更新: 307 个文件 - 2026-03-27 02:33:52

2026-03-27 02:33:52 -07:00
--- a/08-threat-intel/registry/advisories/astro--CVE-2026-33769.json
+++ b/08-threat-intel/registry/advisories/astro--CVE-2026-33769.json
--- a/08-threat-intel/registry/advisories/mattermost--CVE-2026-2456.json
+++ b/08-threat-intel/registry/advisories/mattermost--CVE-2026-2456.json
@@ -0,0 +1,230 @@
+{
+  "canonical_id": "mattermost--CVE-2026-2456",
+  "system_id": "mattermost",
+  "display_name": "Mattermost",
+  "category": "platforms",
+  "advisory_mode": "core",
+  "title": "Mattermost fails to limit the size of responses from integration action endpoints",
+  "summary": "Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 Mattermost fails to limit the size of responses from integration action endpoints, which allows an authenticated attacker to cause server memory exhaustion and denial of service via a malicious integration server that returns an arbitrarily large response when a user clicks an interactive message button. Mattermost Advisory ID: MMSA-2026-00571",
+  "published_at": "2026-03-16T15:30:43Z",
+  "updated_at": "2026-03-26T21:11:03.241919Z",
+  "severity": "low",
+  "cvss_score": 3.1,
+  "exploit_status": "unknown",
+  "source_confidence": "ecosystem-authority",
+  "official_source_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2456",
+  "secondary_source_urls": [
+    "https://github.com/advisories/GHSA-34g8-9fpp-46ch",
+    "https://github.com/mattermost/mattermost/commit/fe3052073dc67e3c920baf9fe7efd44ac1d8124c",
+    "https://github.com/mattermost/mattermost",
+    "https://mattermost.com/security-updates"
+  ],
+  "aliases": [
+    "CVE-2026-2456",
+    "GO-2026-4726",
+    "GHSA-34g8-9fpp-46ch"
+  ],
+  "cve_ids": [
+    "CVE-2026-2456"
+  ],
+  "ghsa_ids": [
+    "GHSA-34g8-9fpp-46ch"
+  ],
+  "osv_ids": [
+    "GHSA-34g8-9fpp-46ch",
+    "GO-2026-4726"
+  ],
+  "affected_versions": [
+    "introduced=0, fixed<8.0.0-20260127165411-fe3052073dc6",
+    "introduced=0, fixed<5.3.2-0.20260127165411-fe3052073dc6",
+    "introduced=10.11.0-rc1, fixed<10.11.11",
+    "introduced=11.2.0-rc1, fixed<11.2.3",
+    "introduced=11.3.0-rc1, fixed<11.3.1",
+    "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible",
+    "introduced=0"
+  ],
+  "fixed_versions": [
+    "8.0.0-20260127165411-fe3052073dc6",
+    "5.3.2-0.20260127165411-fe3052073dc6",
+    "10.11.11",
+    "11.2.3",
+    "11.3.1",
+    "10.11.11+incompatible",
+    "11.2.3+incompatible",
+    "11.3.1+incompatible"
+  ],
+  "package_name": "github.com/mattermost/mattermost-server",
+  "render_markdown": true,
+  "case_path": "07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-2456.md",
+  "secure_code_topics": [
+    "authz-server-side-recheck",
+    "xss-output-encoding",
+    "token-cookie-storage",
+    "dependency-upgrade-policy"
+  ],
+  "status": "generated",
+  "triage_reasons": [],
+  "entity_refs": [
+    {
+      "entity_id": "mattermost",
+      "entity_type": "system",
+      "relation": "root-system",
+      "root_system_id": "mattermost",
+      "official": true
+    },
+    {
+      "entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
+      "entity_type": "repo",
+      "relation": "affected-component",
+      "root_system_id": "mattermost",
+      "official": false
+    }
+  ],
+  "affected_components": [
+    {
+      "name": "mattermost / mattermost-server",
+      "entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
+      "scope": "repo",
+      "package_name": "github.com/mattermost/mattermost-server",
+      "official": false
+    }
+  ],
+  "affected_version_ranges": [
+    "introduced=0, fixed<8.0.0-20260127165411-fe3052073dc6",
+    "introduced=0, fixed<5.3.2-0.20260127165411-fe3052073dc6",
+    "introduced=10.11.0-rc1, fixed<10.11.11",
+    "introduced=11.2.0-rc1, fixed<11.2.3",
+    "introduced=11.3.0-rc1, fixed<11.3.1",
+    "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible",
+    "introduced=0"
+  ],
+  "fixed_version_ranges": [
+    "8.0.0-20260127165411-fe3052073dc6",
+    "5.3.2-0.20260127165411-fe3052073dc6",
+    "10.11.11",
+    "11.2.3",
+    "11.3.1",
+    "10.11.11+incompatible",
+    "11.2.3+incompatible",
+    "11.3.1+incompatible"
+  ],
+  "introduced_version": "introduced=0",
+  "patched_version": "8.0.0-20260127165411-fe3052073dc6",
+  "version_evidence_sources": [
+    "https://nvd.nist.gov/vuln/detail/CVE-2026-2456",
+    "https://github.com/advisories/GHSA-34g8-9fpp-46ch",
+    "https://github.com/mattermost/mattermost/commit/fe3052073dc67e3c920baf9fe7efd44ac1d8124c",
+    "https://github.com/mattermost/mattermost",
+    "https://mattermost.com/security-updates"
+  ],
+  "affected_version_refs": [
+    "mattermost--repo--github-com-mattermost-mattermost-server--introduced-0-fixed-8-0-0-20260127165411-fe3052073dc6",
+    "mattermost--repo--github-com-mattermost-mattermost-server--introduced-0-fixed-5-3-2-0-20260127165411-fe3052073dc6",
+    "mattermost--repo--github-com-mattermost-mattermost-server--introduced-10-11-0-rc1-fixed-10-11-11",
+    "mattermost--repo--github-com-mattermost-mattermost-server--introduced-11-2-0-rc1-fixed-11-2-3",
+    "mattermost--repo--github-com-mattermost-mattermost-server--introduced-11-3-0-rc1-fixed-11-3-1",
+    "mattermost--repo--github-com-mattermost-mattermost-server--introduced-10-11-0-rc1-incompatible-fixed-10-11-11-incompatible",
+    "mattermost--repo--github-com-mattermost-mattermost-server--introduced-0"
+  ],
+  "fixed_version_refs": [
+    "mattermost--repo--github-com-mattermost-mattermost-server--8-0-0-20260127165411-fe3052073dc6",
+    "mattermost--repo--github-com-mattermost-mattermost-server--5-3-2-0-20260127165411-fe3052073dc6",
+    "mattermost--repo--github-com-mattermost-mattermost-server--10-11-11",
+    "mattermost--repo--github-com-mattermost-mattermost-server--11-2-3",
+    "mattermost--repo--github-com-mattermost-mattermost-server--11-3-1",
+    "mattermost--repo--github-com-mattermost-mattermost-server--10-11-11-incompatible",
+    "mattermost--repo--github-com-mattermost-mattermost-server--11-2-3-incompatible",
+    "mattermost--repo--github-com-mattermost-mattermost-server--11-3-1-incompatible"
+  ],
+  "patched_version_refs": [
+    "mattermost--repo--github-com-mattermost-mattermost-server--8-0-0-20260127165411-fe3052073dc6"
+  ],
+  "version_sync_confidence": "high",
+  "advisory_scope": "repo",
+  "version_confidence": "high",
+  "version_gap_reason": "",
+  "version_resolution_needed": false,
+  "workflow": {
+    "workflow_id": "mattermost--CVE-2026-2456--workflow",
+    "vuln_family": "unknown",
+    "entry_surface": "repo-surface",
+    "preconditions": [
+      "\u4ec5\u5728 lab-local\u3001lab-public \u6216\u660e\u786e\u6388\u6743\u76ee\u6807\u4e2d\u6267\u884c\u3002",
+      "\u786e\u8ba4\u76ee\u6807\u547d\u4e2d\u7248\u672c\u65ad\u8a00: introduced=0, fixed<8.0.0-20260127165411-fe3052073dc6, introduced=0, fixed<5.3.2-0.20260127165411-fe3052073dc6, introduced=10.11.0-rc1, fixed<10.11.11",
+      "\u82e5\u5bf9\u8c61\u5c5e\u4e8e `repo`\uff0c\u5148\u786e\u8ba4\u6269\u5c55/\u4ed3\u5e93/\u5305\u5df2\u542f\u7528\u5e76\u5904\u4e8e\u53d7\u5f71\u54cd\u7248\u672c\u3002"
+    ],
+    "required_role": "unknown",
+    "affected_version_assertion": [
+      "introduced=0, fixed<8.0.0-20260127165411-fe3052073dc6",
+      "introduced=0, fixed<5.3.2-0.20260127165411-fe3052073dc6",
+      "introduced=10.11.0-rc1, fixed<10.11.11",
+      "introduced=11.2.0-rc1, fixed<11.2.3",
+      "introduced=11.3.0-rc1, fixed<11.3.1",
+      "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible",
+      "introduced=0"
+    ],
