diff --git a/08-threat-intel/generated/dashboard/architecture.json b/08-threat-intel/generated/dashboard/architecture.json
index e3569a02..8f380b44 100644
--- a/08-threat-intel/generated/dashboard/architecture.json
+++ b/08-threat-intel/generated/dashboard/architecture.json
@@ -1,5 +1,5 @@
{
- "generated_at": "2026-03-18T21:21:45+00:00",
+ "generated_at": "2026-03-18T21:23:23+00:00",
"title": "\u5f53\u524d\u67b6\u6784\u5e93",
"summary": "\u5de5\u4f5c\u53f0\u3001\u63a7\u5236\u9762\u3001\u6570\u636e\u5c42\u3001\u6388\u6743\u8fb9\u754c\u4e0e\u7cfb\u7edf\u8986\u76d6\u7684\u5f53\u524d\u771f\u503c\u89c6\u56fe\u3002",
"sections": [
@@ -49,7 +49,7 @@
},
{
"label": "\u751f\u6210\u65f6\u95f4",
- "value": "2026-03-18T21:21:45+00:00"
+ "value": "2026-03-18T21:23:23+00:00"
}
],
"links": [
diff --git a/08-threat-intel/generated/dashboard/data/completeness.json b/08-threat-intel/generated/dashboard/data/completeness.json
index c8c06555..2a139a7b 100644
--- a/08-threat-intel/generated/dashboard/data/completeness.json
+++ b/08-threat-intel/generated/dashboard/data/completeness.json
@@ -1,8 +1,9 @@
{
- "generated_at": "2026-03-18T21:21:45+00:00",
- "advisory_total": 2392,
+ "generated_at": "2026-03-18T21:23:23+00:00",
+ "advisory_total": 89,
+ "registry_advisory_total": 2392,
+ "scope": "latest-run-backed-advisories",
"latest_statuses": {
- "triage-manual": 2303,
"verified-real": 89
},
"historical_statuses": {
@@ -13,539 +14,18 @@
"verified_real": 89,
"verified_synthetic": 0,
"blocked": 0,
- "manual": 2303,
- "verified_ratio": 3.7,
- "complete": false,
+ "manual": 0,
+ "verified_ratio": 100.0,
+ "complete": true,
"systems": [
- {
- "system_id": "adminer",
- "display_name": "Adminer",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2,
- "families": [
- {
- "family": "xss",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2
- }
- ]
- },
- {
- "system_id": "adobe-commerce",
- "display_name": "Adobe Commerce",
- "total": 81,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 81,
- "families": [
- {
- "family": "xss",
- "total": 81,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 81
- }
- ]
- },
- {
- "system_id": "angular",
- "display_name": "Angular",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2,
- "families": [
- {
- "family": "xss",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2
- }
- ]
- },
- {
- "system_id": "apache-httpd",
- "display_name": "Apache HTTP Server",
- "total": 135,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 135,
- "families": [
- {
- "family": "authz-bypass",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "file-upload",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "proxy-boundary",
- "total": 128,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 128
- },
- {
- "family": "ssrf",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "xss",
- "total": 4,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 4
- }
- ]
- },
- {
- "system_id": "apache-tomcat",
- "display_name": "Apache Tomcat",
- "total": 136,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 136,
- "families": [
- {
- "family": "authz-bypass",
- "total": 108,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 108
- },
- {
- "family": "file-upload",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2
- },
- {
- "family": "path-traversal",
- "total": 3,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 3
- },
- {
- "family": "plugin-extension",
- "total": 5,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 5
- },
- {
- "family": "proxy-boundary",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "session-token",
- "total": 4,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 4
- },
- {
- "family": "xss",
- "total": 13,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 13
- }
- ]
- },
- {
- "system_id": "aspnet-core",
- "display_name": "ASP.NET Core",
- "total": 3,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 3,
- "families": [
- {
- "family": "xss",
- "total": 3,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 3
- }
- ]
- },
- {
- "system_id": "astro",
- "display_name": "Astro",
- "total": 14,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 14,
- "families": [
- {
- "family": "authz-bypass",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "file-upload",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2
- },
- {
- "family": "path-traversal",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "proxy-boundary",
- "total": 3,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 3
- },
- {
- "family": "xss",
- "total": 7,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 7
