ioc: 1 new blacklist candidate(s)

pkg/analyzer/data/blacklist.json

@@ -1,72 +1,154 @@
 [
+  {
+    "id": "CVE-2026-33017",
+    "component": "langflow",
+    "ecosystem": "PyPI",
+    "affected_versions": [
+      "< 1.9.0"
+    ],
+    "action": "BLOCK",
+    "severity": "CRITICAL",
+    "reason": "Unauthenticated RCE (CVSS 9.8): POST /api/v1/build_public_tmp/{flow_id}/flow accepts attacker-controlled flow data and passes arbitrary Python code directly to exec() with no sandboxing. Fixed in 1.9.0.",
+    "link": "https://github.com/advisories/GHSA-rvqx-wpfh-mfx7"
+  },
   {
     "id": "SNYK-PYTHON-LITELLM-15762713",
     "component": "litellm",
     "ecosystem": "PyPI",
-    "affected_versions": ["1.82.7", "1.82.8"],
+    "affected_versions": [
+      "1.82.7",
+      "1.82.8"
+    ],
     "action": "BLOCK",
     "severity": "CRITICAL",
     "reason": "TeamPCP supply chain attack: malicious .pth file steals SSH keys, AWS/K8s credentials and .env files on every Python startup, then establishes systemd persistence and attempts Kubernetes lateral movement.",
     "link": "https://security.snyk.io/vuln/SNYK-PYTHON-LITELLM-15762713"
   },
+  {
+    "id": "CVE-2025-62373",
+    "component": "pipecat-ai",
+    "ecosystem": "PyPI",
+    "affected_versions": [
+      "0.0.41",
+      "0.0.42",
+      "0.0.43",
+      "0.0.44",
+      "0.0.45",
+      "0.0.46",
+      "0.0.47",
+      "0.0.48",
+      "0.0.49",
+      "0.0.50",
+      "0.0.51",
+      "0.0.52",
+      "0.0.53",
+      "0.0.54",
+      "0.0.55",
+      "0.0.56",
+      "0.0.57",
+      "0.0.58",
+      "0.0.59",
+      "0.0.60",
+      "0.0.61",
+      "0.0.62",
+      "0.0.63",
+      "0.0.64",
+      "0.0.65",
+      "0.0.66",
+      "0.0.67",
+      "0.0.68",
+      "0.0.69",
+      "0.0.70",
+      "0.0.71",
+      "0.0.72",
+      "0.0.73",
+      "0.0.74",
+      "0.0.75",
+      "0.0.76",
+      "0.0.77",
+      "0.0.78",
+      "0.0.79",
+      "0.0.80",
+      "0.0.81",
+      "0.0.82",
+      "0.0.83",
+      "0.0.84",
+      "0.0.85",
+      "0.0.86",
+      "0.0.87",
+      "0.0.88",
+      "0.0.89",
+      "0.0.90",
+      "0.0.91",
+      "0.0.92",
+      "0.0.93"
+    ],
+    "action": "BLOCK",
+    "severity": "CRITICAL",
+    "reason": "Pipecat: Remote Code Execution by Pickle Deserialization Through LivekitFrameSerializer",
+    "link": "https://osv.dev/vulnerability/GHSA-c2jg-5cp7-6wc7"
+  },
   {
     "id": "GHSA-69fq-xp46-6x23",
     "component": "trivy",
     "ecosystem": "binary",
-    "affected_versions": ["v0.69.4", "v0.69.5", "v0.69.6"],
+    "affected_versions": [
+      "v0.69.4",
+      "v0.69.5",
+      "v0.69.6"
+    ],
     "action": "BLOCK",
     "severity": "CRITICAL",
     "reason": "TeamPCP compromised CI/CD pipeline and pushed malicious binaries that exfiltrate runner memory and environment secrets.",
     "link": "https://github.com/aquasecurity/trivy/security/advisories/GHSA-69fq-xp46-6x23"
   },
   {
     "id": "GHSA-69fq-xp46-6x23",
-    "component": "trivy-action",
+    "component": "setup-trivy",
     "ecosystem": "github-actions",
-    "affected_versions": ["< v0.35.0"],
+    "affected_versions": [
+      "< v0.2.6"
+    ],
     "action": "WARN",
     "severity": "HIGH",
-    "reason": "Vulnerable tags were force-pushed to point to malicious commits during the March 2026 TeamPCP exposure window. Upgrade to v0.35.0+ and pin by SHA.",