+    "trigger_vector": "\u5bf9 `unknown` \u5bb6\u65cf\u5165\u53e3\u6295\u9012\u6700\u5c0f\u5316\u3001\u53ef\u5ba1\u8ba1\u3001\u53ef\u56de\u6eda\u7684\u53d7\u63a7\u8f93\u5165\uff0c\u6bd4\u8f83\u4fee\u590d\u524d\u540e\u5dee\u5f02\u3002",
+    "request_or_ui_path": [
+      "/repo"
+    ],
+    "input_shape": "\u63d0\u4ea4\u6700\u5c0f\u5316\u3001\u53ef\u5ba1\u8ba1\u3001\u53ef\u56de\u6eda\u7684\u53d7\u63a7\u8f93\u5165\u3002",
+    "expected_unsafe_behavior": "\u76ee\u6807\u8868\u73b0\u51fa\u8d85\u51fa\u8bbe\u8ba1\u8fb9\u754c\u7684\u884c\u4e3a\u3002",
+    "server_evidence_points": [
+      "\u5e94\u7528\u65e5\u5fd7\u4e2d\u7684\u547d\u4e2d\u8def\u5f84\u3001\u9274\u6743\u51b3\u7b56\u548c\u5f02\u5e38\u6808",
+      "\u53cd\u5411\u4ee3\u7406\u6216\u8fb9\u754c\u5c42\u65e5\u5fd7\u4e2d\u7684\u8bf7\u6c42\u5934\u3001\u6765\u6e90 IP \u4e0e\u8def\u7531\u51b3\u7b56"
+    ],
+    "browser_evidence_points": [
+      "\u57fa\u7ebf\u622a\u56fe\u4e0e\u653b\u51fb\u540e\u622a\u56fe\u7684 DOM/\u89c6\u89c9\u5dee\u5f02",
+      "console\u3001network \u4e0e response metadata \u4e2d\u7684\u5f02\u5e38\u4fe1\u53f7"
+    ],
+    "db_or_fs_evidence_points": [
+      "\u6570\u636e\u5e93\u4e2d\u65b0\u589e/\u8d8a\u6743\u8bfb\u53d6\u7684\u6d4b\u8bd5\u6570\u636e",
+      "\u6587\u4ef6\u7cfb\u7edf\u4e2d\u65b0\u589e\u4e0a\u4f20\u6837\u672c\u3001\u7f13\u5b58\u6761\u76ee\u6216\u8d8a\u6743\u8bfb\u53d6\u75d5\u8ff9"
+    ],
+    "detection_signals": [
+      "WAF / reverse proxy \u5f02\u5e38\u65e5\u5fd7\u3001\u8bbf\u95ee\u65e5\u5fd7\u548c\u544a\u8b66",
+      "\u5e94\u7528\u5ba1\u8ba1\u65e5\u5fd7\u4e2d\u7684\u6743\u9650\u9519\u8bef\u3001\u91cd\u5b9a\u5411\u5f02\u5e38\u3001\u6a21\u677f\u6e32\u67d3\u6216\u4e0a\u4f20\u843d\u76d8\u4e8b\u4ef6"
+    ],
+    "mitigation_summary": "\u4f18\u5148\u5347\u7ea7\u5230\u4fee\u590d\u7248\u672c\uff0c\u5e76\u540c\u65f6\u6536\u7d27\u8f93\u5165\u6821\u9a8c\u3001\u670d\u52a1\u7aef\u9274\u6743\u3001\u4ee3\u7406\u4fe1\u4efb\u8fb9\u754c\u3001\u6269\u5c55\u5b89\u88c5\u4fe1\u4efb\u548c\u5ba1\u8ba1\u65e5\u5fd7\u3002",
+    "patch_validation_steps": [
+      "\u786e\u8ba4\u76ee\u6807\u7248\u672c\u4ece `introduced=0, fixed<8.0.0-20260127165411-fe3052073dc6, introduced=0, fixed<5.3.2-0.20260127165411-fe3052073dc6, introduced=10.11.0-rc1, fixed<10.11.11` \u5347\u7ea7\u6216\u56de\u79fb\u5230 `8.0.0-20260127165411-fe3052073dc6`\u3002",
+      "\u4fdd\u7559\u540c\u4e00\u7ec4\u53d7\u63a7\u8f93\u5165\uff0c\u5728\u4fee\u590d\u524d\u540e\u5206\u522b\u6267\u884c\u5e76\u6bd4\u5bf9\u54cd\u5e94\u3001\u65e5\u5fd7\u4e0e\u6d4f\u89c8\u5668\u8bc1\u636e\u3002",
+      "\u786e\u8ba4\u4fee\u590d\u540e\u4ec5\u4fdd\u7559\u9884\u671f\u4e1a\u52a1\u884c\u4e3a\uff0c\u4e0d\u518d\u89e6\u53d1\u8d8a\u6743\u3001\u56de\u663e\u3001\u5f02\u5e38\u6e32\u67d3\u6216\u9519\u8bef\u8bf7\u6c42\u3002",
+      "\u8865\u5145 `unknown` \u65cf\u81ea\u52a8\u5316\u56de\u5f52\uff0c\u907f\u514d\u540c\u7c7b\u8def\u5f84\u5728\u63d2\u4ef6\u3001\u4e3b\u9898\u6216\u4ee3\u7406\u94fe\u4e2d\u56de\u5f52\u3002"
+    ],
+    "lab_safety_notes": [
+      "\u53ea\u4f7f\u7528\u56de\u73af\u5730\u5740\u3001\u54e8\u5175\u76ee\u6807\u3001\u65e0\u5bb3\u6837\u672c\u6216\u53ef\u56de\u6eda\u6d4b\u8bd5\u6570\u636e\u3002",
+      "\u7981\u6b62\u9020\u6210\u6301\u4e45\u7834\u574f\u3001\u8d8a\u6743\u4e0b\u8f7d\u771f\u5b9e\u6570\u636e\u6216\u4e0d\u53ef\u56de\u6eda side effect\u3002",
+      "\u5982\u9700\u6d4f\u89c8\u5668\u8bc1\u636e\uff0c\u4fdd\u7559 baseline / proof \u4e24\u4efd\u5feb\u7167\u4ee5\u53ca console / network \u8bb0\u5f55\u3002"
+    ],
+    "review_state": "ready"
+  },
+  "verification_status": "triage-manual",
+  "verification_mode": "synthetic",
+  "last_verified_at": null,
+  "last_run_id": null,
+  "evidence_bundle": null,
+  "historical_status": null,
+  "latest_status": null,
+  "browser_evidence": {
+    "required": false,
+    "present": false,
+    "refs": []
+  },
+  "repro_profile_id": "xss-generic",
+  "artifact_mode": "synthetic",
+  "blocked_reason": null,
+  "metadata": {
+    "source_names": [
+      "OSV Mattermost"
+    ],
+    "source_kinds": [
+      "osv-batch"
+    ],
+    "candidate_count": 2,
+    "entity_ref_count": 2,
+    "advisory_scope": "repo",
+    "version_confidence": "high",
+    "workflow_id": "mattermost--CVE-2026-2456--workflow"
+  }
+}
--- a/08-threat-intel/registry/advisories/mattermost--CVE-2026-25783.json
+++ b/08-threat-intel/registry/advisories/mattermost--CVE-2026-25783.json
@@ -0,0 +1,232 @@
+{
+  "canonical_id": "mattermost--CVE-2026-25783",
+  "system_id": "mattermost",
+  "display_name": "Mattermost",
+  "category": "platforms",
+  "advisory_mode": "core",
+  "title": "Mattermost fails to properly validate User-Agent header tokens",
+  "summary": "Mattermost versions 11.3.x <= 11.3.0, 11.2.x <= 11.2.2, 10.11.x <= 10.11.10 fail to properly validate User-Agent header tokens which allows an authenticated attacker to cause a request panic via a specially crafted User-Agent header. Mattermost Advisory ID: MMSA-2026-00586",
+  "published_at": "2026-03-16T15:30:42Z",
+  "updated_at": "2026-03-26T21:11:24.090883Z",
+  "severity": "low",
+  "cvss_score": 3.1,
+  "exploit_status": "unknown",
+  "source_confidence": "ecosystem-authority",
+  "official_source_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25783",
+  "secondary_source_urls": [
+    "https://github.com/advisories/GHSA-2v3w-6g35-5f9v",
+    "https://github.com/mattermost/mattermost/commit/1346cf529aef0672c39a56ec10d1b8a9c8fb387d",
+    "https://github.com/mattermost/mattermost",
+    "https://mattermost.com/security-updates"
+  ],
+  "aliases": [
+    "CVE-2026-25783",
+    "GO-2026-4725",
+    "GHSA-2v3w-6g35-5f9v"
+  ],
+  "cve_ids": [
+    "CVE-2026-25783"
+  ],
+  "ghsa_ids": [
+    "GHSA-2v3w-6g35-5f9v"
+  ],
+  "osv_ids": [
+    "GHSA-2v3w-6g35-5f9v",
+    "GO-2026-4725"
+  ],
+  "affected_versions": [
+    "introduced=0, fixed<8.0.0-20260129181235-1346cf529aef",
+    "introduced=0, fixed<5.3.2-0.20260129181235-1346cf529aef",
+    "introduced=10.11.0-rc1, fixed<10.11.11",
+    "introduced=11.2.0-rc1, fixed<11.2.3",
+    "introduced=11.3.0-rc1, fixed<11.3.1",
+    "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible",
+    "introduced=0"
+  ],
+  "fixed_versions": [
+    "8.0.0-20260129181235-1346cf529aef",
+    "5.3.2-0.20260129181235-1346cf529aef",
+    "10.11.11",
+    "11.2.3",
+    "11.3.1",
+    "10.11.11+incompatible",
+    "11.2.3+incompatible",
+    "11.3.1+incompatible"
+  ],
+  "package_name": "github.com/mattermost/mattermost-server",
+  "render_markdown": true,
+  "case_path": "07-framework-security/platforms/mattermost/cases/mattermost-cve-2026-25783.md",
+  "secure_code_topics": [
+    "authz-server-side-recheck",
+    "xss-output-encoding",
+    "token-cookie-storage",
+    "dependency-upgrade-policy"
+  ],
+  "status": "generated",
+  "triage_reasons": [],
+  "entity_refs": [
+    {
+      "entity_id": "mattermost",
+      "entity_type": "system",
+      "relation": "root-system",
+      "root_system_id": "mattermost",
+      "official": true
+    },
+    {
+      "entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
+      "entity_type": "repo",
+      "relation": "affected-component",
+      "root_system_id": "mattermost",
+      "official": false
+    }
+  ],
+  "affected_components": [
+    {
+      "name": "mattermost / mattermost-server",
+      "entity_id": "mattermost--repo--github-com-mattermost-mattermost-server",
+      "scope": "repo",
+      "package_name": "github.com/mattermost/mattermost-server",
+      "official": false
+    }
+  ],
+  "affected_version_ranges": [
+    "introduced=0, fixed<8.0.0-20260129181235-1346cf529aef",
+    "introduced=0, fixed<5.3.2-0.20260129181235-1346cf529aef",