- }
- ]
- },
- {
- "system_id": "caddy",
- "display_name": "Caddy",
- "total": 27,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 27,
- "families": [
- {
- "family": "authz-bypass",
- "total": 5,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 5
- },
- {
- "family": "file-upload",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "proxy-boundary",
- "total": 21,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 21
- }
- ]
- },
- {
- "system_id": "directus",
- "display_name": "Directus",
- "total": 29,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 29,
- "families": [
- {
- "family": "authz-bypass",
- "total": 3,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 3
- },
- {
- "family": "file-upload",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "session-token",
- "total": 24,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 24
- },
- {
- "family": "xss",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "discourse",
- "display_name": "Discourse",
- "total": 30,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 30,
- "families": [
- {
- "family": "xss",
- "total": 30,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 30
- }
- ]
- },
- {
- "system_id": "django",
- "display_name": "Django",
- "total": 82,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 82,
- "families": [
- {
- "family": "xss",
- "total": 82,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 82
- }
- ]
- },
- {
- "system_id": "drupal",
- "display_name": "Drupal",
- "total": 70,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 70,
- "families": [
- {
- "family": "xss",
- "total": 70,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 70
- }
- ]
- },
- {
- "system_id": "echo",
- "display_name": "Echo",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2,
- "families": [
- {
- "family": "authz-bypass",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "ssrf",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "esbuild",
- "display_name": "esbuild",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1,
- "families": [
- {
- "family": "file-upload",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "express",
- "display_name": "Express",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1,
- "families": [
- {
- "family": "xss",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "fastify",
- "display_name": "Fastify",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1,
- "families": [
- {
- "family": "xss",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "flask",
- "display_name": "Flask",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1,
- "families": [
- {
- "family": "xss",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "ghost",
- "display_name": "Ghost",
- "total": 23,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 23,
- "families": [
- {
- "family": "xss",
- "total": 23,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 23
- }
- ]
- },
- {
- "system_id": "gin",
- "display_name": "Gin",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1,
- "families": [
- {
- "family": "xss",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
{
"system_id": "gitea",
"display_name": "Gitea",
- "total": 50,
+ "total": 37,
"verified_real": 37,
"verified_synthetic": 0,
"blocked": 0,
- "manual": 13,
+ "manual": 0,
"families": [
{
"family": "authz-bypass",
@@ -565,11 +45,11 @@
},
{
"family": "proxy-boundary",
- "total": 39,
+ "total": 26,
"verified_real": 26,
"verified_synthetic": 0,
"blocked": 0,
- "manual": 13
+ "manual": 0
},
{
"family": "ssrf",
@@ -589,331 +69,14 @@
}
]
},
- {
- "system_id": "gitlab-ce",
- "display_name": "GitLab CE",
- "total": 55,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 55,
- "families": [
- {
- "family": "deserialization",
- "total": 55,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 55
- }
- ]
- },
- {
- "system_id": "grafana",
- "display_name": "Grafana",
- "total": 60,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 60,
- "families": [
- {
- "family": "xss",
- "total": 60,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 60
- }
- ]
- },
- {
- "system_id": "hapi",
- "display_name": "Hapi",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1,
- "families": [
- {
- "family": "proxy-boundary",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "haproxy",
- "display_name": "HAProxy",
- "total": 6,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 6,
- "families": [
- {
- "family": "proxy-boundary",
- "total": 6,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 6
- }
- ]
- },
- {
- "system_id": "jenkins",
- "display_name": "Jenkins",
