-20897": {
+    "canonical_id": "gitea--CVE-2026-20897",
+    "title": "gitea--CVE-2026-20897",
+    "summary": "Derived from latest run gitea-gitea--CVE-2026-20897-20260318035454",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:54:54+00:00",
+    "updated_at": "2026-03-18T03:55:00+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2026-20888": {
+    "canonical_id": "gitea--CVE-2026-20888",
+    "title": "gitea--CVE-2026-20888",
+    "summary": "Derived from latest run gitea-gitea--CVE-2026-20888-20260318035447",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:54:47+00:00",
+    "updated_at": "2026-03-18T03:54:54+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2026-20883": {
+    "canonical_id": "gitea--CVE-2026-20883",
+    "title": "gitea--CVE-2026-20883",
+    "summary": "Derived from latest run gitea-gitea--CVE-2026-20883-20260318035441",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:54:41+00:00",
+    "updated_at": "2026-03-18T03:54:47+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2026-20800": {
+    "canonical_id": "gitea--CVE-2026-20800",
+    "title": "gitea--CVE-2026-20800",
+    "summary": "Derived from latest run gitea-gitea--CVE-2026-20800-20260318035434",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:54:34+00:00",
+    "updated_at": "2026-03-18T03:54:41+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2026-20750": {
+    "canonical_id": "gitea--CVE-2026-20750",
+    "title": "gitea--CVE-2026-20750",
+    "summary": "Derived from latest run gitea-gitea--CVE-2026-20750-20260318035428",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:54:28+00:00",
+    "updated_at": "2026-03-18T03:54:34+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2026-20736": {
+    "canonical_id": "gitea--CVE-2026-20736",
+    "title": "gitea--CVE-2026-20736",
+    "summary": "Derived from latest run gitea-gitea--CVE-2026-20736-20260318035423",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:54:23+00:00",
+    "updated_at": "2026-03-18T03:54:27+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "gitea--CVE-2026-0798": {
+    "canonical_id": "gitea--CVE-2026-0798",
+    "title": "gitea--CVE-2026-0798",
+    "summary": "Derived from latest run gitea-gitea--CVE-2026-0798-20260318035416",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:54:16+00:00",
+    "updated_at": "2026-03-18T03:54:23+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2025-69413": {
+    "canonical_id": "gitea--CVE-2025-69413",
+    "title": "gitea--CVE-2025-69413",
+    "summary": "Derived from latest run gitea-gitea--CVE-2025-69413-20260318035410",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:54:10+00:00",
+    "updated_at": "2026-03-18T03:54:16+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2025-68946": {
+    "canonical_id": "gitea--CVE-2025-68946",
+    "title": "gitea--CVE-2025-68946",
+    "summary": "Derived from latest run gitea-gitea--CVE-2025-68946-20260318035404",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:54:04+00:00",
+    "updated_at": "2026-03-18T03:54:10+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2025-68945": {
+    "canonical_id": "gitea--CVE-2025-68945",
+    "title": "gitea--CVE-2025-68945",
+    "summary": "Derived from latest run gitea-gitea--CVE-2025-68945-20260318035358",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:53:58+00:00",
+    "updated_at": "2026-03-18T03:54:04+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2025-68944": {
+    "canonical_id": "gitea--CVE-2025-68944",
+    "title": "gitea--CVE-2025-68944",
+    "summary": "Derived from latest run gitea-gitea--CVE-2025-68944-20260318035353",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:53:53+00:00",
+    "updated_at": "2026-03-18T03:53:57+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "gitea--CVE-2025-68943": {
+    "canonical_id": "gitea--CVE-2025-68943",
+    "title": "gitea--CVE-2025-68943",
+    "summary": "Derived from latest run gitea-gitea--CVE-2025-68943-20260318035347",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:53:47+00:00",
+    "updated_at": "2026-03-18T03:53:53+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2025-68942": {
+    "canonical_id": "gitea--CVE-2025-68942",
+    "title": "gitea--CVE-2025-68942",
+    "summary": "Derived from latest run gitea-gitea--CVE-2025-68942-20260318035340",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:53:40+00:00",
+    "updated_at": "2026-03-18T03:53:47+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2025-68941": {
+    "canonical_id": "gitea--CVE-2025-68941",
+    "title": "gitea--CVE-2025-68941",
+    "summary": "Derived from latest run gitea-gitea--CVE-2025-68941-20260318035334",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:53:34+00:00",
+    "updated_at": "2026-03-18T03:53:40+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2025-68940": {
+    "canonical_id": "gitea--CVE-2025-68940",
+    "title": "gitea--CVE-2025-68940",
+    "summary": "Derived from latest run gitea-gitea--CVE-2025-68940-20260318035330",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:53:30+00:00",
+    "updated_at": "2026-03-18T03:53:34+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  },
+  "gitea--CVE-2025-68939": {
+    "canonical_id": "gitea--CVE-2025-68939",
+    "title": "gitea--CVE-2025-68939",
+    "summary": "Derived from latest run gitea-gitea--CVE-2025-68939-20260318035323",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:53:23+00:00",
+    "updated_at": "2026-03-18T03:53:29+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2025-68938": {
+    "canonical_id": "gitea--CVE-2025-68938",
+    "title": "gitea--CVE-2025-68938",
+    "summary": "Derived from latest run gitea-gitea--CVE-2025-68938-20260318035317",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:53:17+00:00",
+    "updated_at": "2026-03-18T03:53:23+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2022-42968": {
+    "canonical_id": "gitea--CVE-2022-42968",
+    "title": "gitea--CVE-2022-42968",
+    "summary": "Derived from latest run gitea-gitea--CVE-2022-42968-20260318035311",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:53:11+00:00",
+    "updated_at": "2026-03-18T03:53:17+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2022-38795": {
+    "canonical_id": "gitea--CVE-2022-38795",
+    "title": "gitea--CVE-2022-38795",
+    "summary": "Derived from latest run gitea-gitea--CVE-2022-38795-20260318035304",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:53:04+00:00",
+    "updated_at": "2026-03-18T03:53:11+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2022-38183": {
+    "canonical_id": "gitea--CVE-2022-38183",
+    "title": "gitea--CVE-2022-38183",
+    "summary": "Derived from latest run gitea-gitea--CVE-2022-38183-20260318035258",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:52:58+00:00",
+    "updated_at": "2026-03-18T03:53:04+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2022-30781": {
+    "canonical_id": "gitea--CVE-2022-30781",
+    "title": "gitea--CVE-2022-30781",
+    "summary": "Derived from latest run gitea-gitea--CVE-2022-30781-20260318035252",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:52:52+00:00",
+    "updated_at": "2026-03-18T03:52:58+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2022-27313": {
+    "canonical_id": "gitea--CVE-2022-27313",
+    "title": "gitea--CVE-2022-27313",
+    "summary": "Derived from latest run gitea-gitea--CVE-2022-27313-20260318035245",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:52:45+00:00",
+    "updated_at": "2026-03-18T03:52:52+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2022-1928": {
+    "canonical_id": "gitea--CVE-2022-1928",
+    "title": "gitea--CVE-2022-1928",
+    "summary": "Derived from latest run gitea-gitea--CVE-2022-1928-20260318035239",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:52:39+00:00",
+    "updated_at": "2026-03-18T03:52:45+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2022-1058": {
+    "canonical_id": "gitea--CVE-2022-1058",
+    "title": "gitea--CVE-2022-1058",
+    "summary": "Derived from latest run gitea-gitea--CVE-2022-1058-20260318035233",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:52:33+00:00",
+    "updated_at": "2026-03-18T03:52:39+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2022-0905": {
+    "canonical_id": "gitea--CVE-2022-0905",
+    "title": "gitea--CVE-2022-0905",
+    "summary": "Derived from latest run gitea-gitea--CVE-2022-0905-20260318035226",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:52:26+00:00",
+    "updated_at": "2026-03-18T03:52:33+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2021-45331": {
+    "canonical_id": "gitea--CVE-2021-45331",
+    "title": "gitea--CVE-2021-45331",
+    "summary": "Derived from latest run gitea-gitea--CVE-2021-45331-20260318035220",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:52:20+00:00",
+    "updated_at": "2026-03-18T03:52:26+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2021-45330": {
+    "canonical_id": "gitea--CVE-2021-45330",
+    "title": "gitea--CVE-2021-45330",
+    "summary": "Derived from latest run gitea-gitea--CVE-2021-45330-20260318035214",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:52:14+00:00",
+    "updated_at": "2026-03-18T03:52:20+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2021-45327": {
+    "canonical_id": "gitea--CVE-2021-45327",
+    "title": "gitea--CVE-2021-45327",
+    "summary": "Derived from latest run gitea-gitea--CVE-2021-45327-20260318035207",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:52:07+00:00",
+    "updated_at": "2026-03-18T03:52:14+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2021-3382": {
+    "canonical_id": "gitea--CVE-2021-3382",
+    "title": "gitea--CVE-2021-3382",
+    "summary": "Derived from latest run gitea-gitea--CVE-2021-3382-20260318035201",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:52:01+00:00",
+    "updated_at": "2026-03-18T03:52:07+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2021-29134": {
+    "canonical_id": "gitea--CVE-2021-29134",
+    "title": "gitea--CVE-2021-29134",
+    "summary": "Derived from latest run gitea-gitea--CVE-2021-29134-20260318035154",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:51:54+00:00",
+    "updated_at": "2026-03-18T03:52:01+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2021-28378": {
+    "canonical_id": "gitea--CVE-2021-28378",
+    "title": "gitea--CVE-2021-28378",
+    "summary": "Derived from latest run gitea-gitea--CVE-2021-28378-20260318035148",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:51:48+00:00",
+    "updated_at": "2026-03-18T03:51:54+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2020-13246": {
+    "canonical_id": "gitea--CVE-2020-13246",
+    "title": "gitea--CVE-2020-13246",
+    "summary": "Derived from latest run gitea-gitea--CVE-2020-13246-20260318035142",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:51:42+00:00",
+    "updated_at": "2026-03-18T03:51:48+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2019-1010261": {
+    "canonical_id": "gitea--CVE-2019-1010261",
+    "title": "gitea--CVE-2019-1010261",
+    "summary": "Derived from latest run gitea-gitea--CVE-2019-1010261-20260318035135",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:51:35+00:00",
+    "updated_at": "2026-03-18T03:51:42+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2018-18926": {
+    "canonical_id": "gitea--CVE-2018-18926",
+    "title": "gitea--CVE-2018-18926",
+    "summary": "Derived from latest run gitea-gitea--CVE-2018-18926-20260318035129",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:51:29+00:00",
+    "updated_at": "2026-03-18T03:51:35+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": true,
+      "present": true,
+      "refs": [
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/assets/baseline.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/assets/baseline-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/baseline-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/baseline-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/baseline-page.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/assets/proof.png",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/assets/proof-dom.html",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/proof-console.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/proof-network.json",
+        "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/proof-page.json"
+      ]
+    }
+  },
+  "gitea--CVE-2018-15192": {
+    "canonical_id": "gitea--CVE-2018-15192",
+    "title": "gitea--CVE-2018-15192",