+    "introduced=10.11.0-rc1, fixed<10.11.11",
+    "introduced=11.2.0-rc1, fixed<11.2.3",
+    "introduced=11.3.0-rc1, fixed<11.3.1",
+    "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible",
+    "introduced=0"
+  ],
+  "fixed_version_ranges": [
+    "8.0.0-20260129181235-1346cf529aef",
+    "5.3.2-0.20260129181235-1346cf529aef",
+    "10.11.11",
+    "11.2.3",
+    "11.3.1",
+    "10.11.11+incompatible",
+    "11.2.3+incompatible",
+    "11.3.1+incompatible"
+  ],
+  "introduced_version": "introduced=0",
+  "patched_version": "8.0.0-20260129181235-1346cf529aef",
+  "version_evidence_sources": [
+    "https://nvd.nist.gov/vuln/detail/CVE-2026-25783",
+    "https://github.com/advisories/GHSA-2v3w-6g35-5f9v",
+    "https://github.com/mattermost/mattermost/commit/1346cf529aef0672c39a56ec10d1b8a9c8fb387d",
+    "https://github.com/mattermost/mattermost",
+    "https://mattermost.com/security-updates"
+  ],
+  "affected_version_refs": [
+    "mattermost--repo--github-com-mattermost-mattermost-server--introduced-0-fixed-8-0-0-20260129181235-1346cf529aef",
+    "mattermost--repo--github-com-mattermost-mattermost-server--introduced-0-fixed-5-3-2-0-20260129181235-1346cf529aef",
+    "mattermost--repo--github-com-mattermost-mattermost-server--introduced-10-11-0-rc1-fixed-10-11-11",
+    "mattermost--repo--github-com-mattermost-mattermost-server--introduced-11-2-0-rc1-fixed-11-2-3",
+    "mattermost--repo--github-com-mattermost-mattermost-server--introduced-11-3-0-rc1-fixed-11-3-1",
+    "mattermost--repo--github-com-mattermost-mattermost-server--introduced-10-11-0-rc1-incompatible-fixed-10-11-11-incompatible",
+    "mattermost--repo--github-com-mattermost-mattermost-server--introduced-0"
+  ],
+  "fixed_version_refs": [
+    "mattermost--repo--github-com-mattermost-mattermost-server--8-0-0-20260129181235-1346cf529aef",
+    "mattermost--repo--github-com-mattermost-mattermost-server--5-3-2-0-20260129181235-1346cf529aef",
+    "mattermost--repo--github-com-mattermost-mattermost-server--10-11-11",
+    "mattermost--repo--github-com-mattermost-mattermost-server--11-2-3",
+    "mattermost--repo--github-com-mattermost-mattermost-server--11-3-1",
+    "mattermost--repo--github-com-mattermost-mattermost-server--10-11-11-incompatible",
+    "mattermost--repo--github-com-mattermost-mattermost-server--11-2-3-incompatible",
+    "mattermost--repo--github-com-mattermost-mattermost-server--11-3-1-incompatible"
+  ],
+  "patched_version_refs": [
+    "mattermost--repo--github-com-mattermost-mattermost-server--8-0-0-20260129181235-1346cf529aef"
+  ],
+  "version_sync_confidence": "high",
+  "advisory_scope": "repo",
+  "version_confidence": "high",
+  "version_gap_reason": "",
+  "version_resolution_needed": false,
+  "workflow": {
+    "workflow_id": "mattermost--CVE-2026-25783--workflow",
+    "vuln_family": "session-token",
+    "entry_surface": "session-or-token-processing",
+    "preconditions": [
+      "\u4ec5\u5728 lab-local\u3001lab-public \u6216\u660e\u786e\u6388\u6743\u76ee\u6807\u4e2d\u6267\u884c\u3002",
+      "\u786e\u8ba4\u76ee\u6807\u547d\u4e2d\u7248\u672c\u65ad\u8a00: introduced=0, fixed<8.0.0-20260129181235-1346cf529aef, introduced=0, fixed<5.3.2-0.20260129181235-1346cf529aef, introduced=10.11.0-rc1, fixed<10.11.11",
+      "\u82e5\u5bf9\u8c61\u5c5e\u4e8e `repo`\uff0c\u5148\u786e\u8ba4\u6269\u5c55/\u4ed3\u5e93/\u5305\u5df2\u542f\u7528\u5e76\u5904\u4e8e\u53d7\u5f71\u54cd\u7248\u672c\u3002"
+    ],
+    "required_role": "authenticated-user",
+    "affected_version_assertion": [
+      "introduced=0, fixed<8.0.0-20260129181235-1346cf529aef",
+      "introduced=0, fixed<5.3.2-0.20260129181235-1346cf529aef",
+      "introduced=10.11.0-rc1, fixed<10.11.11",
+      "introduced=11.2.0-rc1, fixed<11.2.3",
+      "introduced=11.3.0-rc1, fixed<11.3.1",
+      "introduced=10.11.0-rc1+incompatible, fixed<10.11.11+incompatible",
+      "introduced=0"
+    ],
+    "trigger_vector": "\u5bf9 `session-token` \u5bb6\u65cf\u5165\u53e3\u6295\u9012\u6700\u5c0f\u5316\u3001\u53ef\u5ba1\u8ba1\u3001\u53ef\u56de\u6eda\u7684\u53d7\u63a7\u8f93\u5165\uff0c\u6bd4\u8f83\u4fee\u590d\u524d\u540e\u5dee\u5f02\u3002",
+    "request_or_ui_path": [
+      "/login",
+      "/callback",
+      "/session"
+    ],
+    "input_shape": "\u4f7f\u7528\u77ed\u671f\u6d4b\u8bd5\u4ee4\u724c\u6216\u4f1a\u8bdd\uff0c\u9a8c\u8bc1\u751f\u547d\u5468\u671f\u3001\u7ed1\u5b9a\u4e0e\u5931\u6548\u903b\u8f91\u3002",
+    "expected_unsafe_behavior": "\u4ee4\u724c\u6216\u4f1a\u8bdd\u53ef\u88ab\u91cd\u653e\u3001\u56fa\u5b9a\u6216\u8d8a\u6743\u4f7f\u7528\u3002",
+    "server_evidence_points": [
+      "\u5e94\u7528\u65e5\u5fd7\u4e2d\u7684\u547d\u4e2d\u8def\u5f84\u3001\u9274\u6743\u51b3\u7b56\u548c\u5f02\u5e38\u6808",
+      "\u53cd\u5411\u4ee3\u7406\u6216\u8fb9\u754c\u5c42\u65e5\u5fd7\u4e2d\u7684\u8bf7\u6c42\u5934\u3001\u6765\u6e90 IP \u4e0e\u8def\u7531\u51b3\u7b56"
+    ],
+    "browser_evidence_points": [
+      "\u57fa\u7ebf\u622a\u56fe\u4e0e\u653b\u51fb\u540e\u622a\u56fe\u7684 DOM/\u89c6\u89c9\u5dee\u5f02",
+      "console\u3001network \u4e0e response metadata \u4e2d\u7684\u5f02\u5e38\u4fe1\u53f7"
+    ],
+    "db_or_fs_evidence_points": [
+      "\u6570\u636e\u5e93\u4e2d\u65b0\u589e/\u8d8a\u6743\u8bfb\u53d6\u7684\u6d4b\u8bd5\u6570\u636e",
+      "\u6587\u4ef6\u7cfb\u7edf\u4e2d\u65b0\u589e\u4e0a\u4f20\u6837\u672c\u3001\u7f13\u5b58\u6761\u76ee\u6216\u8d8a\u6743\u8bfb\u53d6\u75d5\u8ff9"
+    ],
+    "detection_signals": [
+      "WAF / reverse proxy \u5f02\u5e38\u65e5\u5fd7\u3001\u8bbf\u95ee\u65e5\u5fd7\u548c\u544a\u8b66",
+      "\u5e94\u7528\u5ba1\u8ba1\u65e5\u5fd7\u4e2d\u7684\u6743\u9650\u9519\u8bef\u3001\u91cd\u5b9a\u5411\u5f02\u5e38\u3001\u6a21\u677f\u6e32\u67d3\u6216\u4e0a\u4f20\u843d\u76d8\u4e8b\u4ef6"
+    ],
+    "mitigation_summary": "\u4f18\u5148\u5347\u7ea7\u5230\u4fee\u590d\u7248\u672c\uff0c\u5e76\u540c\u65f6\u6536\u7d27\u8f93\u5165\u6821\u9a8c\u3001\u670d\u52a1\u7aef\u9274\u6743\u3001\u4ee3\u7406\u4fe1\u4efb\u8fb9\u754c\u3001\u6269\u5c55\u5b89\u88c5\u4fe1\u4efb\u548c\u5ba1\u8ba1\u65e5\u5fd7\u3002",
+    "patch_validation_steps": [
+      "\u786e\u8ba4\u76ee\u6807\u7248\u672c\u4ece `introduced=0, fixed<8.0.0-20260129181235-1346cf529aef, introduced=0, fixed<5.3.2-0.20260129181235-1346cf529aef, introduced=10.11.0-rc1, fixed<10.11.11` \u5347\u7ea7\u6216\u56de\u79fb\u5230 `8.0.0-20260129181235-1346cf529aef`\u3002",
+      "\u4fdd\u7559\u540c\u4e00\u7ec4\u53d7\u63a7\u8f93\u5165\uff0c\u5728\u4fee\u590d\u524d\u540e\u5206\u522b\u6267\u884c\u5e76\u6bd4\u5bf9\u54cd\u5e94\u3001\u65e5\u5fd7\u4e0e\u6d4f\u89c8\u5668\u8bc1\u636e\u3002",
+      "\u786e\u8ba4\u4fee\u590d\u540e\u4ec5\u4fdd\u7559\u9884\u671f\u4e1a\u52a1\u884c\u4e3a\uff0c\u4e0d\u518d\u89e6\u53d1\u8d8a\u6743\u3001\u56de\u663e\u3001\u5f02\u5e38\u6e32\u67d3\u6216\u9519\u8bef\u8bf7\u6c42\u3002",
+      "\u8865\u5145 `session-token` \u65cf\u81ea\u52a8\u5316\u56de\u5f52\uff0c\u907f\u514d\u540c\u7c7b\u8def\u5f84\u5728\u63d2\u4ef6\u3001\u4e3b\u9898\u6216\u4ee3\u7406\u94fe\u4e2d\u56de\u5f52\u3002"
+    ],
+    "lab_safety_notes": [
+      "\u53ea\u4f7f\u7528\u56de\u73af\u5730\u5740\u3001\u54e8\u5175\u76ee\u6807\u3001\u65e0\u5bb3\u6837\u672c\u6216\u53ef\u56de\u6eda\u6d4b\u8bd5\u6570\u636e\u3002",
+      "\u7981\u6b62\u9020\u6210\u6301\u4e45\u7834\u574f\u3001\u8d8a\u6743\u4e0b\u8f7d\u771f\u5b9e\u6570\u636e\u6216\u4e0d\u53ef\u56de\u6eda side effect\u3002",
+      "\u5982\u9700\u6d4f\u89c8\u5668\u8bc1\u636e\uff0c\u4fdd\u7559 baseline / proof \u4e24\u4efd\u5feb\u7167\u4ee5\u53ca console / network \u8bb0\u5f55\u3002"
+    ],
+    "review_state": "ready"
+  },
+  "verification_status": "triage-manual",
+  "verification_mode": "synthetic",