- "total": 60,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 60,
- "families": [
- {
- "family": "deserialization",
- "total": 60,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 60
- }
- ]
- },
- {
- "system_id": "joomla",
- "display_name": "Joomla",
- "total": 100,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 100,
- "families": [
- {
- "family": "xss",
- "total": 100,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 100
- }
- ]
- },
- {
- "system_id": "kibana",
- "display_name": "Kibana",
- "total": 41,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 41,
- "families": [
- {
- "family": "xss",
- "total": 41,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 41
- }
- ]
- },
- {
- "system_id": "koa",
- "display_name": "Koa",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1,
- "families": [
- {
- "family": "xss",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "laravel",
- "display_name": "Laravel",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2,
- "families": [
- {
- "family": "xss",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2
- }
- ]
- },
- {
- "system_id": "magento-open-source",
- "display_name": "Magento Open Source",
- "total": 89,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 89,
- "families": [
- {
- "family": "authz-bypass",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "file-upload",
- "total": 3,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 3
- },
- {
- "family": "plugin-extension",
- "total": 67,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 67
- },
- {
- "family": "sqli",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "xss",
- "total": 17,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 17
- }
- ]
- },
- {
- "system_id": "mattermost",
- "display_name": "Mattermost",
- "total": 20,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 20,
- "families": [
- {
- "family": "xss",
- "total": 20,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 20
- }
- ]
- },
- {
- "system_id": "mediawiki",
- "display_name": "MediaWiki",
- "total": 70,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 70,
- "families": [
- {
- "family": "xss",
- "total": 70,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 70
- }
- ]
- },
- {
- "system_id": "medusa",
- "display_name": "Medusa",
- "total": 15,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 15,
- "families": [
- {
- "family": "session-token",
- "total": 15,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 15
- }
- ]
- },
- {
- "system_id": "moodle",
- "display_name": "Moodle",
- "total": 40,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 40,
- "families": [
- {
- "family": "xss",
- "total": 40,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 40
- }
- ]
- },
- {
- "system_id": "nestjs",
- "display_name": "NestJS",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2,
- "families": [
- {
- "family": "ssrf",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2
- }
- ]
- },
{
"system_id": "nextjs",
"display_name": "Next.js",
- "total": 66,
+ "total": 26,
"verified_real": 26,
"verified_synthetic": 0,
"blocked": 0,
- "manual": 40,
+ "manual": 0,
"families": [
{
"family": "authz-bypass",
@@ -933,19 +96,11 @@
},
{
"family": "proxy-boundary",
- "total": 55,
+ "total": 19,
"verified_real": 19,
"verified_synthetic": 0,
"blocked": 0,
- "manual": 36
- },
- {
- "family": "request-smuggling",
- "total": 3,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 3
+ "manual": 0
},
{
"family": "ssrf",
@@ -957,737 +112,57 @@
},
{
"family": "xss",
- "total": 3,
+ "total": 2,
"verified_real": 2,
"verified_synthetic": 0,
"blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "nginx",
- "display_name": "Nginx",
- "total": 110,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 110,
- "families": [
- {
- "family": "authz-bypass",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2
- },
- {
- "family": "proxy-boundary",
- "total": 107,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 107
- },
- {
- "family": "sqli",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "nodejs",
- "display_name": "Node.js",
- "total": 8,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 8,
- "families": [
- {
- "family": "ssrf",
- "total": 8,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 8
- }
- ]
- },
- {
- "system_id": "nuxt",
- "display_name": "Nuxt",
- "total": 28,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 28,
- "families": [
- {
- "family": "proxy-boundary",
- "total": 26,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 26
- },
- {