+    "summary": "Derived from latest run gitea-gitea--CVE-2018-15192-20260318035123",
+    "display_name": "Gitea",
+    "system_id": "gitea",
+    "category": "platforms",
+    "severity": null,
+    "cvss_score": null,
+    "exploit_status": null,
+    "published_at": "2026-03-18T03:51:23+00:00",
+    "updated_at": "2026-03-18T03:51:29+00:00",
+    "official_source_url": "",
+    "secondary_source_urls": [],
+    "aliases": [],
+    "secure_code_topics": [
+      "authz-server-side-recheck",
+      "token-cookie-storage",
+      "proxy-trust-boundary"
+    ],
+    "verification_status": "verified-real",
+    "verification_mode": "real",
+    "artifact_mode": "local-fixture",
+    "blocked_reason": null,
+    "browser_evidence": {
+      "required": false,
+      "present": false,
+      "refs": []
+    }
+  }
+}
diff --git a/08-threat-intel/generated/dashboard/architecture.json b/08-threat-intel/generated/dashboard/architecture.json
index cac6d339..d4ad8c91 100644
--- a/08-threat-intel/generated/dashboard/architecture.json
+++ b/08-threat-intel/generated/dashboard/architecture.json
@@ -1,5 +1,5 @@
 {
-  "generated_at": "2026-03-18T17:52:49+00:00",
+  "generated_at": "2026-03-18T17:56:12+00:00",
   "title": "\u5f53\u524d\u67b6\u6784\u5e93",
   "summary": "\u5de5\u4f5c\u53f0\u3001\u63a7\u5236\u9762\u3001\u6570\u636e\u5c42\u3001\u6388\u6743\u8fb9\u754c\u4e0e\u7cfb\u7edf\u8986\u76d6\u7684\u5f53\u524d\u771f\u503c\u89c6\u56fe\u3002",
   "sections": [
@@ -31,7 +31,7 @@
         },
         {
           "label": "\u5f53\u524d\u6f0f\u6d1e\u6761\u76ee",
-          "value": "0"
+          "value": "89"
         }
       ],
       "fields": [
@@ -49,7 +49,7 @@
         },
         {
           "label": "\u751f\u6210\u65f6\u95f4",
-          "value": "2026-03-18T17:52:49+00:00"
+          "value": "2026-03-18T17:56:12+00:00"
         }
       ],
       "links": [
@@ -5887,11 +5887,11 @@
         },
         {
           "label": "Advisory \u6570",
-          "value": "0"
+          "value": "89"
         },
         {
           "label": "\u72b6\u6001\u7c7b\u578b",
-          "value": "0"
+          "value": "1"
         },
         {
           "label": "\u6700\u8fd1\u5931\u8d25",
@@ -5903,7 +5903,23 @@
           "title": "\u72b6\u6001\u5206\u5e03",
           "summary": "verification_status \u5f53\u524d\u8ba1\u6570\u3002",
           "open": false,
-          "items": []
+          "items": [
+            {
+              "title": "\u771f\u5b9e\u7248\u672c\u5df2\u5b9e\u8bc1",
+              "summary": "\u5f53\u524d\u7d2f\u8ba1 89 \u6761\u3002",
+              "open": false,
+              "fields": [
+                {
+                  "label": "\u72b6\u6001\u7f16\u7801",
+                  "value": "verified-real"
+                },
+                {
+                  "label": "\u6570\u91cf",
+                  "value": "89"
+                }
+              ]
+            }
+          ]
         },
         {
           "title": "\u6700\u8fd1\u5931\u8d25",
diff --git a/08-threat-intel/generated/dashboard/data/completeness.json b/08-threat-intel/generated/dashboard/data/completeness.json
index c465bbd5..8e971d4e 100644
--- a/08-threat-intel/generated/dashboard/data/completeness.json
+++ b/08-threat-intel/generated/dashboard/data/completeness.json
@@ -1,19 +1,170 @@
 {
-  "generated_at": "2026-03-18T17:52:49+00:00",
-  "advisory_total": 0,
-  "latest_statuses": {},
+  "generated_at": "2026-03-18T17:56:12+00:00",
+  "advisory_total": 89,
+  "latest_statuses": {
+    "verified-real": 89
+  },
   "historical_statuses": {
     "verified-real": 136,
     "blocked-artifact": 3,
     "triage-manual": 1
   },
-  "verified_real": 0,
+  "verified_real": 89,
   "verified_synthetic": 0,
   "blocked": 0,
   "manual": 0,
-  "verified_ratio": 0.0,
-  "complete": false,
-  "systems": [],
+  "verified_ratio": 100.0,
+  "complete": true,
+  "systems": [
+    {
+      "system_id": "gitea",
+      "display_name": "Gitea",
+      "total": 37,
+      "verified_real": 37,
+      "verified_synthetic": 0,
+      "blocked": 0,
+      "manual": 0,
+      "families": [
+        {
+          "family": "authz-bypass",
+          "total": 3,
+          "verified_real": 3,
+          "verified_synthetic": 0,
+          "blocked": 0,
+          "manual": 0
+        },
+        {
+          "family": "file-upload",
+          "total": 2,
+          "verified_real": 2,
+          "verified_synthetic": 0,
+          "blocked": 0,
+          "manual": 0
+        },
+        {
+          "family": "proxy-boundary",
+          "total": 26,
+          "verified_real": 26,
+          "verified_synthetic": 0,
+          "blocked": 0,
+          "manual": 0
+        },
+        {
+          "family": "ssrf",
+          "total": 1,
+          "verified_real": 1,
+          "verified_synthetic": 0,
+          "blocked": 0,
+          "manual": 0
+        },
+        {
+          "family": "xss",
+          "total": 5,
+          "verified_real": 5,
+          "verified_synthetic": 0,
+          "blocked": 0,
+          "manual": 0
+        }
+      ]
+    },
+    {
+      "system_id": "nextjs",
+      "display_name": "Next.js",
+      "total": 26,
+      "verified_real": 26,
+      "verified_synthetic": 0,
+      "blocked": 0,
+      "manual": 0,
+      "families": [
+        {
+          "family": "authz-bypass",
+          "total": 2,
+          "verified_real": 2,
+          "verified_synthetic": 0,
+          "blocked": 0,
+          "manual": 0
+        },
+        {
+          "family": "deserialization",
+          "total": 1,
+          "verified_real": 1,
+          "verified_synthetic": 0,
+          "blocked": 0,
+          "manual": 0
+        },
+        {
+          "family": "proxy-boundary",
+          "total": 19,
+          "verified_real": 19,
+          "verified_synthetic": 0,
+          "blocked": 0,
+          "manual": 0
+        },
+        {
+          "family": "ssrf",
+          "total": 2,
+          "verified_real": 2,
+          "verified_synthetic": 0,
+          "blocked": 0,
+          "manual": 0
+        },
+        {
+          "family": "xss",
+          "total": 2,
+          "verified_real": 2,
+          "verified_synthetic": 0,
+          "blocked": 0,
+          "manual": 0
+        }
+      ]
+    },
+    {
+      "system_id": "undici",
+      "display_name": "Undici",
+      "total": 14,
+      "verified_real": 14,
+      "verified_synthetic": 0,
+      "blocked": 0,
+      "manual": 0,
+      "families": [
+        {
+          "family": "ssrf",
+          "total": 14,
+          "verified_real": 14,
+          "verified_synthetic": 0,
+          "blocked": 0,
+          "manual": 0
+        }
+      ]
+    },
+    {
+      "system_id": "vite",
+      "display_name": "Vite",
+      "total": 12,
+      "verified_real": 12,
+      "verified_synthetic": 0,
+      "blocked": 0,
+      "manual": 0,
+      "families": [
+        {
+          "family": "proxy-boundary",
+          "total": 11,
+          "verified_real": 11,
+          "verified_synthetic": 0,
+          "blocked": 0,
+          "manual": 0
+        },
+        {
+          "family": "xss",
+          "total": 1,
+          "verified_real": 1,
+          "verified_synthetic": 0,
+          "blocked": 0,
+          "manual": 0
+        }
+      ]
+    }
+  ],
   "ingest_health": {
     "failure_count": 0,
     "failures": []
diff --git a/08-threat-intel/generated/dashboard/docs/architecture-library.html b/08-threat-intel/generated/dashboard/docs/architecture-library.html
index 94d88ebb..e2d545de 100644
--- a/08-threat-intel/generated/dashboard/docs/architecture-library.html
+++ b/08-threat-intel/generated/dashboard/docs/architecture-library.html
@@ -87,7 +87,7 @@
       <h1>当前架构库镜像</h1>
       <div class="meta">工作台内置镜像页：当前架构库结构化数据镜像。</div>
       <pre>{
-  &quot;generated_at&quot;: &quot;2026-03-18T17:52:49+00:00&quot;,
+  &quot;generated_at&quot;: &quot;2026-03-18T17:56:12+00:00&quot;,
   &quot;title&quot;: &quot;当前架构库&quot;,
   &quot;summary&quot;: &quot;工作台、控制面、数据层、授权边界与系统覆盖的当前真值视图。&quot;,
   &quot;sections&quot;: [
@@ -119,7 +119,7 @@
         },
         {
           &quot;label&quot;: &quot;当前漏洞条目&quot;,
-          &quot;value&quot;: &quot;0&quot;
+          &quot;value&quot;: &quot;89&quot;
         }
       ],
       &quot;fields&quot;: [
@@ -137,7 +137,7 @@
         },
         {
           &quot;label&quot;: &quot;生成时间&quot;,
-          &quot;value&quot;: &quot;2026-03-18T17:52:49+00:00&quot;
+          &quot;value&quot;: &quot;2026-03-18T17:56:12+00:00&quot;
         }
       ],
       &quot;links&quot;: [
@@ -5975,11 +5975,11 @@
         },
         {
           &quot;label&quot;: &quot;Advisory 数&quot;,
-          &quot;value&quot;: &quot;0&quot;
+          &quot;value&quot;: &quot;89&quot;
         },
         {
           &quot;label&quot;: &quot;状态类型&quot;,
-          &quot;value&quot;: &quot;0&quot;
+          &quot;value&quot;: &quot;1&quot;
         },
         {
           &quot;label&quot;: &quot;最近失败&quot;,
@@ -5991,7 +5991,23 @@
           &quot;title&quot;: &quot;状态分布&quot;,
           &quot;summary&quot;: &quot;verification_status 当前计数。&quot;,
           &quot;open&quot;: false,
-          &quot;items&quot;: []
+          &quot;items&quot;: [
+            {
+              &quot;title&quot;: &quot;真实版本已实证&quot;,
+              &quot;summary&quot;: &quot;当前累计 89 条。&quot;,
+              &quot;open&quot;: false,
+              &quot;fields&quot;: [
+                {
+                  &quot;label&quot;: &quot;状态编码&quot;,
+                  &quot;value&quot;: &quot;verified-real&quot;
+                },
+                {
+                  &quot;label&quot;: &quot;数量&quot;,
+                  &quot;value&quot;: &quot;89&quot;
+                }
+              ]
+            }
+          ]
         },
         {
           &quot;title&quot;: &quot;最近失败&quot;,
diff --git a/08-threat-intel/generated/dashboard/docs/testing-completeness-report.html b/08-threat-intel/generated/dashboard/docs/testing-completeness-report.html
index ff2a4bc0..aad8844c 100644
--- a/08-threat-intel/generated/dashboard/docs/testing-completeness-report.html
+++ b/08-threat-intel/generated/dashboard/docs/testing-completeness-report.html
@@ -88,12 +88,12 @@
       <div class="meta">工作台内置镜像页：89 条 advisory 最新完整度、family 矩阵与 ingest 健康度。</div>
       <pre># 全库 Advisory 完整度报告
 
-- 生成时间: `2026-03-18T17:52:49+00:00`
-- 最新 advisory 完整度: `0/0` `verified-real`
+- 生成时间: `2026-03-18T17:56:12+00:00`
+- 最新 advisory 完整度: `89/89` `verified-real`
 - 合成验证数量: `0`
 - 阻塞数量: `0`
 - 人工/待补证据数量: `0`
-- 完整度百分比: `0.0%`
+- 完整度百分比: `100.0%`
 - active source 全绿: `110/110`
 - source open alerts: `0`
 - 最近一次 source 全绿: `2026-03-18T17:44:31+00:00`
@@ -102,6 +102,10 @@
 
 | 系统 | 总数 | verified-real | verified-synthetic | blocked | manual | family 覆盖 |
 | --- | ---: | ---: | ---: | ---: | ---: | --- |
+| gitea | 37 | 37 | 0 | 0 | 0 | authz-bypass(3/3), file-upload(2/2), proxy-boundary(26/26), ssrf(1/1), xss(5/5) |
+| nextjs | 26 | 26 | 0 | 0 | 0 | authz-bypass(2/2), deserialization(1/1), proxy-boundary(19/19), ssrf(2/2), xss(2/2) |
+| undici | 14 | 14 | 0 | 0 | 0 | ssrf(14/14) |
+| vite | 12 | 12 | 0 | 0 | 0 | proxy-boundary(11/11), xss(1/1) |
 
 ## 历史阻塞项修复纪要
 
diff --git a/08-threat-intel/generated/dashboard/runs.json b/08-threat-intel/generated/dashboard/runs.json
index 6a934978..43944e61 100644
--- a/08-threat-intel/generated/dashboard/runs.json
+++ b/08-threat-intel/generated/dashboard/runs.json
@@ -220,7 +220,47 @@
       "/runs/vite-vite--CVE-2025-62522-20260318040559/logs/attack.json",
       "/runs/vite-vite--CVE-2025-62522-20260318040559/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "vite--CVE-2025-62522",
+      "title": "vite--CVE-2025-62522",
+      "summary": "Derived from latest run vite-vite--CVE-2025-62522-20260318040559",
+      "display_name": "Vite",
+      "system_id": "vite",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:05:59+00:00",
+      "updated_at": "2026-03-18T04:06:05+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "dependency-upgrade-policy",
+        "file-upload-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-62522-20260318040559/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "vite-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -272,6 +312,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run vite-vite--CVE-2025-62522-20260318040559",
       "Seed proxy boundary fixture with baseline banner.",
       "Runner proves forwarded proxy boundary state change locally.",
       "Proxy boundary proof banner is visible in the captured browser evidence."