+  "last_verified_at": null,
+  "last_run_id": null,
+  "evidence_bundle": null,
+  "historical_status": null,
+  "latest_status": null,
+  "browser_evidence": {
+    "required": false,
+    "present": false,
+    "refs": []
+  },
+  "repro_profile_id": "xss-generic",
+  "artifact_mode": "synthetic",
+  "blocked_reason": null,
+  "metadata": {
+    "source_names": [
+      "OSV Mattermost"
+    ],
+    "source_kinds": [
+      "osv-batch"
+    ],
+    "candidate_count": 2,
+    "entity_ref_count": 2,
+    "advisory_scope": "repo",
+    "version_confidence": "high",
+    "workflow_id": "mattermost--CVE-2026-25783--workflow"
+  }
+}
--- a/08-threat-intel/registry/entities/adminer.json
+++ b/08-threat-intel/registry/entities/adminer.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "source-gap",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:22+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/adobe-commerce.json
+++ b/08-threat-intel/registry/entities/adobe-commerce.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "source-gap",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:22+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/angular--package--angular-core.json
+++ b/08-threat-intel/registry/entities/angular--package--angular-core.json
@@ -23,7 +23,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 18,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://github.com/angular/angular/security/advisories/GHSA-prjf-86w9-mfqv",
--- a/08-threat-intel/registry/entities/angular.json
+++ b/08-threat-intel/registry/entities/angular.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 18,
-  "last_version_synced_at": "2026-03-26T10:20:22+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/apache-httpd.json
+++ b/08-threat-intel/registry/entities/apache-httpd.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 1,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "Apache HTTPD Security"
  ],
--- a/08-threat-intel/registry/entities/apache-tomcat.json
+++ b/08-threat-intel/registry/entities/apache-tomcat.json
@@ -23,7 +23,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 2,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "Apache Tomcat Security"
  ],
--- a/08-threat-intel/registry/entities/aspnet-core.json
+++ b/08-threat-intel/registry/entities/aspnet-core.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "source-gap",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/astro--module--astro.json
+++ b/08-threat-intel/registry/entities/astro--module--astro.json
@@ -12,7 +12,7 @@
  "repo_url": "",
  "package_registry": "https://www.npmjs.com/package/astro",
  "marketplace_url": "",
-  "latest_version": "6.0.8",
+  "latest_version": "6.1.1",
  "version_scheme": "semver-ish",
  "latest_release_at": "2025-11-20T14:43:59.624508Z",
  "latest_release_url": "https://www.npmjs.com/package/astro",
@@ -23,7 +23,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 4,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://github.com/withastro/astro/security/advisories/GHSA-wrwg-2hg8-v723",
--- a/08-threat-intel/registry/entities/astro--project--astro.json
+++ b/08-threat-intel/registry/entities/astro--project--astro.json
@@ -12,7 +12,7 @@
  "repo_url": "",
  "package_registry": "https://www.npmjs.com/package/astro",
  "marketplace_url": "",
-  "latest_version": "6.0.8",
+  "latest_version": "6.1.1",
  "version_scheme": "semver-ish",
  "latest_release_at": "2025-11-27T08:22:36.525875Z",
  "latest_release_url": "https://www.npmjs.com/package/astro",
@@ -27,11 +27,12 @@
    "https://github.com/withastro/astro/security/advisories/GHSA-hr2q-hp5q-x767",
    "https://github.com/withastro/astro/security/advisories/GHSA-cq8c-xv66-36gw",
    "https://github.com/withastro/astro/security/advisories/GHSA-w2vj-39qv-7vh7",
-    "https://github.com/withastro/astro/security/advisories/GHSA-qcpr-679q-rhm2"
+    "https://github.com/withastro/astro/security/advisories/GHSA-qcpr-679q-rhm2",
+    "https://github.com/withastro/astro/security/advisories/GHSA-g735-7g2w-hh3f"
  ],
  "version_sync_status": "green",
-  "security_version_count": 26,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "security_version_count": 28,
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://github.com/withastro/astro/security/advisories/GHSA-c4pw-33h3-35xw",
@@ -44,7 +45,8 @@
    "https://github.com/withastro/astro/security/advisories/GHSA-cq8c-xv66-36gw",
    "https://github.com/withastro/astro/security/advisories/GHSA-w2vj-39qv-7vh7",
    "https://github.com/withastro/astro/security/advisories/GHSA-qcpr-679q-rhm2",
-    "advisory-fixed-version"
+    "advisory-fixed-version",
+    "https://github.com/withastro/astro/security/advisories/GHSA-g735-7g2w-hh3f"
  ],
  "catalog_source": "",
  "catalog_reason": "",
@@ -54,11 +56,11 @@
  "history_backfill_status": "complete",
  "latest_sync_status": "green",
  "official_source_covered": true,
-  "advisory_count": 12,
-  "workflow_complete_advisory_count": 12,
-  "version_mapped_advisory_count": 12,
+  "advisory_count": 13,
+  "workflow_complete_advisory_count": 13,
+  "version_mapped_advisory_count": 13,
  "first_advisory_at": "2024-12-18T15:02:37+00:00",
-  "latest_advisory_at": "2026-02-04T03:01:27+00:00",
+  "latest_advisory_at": "2026-03-26T19:01:26+00:00",
  "advisory_ids": [
    "astro--CVE-2024-56140",
    "astro--CVE-2024-56159",
@@ -71,7 +73,8 @@
    "astro--CVE-2025-64757",
    "astro--CVE-2025-64765",
    "astro--CVE-2025-65019",
-    "astro--CVE-2025-66202"
+    "astro--CVE-2025-66202",
+    "astro--CVE-2026-33769"
  ],
  "source_refs": []
 }
--- a/08-threat-intel/registry/entities/astro.json
+++ b/08-threat-intel/registry/entities/astro.json
@@ -12,14 +12,14 @@
  "repo_url": "",
  "package_registry": "",
  "marketplace_url": "",
-  "latest_version": "6.0.8",
+  "latest_version": "6.1.1",
  "version_scheme": "vendor",
  "latest_release_at": "2025-11-20T14:43:59.624508Z",
  "latest_release_url": "https://www.npmjs.com/package/astro",
  "version_source_refs": [],
  "version_sync_status": "green",
-  "security_version_count": 30,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "security_version_count": 32,
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
@@ -29,11 +29,11 @@
  "history_backfill_status": "complete",
  "latest_sync_status": "green",
  "official_source_covered": true,
-  "advisory_count": 14,
-  "workflow_complete_advisory_count": 14,
-  "version_mapped_advisory_count": 14,
+  "advisory_count": 15,
+  "workflow_complete_advisory_count": 15,
+  "version_mapped_advisory_count": 15,
  "first_advisory_at": "2024-10-14T20:02:21+00:00",
-  "latest_advisory_at": "2026-02-04T03:01:27+00:00",
+  "latest_advisory_at": "2026-03-26T19:01:26+00:00",
  "advisory_ids": [
    "astro--CVE-2024-47885",
    "astro--CVE-2024-56140",
@@ -48,7 +48,8 @@
    "astro--CVE-2025-64764",
    "astro--CVE-2025-64765",
    "astro--CVE-2025-65019",
-    "astro--CVE-2025-66202"
+    "astro--CVE-2025-66202",
+    "astro--CVE-2026-33769"
  ],
  "source_refs": [
    {
--- a/08-threat-intel/registry/entities/caddy--extension--github-com-caddyserver-caddy-v2.json
+++ b/08-threat-intel/registry/entities/caddy--extension--github-com-caddyserver-caddy-v2.json
@@ -23,7 +23,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 2,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "https://github.com/caddyserver/caddy/security/advisories/GHSA-5r3v-vc8m-m96g",
--- a/08-threat-intel/registry/entities/caddy--repo--github-com-caddyserver-caddy-v2.json
+++ b/08-threat-intel/registry/entities/caddy--repo--github-com-caddyserver-caddy-v2.json