- "family": "xss",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2
- }
- ]
- },
- {
- "system_id": "opencart",
- "display_name": "OpenCart",
- "total": 100,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 100,
- "families": [
- {
- "family": "deserialization",
- "total": 3,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 3
- },
- {
- "family": "plugin-extension",
- "total": 69,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 69
- },
- {
- "family": "sqli",
- "total": 12,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 12
- },
- {
- "family": "ssrf",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "template-injection",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "xss",
- "total": 14,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 14
- }
- ]
- },
- {
- "system_id": "openmage",
- "display_name": "OpenMage / Mage-OS",
- "total": 27,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 27,
- "families": [
- {
- "family": "plugin-extension",
- "total": 22,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 22
- },
- {
- "family": "xss",
- "total": 5,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 5
- }
- ]
- },
- {
- "system_id": "phpmyadmin",
- "display_name": "phpMyAdmin",
- "total": 50,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 50,
- "families": [
- {
- "family": "xss",
- "total": 50,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 50
- }
- ]
- },
- {
- "system_id": "prestashop",
- "display_name": "PrestaShop",
- "total": 112,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 112,
- "families": [
- {
- "family": "file-upload",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "plugin-extension",
- "total": 91,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 91
- },
- {
- "family": "sqli",
- "total": 4,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 4
- },
- {
- "family": "xss",
- "total": 16,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 16
- }
- ]
- },
- {
- "system_id": "rails",
- "display_name": "Ruby on Rails",
- "total": 42,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 42,
- "families": [
- {
- "family": "xss",
- "total": 42,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 42
- }
- ]
- },
- {
- "system_id": "react",
- "display_name": "React",
- "total": 21,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 21,
- "families": [
- {
- "family": "xss",
- "total": 21,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 21
- }
- ]
- },
- {
- "system_id": "redmine",
- "display_name": "Redmine",
- "total": 50,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 50,
- "families": [
- {
- "family": "xss",
- "total": 50,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 50
- }
- ]
- },
- {
- "system_id": "saleor",
- "display_name": "Saleor",
- "total": 24,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 24,
- "families": [
- {
- "family": "plugin-extension",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "session-token",
- "total": 22,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 22
- },
- {
- "family": "xss",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "shopware",
- "display_name": "Shopware",
- "total": 71,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 71,
- "families": [
- {
- "family": "authz-bypass",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2
- },
- {
- "family": "deserialization",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "plugin-extension",
- "total": 55,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 55
- },
- {
- "family": "sqli",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2
- },
- {
- "family": "ssrf",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "xss",
- "total": 10,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 10
- }
- ]
- },
- {
- "system_id": "spring-boot",
- "display_name": "Spring Boot",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2,
- "families": [
- {
- "family": "authz-bypass",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "proxy-boundary",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "spring-framework",
- "display_name": "Spring Framework",
- "total": 11,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 11,
- "families": [
- {
- "family": "authz-bypass",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "deserialization",
- "total": 9,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 9
- },
- {
- "family": "sqli",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "spring-security",
- "display_name": "Spring Security",
- "total": 3,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 3,
- "families": [
- {