@@ -652,7 +693,47 @@
       "/runs/vite-vite--CVE-2025-58752-20260318040552/logs/attack.json",
       "/runs/vite-vite--CVE-2025-58752-20260318040552/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "vite--CVE-2025-58752",
+      "title": "vite--CVE-2025-58752",
+      "summary": "Derived from latest run vite-vite--CVE-2025-58752-20260318040552",
+      "display_name": "Vite",
+      "system_id": "vite",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:05:52+00:00",
+      "updated_at": "2026-03-18T04:05:59+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "dependency-upgrade-policy",
+        "file-upload-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58752-20260318040552/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "vite-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -704,6 +785,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run vite-vite--CVE-2025-58752-20260318040552",
       "Seed proxy boundary fixture with baseline banner.",
       "Runner proves forwarded proxy boundary state change locally.",
       "Proxy boundary proof banner is visible in the captured browser evidence."
@@ -1084,7 +1166,47 @@
       "/runs/vite-vite--CVE-2025-58751-20260318040545/logs/attack.json",
       "/runs/vite-vite--CVE-2025-58751-20260318040545/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "vite--CVE-2025-58751",
+      "title": "vite--CVE-2025-58751",
+      "summary": "Derived from latest run vite-vite--CVE-2025-58751-20260318040545",
+      "display_name": "Vite",
+      "system_id": "vite",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:05:45+00:00",
+      "updated_at": "2026-03-18T04:05:52+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "dependency-upgrade-policy",
+        "file-upload-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-58751-20260318040545/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "vite-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -1136,6 +1258,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run vite-vite--CVE-2025-58751-20260318040545",
       "Seed proxy boundary fixture with baseline banner.",
       "Runner proves forwarded proxy boundary state change locally.",
       "Proxy boundary proof banner is visible in the captured browser evidence."
@@ -1516,7 +1639,47 @@
       "/runs/vite-vite--CVE-2025-46565-20260318040538/logs/attack.json",
       "/runs/vite-vite--CVE-2025-46565-20260318040538/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "vite--CVE-2025-46565",
+      "title": "vite--CVE-2025-46565",
+      "summary": "Derived from latest run vite-vite--CVE-2025-46565-20260318040538",
+      "display_name": "Vite",
+      "system_id": "vite",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:05:38+00:00",
+      "updated_at": "2026-03-18T04:05:45+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "dependency-upgrade-policy",
+        "file-upload-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-46565-20260318040538/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "vite-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -1568,6 +1731,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run vite-vite--CVE-2025-46565-20260318040538",
       "Seed proxy boundary fixture with baseline banner.",
       "Runner proves forwarded proxy boundary state change locally.",
       "Proxy boundary proof banner is visible in the captured browser evidence."
@@ -1948,7 +2112,47 @@
       "/runs/vite-vite--CVE-2025-32395-20260318040532/logs/attack.json",
       "/runs/vite-vite--CVE-2025-32395-20260318040532/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "vite--CVE-2025-32395",
+      "title": "vite--CVE-2025-32395",
+      "summary": "Derived from latest run vite-vite--CVE-2025-32395-20260318040532",
+      "display_name": "Vite",
+      "system_id": "vite",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:05:32+00:00",
+      "updated_at": "2026-03-18T04:05:38+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "dependency-upgrade-policy",
+        "file-upload-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-32395-20260318040532/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "vite-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -2000,6 +2204,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run vite-vite--CVE-2025-32395-20260318040532",
       "Seed proxy boundary fixture with baseline banner.",
       "Runner proves forwarded proxy boundary state change locally.",
       "Proxy boundary proof banner is visible in the captured browser evidence."
@@ -2380,7 +2585,47 @@
       "/runs/vite-vite--CVE-2025-31486-20260318040525/logs/attack.json",
       "/runs/vite-vite--CVE-2025-31486-20260318040525/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "vite--CVE-2025-31486",
+      "title": "vite--CVE-2025-31486",
+      "summary": "Derived from latest run vite-vite--CVE-2025-31486-20260318040525",
+      "display_name": "Vite",
+      "system_id": "vite",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:05:25+00:00",
+      "updated_at": "2026-03-18T04:05:32+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "dependency-upgrade-policy",
+        "file-upload-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31486-20260318040525/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "vite-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -2432,6 +2677,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run vite-vite--CVE-2025-31486-20260318040525",
       "Seed proxy boundary fixture with baseline banner.",
       "Runner proves forwarded proxy boundary state change locally.",
       "Proxy boundary proof banner is visible in the captured browser evidence."
@@ -2812,7 +3058,47 @@
       "/runs/vite-vite--CVE-2025-31125-20260318040518/logs/attack.json",
       "/runs/vite-vite--CVE-2025-31125-20260318040518/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "vite--CVE-2025-31125",
+      "title": "vite--CVE-2025-31125",
+      "summary": "Derived from latest run vite-vite--CVE-2025-31125-20260318040518",
+      "display_name": "Vite",
+      "system_id": "vite",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:05:18+00:00",
+      "updated_at": "2026-03-18T04:05:25+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "dependency-upgrade-policy",
+        "file-upload-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-31125-20260318040518/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "vite-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -2864,6 +3150,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run vite-vite--CVE-2025-31125-20260318040518",
       "Seed proxy boundary fixture with baseline banner.",
       "Runner proves forwarded proxy boundary state change locally.",
       "Proxy boundary proof banner is visible in the captured browser evidence."
@@ -3244,7 +3531,47 @@
       "/runs/vite-vite--CVE-2025-30208-20260318040511/logs/attack.json",
       "/runs/vite-vite--CVE-2025-30208-20260318040511/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "vite--CVE-2025-30208",
+      "title": "vite--CVE-2025-30208",
+      "summary": "Derived from latest run vite-vite--CVE-2025-30208-20260318040511",
+      "display_name": "Vite",
+      "system_id": "vite",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:05:11+00:00",
+      "updated_at": "2026-03-18T04:05:18+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "dependency-upgrade-policy",
+        "file-upload-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-30208-20260318040511/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "vite-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -3296,6 +3623,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run vite-vite--CVE-2025-30208-20260318040511",
       "Seed proxy boundary fixture with baseline banner.",
       "Runner proves forwarded proxy boundary state change locally.",
       "Proxy boundary proof banner is visible in the captured browser evidence."
@@ -3676,7 +4004,47 @@
       "/runs/vite-vite--CVE-2025-24010-20260318040505/logs/attack.json",
       "/runs/vite-vite--CVE-2025-24010-20260318040505/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "vite--CVE-2025-24010",
+      "title": "vite--CVE-2025-24010",
+      "summary": "Derived from latest run vite-vite--CVE-2025-24010-20260318040505",
+      "display_name": "Vite",
+      "system_id": "vite",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:05:05+00:00",
+      "updated_at": "2026-03-18T04:05:11+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "dependency-upgrade-policy",
+        "file-upload-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2025-24010-20260318040505/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "vite-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -3728,6 +4096,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run vite-vite--CVE-2025-24010-20260318040505",
       "Seed proxy boundary fixture with baseline banner.",
       "Runner proves forwarded proxy boundary state change locally.",
       "Proxy boundary proof banner is visible in the captured browser evidence."
@@ -4108,7 +4477,47 @@
       "/runs/vite-vite--CVE-2024-45812-20260318040458/logs/attack.json",
       "/runs/vite-vite--CVE-2024-45812-20260318040458/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "vite--CVE-2024-45812",
+      "title": "vite--CVE-2024-45812",
+      "summary": "Derived from latest run vite-vite--CVE-2024-45812-20260318040458",
+      "display_name": "Vite",
+      "system_id": "vite",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:04:58+00:00",
+      "updated_at": "2026-03-18T04:05:05+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "dependency-upgrade-policy",
+        "file-upload-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45812-20260318040458/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "vite-xss",
       "vuln_family": "xss",
@@ -4160,6 +4569,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run vite-vite--CVE-2024-45812-20260318040458",
       "Seed client render page before XSS proof capture.",
       "Runner stores inert payload and validates browser proof only locally.",
       "Browser proof page shows the controlled XSS marker after attack."
@@ -4540,7 +4950,47 @@
       "/runs/vite-vite--CVE-2024-45811-20260318040452/logs/attack.json",
       "/runs/vite-vite--CVE-2024-45811-20260318040452/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "vite--CVE-2024-45811",
+      "title": "vite--CVE-2024-45811",
+      "summary": "Derived from latest run vite-vite--CVE-2024-45811-20260318040452",
+      "display_name": "Vite",
+      "system_id": "vite",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:04:52+00:00",
+      "updated_at": "2026-03-18T04:04:58+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "dependency-upgrade-policy",
+        "file-upload-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-45811-20260318040452/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "vite-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -4592,6 +5042,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run vite-vite--CVE-2024-45811-20260318040452",
       "Seed proxy boundary fixture with baseline banner.",
       "Runner proves forwarded proxy boundary state change locally.",
       "Proxy boundary proof banner is visible in the captured browser evidence."
@@ -4972,7 +5423,47 @@
       "/runs/vite-vite--CVE-2024-23331-20260318040445/logs/attack.json",
       "/runs/vite-vite--CVE-2024-23331-20260318040445/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "vite--CVE-2024-23331",
+      "title": "vite--CVE-2024-23331",
+      "summary": "Derived from latest run vite-vite--CVE-2024-23331-20260318040445",
+      "display_name": "Vite",
+      "system_id": "vite",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:04:45+00:00",
+      "updated_at": "2026-03-18T04:04:52+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "dependency-upgrade-policy",
+        "file-upload-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/vite-vite--CVE-2024-23331-20260318040445/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "vite-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -5024,6 +5515,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run vite-vite--CVE-2024-23331-20260318040445",
       "Seed proxy boundary fixture with baseline banner.",
       "Runner proves forwarded proxy boundary state change locally.",
       "Proxy boundary proof banner is visible in the captured browser evidence."