@@ -24,7 +24,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 5,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "https://github.com/caddyserver/caddy/security/advisories/GHSA-4xrr-hq4w-6vf4",
--- a/08-threat-intel/registry/entities/caddy.json
+++ b/08-threat-intel/registry/entities/caddy.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 7,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/directus--repo--directus-directus.json
+++ b/08-threat-intel/registry/entities/directus--repo--directus-directus.json
@@ -23,7 +23,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 1,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "Directus GitHub Advisories"
--- a/08-threat-intel/registry/entities/directus.json
+++ b/08-threat-intel/registry/entities/directus.json
@@ -21,7 +21,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 1,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "Directus GitHub Advisories"
  ],
--- a/08-threat-intel/registry/entities/discourse.json
+++ b/08-threat-intel/registry/entities/discourse.json
@@ -34,7 +34,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 80,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "Discourse Release Notes RSS",
    "Discourse Security RSS"
--- a/08-threat-intel/registry/entities/django--project--django.json
+++ b/08-threat-intel/registry/entities/django--project--django.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 160,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://nvd.nist.gov/vuln/detail/CVE-2019-11358"
--- a/08-threat-intel/registry/entities/django.json
+++ b/08-threat-intel/registry/entities/django.json
@@ -38,7 +38,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 160,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "Django Security Weblog",
    "Django Security Releases Archive"
--- a/08-threat-intel/registry/entities/drupal.json
+++ b/08-threat-intel/registry/entities/drupal.json
@@ -27,7 +27,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 74,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "Drupal Security Advisories RSS"
  ],
--- a/08-threat-intel/registry/entities/echo--repo--github-com-labstack-echo-v4.json
+++ b/08-threat-intel/registry/entities/echo--repo--github-com-labstack-echo-v4.json
@@ -23,7 +23,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 4,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "https://github.com/labstack/echo/pull/1718",
--- a/08-threat-intel/registry/entities/echo.json
+++ b/08-threat-intel/registry/entities/echo.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 4,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/esbuild--project--esbuild.json
+++ b/08-threat-intel/registry/entities/esbuild--project--esbuild.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 2,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://github.com/evanw/esbuild/security/advisories/GHSA-67mh-4wv8-2f99"
--- a/08-threat-intel/registry/entities/esbuild.json
+++ b/08-threat-intel/registry/entities/esbuild.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 2,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/express.json
+++ b/08-threat-intel/registry/entities/express.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "source-gap",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/fastify--project--fastify.json
+++ b/08-threat-intel/registry/entities/fastify--project--fastify.json
@@ -23,7 +23,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 4,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://github.com/fastify/fastify/security/advisories/GHSA-573f-x89g-hqp9",
--- a/08-threat-intel/registry/entities/fastify.json
+++ b/08-threat-intel/registry/entities/fastify.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 4,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/flask--project--flask.json
+++ b/08-threat-intel/registry/entities/flask--project--flask.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 22,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726"
--- a/08-threat-intel/registry/entities/flask.json
+++ b/08-threat-intel/registry/entities/flask.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 22,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/ghost--repo--tryghost-ghost.json
+++ b/08-threat-intel/registry/entities/ghost--repo--tryghost-ghost.json
@@ -12,17 +12,18 @@
  "repo_url": "https://github.com/TryGhost/Ghost",
  "package_registry": "",
  "marketplace_url": "",
-  "latest_version": "6.22.1",
+  "latest_version": "6.23.0",
  "version_scheme": "semver-ish",
-  "latest_release_at": "2026-03-20T15:25:05Z",
-  "latest_release_url": "https://github.com/TryGhost/Ghost/releases/tag/v6.22.1",
+  "latest_release_at": "2026-03-26T15:04:27Z",
+  "latest_release_url": "https://github.com/TryGhost/Ghost/releases/tag/v6.23.0",
  "version_source_refs": [
    "https://github.com/TryGhost/Ghost/releases/tag/v6.22.1",
-    "https://github.com/login?return_to=%2FTryGhost%2FGhost"
+    "https://github.com/login?return_to=%2FTryGhost%2FGhost",
+    "https://github.com/TryGhost/Ghost/releases/tag/v6.23.0"
  ],
  "version_sync_status": "green",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "Ghost GitHub Advisories"
--- a/08-threat-intel/registry/entities/ghost.json
+++ b/08-threat-intel/registry/entities/ghost.json
@@ -12,16 +12,16 @@
  "repo_url": "",
  "package_registry": "",
  "marketplace_url": "",
-  "latest_version": "6.22.1",
+  "latest_version": "6.23.0",
  "version_scheme": "vendor",
-  "latest_release_at": "2026-03-20T15:25:05Z",
-  "latest_release_url": "https://github.com/TryGhost/Ghost/releases/tag/v6.22.1",
+  "latest_release_at": "2026-03-26T15:04:27Z",
+  "latest_release_url": "https://github.com/TryGhost/Ghost/releases/tag/v6.23.0",
  "version_source_refs": [
    "https://github.com/login?return_to=%2FTryGhost%2FGhost"
  ],
  "version_sync_status": "green",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "Ghost GitHub Advisories"
  ],
--- a/08-threat-intel/registry/entities/gin--repo--github-com-gin-gonic-gin.json
+++ b/08-threat-intel/registry/entities/gin--repo--github-com-gin-gonic-gin.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 2,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "https://nvd.nist.gov/vuln/detail/CVE-2020-28483",
--- a/08-threat-intel/registry/entities/gin.json
+++ b/08-threat-intel/registry/entities/gin.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 2,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/gitea.json
+++ b/08-threat-intel/registry/entities/gitea.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "source-gap",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/gitlab-ce.json
+++ b/08-threat-intel/registry/entities/gitlab-ce.json
@@ -21,7 +21,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 627,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "GitLab Security Releases Atom"
  ],
--- a/08-threat-intel/registry/entities/grafana.json
+++ b/08-threat-intel/registry/entities/grafana.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "source-gap",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/hapi--package--hapi-hapi.json
+++ b/08-threat-intel/registry/entities/hapi--package--hapi-hapi.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 4,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://www.npmjs.com/advisories/1482"
--- a/08-threat-intel/registry/entities/hapi.json
+++ b/08-threat-intel/registry/entities/hapi.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 4,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/haproxy.json
+++ b/08-threat-intel/registry/entities/haproxy.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 2,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "HAProxy Blog Feed"
