更新: 178 个文件 - 2026-03-18 07:47:37

2026-03-18 07:47:37 -07:00
--- a/08-threat-intel/generated/dashboard/summary.json
+++ b/08-threat-intel/generated/dashboard/summary.json
@@ -1,171 +1,90 @@
 {
-  "generated_at": "2026-03-18T14:22:56+00:00",
-  "advisory_count": 89,
+  "generated_at": "2026-03-18T14:45:55+00:00",
+  "advisory_count": 5,
  "run_count": 140,
  "statuses": {
-    "verified-real": 89
+    "triage-manual": 5
  },
  "run_statuses": {
    "verified-real": 136,
    "blocked-artifact": 3,
    "triage-manual": 1
  },
-  "recent_failures": [],
-  "systems": [
+  "recent_failures": [
    {
-      "system_id": "gitea",
-      "display_name": "Gitea",
-      "total": 37,
-      "verified_real": 37,
-      "verified_synthetic": 0,
-      "blocked": 0,
-      "manual": 0,
-      "browser_required": 5,
-      "browser_present": 33,
-      "latest_update": "2026-03-03T04:57:57.697708Z",
-      "category": "platforms",
-      "tier": "rolling-24m",
-      "output_dir": "07-framework-security/platforms/gitea",
-      "families": [
-        {
-          "family": "authz-bypass",
-          "total": 3,
-          "verified_real": 3,
-          "manual": 0
-        },
-        {
-          "family": "file-upload",
-          "total": 2,
-          "verified_real": 2,
-          "manual": 0
-        },
-        {
-          "family": "proxy-boundary",
-          "total": 26,
-          "verified_real": 26,
-          "manual": 0
-        },
-        {
-          "family": "ssrf",
-          "total": 1,
-          "verified_real": 1,
-          "manual": 0
-        },
-        {
-          "family": "xss",
-          "total": 5,
-          "verified_real": 5,
-          "manual": 0
-        }
-      ]
+      "run_id": null,
+      "advisory_id": "nextjs--CVE-2026-27979",
+      "status": "triage-manual",
+      "title": "Next.js: Unbounded postponed resume buffering can lead to DoS",
+      "blocked_reason": null
    },
+    {
+      "run_id": null,
+      "advisory_id": "nextjs--CVE-2026-27980",
+      "status": "triage-manual",
+      "title": "Next.js: Unbounded next/image disk cache growth can exhaust storage",
+      "blocked_reason": null
+    },
+    {
+      "run_id": null,
+      "advisory_id": "nextjs--CVE-2026-29057",
+      "status": "triage-manual",
+      "title": "Next.js: HTTP request smuggling in rewrites",
+      "blocked_reason": null
+    },
+    {
+      "run_id": null,
+      "advisory_id": "nextjs--CVE-2026-27978",
+      "status": "triage-manual",
+      "title": "Next.js: null origin can bypass Server Actions CSRF checks",
+      "blocked_reason": null
+    },
+    {
+      "run_id": null,
+      "advisory_id": "nextjs--CVE-2026-27977",
+      "status": "triage-manual",
+      "title": "Next.js: null origin can bypass dev HMR websocket CSRF checks",
+      "blocked_reason": null
+    }
+  ],
+  "systems": [
    {
      "system_id": "nextjs",
      "display_name": "Next.js",
-      "total": 26,
-      "verified_real": 26,
+      "total": 5,
+      "verified_real": 0,
      "verified_synthetic": 0,
      "blocked": 0,
-      "manual": 0,
-      "browser_required": 2,
-      "browser_present": 21,
-      "latest_update": "2026-03-13T22:14:13.665535Z",
+      "manual": 5,
+      "browser_required": 0,
+      "browser_present": 0,
+      "latest_update": "2026-03-17T16:31:34.160932Z",
      "category": "frameworks",
      "tier": "history-full",
      "output_dir": "07-framework-security/frameworks/nextjs",
      "families": [
-        {
-          "family": "authz-bypass",
-          "total": 2,
-          "verified_real": 2,
-          "manual": 0
-        },
-        {
-          "family": "deserialization",
-          "total": 1,
-          "verified_real": 1,
-          "manual": 0
-        },
        {
          "family": "proxy-boundary",
-          "total": 19,
-          "verified_real": 19,
-          "manual": 0
+          "total": 4,
+          "verified_real": 0,
+          "manual": 4
        },
        {
-          "family": "ssrf",
-          "total": 2,
-          "verified_real": 2,
-          "manual": 0
-        },
-        {
-          "family": "xss",
-          "total": 2,
-          "verified_real": 2,
-          "manual": 0
-        }
-      ]
-    },
-    {
-      "system_id": "undici",
-      "display_name": "Undici",
-      "total": 14,
-      "verified_real": 14,
-      "verified_synthetic": 0,
-      "blocked": 0,
-      "manual": 0,
-      "browser_required": 0,
-      "browser_present": 0,
-      "latest_update": "2026-03-14T09:19:54.772219Z",
-      "category": "frameworks",
-      "tier": "rolling-24m",
-      "output_dir": "07-framework-security/frameworks/undici",
-      "families": [
-        {
-          "family": "ssrf",
-          "total": 14,
-          "verified_real": 14,
-          "manual": 0
-        }
-      ]
-    },
-    {
-      "system_id": "vite",
-      "display_name": "Vite",
-      "total": 12,
-      "verified_real": 12,
-      "verified_synthetic": 0,
-      "blocked": 0,
-      "manual": 0,
-      "browser_required": 3,
-      "browser_present": 12,
-      "latest_update": "2026-02-04T04:37:24.129476Z",
-      "category": "frameworks",
-      "tier": "history-full",
-      "output_dir": "07-framework-security/frameworks/vite",
-      "families": [
-        {
-          "family": "proxy-boundary",
-          "total": 11,
-          "verified_real": 11,
-          "manual": 0
-        },
-        {
-          "family": "xss",
+          "family": "request-smuggling",
          "total": 1,
-          "verified_real": 1,
-          "manual": 0
+          "verified_real": 0,
+          "manual": 1
        }
      ]
    }
  ],
  "completeness": {
-    "advisory_total": 89,
-    "verified_real": 89,
+    "advisory_total": 5,
+    "verified_real": 0,
    "verified_synthetic": 0,
    "blocked": 0,
-    "manual": 0,
-    "verified_ratio": 100.0,
-    "complete": true
+    "manual": 5,
+    "verified_ratio": 0.0,
+    "complete": false
  }
 }