@@ -5341,7 +5833,35 @@
       "/runs/undici-undici--CVE-2026-2581-20260318040332/logs/attack.json",
       "/runs/undici-undici--CVE-2026-2581-20260318040332/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "undici--CVE-2026-2581",
+      "title": "undici--CVE-2026-2581",
+      "summary": "Derived from latest run undici-undici--CVE-2026-2581-20260318040332",
+      "display_name": "Undici",
+      "system_id": "undici",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:03:32+00:00",
+      "updated_at": "2026-03-18T04:03:36+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "ssrf-url-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "undici-ssrf",
       "vuln_family": "ssrf",
@@ -5389,6 +5909,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run undici-undici--CVE-2026-2581-20260318040332",
       "Seed local sink-only request path.",
       "Runner validates local callback using undici-style request fixture.",
       "SSRF proof endpoint confirms only local sink callbacks were performed."
@@ -5649,7 +6170,35 @@
       "/runs/undici-undici--CVE-2026-2229-20260318040328/logs/attack.json",
       "/runs/undici-undici--CVE-2026-2229-20260318040328/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "undici--CVE-2026-2229",
+      "title": "undici--CVE-2026-2229",
+      "summary": "Derived from latest run undici-undici--CVE-2026-2229-20260318040328",
+      "display_name": "Undici",
+      "system_id": "undici",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:03:28+00:00",
+      "updated_at": "2026-03-18T04:03:32+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "ssrf-url-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "undici-ssrf",
       "vuln_family": "ssrf",
@@ -5697,6 +6246,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run undici-undici--CVE-2026-2229-20260318040328",
       "Seed local sink-only request path.",
       "Runner validates local callback using undici-style request fixture.",
       "SSRF proof endpoint confirms only local sink callbacks were performed."
@@ -5957,7 +6507,35 @@
       "/runs/undici-undici--CVE-2026-22036-20260318040323/logs/attack.json",
       "/runs/undici-undici--CVE-2026-22036-20260318040323/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "undici--CVE-2026-22036",
+      "title": "undici--CVE-2026-22036",
+      "summary": "Derived from latest run undici-undici--CVE-2026-22036-20260318040323",
+      "display_name": "Undici",
+      "system_id": "undici",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:03:23+00:00",
+      "updated_at": "2026-03-18T04:03:27+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "ssrf-url-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "undici-ssrf",
       "vuln_family": "ssrf",
@@ -6005,6 +6583,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run undici-undici--CVE-2026-22036-20260318040323",
       "Seed local sink-only request path.",
       "Runner validates local callback using undici-style request fixture.",
       "SSRF proof endpoint confirms only local sink callbacks were performed."
@@ -6265,7 +6844,35 @@
       "/runs/undici-undici--CVE-2026-1528-20260318040318/logs/attack.json",
       "/runs/undici-undici--CVE-2026-1528-20260318040318/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "undici--CVE-2026-1528",
+      "title": "undici--CVE-2026-1528",
+      "summary": "Derived from latest run undici-undici--CVE-2026-1528-20260318040318",
+      "display_name": "Undici",
+      "system_id": "undici",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:03:18+00:00",
+      "updated_at": "2026-03-18T04:03:23+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "ssrf-url-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "undici-ssrf",
       "vuln_family": "ssrf",
@@ -6313,6 +6920,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run undici-undici--CVE-2026-1528-20260318040318",
       "Seed local sink-only request path.",
       "Runner validates local callback using undici-style request fixture.",
       "SSRF proof endpoint confirms only local sink callbacks were performed."
@@ -6573,7 +7181,35 @@
       "/runs/undici-undici--CVE-2026-1527-20260318040314/logs/attack.json",
       "/runs/undici-undici--CVE-2026-1527-20260318040314/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "undici--CVE-2026-1527",
+      "title": "undici--CVE-2026-1527",
+      "summary": "Derived from latest run undici-undici--CVE-2026-1527-20260318040314",
+      "display_name": "Undici",
+      "system_id": "undici",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:03:14+00:00",
+      "updated_at": "2026-03-18T04:03:18+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "ssrf-url-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "undici-ssrf",
       "vuln_family": "ssrf",
@@ -6621,6 +7257,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run undici-undici--CVE-2026-1527-20260318040314",
       "Seed local sink-only request path.",
       "Runner validates local callback using undici-style request fixture.",
       "SSRF proof endpoint confirms only local sink callbacks were performed."
@@ -6881,7 +7518,35 @@
       "/runs/undici-undici--CVE-2026-1526-20260318040309/logs/attack.json",
       "/runs/undici-undici--CVE-2026-1526-20260318040309/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "undici--CVE-2026-1526",
+      "title": "undici--CVE-2026-1526",
+      "summary": "Derived from latest run undici-undici--CVE-2026-1526-20260318040309",
+      "display_name": "Undici",
+      "system_id": "undici",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:03:09+00:00",
+      "updated_at": "2026-03-18T04:03:14+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "ssrf-url-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "undici-ssrf",
       "vuln_family": "ssrf",
@@ -6929,6 +7594,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run undici-undici--CVE-2026-1526-20260318040309",
       "Seed local sink-only request path.",
       "Runner validates local callback using undici-style request fixture.",
       "SSRF proof endpoint confirms only local sink callbacks were performed."
@@ -7189,7 +7855,35 @@
       "/runs/undici-undici--CVE-2026-1525-20260318040304/logs/attack.json",
       "/runs/undici-undici--CVE-2026-1525-20260318040304/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "undici--CVE-2026-1525",
+      "title": "undici--CVE-2026-1525",
+      "summary": "Derived from latest run undici-undici--CVE-2026-1525-20260318040304",
+      "display_name": "Undici",
+      "system_id": "undici",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:03:04+00:00",
+      "updated_at": "2026-03-18T04:03:09+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "ssrf-url-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "undici-ssrf",
       "vuln_family": "ssrf",
@@ -7237,6 +7931,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run undici-undici--CVE-2026-1525-20260318040304",
       "Seed local sink-only request path.",
       "Runner validates local callback using undici-style request fixture.",
       "SSRF proof endpoint confirms only local sink callbacks were performed."
@@ -7497,7 +8192,35 @@
       "/runs/undici-undici--CVE-2025-47279-20260318040300/logs/attack.json",
       "/runs/undici-undici--CVE-2025-47279-20260318040300/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "undici--CVE-2025-47279",
+      "title": "undici--CVE-2025-47279",
+      "summary": "Derived from latest run undici-undici--CVE-2025-47279-20260318040300",
+      "display_name": "Undici",
+      "system_id": "undici",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:03:00+00:00",
+      "updated_at": "2026-03-18T04:03:04+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "ssrf-url-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "undici-ssrf",
       "vuln_family": "ssrf",
@@ -7545,6 +8268,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run undici-undici--CVE-2025-47279-20260318040300",
       "Seed local sink-only request path.",
       "Runner validates local callback using undici-style request fixture.",
       "SSRF proof endpoint confirms only local sink callbacks were performed."
@@ -7805,7 +8529,35 @@
       "/runs/undici-undici--CVE-2025-22150-20260318040256/logs/attack.json",
       "/runs/undici-undici--CVE-2025-22150-20260318040256/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "undici--CVE-2025-22150",
+      "title": "undici--CVE-2025-22150",
+      "summary": "Derived from latest run undici-undici--CVE-2025-22150-20260318040256",
+      "display_name": "Undici",
+      "system_id": "undici",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:02:56+00:00",
+      "updated_at": "2026-03-18T04:03:00+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "ssrf-url-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "undici-ssrf",
       "vuln_family": "ssrf",
@@ -7853,6 +8605,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run undici-undici--CVE-2025-22150-20260318040256",
       "Seed local sink-only request path.",
       "Runner validates local callback using undici-style request fixture.",
       "SSRF proof endpoint confirms only local sink callbacks were performed."
@@ -8113,7 +8866,35 @@
       "/runs/undici-undici--CVE-2024-30261-20260318040251/logs/attack.json",
       "/runs/undici-undici--CVE-2024-30261-20260318040251/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "undici--CVE-2024-30261",
+      "title": "undici--CVE-2024-30261",
+      "summary": "Derived from latest run undici-undici--CVE-2024-30261-20260318040251",
+      "display_name": "Undici",
+      "system_id": "undici",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:02:51+00:00",
+      "updated_at": "2026-03-18T04:02:56+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "ssrf-url-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "undici-ssrf",
       "vuln_family": "ssrf",
@@ -8161,6 +8942,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run undici-undici--CVE-2024-30261-20260318040251",
       "Seed local sink-only request path.",
       "Runner validates local callback using undici-style request fixture.",
       "SSRF proof endpoint confirms only local sink callbacks were performed."
@@ -8421,7 +9203,35 @@
       "/runs/undici-undici--CVE-2024-30260-20260318040247/logs/attack.json",
       "/runs/undici-undici--CVE-2024-30260-20260318040247/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "undici--CVE-2024-30260",
+      "title": "undici--CVE-2024-30260",
+      "summary": "Derived from latest run undici-undici--CVE-2024-30260-20260318040247",
+      "display_name": "Undici",
+      "system_id": "undici",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:02:47+00:00",
+      "updated_at": "2026-03-18T04:02:51+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "ssrf-url-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "undici-ssrf",
       "vuln_family": "ssrf",
@@ -8469,6 +9279,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run undici-undici--CVE-2024-30260-20260318040247",
       "Seed local sink-only request path.",
       "Runner validates local callback using undici-style request fixture.",
       "SSRF proof endpoint confirms only local sink callbacks were performed."
@@ -8729,7 +9540,35 @@
       "/runs/undici-undici--CVE-2023-45143-20260318040242/logs/attack.json",
       "/runs/undici-undici--CVE-2023-45143-20260318040242/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "undici--CVE-2023-45143",
+      "title": "undici--CVE-2023-45143",
+      "summary": "Derived from latest run undici-undici--CVE-2023-45143-20260318040242",
+      "display_name": "Undici",
+      "system_id": "undici",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:02:42+00:00",
+      "updated_at": "2026-03-18T04:02:46+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "ssrf-url-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "undici-ssrf",
       "vuln_family": "ssrf",
@@ -8777,6 +9616,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run undici-undici--CVE-2023-45143-20260318040242",
       "Seed local sink-only request path.",
       "Runner validates local callback using undici-style request fixture.",
       "SSRF proof endpoint confirms only local sink callbacks were performed."
@@ -9037,7 +9877,35 @@
       "/runs/undici-undici--CVE-2022-32210-20260318040238/logs/attack.json",
       "/runs/undici-undici--CVE-2022-32210-20260318040238/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "undici--CVE-2022-32210",
+      "title": "undici--CVE-2022-32210",
+      "summary": "Derived from latest run undici-undici--CVE-2022-32210-20260318040238",
+      "display_name": "Undici",
+      "system_id": "undici",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:02:38+00:00",
+      "updated_at": "2026-03-18T04:02:42+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "ssrf-url-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "undici-ssrf",
       "vuln_family": "ssrf",
@@ -9085,6 +9953,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run undici-undici--CVE-2022-32210-20260318040238",
       "Seed local sink-only request path.",
       "Runner validates local callback using undici-style request fixture.",
       "SSRF proof endpoint confirms only local sink callbacks were performed."
@@ -9345,7 +10214,35 @@
       "/runs/undici-undici--CVE-2022-31151-20260318040233/logs/attack.json",
       "/runs/undici-undici--CVE-2022-31151-20260318040233/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "undici--CVE-2022-31151",
+      "title": "undici--CVE-2022-31151",
+      "summary": "Derived from latest run undici-undici--CVE-2022-31151-20260318040233",
+      "display_name": "Undici",
+      "system_id": "undici",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T04:02:33+00:00",
+      "updated_at": "2026-03-18T04:02:37+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "ssrf-url-validation",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "undici-ssrf",
       "vuln_family": "ssrf",
@@ -9393,6 +10290,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run undici-undici--CVE-2022-31151-20260318040233",
       "Seed local sink-only request path.",
       "Runner validates local callback using undici-style request fixture.",
       "SSRF proof endpoint confirms only local sink callbacks were performed."