  ],
--- a/08-threat-intel/registry/entities/jenkins.json
+++ b/08-threat-intel/registry/entities/jenkins.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "source-gap",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/joomla.json
+++ b/08-threat-intel/registry/entities/joomla.json
@@ -25,7 +25,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 5,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "Joomla Security Centre"
  ],
--- a/08-threat-intel/registry/entities/kibana.json
+++ b/08-threat-intel/registry/entities/kibana.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "source-gap",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/koa--project--koa.json
+++ b/08-threat-intel/registry/entities/koa--project--koa.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 4,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://github.com/koajs/koa/security/advisories/GHSA-7gcc-r8m5-44qm"
--- a/08-threat-intel/registry/entities/koa.json
+++ b/08-threat-intel/registry/entities/koa.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 4,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/laravel--package--laravel-framework.json
+++ b/08-threat-intel/registry/entities/laravel--package--laravel-framework.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 103,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "Packagist p2",
    "https://github.com/laravel/framework/security/advisories/GHSA-66hf-2p6w-jqfw"
--- a/08-threat-intel/registry/entities/laravel.json
+++ b/08-threat-intel/registry/entities/laravel.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 103,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/magento-open-source--repo--magento-magento2.json
+++ b/08-threat-intel/registry/entities/magento-open-source--repo--magento-magento2.json
@@ -25,7 +25,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 3,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "Sansec Research"
--- a/08-threat-intel/registry/entities/magento-open-source.json
+++ b/08-threat-intel/registry/entities/magento-open-source.json
@@ -24,7 +24,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 3,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "Sansec Research"
  ],
--- a/08-threat-intel/registry/entities/mattermost--plugin--mattermost-plugins.json
+++ b/08-threat-intel/registry/entities/mattermost--plugin--mattermost-plugins.json
@@ -21,7 +21,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 759,
-  "last_version_synced_at": "2026-03-26T10:20:24+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:49+00:00",
  "latest_version_evidence": [
    "Mattermost Security Updates JSON",
    "https://securityupdates.mattermost.com/security_updates.json",
--- a/08-threat-intel/registry/entities/mattermost--project--issue-platform.json
+++ b/08-threat-intel/registry/entities/mattermost--project--issue-platform.json
@@ -21,7 +21,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 756,
-  "last_version_synced_at": "2026-03-26T10:20:24+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:49+00:00",
  "latest_version_evidence": [
    "Mattermost Security Updates JSON",
    "https://securityupdates.mattermost.com/security_updates.json",
--- a/08-threat-intel/registry/entities/mattermost--project--mattermost-server.json
+++ b/08-threat-intel/registry/entities/mattermost--project--mattermost-server.json
@@ -21,7 +21,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 764,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "Mattermost Security Updates JSON",
    "advisory-fixed-version",
--- a/08-threat-intel/registry/entities/mattermost--repo--github-com-mattermost-mattermost-server.json
+++ b/08-threat-intel/registry/entities/mattermost--repo--github-com-mattermost-mattermost-server.json
@@ -30,11 +30,13 @@
    "https://nvd.nist.gov/vuln/detail/CVE-2026-25780",
    "https://nvd.nist.gov/vuln/detail/CVE-2026-2578",
    "https://nvd.nist.gov/vuln/detail/CVE-2026-2455",
-    "https://nvd.nist.gov/vuln/detail/CVE-2026-24458"
+    "https://nvd.nist.gov/vuln/detail/CVE-2026-24458",
+    "https://nvd.nist.gov/vuln/detail/CVE-2026-2456",
+    "https://nvd.nist.gov/vuln/detail/CVE-2026-25783"
  ],
  "version_sync_status": "green",
-  "security_version_count": 810,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "security_version_count": 818,
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "https://nvd.nist.gov/vuln/detail/CVE-2026-22545",
@@ -49,7 +51,9 @@
    "https://nvd.nist.gov/vuln/detail/CVE-2026-25780",
    "https://nvd.nist.gov/vuln/detail/CVE-2026-2578",
    "https://nvd.nist.gov/vuln/detail/CVE-2026-2455",
-    "https://nvd.nist.gov/vuln/detail/CVE-2026-24458"
+    "https://nvd.nist.gov/vuln/detail/CVE-2026-24458",
+    "https://nvd.nist.gov/vuln/detail/CVE-2026-2456",
+    "https://nvd.nist.gov/vuln/detail/CVE-2026-25783"
  ],
  "catalog_source": "",
  "catalog_reason": "",
@@ -59,22 +63,24 @@
  "history_backfill_status": "seeded",
  "latest_sync_status": "green",
  "official_source_covered": true,
-  "advisory_count": 12,
-  "workflow_complete_advisory_count": 12,
-  "version_mapped_advisory_count": 12,
+  "advisory_count": 14,
+  "workflow_complete_advisory_count": 14,
+  "version_mapped_advisory_count": 14,
  "first_advisory_at": "2026-03-16T15:30:42+00:00",
-  "latest_advisory_at": "2026-03-23T18:56:23+00:00",
+  "latest_advisory_at": "2026-03-26T21:11:24+00:00",
  "advisory_ids": [
    "mattermost--CVE-2026-21386",
    "mattermost--CVE-2026-22545",
    "mattermost--CVE-2026-24458",
    "mattermost--CVE-2026-2455",
+    "mattermost--CVE-2026-2456",
    "mattermost--CVE-2026-2457",
    "mattermost--CVE-2026-2458",
    "mattermost--CVE-2026-2463",
    "mattermost--CVE-2026-24692",
    "mattermost--CVE-2026-2578",
    "mattermost--CVE-2026-25780",
+    "mattermost--CVE-2026-25783",
    "mattermost--CVE-2026-26246",
    "mattermost--CVE-2026-4265"
  ],
--- a/08-threat-intel/registry/entities/mattermost.json
+++ b/08-threat-intel/registry/entities/mattermost.json
@@ -20,8 +20,8 @@
    "https://securityupdates.mattermost.com/security_updates.json"
  ],
  "version_sync_status": "green",
-  "security_version_count": 3089,
-  "last_version_synced_at": "2026-03-26T10:20:23+00:00",
+  "security_version_count": 3097,
+  "last_version_synced_at": "2026-03-27T09:30:48+00:00",
  "latest_version_evidence": [
    "Mattermost Security Updates JSON"
  ],
@@ -33,22 +33,24 @@
  "history_backfill_status": "complete",
  "latest_sync_status": "green",
  "official_source_covered": true,
-  "advisory_count": 31,
-  "workflow_complete_advisory_count": 31,
-  "version_mapped_advisory_count": 31,
+  "advisory_count": 33,
+  "workflow_complete_advisory_count": 33,
+  "version_mapped_advisory_count": 33,
  "first_advisory_at": "2026-02-23T00:00:00+00:00",
-  "latest_advisory_at": "2026-03-23T18:56:23+00:00",
+  "latest_advisory_at": "2026-03-26T21:11:24+00:00",
  "advisory_ids": [
    "mattermost--CVE-2026-21386",
    "mattermost--CVE-2026-22545",
    "mattermost--CVE-2026-24458",
    "mattermost--CVE-2026-2455",
+    "mattermost--CVE-2026-2456",
    "mattermost--CVE-2026-2457",
    "mattermost--CVE-2026-2458",
    "mattermost--CVE-2026-2463",
    "mattermost--CVE-2026-24692",
    "mattermost--CVE-2026-2578",
    "mattermost--CVE-2026-25780",
+    "mattermost--CVE-2026-25783",
    "mattermost--CVE-2026-26246",
    "mattermost--CVE-2026-4265",
    "mattermost--Issue Identifier",
--- a/08-threat-intel/registry/entities/mediawiki.json
+++ b/08-threat-intel/registry/entities/mediawiki.json
@@ -28,7 +28,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 254,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "MediaWiki Announce RSS"