- "family": "authz-bypass",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "proxy-boundary",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2
- }
- ]
- },
- {
- "system_id": "strapi",
- "display_name": "Strapi",
- "total": 26,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 26,
- "families": [
- {
- "family": "authz-bypass",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
- {
- "family": "session-token",
- "total": 25,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 25
- }
- ]
- },
- {
- "system_id": "sveltekit",
- "display_name": "SvelteKit",
- "total": 3,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 3,
- "families": [
- {
- "family": "deserialization",
- "total": 3,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 3
- }
- ]
- },
- {
- "system_id": "symfony",
- "display_name": "Symfony",
- "total": 9,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 9,
- "families": [
- {
- "family": "xss",
- "total": 9,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 9
- }
- ]
- },
- {
- "system_id": "traefik",
- "display_name": "Traefik",
- "total": 43,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 43,
- "families": [
- {
- "family": "authz-bypass",
- "total": 3,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 3
- },
- {
- "family": "file-upload",
- "total": 2,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 2
- },
- {
- "family": "proxy-boundary",
- "total": 37,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 37
- },
- {
- "family": "request-smuggling",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
+ "manual": 0
}
]
},
{
"system_id": "undici",
"display_name": "Undici",
- "total": 23,
+ "total": 14,
"verified_real": 14,
"verified_synthetic": 0,
"blocked": 0,
- "manual": 9,
+ "manual": 0,
"families": [
- {
- "family": "authz-bypass",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- },
{
"family": "ssrf",
- "total": 22,
+ "total": 14,
"verified_real": 14,
"verified_synthetic": 0,
"blocked": 0,
- "manual": 8
+ "manual": 0
}
]
},
{
"system_id": "vite",
"display_name": "Vite",
- "total": 42,
+ "total": 12,
"verified_real": 12,
"verified_synthetic": 0,
"blocked": 0,
- "manual": 30,
+ "manual": 0,
"families": [
{
"family": "proxy-boundary",
- "total": 39,
+ "total": 11,
"verified_real": 11,
"verified_synthetic": 0,
"blocked": 0,
- "manual": 28
+ "manual": 0
},
{
"family": "xss",
- "total": 3,
+ "total": 1,
"verified_real": 1,
"verified_synthetic": 0,
"blocked": 0,
- "manual": 2
- }
- ]
- },
- {
- "system_id": "vue",
- "display_name": "Vue",
- "total": 15,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 15,
- "families": [
- {
- "family": "xss",
- "total": 15,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 15
- }
- ]
- },
- {
- "system_id": "webpack",
- "display_name": "webpack",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1,
- "families": [
- {
- "family": "file-upload",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "werkzeug",
- "display_name": "Werkzeug",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1,
- "families": [
- {
- "family": "proxy-boundary",
- "total": 1,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 1
- }
- ]
- },
- {
- "system_id": "woocommerce",
- "display_name": "WooCommerce",
- "total": 111,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 111,
- "families": [
- {
- "family": "xss",
- "total": 111,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 111
- }
- ]
- },
- {
- "system_id": "wordpress",
- "display_name": "WordPress",
- "total": 140,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 140,
- "families": [
- {
- "family": "xss",
- "total": 140,
- "verified_real": 0,
- "verified_synthetic": 0,
- "blocked": 0,
- "manual": 140
+ "manual": 0
}
]
}
diff --git a/08-threat-intel/generated/dashboard/docs/architecture-library.html b/08-threat-intel/generated/dashboard/docs/architecture-library.html
index 7c8ad671..87520b7b 100644
--- a/08-threat-intel/generated/dashboard/docs/architecture-library.html
+++ b/08-threat-intel/generated/dashboard/docs/architecture-library.html
@@ -87,7 +87,7 @@
当前架构库镜像
工作台内置镜像页:当前架构库结构化数据镜像。
{
- "generated_at": "2026-03-18T21:21:45+00:00",
+ "generated_at": "2026-03-18T21:23:23+00:00",
"title": "当前架构库",
"summary": "工作台、控制面、数据层、授权边界与系统覆盖的当前真值视图。",
"sections": [
@@ -137,7 +137,7 @@
},
{
"label": "生成时间",
- "value": "2026-03-18T21:21:45+00:00"
+ "value": "2026-03-18T21:23:23+00:00"
}
],
"links": [
diff --git a/08-threat-intel/generated/dashboard/docs/testing-completeness-report.html b/08-threat-intel/generated/dashboard/docs/testing-completeness-report.html
index 653ed945..02304283 100644
