Attack path: CVE-2026-9610
Where this CVE sits in the complete attacker lifecycle.
0 techniques directly attributed and 2 inferred, across 2 phases. Each technique shows its mapping confidence; follow-on techniques come from shared-actor co-occurrence.
Highlighted from CVE-2026-9610 · primary technique T1083
Reconnaissance
·
Resource Dev
·
Initial Access
·
Execution
·
Persistence
Priv Escalation
·
Stealth
·
Defense Impairment
·
Credential Access
·
Lateral Movement
Collection
C2
·
Exfiltration
·
Impact
T1565.002
inferred
Transmitted Data Manipulation
✓ detection content available
T1488
9.4x
Disk Content Wipe
T1565.001
9.4x
Stored Data Manipulation
✓ detection content available
T1495
9.2x
Firmware Corruption
✓ detection content available
T1499.004
6.6x
Application or System Exploitation
✓ detection content available
T0831
6.6x
Manipulation of Control
T0828
6.6x
Loss of Productivity and Revenue
T0815
6.6x
Denial of View
Want your real detection gaps for this chain?
Declare your detection stack - your rules, telemetry, and techniques - and we will show exactly which of these techniques you cannot see. We do not grade you against a public rule corpus, only against what you actually run.
Direct - an ATT&CK/nuclei source names this CVE
Inferred - derived via CWE/CAPEC (lower confidence, may be off)
Likely follow-on (shared-actor co-occurrence)
✓We hold public detection content
Lift = how strongly a follow-on co-occurs with this CVE across shared threat actors (1x expected, 5x highly distinctive).
Hunt package
All 14 techniques in this view - Sigma rules, Atomic tests, and coverage in one place.