  ],
--- a/08-threat-intel/registry/entities/medusa.json
+++ b/08-threat-intel/registry/entities/medusa.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "source-gap",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/moodle.json
+++ b/08-threat-intel/registry/entities/moodle.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "source-gap",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/nestjs.json
+++ b/08-threat-intel/registry/entities/nestjs.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "source-gap",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/nextjs--project--next.json
+++ b/08-threat-intel/registry/entities/nextjs--project--next.json
@@ -35,7 +35,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 168,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://github.com/vercel/next.js",
--- a/08-threat-intel/registry/entities/nextjs.json
+++ b/08-threat-intel/registry/entities/nextjs.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 168,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/nginx.json
+++ b/08-threat-intel/registry/entities/nginx.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "source-gap",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/nodejs.json
+++ b/08-threat-intel/registry/entities/nodejs.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "source-gap",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/nuxt--project--nuxt.json
+++ b/08-threat-intel/registry/entities/nuxt--project--nuxt.json
@@ -26,7 +26,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 11,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://github.com/nuxt/nuxt/security/advisories/GHSA-vf6r-87q4-2vjf",
--- a/08-threat-intel/registry/entities/nuxt.json
+++ b/08-threat-intel/registry/entities/nuxt.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 11,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/opencart--repo--opencart-opencart.json
+++ b/08-threat-intel/registry/entities/opencart--repo--opencart-opencart.json
@@ -23,7 +23,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 2,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "OpenCart Releases"
--- a/08-threat-intel/registry/entities/opencart.json
+++ b/08-threat-intel/registry/entities/opencart.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 2,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "OpenCart Releases"
  ],
--- a/08-threat-intel/registry/entities/openmage--repo--openmage-magento-lts.json
+++ b/08-threat-intel/registry/entities/openmage--repo--openmage-magento-lts.json
@@ -21,7 +21,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "GitHub Releases API"
  ],
--- a/08-threat-intel/registry/entities/openmage.json
+++ b/08-threat-intel/registry/entities/openmage.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/phpmyadmin.json
+++ b/08-threat-intel/registry/entities/phpmyadmin.json
@@ -21,7 +21,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "phpMyAdmin Security Page"
  ],
--- a/08-threat-intel/registry/entities/prestashop--package--prestashop-prestashop.json
+++ b/08-threat-intel/registry/entities/prestashop--package--prestashop-prestashop.json
@@ -23,7 +23,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 41,
-  "last_version_synced_at": "2026-03-26T10:20:26+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "Packagist p2",
    "https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-35pf-37c6-jxjv",
--- a/08-threat-intel/registry/entities/prestashop--repo--prestashop-prestashop.json
+++ b/08-threat-intel/registry/entities/prestashop--repo--prestashop-prestashop.json
@@ -28,7 +28,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 9,
-  "last_version_synced_at": "2026-03-26T10:20:26+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "Friends Of Presta Security",
--- a/08-threat-intel/registry/entities/prestashop.json
+++ b/08-threat-intel/registry/entities/prestashop.json
@@ -26,7 +26,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 50,
-  "last_version_synced_at": "2026-03-26T10:20:25+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "GitHub PrestaShop Advisories",
    "Friends Of Presta Security",
--- a/08-threat-intel/registry/entities/rails--project--rails.json
+++ b/08-threat-intel/registry/entities/rails--project--rails.json
@@ -26,7 +26,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 102,
-  "last_version_synced_at": "2026-03-26T10:20:26+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://nvd.nist.gov/vuln/detail/CVE-2007-5379",
--- a/08-threat-intel/registry/entities/rails.json
+++ b/08-threat-intel/registry/entities/rails.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 102,
-  "last_version_synced_at": "2026-03-26T10:20:26+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/react--project--react-dom.json
+++ b/08-threat-intel/registry/entities/react--project--react-dom.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 12,
-  "last_version_synced_at": "2026-03-26T10:20:26+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://nvd.nist.gov/vuln/detail/CVE-2018-6341"
--- a/08-threat-intel/registry/entities/react--project--react.json
+++ b/08-threat-intel/registry/entities/react--project--react.json
@@ -23,7 +23,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 6,
-  "last_version_synced_at": "2026-03-26T10:20:26+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://github.com/facebook/react",
--- a/08-threat-intel/registry/entities/react.json
+++ b/08-threat-intel/registry/entities/react.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 18,
-  "last_version_synced_at": "2026-03-26T10:20:26+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/redmine.json
+++ b/08-threat-intel/registry/entities/redmine.json
@@ -21,7 +21,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:26+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "Redmine Security Advisories"
  ],
--- a/08-threat-intel/registry/entities/saleor--repo--saleor-saleor.json
+++ b/08-threat-intel/registry/entities/saleor--repo--saleor-saleor.json
@@ -23,7 +23,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:26+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "GitHub Saleor Advisories"
--- a/08-threat-intel/registry/entities/saleor.json
+++ b/08-threat-intel/registry/entities/saleor.json
@@ -21,7 +21,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:26+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "GitHub Saleor Advisories"
  ],
--- a/08-threat-intel/registry/entities/shopware--repo--shopware-shopware.json
+++ b/08-threat-intel/registry/entities/shopware--repo--shopware-shopware.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:26+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "Shopware Security Advisories"
--- a/08-threat-intel/registry/entities/shopware.json
+++ b/08-threat-intel/registry/entities/shopware.json
@@ -21,7 +21,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:26+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "Shopware Security Advisories"
  ],
--- a/08-threat-intel/registry/entities/spring-boot--project--org-springframework-boot-spring-boot.json
+++ b/08-threat-intel/registry/entities/spring-boot--project--org-springframework-boot-spring-boot.json
@@ -21,7 +21,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 22,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [
    "advisory-fixed-version",
    "https://github.com/JLLeitschuh/security-research/security/advisories/GHSA-cm59-pr5q-cw85"
--- a/08-threat-intel/registry/entities/spring-boot.json
+++ b/08-threat-intel/registry/entities/spring-boot.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 22,