--- a/08-threat-intel/generated/dashboard/docs/testing-completeness-report.html
+++ b/08-threat-intel/generated/dashboard/docs/testing-completeness-report.html
@@ -88,12 +88,12 @@
工作台内置镜像页:89 条 advisory 最新完整度、family 矩阵与 ingest 健康度。
# 全库 Advisory 完整度报告
-- 生成时间: `2026-03-18T21:21:45+00:00`
-- 最新 advisory 完整度: `89/2392` `verified-real`
+- 生成时间: `2026-03-18T21:23:23+00:00`
+- 最新 advisory 完整度: `89/89` `verified-real`
- 合成验证数量: `0`
- 阻塞数量: `0`
-- 人工/待补证据数量: `2303`
-- 完整度百分比: `3.7%`
+- 人工/待补证据数量: `0`
+- 完整度百分比: `100.0%`
- active source 全绿: `125/125`
- source open alerts: `0`
- 最近一次 source 全绿: `2026-03-18T21:09:25+00:00`
@@ -102,68 +102,10 @@
| 系统 | 总数 | verified-real | verified-synthetic | blocked | manual | family 覆盖 |
| --- | ---: | ---: | ---: | ---: | ---: | --- |
-| adminer | 2 | 0 | 0 | 0 | 2 | xss(0/2) |
-| adobe-commerce | 81 | 0 | 0 | 0 | 81 | xss(0/81) |
-| angular | 2 | 0 | 0 | 0 | 2 | xss(0/2) |
-| apache-httpd | 135 | 0 | 0 | 0 | 135 | authz-bypass(0/1), file-upload(0/1), proxy-boundary(0/128), ssrf(0/1), xss(0/4) |
-| apache-tomcat | 136 | 0 | 0 | 0 | 136 | authz-bypass(0/108), file-upload(0/2), path-traversal(0/3), plugin-extension(0/5), proxy-boundary(0/1), session-token(0/4), xss(0/13) |
-| aspnet-core | 3 | 0 | 0 | 0 | 3 | xss(0/3) |
-| astro | 14 | 0 | 0 | 0 | 14 | authz-bypass(0/1), file-upload(0/2), path-traversal(0/1), proxy-boundary(0/3), xss(0/7) |
-| caddy | 27 | 0 | 0 | 0 | 27 | authz-bypass(0/5), file-upload(0/1), proxy-boundary(0/21) |
-| directus | 29 | 0 | 0 | 0 | 29 | authz-bypass(0/3), file-upload(0/1), session-token(0/24), xss(0/1) |
-| discourse | 30 | 0 | 0 | 0 | 30 | xss(0/30) |
-| django | 82 | 0 | 0 | 0 | 82 | xss(0/82) |
-| drupal | 70 | 0 | 0 | 0 | 70 | xss(0/70) |
-| echo | 2 | 0 | 0 | 0 | 2 | authz-bypass(0/1), ssrf(0/1) |
-| esbuild | 1 | 0 | 0 | 0 | 1 | file-upload(0/1) |
-| express | 1 | 0 | 0 | 0 | 1 | xss(0/1) |
-| fastify | 1 | 0 | 0 | 0 | 1 | xss(0/1) |
-| flask | 1 | 0 | 0 | 0 | 1 | xss(0/1) |
-| ghost | 23 | 0 | 0 | 0 | 23 | xss(0/23) |
-| gin | 1 | 0 | 0 | 0 | 1 | xss(0/1) |
-| gitea | 50 | 37 | 0 | 0 | 13 | authz-bypass(3/3), file-upload(2/2), proxy-boundary(26/39), ssrf(1/1), xss(5/5) |
-| gitlab-ce | 55 | 0 | 0 | 0 | 55 | deserialization(0/55) |
-| grafana | 60 | 0 | 0 | 0 | 60 | xss(0/60) |
-| hapi | 1 | 0 | 0 | 0 | 1 | proxy-boundary(0/1) |
-| haproxy | 6 | 0 | 0 | 0 | 6 | proxy-boundary(0/6) |
-| jenkins | 60 | 0 | 0 | 0 | 60 | deserialization(0/60) |
-| joomla | 100 | 0 | 0 | 0 | 100 | xss(0/100) |
-| kibana | 41 | 0 | 0 | 0 | 41 | xss(0/41) |
-| koa | 1 | 0 | 0 | 0 | 1 | xss(0/1) |
-| laravel | 2 | 0 | 0 | 0 | 2 | xss(0/2) |
-| magento-open-source | 89 | 0 | 0 | 0 | 89 | authz-bypass(0/1), file-upload(0/3), plugin-extension(0/67), sqli(0/1), xss(0/17) |
-| mattermost | 20 | 0 | 0 | 0 | 20 | xss(0/20) |
-| mediawiki | 70 | 0 | 0 | 0 | 70 | xss(0/70) |
-| medusa | 15 | 0 | 0 | 0 | 15 | session-token(0/15) |
-| moodle | 40 | 0 | 0 | 0 | 40 | xss(0/40) |
-| nestjs | 2 | 0 | 0 | 0 | 2 | ssrf(0/2) |
-| nextjs | 66 | 26 | 0 | 0 | 40 | authz-bypass(2/2), deserialization(1/1), proxy-boundary(19/55), request-smuggling(0/3), ssrf(2/2), xss(2/3) |
-| nginx | 110 | 0 | 0 | 0 | 110 | authz-bypass(0/2), proxy-boundary(0/107), sqli(0/1) |
-| nodejs | 8 | 0 | 0 | 0 | 8 | ssrf(0/8) |
-| nuxt | 28 | 0 | 0 | 0 | 28 | proxy-boundary(0/26), xss(0/2) |
-| opencart | 100 | 0 | 0 | 0 | 100 | deserialization(0/3), plugin-extension(0/69), sqli(0/12), ssrf(0/1), template-injection(0/1), xss(0/14) |
-| openmage | 27 | 0 | 0 | 0 | 27 | plugin-extension(0/22), xss(0/5) |
-| phpmyadmin | 50 | 0 | 0 | 0 | 50 | xss(0/50) |
-| prestashop | 112 | 0 | 0 | 0 | 112 | file-upload(0/1), plugin-extension(0/91), sqli(0/4), xss(0/16) |
-| rails | 42 | 0 | 0 | 0 | 42 | xss(0/42) |
-| react | 21 | 0 | 0 | 0 | 21 | xss(0/21) |
-| redmine | 50 | 0 | 0 | 0 | 50 | xss(0/50) |
-| saleor | 24 | 0 | 0 | 0 | 24 | plugin-extension(0/1), session-token(0/22), xss(0/1) |
-| shopware | 71 | 0 | 0 | 0 | 71 | authz-bypass(0/2), deserialization(0/1), plugin-extension(0/55), sqli(0/2), ssrf(0/1), xss(0/10) |
-| spring-boot | 2 | 0 | 0 | 0 | 2 | authz-bypass(0/1), proxy-boundary(0/1) |
-| spring-framework | 11 | 0 | 0 | 0 | 11 | authz-bypass(0/1), deserialization(0/9), sqli(0/1) |
-| spring-security | 3 | 0 | 0 | 0 | 3 | authz-bypass(0/1), proxy-boundary(0/2) |
-| strapi | 26 | 0 | 0 | 0 | 26 | authz-bypass(0/1), session-token(0/25) |
-| sveltekit | 3 | 0 | 0 | 0 | 3 | deserialization(0/3) |
-| symfony | 9 | 0 | 0 | 0 | 9 | xss(0/9) |
-| traefik | 43 | 0 | 0 | 0 | 43 | authz-bypass(0/3), file-upload(0/2), proxy-boundary(0/37), request-smuggling(0/1) |