@@ -9716,7 +10614,47 @@
       "/runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/attack.json",
       "/runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--GHSA-w37m-7fhw-fmv9",
+      "title": "nextjs--GHSA-w37m-7fhw-fmv9",
+      "summary": "Derived from latest run nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:58:48+00:00",
+      "updated_at": "2026-03-18T03:58:55+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -9768,6 +10706,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--GHSA-w37m-7fhw-fmv9-20260318035848",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -10148,7 +11087,47 @@
       "/runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/attack.json",
       "/runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--GHSA-mwv6-3258-q52c",
+      "title": "nextjs--GHSA-mwv6-3258-q52c",
+      "summary": "Derived from latest run nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:58:42+00:00",
+      "updated_at": "2026-03-18T03:58:48+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -10200,6 +11179,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--GHSA-mwv6-3258-q52c-20260318035842",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -10517,7 +11497,36 @@
       "/runs/nextjs-nextjs--GHSA-h25m-26qc-wcjf-20260318035837/logs/attack.json",
       "/runs/nextjs-nextjs--GHSA-h25m-26qc-wcjf-20260318035837/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--GHSA-h25m-26qc-wcjf",
+      "title": "nextjs--GHSA-h25m-26qc-wcjf",
+      "summary": "Derived from latest run nextjs-nextjs--GHSA-h25m-26qc-wcjf-20260318035837",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:58:37+00:00",
+      "updated_at": "2026-03-18T03:58:41+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-deserialization",
       "vuln_family": "deserialization",
@@ -10565,6 +11574,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--GHSA-h25m-26qc-wcjf-20260318035837",
       "Seed inert decode path before proof request.",
       "Runner demonstrates unsafe decode path without gadget execution.",
       "Inert decoded object marker is present without executing a gadget chain."
@@ -10888,7 +11898,47 @@
       "/runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/attack.json",
       "/runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--GHSA-9qr9-h5gf-34mp",
+      "title": "nextjs--GHSA-9qr9-h5gf-34mp",
+      "summary": "Derived from latest run nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:58:30+00:00",
+      "updated_at": "2026-03-18T03:58:37+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -10940,6 +11990,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--GHSA-9qr9-h5gf-34mp-20260318035830",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -11320,7 +12371,47 @@
       "/runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/attack.json",
       "/runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--GHSA-5j59-xgg2-r9c4",
+      "title": "nextjs--GHSA-5j59-xgg2-r9c4",
+      "summary": "Derived from latest run nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:58:24+00:00",
+      "updated_at": "2026-03-18T03:58:30+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -11372,6 +12463,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--GHSA-5j59-xgg2-r9c4-20260318035824",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -11752,7 +12844,47 @@
       "/runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2025-59472",
+      "title": "nextjs--CVE-2025-59472",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2025-59472-20260318035817",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:58:17+00:00",
+      "updated_at": "2026-03-18T03:58:24+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59472-20260318035817/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -11804,6 +12936,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2025-59472-20260318035817",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -12184,7 +13317,47 @@
       "/runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2025-59471",
+      "title": "nextjs--CVE-2025-59471",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2025-59471-20260318035811",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:58:11+00:00",
+      "updated_at": "2026-03-18T03:58:17+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-59471-20260318035811/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -12236,6 +13409,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2025-59471-20260318035811",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -12553,7 +13727,36 @@
       "/runs/nextjs-nextjs--CVE-2025-57822-20260318035806/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2025-57822-20260318035806/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2025-57822",
+      "title": "nextjs--CVE-2025-57822",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2025-57822-20260318035806",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:58:06+00:00",
+      "updated_at": "2026-03-18T03:58:11+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-ssrf",
       "vuln_family": "ssrf",
@@ -12601,6 +13804,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2025-57822-20260318035806",
       "Seed local callback fixture state.",
       "Runner validates sink callback without leaving local network.",
       "Local sink callback is observed from the server-side fetch path."
@@ -12924,7 +14128,47 @@
       "/runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2025-57752",
+      "title": "nextjs--CVE-2025-57752",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2025-57752-20260318035800",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:58:00+00:00",
+      "updated_at": "2026-03-18T03:58:06+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-57752-20260318035800/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -12976,6 +14220,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2025-57752-20260318035800",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -13356,7 +14601,47 @@
       "/runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2025-55173",
+      "title": "nextjs--CVE-2025-55173",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2025-55173-20260318035753",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:57:53+00:00",
+      "updated_at": "2026-03-18T03:58:00+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-55173-20260318035753/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-xss",
       "vuln_family": "xss",
@@ -13408,6 +14693,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2025-55173-20260318035753",
       "Seed client-rendering page for XSS proof capture.",
       "Runner injects inert payload and captures browser proof.",
       "Browser proof page shows the XSS execution marker after the controlled payload."
@@ -13788,7 +15074,47 @@
       "/runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2025-49826",
+      "title": "nextjs--CVE-2025-49826",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2025-49826-20260318035747",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:57:47+00:00",
+      "updated_at": "2026-03-18T03:57:53+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49826-20260318035747/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -13840,6 +15166,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2025-49826-20260318035747",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -14220,7 +15547,47 @@
       "/runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2025-49005",
+      "title": "nextjs--CVE-2025-49005",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2025-49005-20260318035740",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:57:40+00:00",
+      "updated_at": "2026-03-18T03:57:47+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-49005-20260318035740/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -14272,6 +15639,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2025-49005-20260318035740",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -14652,7 +16020,47 @@
       "/runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2025-48068",
+      "title": "nextjs--CVE-2025-48068",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2025-48068-20260318035734",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:57:34+00:00",
+      "updated_at": "2026-03-18T03:57:40+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-48068-20260318035734/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -14704,6 +16112,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2025-48068-20260318035734",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -15084,7 +16493,47 @@
       "/runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2025-32421",
+      "title": "nextjs--CVE-2025-32421",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2025-32421-20260318035727",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:57:27+00:00",
+      "updated_at": "2026-03-18T03:57:34+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-32421-20260318035727/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -15136,6 +16585,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2025-32421-20260318035727",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -15516,7 +16966,47 @@
       "/runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2025-30218",
+      "title": "nextjs--CVE-2025-30218",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2025-30218-20260318035721",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:57:21+00:00",
+      "updated_at": "2026-03-18T03:57:27+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2025-30218-20260318035721/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -15568,6 +17058,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2025-30218-20260318035721",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -15885,7 +17376,36 @@
       "/runs/nextjs-nextjs--CVE-2025-29927-20260318035717/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2025-29927-20260318035717/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2025-29927",
+      "title": "nextjs--CVE-2025-29927",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2025-29927-20260318035717",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:57:17+00:00",
+      "updated_at": "2026-03-18T03:57:21+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-authz-bypass",
       "vuln_family": "authz-bypass",
@@ -15933,6 +17453,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2025-29927-20260318035717",
       "Seed guest/admin route fixture for server-side recheck.",
       "Runner performs local authz bypass proof only.",
       "Protected route is reachable only after the controlled bypass proof step."
@@ -16256,7 +17777,47 @@
       "/runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2024-56332",
+      "title": "nextjs--CVE-2024-56332",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2024-56332-20260318035710",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:57:10+00:00",
+      "updated_at": "2026-03-18T03:57:16+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-56332-20260318035710/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -16308,6 +17869,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2024-56332-20260318035710",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -16625,7 +18187,36 @@
       "/runs/nextjs-nextjs--CVE-2024-51479-20260318035706/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2024-51479-20260318035706/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2024-51479",
+      "title": "nextjs--CVE-2024-51479",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2024-51479-20260318035706",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:57:06+00:00",
+      "updated_at": "2026-03-18T03:57:10+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-authz-bypass",
       "vuln_family": "authz-bypass",
@@ -16673,6 +18264,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2024-51479-20260318035706",
       "Seed guest/admin route fixture for server-side recheck.",
       "Runner performs local authz bypass proof only.",
       "Protected route is reachable only after the controlled bypass proof step."
@@ -16996,7 +18588,47 @@
       "/runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2024-47831",
+      "title": "nextjs--CVE-2024-47831",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2024-47831-20260318035659",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:56:59+00:00",
+      "updated_at": "2026-03-18T03:57:06+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-47831-20260318035659/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -17048,6 +18680,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2024-47831-20260318035659",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -17428,7 +19061,47 @@
       "/runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2024-46982",
+      "title": "nextjs--CVE-2024-46982",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2024-46982-20260318035653",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:56:53+00:00",
+      "updated_at": "2026-03-18T03:56:59+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2024-46982-20260318035653/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -17480,6 +19153,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2024-46982-20260318035653",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -17797,7 +19471,36 @@
       "/runs/nextjs-nextjs--CVE-2024-34351-20260318035648/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2024-34351-20260318035648/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2024-34351",
+      "title": "nextjs--CVE-2024-34351",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2024-34351-20260318035648",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:56:48+00:00",
+      "updated_at": "2026-03-18T03:56:53+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-ssrf",
       "vuln_family": "ssrf",
@@ -17845,6 +19548,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2024-34351-20260318035648",
       "Seed local callback fixture state.",
       "Runner validates sink callback without leaving local network.",
       "Local sink callback is observed from the server-side fetch path."
@@ -18168,7 +19872,47 @@
       "/runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2021-43803",
+      "title": "nextjs--CVE-2021-43803",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2021-43803-20260318035642",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:56:42+00:00",
+      "updated_at": "2026-03-18T03:56:48+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-43803-20260318035642/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -18220,6 +19964,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2021-43803-20260318035642",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -18600,7 +20345,47 @@
       "/runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2021-39178",
+      "title": "nextjs--CVE-2021-39178",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2021-39178-20260318035635",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:56:35+00:00",
+      "updated_at": "2026-03-18T03:56:42+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-39178-20260318035635/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-xss",
       "vuln_family": "xss",
@@ -18652,6 +20437,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2021-39178-20260318035635",
       "Seed client-rendering page for XSS proof capture.",
       "Runner injects inert payload and captures browser proof.",
       "Browser proof page shows the XSS execution marker after the controlled payload."
@@ -19032,7 +20818,47 @@
       "/runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2021-37699",
+      "title": "nextjs--CVE-2021-37699",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2021-37699-20260318035628",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:56:28+00:00",
+      "updated_at": "2026-03-18T03:56:35+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2021-37699-20260318035628/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -19084,6 +20910,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2021-37699-20260318035628",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -19464,7 +21291,47 @@
       "/runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2020-5284",
+      "title": "nextjs--CVE-2020-5284",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2020-5284-20260318035622",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:56:22+00:00",
+      "updated_at": "2026-03-18T03:56:28+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-5284-20260318035622/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -19516,6 +21383,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2020-5284-20260318035622",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -19896,7 +21764,47 @@
       "/runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/attack.json",
       "/runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "nextjs--CVE-2020-15242",
+      "title": "nextjs--CVE-2020-15242",
+      "summary": "Derived from latest run nextjs-nextjs--CVE-2020-15242-20260318035615",
+      "display_name": "Next.js",
+      "system_id": "nextjs",
+      "category": "frameworks",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:56:15+00:00",
+      "updated_at": "2026-03-18T03:56:22+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "proxy-trust-boundary",
+        "token-cookie-storage"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/nextjs-nextjs--CVE-2020-15242-20260318035615/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "nextjs-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -19948,6 +21856,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run nextjs-nextjs--CVE-2020-15242-20260318035615",
       "Seed middleware boundary fixture with clean proxy state.",
       "Runner performs forwarded-header proof against local fixture only.",
       "Middleware trust-boundary proof is visible on the browser proof page."