-  "last_version_synced_at": "2026-03-26T10:20:26+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/spring-framework.json
+++ b/08-threat-intel/registry/entities/spring-framework.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "source-gap",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/spring-security--project--org-springframework-security-spring-security-web.json
+++ b/08-threat-intel/registry/entities/spring-security--project--org-springframework-security-spring-security-web.json
@@ -21,7 +21,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 92,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:51+00:00",
  "latest_version_evidence": [
    "advisory-fixed-version",
    "https://nvd.nist.gov/vuln/detail/CVE-2026-22732"
--- a/08-threat-intel/registry/entities/spring-security.json
+++ b/08-threat-intel/registry/entities/spring-security.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 92,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:50+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/strapi--repo--strapi-strapi.json
+++ b/08-threat-intel/registry/entities/strapi--repo--strapi-strapi.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:51+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "Strapi GitHub Advisories"
--- a/08-threat-intel/registry/entities/strapi.json
+++ b/08-threat-intel/registry/entities/strapi.json
@@ -21,7 +21,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 0,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:51+00:00",
  "latest_version_evidence": [
    "Strapi GitHub Advisories"
  ],
--- a/08-threat-intel/registry/entities/sveltekit--package--sveltejs-kit.json
+++ b/08-threat-intel/registry/entities/sveltekit--package--sveltejs-kit.json
@@ -23,7 +23,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 4,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:51+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://github.com/sveltejs/kit/security/advisories/GHSA-88qp-p4qg-rqm6",
--- a/08-threat-intel/registry/entities/sveltekit.json
+++ b/08-threat-intel/registry/entities/sveltekit.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 4,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:51+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/symfony--package--symfony-symfony.json
+++ b/08-threat-intel/registry/entities/symfony--package--symfony-symfony.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 220,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:51+00:00",
  "latest_version_evidence": [
    "Packagist p2",
    "https://github.com/symfony/symfony/security/advisories/GHSA-5pv8-ppvj-4h68"
--- a/08-threat-intel/registry/entities/symfony.json
+++ b/08-threat-intel/registry/entities/symfony.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 220,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:51+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/traefik--extension--github-com-traefik-traefik-v3.json
+++ b/08-threat-intel/registry/entities/traefik--extension--github-com-traefik-traefik-v3.json
@@ -12,18 +12,19 @@
  "repo_url": "https://github.com/traefik/traefik",
  "package_registry": "",
  "marketplace_url": "",
-  "latest_version": "2.11.42",
+  "latest_version": "3.7.0-ea.3",
  "version_scheme": "semver-ish",
-  "latest_release_at": "2026-03-26T09:02:56Z",
-  "latest_release_url": "https://github.com/traefik/traefik/releases/tag/v2.11.42",
+  "latest_release_at": "2026-03-26T11:10:20Z",
+  "latest_release_url": "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.3",
  "version_source_refs": [
    "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2",
    "https://github.com/traefik/traefik/security/advisories/GHSA-wvvq-wgcr-9q48",
-    "https://github.com/traefik/traefik/releases/tag/v2.11.42"
+    "https://github.com/traefik/traefik/releases/tag/v2.11.42",
+    "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.3"
  ],
  "version_sync_status": "green",
  "security_version_count": 8,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:51+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "https://github.com/traefik/traefik/security/advisories/GHSA-wvvq-wgcr-9q48",
--- a/08-threat-intel/registry/entities/traefik--repo--github-com-traefik-traefik-v3.json
+++ b/08-threat-intel/registry/entities/traefik--repo--github-com-traefik-traefik-v3.json
@@ -12,10 +12,10 @@
  "repo_url": "https://github.com/traefik/traefik",
  "package_registry": "",
  "marketplace_url": "",
-  "latest_version": "2.11.42",
+  "latest_version": "3.7.0-ea.3",
  "version_scheme": "semver-ish",
-  "latest_release_at": "2026-03-26T09:02:56Z",
-  "latest_release_url": "https://github.com/traefik/traefik/releases/tag/v2.11.42",
+  "latest_release_at": "2026-03-26T11:10:20Z",
+  "latest_release_url": "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.3",
  "version_source_refs": [
    "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.2",
    "https://github.com/traefik/traefik/security/advisories/GHSA-gxrv-wf35-62w9",
@@ -32,11 +32,12 @@
    "https://github.com/traefik/traefik/security/advisories/GHSA-4hjq-9h5c-252j",
    "https://github.com/traefik/traefik/security/advisories/GHSA-g3hg-j4jv-cwfr",
    "https://github.com/traefik/traefik/security/advisories/GHSA-89p3-4642-cr2w",
-    "https://github.com/traefik/traefik/releases/tag/v2.11.42"
+    "https://github.com/traefik/traefik/releases/tag/v2.11.42",
+    "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.3"
  ],
  "version_sync_status": "green",
  "security_version_count": 55,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:51+00:00",
  "latest_version_evidence": [
    "GitHub Releases API",
    "https://github.com/traefik/traefik/security/advisories/GHSA-gxrv-wf35-62w9",
--- a/08-threat-intel/registry/entities/traefik.json
+++ b/08-threat-intel/registry/entities/traefik.json
@@ -12,14 +12,14 @@
  "repo_url": "",
  "package_registry": "",
  "marketplace_url": "",
-  "latest_version": "2.11.42",
+  "latest_version": "3.7.0-ea.3",
  "version_scheme": "vendor",
-  "latest_release_at": "2026-03-26T09:02:56Z",
-  "latest_release_url": "https://github.com/traefik/traefik/releases/tag/v2.11.42",
+  "latest_release_at": "2026-03-26T11:10:20Z",
+  "latest_release_url": "https://github.com/traefik/traefik/releases/tag/v3.7.0-ea.3",
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 63,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:51+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/08-threat-intel/registry/entities/undici--extension--undici.json
+++ b/08-threat-intel/registry/entities/undici--extension--undici.json
@@ -22,7 +22,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 4,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:51+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://github.com/nodejs/undici/security/advisories/GHSA-vrm6-8vpv-qv8q"
--- a/08-threat-intel/registry/entities/undici--project--undici.json
+++ b/08-threat-intel/registry/entities/undici--project--undici.json
@@ -32,7 +32,7 @@
  ],
  "version_sync_status": "green",
  "security_version_count": 21,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:51+00:00",
  "latest_version_evidence": [
    "npm latest",
    "https://github.com/nodejs/undici/security/advisories/GHSA-3cvr-822r-rqcc",
--- a/08-threat-intel/registry/entities/undici.json
+++ b/08-threat-intel/registry/entities/undici.json
@@ -19,7 +19,7 @@
  "version_source_refs": [],
  "version_sync_status": "green",
  "security_version_count": 25,
-  "last_version_synced_at": "2026-03-26T10:20:27+00:00",
+  "last_version_synced_at": "2026-03-27T09:30:51+00:00",
  "latest_version_evidence": [],
  "catalog_source": "",
  "catalog_reason": "",
--- a/显示更多
+++ b/显示更多