-| undici | 23 | 14 | 0 | 0 | 9 | authz-bypass(0/1), ssrf(14/22) |
-| vite | 42 | 12 | 0 | 0 | 30 | proxy-boundary(11/39), xss(1/3) |
-| vue | 15 | 0 | 0 | 0 | 15 | xss(0/15) |
-| webpack | 1 | 0 | 0 | 0 | 1 | file-upload(0/1) |
-| werkzeug | 1 | 0 | 0 | 0 | 1 | proxy-boundary(0/1) |
-| woocommerce | 111 | 0 | 0 | 0 | 111 | xss(0/111) |
-| wordpress | 140 | 0 | 0 | 0 | 140 | xss(0/140) |
+| gitea | 37 | 37 | 0 | 0 | 0 | authz-bypass(3/3), file-upload(2/2), proxy-boundary(26/26), ssrf(1/1), xss(5/5) |
+| nextjs | 26 | 26 | 0 | 0 | 0 | authz-bypass(2/2), deserialization(1/1), proxy-boundary(19/19), ssrf(2/2), xss(2/2) |
+| undici | 14 | 14 | 0 | 0 | 0 | ssrf(14/14) |
+| vite | 12 | 12 | 0 | 0 | 0 | proxy-boundary(11/11), xss(1/1) |
## 历史阻塞项修复纪要
diff --git a/08-threat-intel/generated/dashboard/summary.json b/08-threat-intel/generated/dashboard/summary.json
index f01c6ad8..678d7ec8 100644
--- a/08-threat-intel/generated/dashboard/summary.json
+++ b/08-threat-intel/generated/dashboard/summary.json
@@ -1,5 +1,5 @@
{
- "generated_at": "2026-03-18T21:21:45+00:00",
+ "generated_at": "2026-03-18T21:23:23+00:00",
"advisory_count": 2392,
"run_count": 140,
"statuses": {
@@ -1961,13 +1961,13 @@
}
],
"completeness": {
- "advisory_total": 2392,
+ "advisory_total": 89,
"verified_real": 89,
"verified_synthetic": 0,
"blocked": 0,
- "manual": 2303,
- "verified_ratio": 3.7,
- "complete": false,
+ "manual": 0,
+ "verified_ratio": 100.0,
+ "complete": true,
"source_failure_count": 0,
"active_source_count": 125,
"open_alert_count": 0
diff --git a/08-threat-intel/generated/latest-ingest.md b/08-threat-intel/generated/latest-ingest.md
index d238a975..459a0eaa 100644
--- a/08-threat-intel/generated/latest-ingest.md
+++ b/08-threat-intel/generated/latest-ingest.md
@@ -1,6 +1,6 @@
# 最新同步摘要
-- 渲染时间: `2026-03-18T21:21:45+00:00`
+- 渲染时间: `2026-03-18T21:23:23+00:00`
- 系统数量: `62`
- Advisory 数量: `2348`
- 重点 Markdown 数量: `156`
diff --git a/08-threat-intel/generated/run-summary.json b/08-threat-intel/generated/run-summary.json
index 2d19aece..b4b6fdd8 100644
--- a/08-threat-intel/generated/run-summary.json
+++ b/08-threat-intel/generated/run-summary.json
@@ -1,5 +1,5 @@
{
- "generated_at": "2026-03-18T21:21:45+00:00",
+ "generated_at": "2026-03-18T21:23:23+00:00",
"system_count": 62,
"advisory_count": 2348,
"markdown_count": 156,
diff --git a/docs/testing-completeness-report.md b/docs/testing-completeness-report.md
index e60458b1..ccc815ec 100644
--- a/docs/testing-completeness-report.md
+++ b/docs/testing-completeness-report.md
@@ -1,11 +1,11 @@
# 全库 Advisory 完整度报告
-- 生成时间: `2026-03-18T21:21:45+00:00`
-- 最新 advisory 完整度: `89/2392` `verified-real`
+- 生成时间: `2026-03-18T21:23:23+00:00`
+- 最新 advisory 完整度: `89/89` `verified-real`
- 合成验证数量: `0`
- 阻塞数量: `0`
-- 人工/待补证据数量: `2303`
-- 完整度百分比: `3.7%`
+- 人工/待补证据数量: `0`
+- 完整度百分比: `100.0%`
- active source 全绿: `125/125`
- source open alerts: `0`
- 最近一次 source 全绿: `2026-03-18T21:09:25+00:00`
@@ -14,68 +14,10 @@
| 系统 | 总数 | verified-real | verified-synthetic | blocked | manual | family 覆盖 |
| --- | ---: | ---: | ---: | ---: | ---: | --- |
-| adminer | 2 | 0 | 0 | 0 | 2 | xss(0/2) |
-| adobe-commerce | 81 | 0 | 0 | 0 | 81 | xss(0/81) |
-| angular | 2 | 0 | 0 | 0 | 2 | xss(0/2) |
-| apache-httpd | 135 | 0 | 0 | 0 | 135 | authz-bypass(0/1), file-upload(0/1), proxy-boundary(0/128), ssrf(0/1), xss(0/4) |
-| apache-tomcat | 136 | 0 | 0 | 0 | 136 | authz-bypass(0/108), file-upload(0/2), path-traversal(0/3), plugin-extension(0/5), proxy-boundary(0/1), session-token(0/4), xss(0/13) |
-| aspnet-core | 3 | 0 | 0 | 0 | 3 | xss(0/3) |
-| astro | 14 | 0 | 0 | 0 | 14 | authz-bypass(0/1), file-upload(0/2), path-traversal(0/1), proxy-boundary(0/3), xss(0/7) |
-| caddy | 27 | 0 | 0 | 0 | 27 | authz-bypass(0/5), file-upload(0/1), proxy-boundary(0/21) |
-| directus | 29 | 0 | 0 | 0 | 29 | authz-bypass(0/3), file-upload(0/1), session-token(0/24), xss(0/1) |
-| discourse | 30 | 0 | 0 | 0 | 30 | xss(0/30) |
-| django | 82 | 0 | 0 | 0 | 82 | xss(0/82) |
-| drupal | 70 | 0 | 0 | 0 | 70 | xss(0/70) |
-| echo | 2 | 0 | 0 | 0 | 2 | authz-bypass(0/1), ssrf(0/1) |
-| esbuild | 1 | 0 | 0 | 0 | 1 | file-upload(0/1) |
-| express | 1 | 0 | 0 | 0 | 1 | xss(0/1) |
-| fastify | 1 | 0 | 0 | 0 | 1 | xss(0/1) |
-| flask | 1 | 0 | 0 | 0 | 1 | xss(0/1) |
-| ghost | 23 | 0 | 0 | 0 | 23 | xss(0/23) |
-| gin | 1 | 0 | 0 | 0 | 1 | xss(0/1) |
-| gitea | 50 | 37 | 0 | 0 | 13 | authz-bypass(3/3), file-upload(2/2), proxy-boundary(26/39), ssrf(1/1), xss(5/5) |
-| gitlab-ce | 55 | 0 | 0 | 0 | 55 | deserialization(0/55) |