-    "link": "https://github.com/aquasecurity/trivy-action/security/advisories"
+    "reason": "Versions prior to v0.2.6 were at elevated risk during the March 2026 TeamPCP exposure window (~4 hours). Upgrade to v0.2.6+ (SHA: 3fb12ec) or pin by digest.",
+    "link": "https://github.com/aquasecurity/trivy/security/advisories/GHSA-69fq-xp46-6x23"
   },
   {
     "id": "GHSA-69fq-xp46-6x23",
-    "component": "setup-trivy",
+    "component": "trivy-action",
     "ecosystem": "github-actions",
-    "affected_versions": ["< v0.2.6"],
+    "affected_versions": [
+      "< v0.35.0"
+    ],
     "action": "WARN",
     "severity": "HIGH",
-    "reason": "Versions prior to v0.2.6 were at elevated risk during the March 2026 TeamPCP exposure window (~4 hours). Upgrade to v0.2.6+ (SHA: 3fb12ec) or pin by digest.",
-    "link": "https://github.com/aquasecurity/trivy/security/advisories/GHSA-69fq-xp46-6x23"
+    "reason": "Vulnerable tags were force-pushed to point to malicious commits during the March 2026 TeamPCP exposure window. Upgrade to v0.35.0+ and pin by SHA.",
+    "link": "https://github.com/aquasecurity/trivy-action/security/advisories"
   },
   {
-    "id": "CVE-2026-33017",
-    "component": "langflow",
-    "ecosystem": "PyPI",
-    "affected_versions": ["< 1.9.0"],
+    "id": "BITWARDEN-CLI-COMPROMISE-2026-04-22",
+    "component": "@bitwarden/cli",
+    "ecosystem": "npm",
+    "affected_versions": [
+      "2026.4.0"
+    ],
     "action": "BLOCK",
     "severity": "CRITICAL",
-    "reason": "Unauthenticated RCE (CVSS 9.8): POST /api/v1/build_public_tmp/{flow_id}/flow accepts attacker-controlled flow data and passes arbitrary Python code directly to exec() with no sandboxing. Fixed in 1.9.0.",
-    "link": "https://github.com/advisories/GHSA-rvqx-wpfh-mfx7"
+    "reason": "Confirmed npm supply-chain compromise: attackers hijacked Bitwarden's GitHub Actions, stole release secrets, and pushed a tampered @bitwarden/cli@2026.4.0 build to npm containing malicious code. Remove immediately and rotate any credentials that passed through the CLI.",
+    "link": "https://thehackernews.com/2026/04/bitwarden-cli-supply-chain-attack.html"
   },
   {
     "id": "AXIOS-NPM-COMPROMISE-2026-03-31",
     "component": "axios",
     "ecosystem": "npm",
-    "affected_versions": ["1.14.1", "0.30.4"],
+    "affected_versions": [
+      "1.14.1",
+      "0.30.4"
+    ],
     "action": "BLOCK",
     "severity": "CRITICAL",
     "reason": "Confirmed npm supply-chain compromise: attacker reportedly hijacked the maintainer npm account and published malicious axios builds that introduced the plain-crypto-js dependency outside the normal GitHub Actions release flow.",
     "link": "https://github.com/axios/axios"
-  },
-  {
-    "id": "BITWARDEN-CLI-COMPROMISE-2026-04-22",
-    "component": "@bitwarden/cli",
-    "ecosystem": "npm",
-    "affected_versions": ["2026.4.0"],
-    "action": "BLOCK",
-    "severity": "CRITICAL",
-    "reason": "Confirmed npm supply-chain compromise: attackers hijacked Bitwarden's GitHub Actions, stole release secrets, and pushed a tampered @bitwarden/cli@2026.4.0 build to npm containing malicious code. Remove immediately and rotate any credentials that passed through the CLI.",
-    "link": "https://thehackernews.com/2026/04/bitwarden-cli-supply-chain-attack.html"
   }
 ]