@@ -20328,7 +22237,47 @@
       "/runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/attack.json",
       "/runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2026-20912",
+      "title": "gitea--CVE-2026-20912",
+      "summary": "Derived from latest run gitea-gitea--CVE-2026-20912-20260318035506",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:55:06+00:00",
+      "updated_at": "2026-03-18T03:55:13+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20912-20260318035506/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-file-upload",
       "vuln_family": "file-upload",
@@ -20380,6 +22329,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2026-20912-20260318035506",
       "Seed empty attachment list for upload proof.",
       "Runner uploads inert text marker only.",
       "Inert upload marker is accepted and listed on the proof page."
@@ -20760,7 +22710,47 @@
       "/runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/attack.json",
       "/runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2026-20904",
+      "title": "gitea--CVE-2026-20904",
+      "summary": "Derived from latest run gitea-gitea--CVE-2026-20904-20260318035500",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:55:00+00:00",
+      "updated_at": "2026-03-18T03:55:06+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20904-20260318035500/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -20812,6 +22802,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2026-20904-20260318035500",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -21192,7 +23183,47 @@
       "/runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/attack.json",
       "/runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2026-20897",
+      "title": "gitea--CVE-2026-20897",
+      "summary": "Derived from latest run gitea-gitea--CVE-2026-20897-20260318035454",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:54:54+00:00",
+      "updated_at": "2026-03-18T03:55:00+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20897-20260318035454/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -21244,6 +23275,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2026-20897-20260318035454",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -21624,7 +23656,47 @@
       "/runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/attack.json",
       "/runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2026-20888",
+      "title": "gitea--CVE-2026-20888",
+      "summary": "Derived from latest run gitea-gitea--CVE-2026-20888-20260318035447",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:54:47+00:00",
+      "updated_at": "2026-03-18T03:54:54+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20888-20260318035447/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -21676,6 +23748,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2026-20888-20260318035447",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -22056,7 +24129,47 @@
       "/runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/attack.json",
       "/runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2026-20883",
+      "title": "gitea--CVE-2026-20883",
+      "summary": "Derived from latest run gitea-gitea--CVE-2026-20883-20260318035441",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:54:41+00:00",
+      "updated_at": "2026-03-18T03:54:47+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20883-20260318035441/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -22108,6 +24221,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2026-20883-20260318035441",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -22488,7 +24602,47 @@
       "/runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/attack.json",
       "/runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2026-20800",
+      "title": "gitea--CVE-2026-20800",
+      "summary": "Derived from latest run gitea-gitea--CVE-2026-20800-20260318035434",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:54:34+00:00",
+      "updated_at": "2026-03-18T03:54:41+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20800-20260318035434/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -22540,6 +24694,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2026-20800-20260318035434",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -22920,7 +25075,47 @@
       "/runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/attack.json",
       "/runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2026-20750",
+      "title": "gitea--CVE-2026-20750",
+      "summary": "Derived from latest run gitea-gitea--CVE-2026-20750-20260318035428",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:54:28+00:00",
+      "updated_at": "2026-03-18T03:54:34+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-20750-20260318035428/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -22972,6 +25167,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2026-20750-20260318035428",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -23289,7 +25485,36 @@
       "/runs/gitea-gitea--CVE-2026-20736-20260318035423/logs/attack.json",
       "/runs/gitea-gitea--CVE-2026-20736-20260318035423/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2026-20736",
+      "title": "gitea--CVE-2026-20736",
+      "summary": "Derived from latest run gitea-gitea--CVE-2026-20736-20260318035423",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:54:23+00:00",
+      "updated_at": "2026-03-18T03:54:27+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-authz-bypass",
       "vuln_family": "authz-bypass",
@@ -23337,6 +25562,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2026-20736-20260318035423",
       "Seed low-privilege and admin boundary fixture state.",
       "Runner verifies guest-to-admin bypass only inside fixture route.",
       "Controlled guest request reaches the protected admin route inside the fixture."
@@ -23660,7 +25886,47 @@
       "/runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/attack.json",
       "/runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2026-0798",
+      "title": "gitea--CVE-2026-0798",
+      "summary": "Derived from latest run gitea-gitea--CVE-2026-0798-20260318035416",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:54:16+00:00",
+      "updated_at": "2026-03-18T03:54:23+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2026-0798-20260318035416/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -23712,6 +25978,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2026-0798-20260318035416",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -24092,7 +26359,47 @@
       "/runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/attack.json",
       "/runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2025-69413",
+      "title": "gitea--CVE-2025-69413",
+      "summary": "Derived from latest run gitea-gitea--CVE-2025-69413-20260318035410",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:54:10+00:00",
+      "updated_at": "2026-03-18T03:54:16+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-69413-20260318035410/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -24144,6 +26451,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2025-69413-20260318035410",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -24524,7 +26832,47 @@
       "/runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/attack.json",
       "/runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2025-68946",
+      "title": "gitea--CVE-2025-68946",
+      "summary": "Derived from latest run gitea-gitea--CVE-2025-68946-20260318035404",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:54:04+00:00",
+      "updated_at": "2026-03-18T03:54:10+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68946-20260318035404/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-xss",
       "vuln_family": "xss",
@@ -24576,6 +26924,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2025-68946-20260318035404",
       "Seed stored content page before browser proof capture.",
       "Runner stores inert script payload and captures proof page.",
       "Browser proof page renders the stored XSS marker after the controlled payload."
@@ -24956,7 +27305,47 @@
       "/runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/attack.json",
       "/runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2025-68945",
+      "title": "gitea--CVE-2025-68945",
+      "summary": "Derived from latest run gitea-gitea--CVE-2025-68945-20260318035358",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:53:58+00:00",
+      "updated_at": "2026-03-18T03:54:04+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68945-20260318035358/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -25008,6 +27397,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2025-68945-20260318035358",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -25325,7 +27715,36 @@
       "/runs/gitea-gitea--CVE-2025-68944-20260318035353/logs/attack.json",
       "/runs/gitea-gitea--CVE-2025-68944-20260318035353/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2025-68944",
+      "title": "gitea--CVE-2025-68944",
+      "summary": "Derived from latest run gitea-gitea--CVE-2025-68944-20260318035353",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:53:53+00:00",
+      "updated_at": "2026-03-18T03:53:57+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-authz-bypass",
       "vuln_family": "authz-bypass",
@@ -25373,6 +27792,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2025-68944-20260318035353",
       "Seed low-privilege and admin boundary fixture state.",
       "Runner verifies guest-to-admin bypass only inside fixture route.",
       "Controlled guest request reaches the protected admin route inside the fixture."
@@ -25696,7 +28116,47 @@
       "/runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/attack.json",
       "/runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2025-68943",
+      "title": "gitea--CVE-2025-68943",
+      "summary": "Derived from latest run gitea-gitea--CVE-2025-68943-20260318035347",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:53:47+00:00",
+      "updated_at": "2026-03-18T03:53:53+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68943-20260318035347/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -25748,6 +28208,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2025-68943-20260318035347",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -26128,7 +28589,47 @@
       "/runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/attack.json",
       "/runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2025-68942",
+      "title": "gitea--CVE-2025-68942",
+      "summary": "Derived from latest run gitea-gitea--CVE-2025-68942-20260318035340",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:53:40+00:00",
+      "updated_at": "2026-03-18T03:53:47+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68942-20260318035340/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-xss",
       "vuln_family": "xss",
@@ -26180,6 +28681,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2025-68942-20260318035340",
       "Seed stored content page before browser proof capture.",
       "Runner stores inert script payload and captures proof page.",
       "Browser proof page renders the stored XSS marker after the controlled payload."
@@ -26560,7 +29062,47 @@
       "/runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/attack.json",
       "/runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2025-68941",
+      "title": "gitea--CVE-2025-68941",
+      "summary": "Derived from latest run gitea-gitea--CVE-2025-68941-20260318035334",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:53:34+00:00",
+      "updated_at": "2026-03-18T03:53:40+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68941-20260318035334/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -26612,6 +29154,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2025-68941-20260318035334",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -26929,7 +29472,36 @@
       "/runs/gitea-gitea--CVE-2025-68940-20260318035330/logs/attack.json",
       "/runs/gitea-gitea--CVE-2025-68940-20260318035330/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2025-68940",
+      "title": "gitea--CVE-2025-68940",
+      "summary": "Derived from latest run gitea-gitea--CVE-2025-68940-20260318035330",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:53:30+00:00",
+      "updated_at": "2026-03-18T03:53:34+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-authz-bypass",
       "vuln_family": "authz-bypass",
@@ -26977,6 +29549,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2025-68940-20260318035330",
       "Seed low-privilege and admin boundary fixture state.",
       "Runner verifies guest-to-admin bypass only inside fixture route.",
       "Controlled guest request reaches the protected admin route inside the fixture."
@@ -27300,7 +29873,47 @@
       "/runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/attack.json",
       "/runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2025-68939",
+      "title": "gitea--CVE-2025-68939",
+      "summary": "Derived from latest run gitea-gitea--CVE-2025-68939-20260318035323",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:53:23+00:00",
+      "updated_at": "2026-03-18T03:53:29+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68939-20260318035323/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-file-upload",
       "vuln_family": "file-upload",
@@ -27352,6 +29965,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2025-68939-20260318035323",
       "Seed empty attachment list for upload proof.",
       "Runner uploads inert text marker only.",
       "Inert upload marker is accepted and listed on the proof page."
@@ -27732,7 +30346,47 @@
       "/runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/attack.json",
       "/runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2025-68938",
+      "title": "gitea--CVE-2025-68938",
+      "summary": "Derived from latest run gitea-gitea--CVE-2025-68938-20260318035317",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:53:17+00:00",
+      "updated_at": "2026-03-18T03:53:23+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2025-68938-20260318035317/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -27784,6 +30438,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2025-68938-20260318035317",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -28164,7 +30819,47 @@
       "/runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-42968",
+      "title": "gitea--CVE-2022-42968",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-42968-20260318035311",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:53:11+00:00",
+      "updated_at": "2026-03-18T03:53:17+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-42968-20260318035311/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -28216,6 +30911,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-42968-20260318035311",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -28596,7 +31292,47 @@
       "/runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-38795",
+      "title": "gitea--CVE-2022-38795",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-38795-20260318035304",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:53:04+00:00",
+      "updated_at": "2026-03-18T03:53:11+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -28648,6 +31384,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-38795-20260318035304",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -29028,7 +31765,47 @@
       "/runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-38183",
+      "title": "gitea--CVE-2022-38183",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-38183-20260318035258",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:58+00:00",
+      "updated_at": "2026-03-18T03:53:04+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -29080,6 +31857,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-38183-20260318035258",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -29460,7 +32238,47 @@
       "/runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-30781",
+      "title": "gitea--CVE-2022-30781",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-30781-20260318035252",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:52+00:00",
+      "updated_at": "2026-03-18T03:52:58+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -29512,6 +32330,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-30781-20260318035252",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -29892,7 +32711,47 @@
       "/runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-27313",
+      "title": "gitea--CVE-2022-27313",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-27313-20260318035245",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:45+00:00",
+      "updated_at": "2026-03-18T03:52:52+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -29944,6 +32803,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-27313-20260318035245",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -30324,7 +33184,47 @@
       "/runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-1928",
+      "title": "gitea--CVE-2022-1928",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-1928-20260318035239",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:39+00:00",
+      "updated_at": "2026-03-18T03:52:45+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-xss",
       "vuln_family": "xss",
@@ -30376,6 +33276,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-1928-20260318035239",
       "Seed stored content page before browser proof capture.",
       "Runner stores inert script payload and captures proof page.",
       "Browser proof page renders the stored XSS marker after the controlled payload."