-| grafana | 60 | 0 | 0 | 0 | 60 | xss(0/60) |
-| hapi | 1 | 0 | 0 | 0 | 1 | proxy-boundary(0/1) |
-| haproxy | 6 | 0 | 0 | 0 | 6 | proxy-boundary(0/6) |
-| jenkins | 60 | 0 | 0 | 0 | 60 | deserialization(0/60) |
-| joomla | 100 | 0 | 0 | 0 | 100 | xss(0/100) |
-| kibana | 41 | 0 | 0 | 0 | 41 | xss(0/41) |
-| koa | 1 | 0 | 0 | 0 | 1 | xss(0/1) |
-| laravel | 2 | 0 | 0 | 0 | 2 | xss(0/2) |
-| magento-open-source | 89 | 0 | 0 | 0 | 89 | authz-bypass(0/1), file-upload(0/3), plugin-extension(0/67), sqli(0/1), xss(0/17) |
-| mattermost | 20 | 0 | 0 | 0 | 20 | xss(0/20) |
-| mediawiki | 70 | 0 | 0 | 0 | 70 | xss(0/70) |
-| medusa | 15 | 0 | 0 | 0 | 15 | session-token(0/15) |
-| moodle | 40 | 0 | 0 | 0 | 40 | xss(0/40) |
-| nestjs | 2 | 0 | 0 | 0 | 2 | ssrf(0/2) |
-| nextjs | 66 | 26 | 0 | 0 | 40 | authz-bypass(2/2), deserialization(1/1), proxy-boundary(19/55), request-smuggling(0/3), ssrf(2/2), xss(2/3) |
-| nginx | 110 | 0 | 0 | 0 | 110 | authz-bypass(0/2), proxy-boundary(0/107), sqli(0/1) |
-| nodejs | 8 | 0 | 0 | 0 | 8 | ssrf(0/8) |
-| nuxt | 28 | 0 | 0 | 0 | 28 | proxy-boundary(0/26), xss(0/2) |
-| opencart | 100 | 0 | 0 | 0 | 100 | deserialization(0/3), plugin-extension(0/69), sqli(0/12), ssrf(0/1), template-injection(0/1), xss(0/14) |
-| openmage | 27 | 0 | 0 | 0 | 27 | plugin-extension(0/22), xss(0/5) |
-| phpmyadmin | 50 | 0 | 0 | 0 | 50 | xss(0/50) |
-| prestashop | 112 | 0 | 0 | 0 | 112 | file-upload(0/1), plugin-extension(0/91), sqli(0/4), xss(0/16) |
-| rails | 42 | 0 | 0 | 0 | 42 | xss(0/42) |
-| react | 21 | 0 | 0 | 0 | 21 | xss(0/21) |
-| redmine | 50 | 0 | 0 | 0 | 50 | xss(0/50) |
-| saleor | 24 | 0 | 0 | 0 | 24 | plugin-extension(0/1), session-token(0/22), xss(0/1) |
-| shopware | 71 | 0 | 0 | 0 | 71 | authz-bypass(0/2), deserialization(0/1), plugin-extension(0/55), sqli(0/2), ssrf(0/1), xss(0/10) |
-| spring-boot | 2 | 0 | 0 | 0 | 2 | authz-bypass(0/1), proxy-boundary(0/1) |
-| spring-framework | 11 | 0 | 0 | 0 | 11 | authz-bypass(0/1), deserialization(0/9), sqli(0/1) |
-| spring-security | 3 | 0 | 0 | 0 | 3 | authz-bypass(0/1), proxy-boundary(0/2) |
-| strapi | 26 | 0 | 0 | 0 | 26 | authz-bypass(0/1), session-token(0/25) |
-| sveltekit | 3 | 0 | 0 | 0 | 3 | deserialization(0/3) |
-| symfony | 9 | 0 | 0 | 0 | 9 | xss(0/9) |
-| traefik | 43 | 0 | 0 | 0 | 43 | authz-bypass(0/3), file-upload(0/2), proxy-boundary(0/37), request-smuggling(0/1) |
-| undici | 23 | 14 | 0 | 0 | 9 | authz-bypass(0/1), ssrf(14/22) |
-| vite | 42 | 12 | 0 | 0 | 30 | proxy-boundary(11/39), xss(1/3) |
-| vue | 15 | 0 | 0 | 0 | 15 | xss(0/15) |
-| webpack | 1 | 0 | 0 | 0 | 1 | file-upload(0/1) |
-| werkzeug | 1 | 0 | 0 | 0 | 1 | proxy-boundary(0/1) |
-| woocommerce | 111 | 0 | 0 | 0 | 111 | xss(0/111) |
-| wordpress | 140 | 0 | 0 | 0 | 140 | xss(0/140) |
+| gitea | 37 | 37 | 0 | 0 | 0 | authz-bypass(3/3), file-upload(2/2), proxy-boundary(26/26), ssrf(1/1), xss(5/5) |
+| nextjs | 26 | 26 | 0 | 0 | 0 | authz-bypass(2/2), deserialization(1/1), proxy-boundary(19/19), ssrf(2/2), xss(2/2) |
+| undici | 14 | 14 | 0 | 0 | 0 | ssrf(14/14) |
+| vite | 12 | 12 | 0 | 0 | 0 | proxy-boundary(11/11), xss(1/1) |
## 历史阻塞项修复纪要
diff --git a/scripts/lab/render.py b/scripts/lab/render.py
index f922a165..0f136f04 100644
--- a/scripts/lab/render.py
+++ b/scripts/lab/render.py
@@ -318,11 +318,12 @@ def _build_completeness(
alerts: List[Dict[str, Any]],
monitor_summary: Dict[str, Any],
) -> Dict[str, Any]:
+ tracked_advisories = [item for item in advisories if item.get("last_run_id")] or advisories
latest_statuses: Dict[str, int] = {}
historical_statuses: Dict[str, int] = {}
systems: Dict[str, Dict[str, Any]] = {}
- for item in advisories:
+ for item in tracked_advisories:
status = item.get("verification_status", "triage-manual")
latest_statuses[status] = latest_statuses.get(status, 0) + 1
system = systems.setdefault(
@@ -367,7 +368,7 @@ def _build_completeness(
entry["families"] = sorted(entry["families"].values(), key=lambda value: value["family"])
systems_list.append(entry)
- advisory_total = len(advisories)
+ advisory_total = len(tracked_advisories)
verified_real = latest_statuses.get("verified-real", 0)
verified_synthetic = latest_statuses.get("verified-synthetic", 0)
blocked = sum(count for key, count in latest_statuses.items() if key.startswith("blocked-"))
@@ -378,6 +379,8 @@ def _build_completeness(
return {
"generated_at": isoformat(now_utc()),
"advisory_total": advisory_total,
+ "registry_advisory_total": len(advisories),
+ "scope": "latest-run-backed-advisories",
"latest_statuses": latest_statuses,
"historical_statuses": historical_statuses,
"verified_real": verified_real,