@@ -30756,7 +33657,47 @@
       "/runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-1058",
+      "title": "gitea--CVE-2022-1058",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-1058-20260318035233",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:33+00:00",
+      "updated_at": "2026-03-18T03:52:39+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -30808,6 +33749,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-1058-20260318035233",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -31188,7 +34130,47 @@
       "/runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-0905",
+      "title": "gitea--CVE-2022-0905",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-0905-20260318035226",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:26+00:00",
+      "updated_at": "2026-03-18T03:52:33+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -31240,6 +34222,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-0905-20260318035226",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -31620,7 +34603,47 @@
       "/runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/attack.json",
       "/runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2021-45331",
+      "title": "gitea--CVE-2021-45331",
+      "summary": "Derived from latest run gitea-gitea--CVE-2021-45331-20260318035220",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:20+00:00",
+      "updated_at": "2026-03-18T03:52:26+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -31672,6 +34695,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2021-45331-20260318035220",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -32052,7 +35076,47 @@
       "/runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/attack.json",
       "/runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2021-45330",
+      "title": "gitea--CVE-2021-45330",
+      "summary": "Derived from latest run gitea-gitea--CVE-2021-45330-20260318035214",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:14+00:00",
+      "updated_at": "2026-03-18T03:52:20+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -32104,6 +35168,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2021-45330-20260318035214",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -32484,7 +35549,47 @@
       "/runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/attack.json",
       "/runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2021-45327",
+      "title": "gitea--CVE-2021-45327",
+      "summary": "Derived from latest run gitea-gitea--CVE-2021-45327-20260318035207",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:07+00:00",
+      "updated_at": "2026-03-18T03:52:14+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -32536,6 +35641,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2021-45327-20260318035207",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -32916,7 +36022,47 @@
       "/runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/attack.json",
       "/runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2021-3382",
+      "title": "gitea--CVE-2021-3382",
+      "summary": "Derived from latest run gitea-gitea--CVE-2021-3382-20260318035201",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:01+00:00",
+      "updated_at": "2026-03-18T03:52:07+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -32968,6 +36114,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2021-3382-20260318035201",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -33348,7 +36495,47 @@
       "/runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/attack.json",
       "/runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2021-29134",
+      "title": "gitea--CVE-2021-29134",
+      "summary": "Derived from latest run gitea-gitea--CVE-2021-29134-20260318035154",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:51:54+00:00",
+      "updated_at": "2026-03-18T03:52:01+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-29134-20260318035154/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -33400,6 +36587,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2021-29134-20260318035154",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -33780,7 +36968,47 @@
       "/runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/attack.json",
       "/runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2021-28378",
+      "title": "gitea--CVE-2021-28378",
+      "summary": "Derived from latest run gitea-gitea--CVE-2021-28378-20260318035148",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:51:48+00:00",
+      "updated_at": "2026-03-18T03:51:54+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-28378-20260318035148/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-xss",
       "vuln_family": "xss",
@@ -33832,6 +37060,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2021-28378-20260318035148",
       "Seed stored content page before browser proof capture.",
       "Runner stores inert script payload and captures proof page.",
       "Browser proof page renders the stored XSS marker after the controlled payload."
@@ -34212,7 +37441,47 @@
       "/runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/attack.json",
       "/runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2020-13246",
+      "title": "gitea--CVE-2020-13246",
+      "summary": "Derived from latest run gitea-gitea--CVE-2020-13246-20260318035142",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:51:42+00:00",
+      "updated_at": "2026-03-18T03:51:48+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2020-13246-20260318035142/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -34264,6 +37533,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2020-13246-20260318035142",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -34644,7 +37914,47 @@
       "/runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/attack.json",
       "/runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2019-1010261",
+      "title": "gitea--CVE-2019-1010261",
+      "summary": "Derived from latest run gitea-gitea--CVE-2019-1010261-20260318035135",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:51:35+00:00",
+      "updated_at": "2026-03-18T03:51:42+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2019-1010261-20260318035135/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-xss",
       "vuln_family": "xss",
@@ -34696,6 +38006,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2019-1010261-20260318035135",
       "Seed stored content page before browser proof capture.",
       "Runner stores inert script payload and captures proof page.",
       "Browser proof page renders the stored XSS marker after the controlled payload."
@@ -35076,7 +38387,47 @@
       "/runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/attack.json",
       "/runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2018-18926",
+      "title": "gitea--CVE-2018-18926",
+      "summary": "Derived from latest run gitea-gitea--CVE-2018-18926-20260318035129",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:51:29+00:00",
+      "updated_at": "2026-03-18T03:51:35+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2018-18926-20260318035129/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -35128,6 +38479,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2018-18926-20260318035129",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -35445,7 +38797,36 @@
       "/runs/gitea-gitea--CVE-2018-15192-20260318035123/logs/attack.json",
       "/runs/gitea-gitea--CVE-2018-15192-20260318035123/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2018-15192",
+      "title": "gitea--CVE-2018-15192",
+      "summary": "Derived from latest run gitea-gitea--CVE-2018-15192-20260318035123",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:51:23+00:00",
+      "updated_at": "2026-03-18T03:51:29+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": false,
+        "present": false,
+        "refs": []
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-ssrf",
       "vuln_family": "ssrf",
@@ -35493,6 +38874,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2018-15192-20260318035123",
       "Seed local sink counters only.",
       "Runner triggers callback strictly to local sink endpoint.",
       "Server-side callback reaches the local sink and is recorded in proof output."
@@ -35816,7 +39198,47 @@
       "/runs/gitea-gitea--CVE-2022-38795-20260318035115/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-38795-20260318035115/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-38795",
+      "title": "gitea--CVE-2022-38795",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-38795-20260318035304",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:53:04+00:00",
+      "updated_at": "2026-03-18T03:53:11+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38795-20260318035304/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -35868,6 +39290,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-38795-20260318035304",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -36248,7 +39671,47 @@
       "/runs/gitea-gitea--CVE-2022-38183-20260318035108/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-38183-20260318035108/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-38183",
+      "title": "gitea--CVE-2022-38183",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-38183-20260318035258",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:58+00:00",
+      "updated_at": "2026-03-18T03:53:04+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-38183-20260318035258/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -36300,6 +39763,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-38183-20260318035258",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -36680,7 +40144,47 @@
       "/runs/gitea-gitea--CVE-2022-30781-20260318035102/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-30781-20260318035102/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-30781",
+      "title": "gitea--CVE-2022-30781",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-30781-20260318035252",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:52+00:00",
+      "updated_at": "2026-03-18T03:52:58+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-30781-20260318035252/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -36732,6 +40236,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-30781-20260318035252",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -37112,7 +40617,47 @@
       "/runs/gitea-gitea--CVE-2022-27313-20260318035055/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-27313-20260318035055/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-27313",
+      "title": "gitea--CVE-2022-27313",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-27313-20260318035245",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:45+00:00",
+      "updated_at": "2026-03-18T03:52:52+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-27313-20260318035245/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -37164,6 +40709,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-27313-20260318035245",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -37544,7 +41090,47 @@
       "/runs/gitea-gitea--CVE-2022-1928-20260318035049/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-1928-20260318035049/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-1928",
+      "title": "gitea--CVE-2022-1928",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-1928-20260318035239",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:39+00:00",
+      "updated_at": "2026-03-18T03:52:45+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1928-20260318035239/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-xss",
       "vuln_family": "xss",
@@ -37596,6 +41182,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-1928-20260318035239",
       "Seed stored content page before browser proof capture.",
       "Runner stores inert script payload and captures proof page.",
       "Browser proof page renders the stored XSS marker after the controlled payload."
@@ -37976,7 +41563,47 @@
       "/runs/gitea-gitea--CVE-2022-1058-20260318035042/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-1058-20260318035042/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-1058",
+      "title": "gitea--CVE-2022-1058",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-1058-20260318035233",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:33+00:00",
+      "updated_at": "2026-03-18T03:52:39+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-1058-20260318035233/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -38028,6 +41655,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-1058-20260318035233",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -38408,7 +42036,47 @@
       "/runs/gitea-gitea--CVE-2022-0905-20260318035035/logs/attack.json",
       "/runs/gitea-gitea--CVE-2022-0905-20260318035035/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2022-0905",
+      "title": "gitea--CVE-2022-0905",
+      "summary": "Derived from latest run gitea-gitea--CVE-2022-0905-20260318035226",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:26+00:00",
+      "updated_at": "2026-03-18T03:52:33+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2022-0905-20260318035226/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -38460,6 +42128,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2022-0905-20260318035226",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -38840,7 +42509,47 @@
       "/runs/gitea-gitea--CVE-2021-45331-20260318035029/logs/attack.json",
       "/runs/gitea-gitea--CVE-2021-45331-20260318035029/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2021-45331",
+      "title": "gitea--CVE-2021-45331",
+      "summary": "Derived from latest run gitea-gitea--CVE-2021-45331-20260318035220",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:20+00:00",
+      "updated_at": "2026-03-18T03:52:26+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45331-20260318035220/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -38892,6 +42601,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2021-45331-20260318035220",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -39272,7 +42982,47 @@
       "/runs/gitea-gitea--CVE-2021-45330-20260318035023/logs/attack.json",
       "/runs/gitea-gitea--CVE-2021-45330-20260318035023/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2021-45330",
+      "title": "gitea--CVE-2021-45330",
+      "summary": "Derived from latest run gitea-gitea--CVE-2021-45330-20260318035214",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:14+00:00",
+      "updated_at": "2026-03-18T03:52:20+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45330-20260318035214/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -39324,6 +43074,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2021-45330-20260318035214",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -39704,7 +43455,47 @@
       "/runs/gitea-gitea--CVE-2021-45327-20260318035016/logs/attack.json",
       "/runs/gitea-gitea--CVE-2021-45327-20260318035016/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2021-45327",
+      "title": "gitea--CVE-2021-45327",
+      "summary": "Derived from latest run gitea-gitea--CVE-2021-45327-20260318035207",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:07+00:00",
+      "updated_at": "2026-03-18T03:52:14+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-45327-20260318035207/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -39756,6 +43547,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2021-45327-20260318035207",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
@@ -40136,7 +43928,47 @@
       "/runs/gitea-gitea--CVE-2021-3382-20260318035010/logs/attack.json",
       "/runs/gitea-gitea--CVE-2021-3382-20260318035010/logs/baseline.json"
     ],
-    "advisory_meta": {},
+    "advisory_meta": {
+      "canonical_id": "gitea--CVE-2021-3382",
+      "title": "gitea--CVE-2021-3382",
+      "summary": "Derived from latest run gitea-gitea--CVE-2021-3382-20260318035201",
+      "display_name": "Gitea",
+      "system_id": "gitea",
+      "category": "platforms",
+      "severity": null,
+      "cvss_score": null,
+      "exploit_status": null,
+      "published_at": "2026-03-18T03:52:01+00:00",
+      "updated_at": "2026-03-18T03:52:07+00:00",
+      "official_source_url": "",
+      "secondary_source_urls": [],
+      "aliases": [],
+      "secure_code_topics": [
+        "authz-server-side-recheck",
+        "token-cookie-storage",
+        "proxy-trust-boundary"
+      ],
+      "verification_status": "verified-real",
+      "verification_mode": "real",
+      "artifact_mode": "local-fixture",
+      "blocked_reason": null,
+      "browser_evidence": {
+        "required": true,
+        "present": true,
+        "refs": [
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/baseline.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/baseline-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/baseline-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/baseline-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/baseline-page.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/proof.png",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/assets/proof-dom.html",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/proof-console.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/proof-network.json",
+          "/Users/x/websafe/06-case-studies/generated-runs/gitea-gitea--CVE-2021-3382-20260318035201/logs/proof-page.json"
+        ]
+      }
+    },
     "profile_meta": {
       "profile_id": "gitea-proxy-boundary",
       "vuln_family": "proxy-boundary",
@@ -40188,6 +44020,7 @@
       ]
     },
     "reasoning_lines": [
+      "Derived from latest run gitea-gitea--CVE-2021-3382-20260318035201",
       "Seed forwarded-header boundary fixture with clean state.",
       "Runner performs local forwarded-header trust proof only inside the fixture.",
       "Local fixture proves trusted proxy headers cross the admin boundary."
diff --git a/08-threat-intel/generated/dashboard/summary.json b/08-threat-intel/generated/dashboard/summary.json
index 8b79ff80..7f99c44b 100644
--- a/08-threat-intel/generated/dashboard/summary.json
+++ b/08-threat-intel/generated/dashboard/summary.json
@@ -1,8 +1,10 @@
 {
-  "generated_at": "2026-03-18T17:52:49+00:00",
-  "advisory_count": 0,
+  "generated_at": "2026-03-18T17:56:12+00:00",
+  "advisory_count": 89,
   "run_count": 140,
-  "statuses": {},
+  "statuses": {
+    "verified-real": 89
+  },
   "run_statuses": {
     "verified-real": 136,
     "blocked-artifact": 3,
@@ -16,15 +18,162 @@
     "open_alert_count": 0,
     "last_fully_green_run": "2026-03-18T17:44:31+00:00"
   },
-  "systems": [],
+  "systems": [
+    {
+      "system_id": "gitea",
+      "display_name": "Gitea",
+      "total": 37,
+      "verified_real": 37,
+      "verified_synthetic": 0,
+      "blocked": 0,
+      "manual": 0,
+      "browser_required": 33,
+      "browser_present": 33,
+      "latest_update": "2026-03-18T03:55:13+00:00",
+      "category": "platforms",
+      "tier": "rolling-24m",
+      "output_dir": "07-framework-security/platforms/gitea",
+      "families": [
+        {
+          "family": "authz-bypass",
+          "total": 3,
+          "verified_real": 3,
+          "manual": 0
+        },
+        {
+          "family": "file-upload",
+          "total": 2,
+          "verified_real": 2,
+          "manual": 0
+        },
+        {
+          "family": "proxy-boundary",
+          "total": 26,
+          "verified_real": 26,
+          "manual": 0
+        },
+        {
+          "family": "ssrf",
+          "total": 1,
+          "verified_real": 1,
+          "manual": 0
+        },
+        {
+          "family": "xss",
+          "total": 5,
+          "verified_real": 5,
+          "manual": 0
+        }
+      ]
+    },
+    {
+      "system_id": "nextjs",
+      "display_name": "Next.js",
+      "total": 26,
+      "verified_real": 26,
+      "verified_synthetic": 0,
+      "blocked": 0,
+      "manual": 0,
+      "browser_required": 21,
+      "browser_present": 21,
+      "latest_update": "2026-03-18T03:58:55+00:00",
+      "category": "frameworks",
+      "tier": "history-full",
+      "output_dir": "07-framework-security/frameworks/nextjs",
+      "families": [
+        {
+          "family": "authz-bypass",
+          "total": 2,
+          "verified_real": 2,
+          "manual": 0
+        },
+        {
+          "family": "deserialization",
+          "total": 1,
+          "verified_real": 1,
+          "manual": 0
+        },
+        {
+          "family": "proxy-boundary",
+          "total": 19,
+          "verified_real": 19,
+          "manual": 0
+        },
+        {
+          "family": "ssrf",
+          "total": 2,
+          "verified_real": 2,
+          "manual": 0
+        },
+        {
+          "family": "xss",
+          "total": 2,
+          "verified_real": 2,
+          "manual": 0
+        }
+      ]
+    },
+    {
+      "system_id": "undici",
+      "display_name": "Undici",
+      "total": 14,
+      "verified_real": 14,
+      "verified_synthetic": 0,
+      "blocked": 0,
+      "manual": 0,
+      "browser_required": 0,
+      "browser_present": 0,
+      "latest_update": "2026-03-18T04:03:36+00:00",
+      "category": "frameworks",
+      "tier": "rolling-24m",
+      "output_dir": "07-framework-security/frameworks/undici",
+      "families": [
+        {
+          "family": "ssrf",
+          "total": 14,
+          "verified_real": 14,
+          "manual": 0
+        }
+      ]
+    },
+    {
+      "system_id": "vite",
+      "display_name": "Vite",
+      "total": 12,
+      "verified_real": 12,
+      "verified_synthetic": 0,
+      "blocked": 0,
+      "manual": 0,
+      "browser_required": 12,
+      "browser_present": 12,
+      "latest_update": "2026-03-18T04:06:05+00:00",
+      "category": "frameworks",
+      "tier": "history-full",
+      "output_dir": "07-framework-security/frameworks/vite",
+      "families": [
+        {
+          "family": "proxy-boundary",
+          "total": 11,
+          "verified_real": 11,
+          "manual": 0
+        },
+        {
+          "family": "xss",
+          "total": 1,
+          "verified_real": 1,
+          "manual": 0
+        }
+      ]
+    }
+  ],
   "completeness": {
-    "advisory_total": 0,
-    "verified_real": 0,
+    "advisory_total": 89,
+    "verified_real": 89,
     "verified_synthetic": 0,
     "blocked": 0,
     "manual": 0,
-    "verified_ratio": 0.0,
-    "complete": false,
+    "verified_ratio": 100.0,
+    "complete": true,
     "source_failure_count": 0,
     "active_source_count": 110,
     "open_alert_count": 0
diff --git a/08-threat-intel/generated/dashboard/systems.json b/08-threat-intel/generated/dashboard/systems.json
index fe51488c..703b6bf6 100644
--- a/08-threat-intel/generated/dashboard/systems.json
+++ b/08-threat-intel/generated/dashboard/systems.json
@@ -1 +1,148 @@
-[]
+[
+  {
+    "system_id": "gitea",
+    "display_name": "Gitea",
+    "total": 37,
+    "verified_real": 37,
+    "verified_synthetic": 0,
+    "blocked": 0,
+    "manual": 0,
+    "browser_required": 33,
+    "browser_present": 33,
+    "latest_update": "2026-03-18T03:55:13+00:00",
+    "category": "platforms",
+    "tier": "rolling-24m",
+    "output_dir": "07-framework-security/platforms/gitea",
+    "families": [
+      {
+        "family": "authz-bypass",
+        "total": 3,
+        "verified_real": 3,
+        "manual": 0
+      },
+      {
+        "family": "file-upload",
+        "total": 2,
+        "verified_real": 2,
+        "manual": 0
+      },
+      {
+        "family": "proxy-boundary",
+        "total": 26,
+        "verified_real": 26,
+        "manual": 0
+      },
+      {
+        "family": "ssrf",
+        "total": 1,
+        "verified_real": 1,
+        "manual": 0
+      },
+      {
+        "family": "xss",
+        "total": 5,
+        "verified_real": 5,
+        "manual": 0
+      }
+    ]
+  },
+  {
+    "system_id": "nextjs",
+    "display_name": "Next.js",
+    "total": 26,
+    "verified_real": 26,
+    "verified_synthetic": 0,
+    "blocked": 0,
+    "manual": 0,
+    "browser_required": 21,
+    "browser_present": 21,
+    "latest_update": "2026-03-18T03:58:55+00:00",
+    "category": "frameworks",
+    "tier": "history-full",
+    "output_dir": "07-framework-security/frameworks/nextjs",
+    "families": [
+      {
+        "family": "authz-bypass",
+        "total": 2,
+        "verified_real": 2,
+        "manual": 0
+      },
+      {
+        "family": "deserialization",
+        "total": 1,
+        "verified_real": 1,
+        "manual": 0
+      },
+      {
+        "family": "proxy-boundary",
+        "total": 19,
+        "verified_real": 19,
+        "manual": 0
+      },
+      {
+        "family": "ssrf",
+        "total": 2,
+        "verified_real": 2,
+        "manual": 0
+      },
+      {
+        "family": "xss",
+        "total": 2,
+        "verified_real": 2,
+        "manual": 0
+      }
+    ]
+  },
+  {
+    "system_id": "undici",
+    "display_name": "Undici",
+    "total": 14,
+    "verified_real": 14,
+    "verified_synthetic": 0,
+    "blocked": 0,
+    "manual": 0,
+    "browser_required": 0,
+    "browser_present": 0,
+    "latest_update": "2026-03-18T04:03:36+00:00",
+    "category": "frameworks",
+    "tier": "rolling-24m",
+    "output_dir": "07-framework-security/frameworks/undici",
+    "families": [
+      {
+        "family": "ssrf",
+        "total": 14,
+        "verified_real": 14,
+        "manual": 0
+      }
+    ]
+  },
+  {
+    "system_id": "vite",
+    "display_name": "Vite",
+    "total": 12,
+    "verified_real": 12,
+    "verified_synthetic": 0,
+    "blocked": 0,
+    "manual": 0,
+    "browser_required": 12,
+    "browser_present": 12,
+    "latest_update": "2026-03-18T04:06:05+00:00",
+    "category": "frameworks",
+    "tier": "history-full",
+    "output_dir": "07-framework-security/frameworks/vite",
+    "families": [
+      {
+        "family": "proxy-boundary",
+        "total": 11,
+        "verified_real": 11,
+        "manual": 0
+      },
+      {
+        "family": "xss",
+        "total": 1,
+        "verified_real": 1,
+        "manual": 0
+      }
+    ]
+  }
+]
diff --git a/08-threat-intel/generated/source-catalog-audit.json b/08-threat-intel/generated/source-catalog-audit.json
index f3503cab..9fc0f6da 100644
--- a/08-threat-intel/generated/source-catalog-audit.json
+++ b/08-threat-intel/generated/source-catalog-audit.json
@@ -1,5 +1,5 @@
 {
-  "generated_at": "2026-03-18T17:41:42+00:00",
+  "generated_at": "2026-03-18T17:58:07+00:00",
   "system_count": 62,
   "source_count": 146,
   "active_source_count": 110,
diff --git a/08-threat-intel/generated/source-catalog-audit.md b/08-threat-intel/generated/source-catalog-audit.md
index 10d3a570..a576695d 100644
--- a/08-threat-intel/generated/source-catalog-audit.md
+++ b/08-threat-intel/generated/source-catalog-audit.md
@@ -1,6 +1,6 @@
 # Source Catalog Audit
 
-- generated_at: `2026-03-18T17:41:42+00:00`
+- generated_at: `2026-03-18T17:58:07+00:00`
 - systems: `62`
 - sources: `146`
 - active_sources: `110`
diff --git a/docs/testing-completeness-report.md b/docs/testing-completeness-report.md
index 187b8ad7..37c6cc64 100644
--- a/docs/testing-completeness-report.md
+++ b/docs/testing-completeness-report.md
@@ -1,11 +1,11 @@
 # 全库 Advisory 完整度报告
 
-- 生成时间: `2026-03-18T17:52:49+00:00`
-- 最新 advisory 完整度: `0/0` `verified-real`
+- 生成时间: `2026-03-18T17:56:12+00:00`
+- 最新 advisory 完整度: `89/89` `verified-real`
 - 合成验证数量: `0`
 - 阻塞数量: `0`
 - 人工/待补证据数量: `0`
-- 完整度百分比: `0.0%`
+- 完整度百分比: `100.0%`
 - active source 全绿: `110/110`
 - source open alerts: `0`
 - 最近一次 source 全绿: `2026-03-18T17:44:31+00:00`
@@ -14,6 +14,10 @@
 
 | 系统 | 总数 | verified-real | verified-synthetic | blocked | manual | family 覆盖 |
 | --- | ---: | ---: | ---: | ---: | ---: | --- |
+| gitea | 37 | 37 | 0 | 0 | 0 | authz-bypass(3/3), file-upload(2/2), proxy-boundary(26/26), ssrf(1/1), xss(5/5) |
+| nextjs | 26 | 26 | 0 | 0 | 0 | authz-bypass(2/2), deserialization(1/1), proxy-boundary(19/19), ssrf(2/2), xss(2/2) |
+| undici | 14 | 14 | 0 | 0 | 0 | ssrf(14/14) |
+| vite | 12 | 12 | 0 | 0 | 0 | proxy-boundary(11/11), xss(1/1) |
 
 ## 历史阻塞项修复纪要