Update taxonomy

Author: actions-user

taxonomy/scenarios.json

@@ -3159,6 +3159,28 @@
       "CWE-78"
     ]
   },
+  "crowdsecurity/vpatch-CVE-2025-47188": {
+    "name": "crowdsecurity/vpatch-CVE-2025-47188",
+    "description": "Detects OS command injection in Mitel 6000 series SIP Phones via ringtone upload functionality.",
+    "label": "Mitel 6000 - RCE",
+    "behaviors": [
+      "http:exploit"
+    ],
+    "mitre_attacks": [
+      "TA0001:T1190"
+    ],
+    "confidence": 3,
+    "spoofable": 0,
+    "cti": true,
+    "service": "http",
+    "created_at": "2026-01-07T14:54:26",
+    "cves": [
+      "CVE-2025-47188"
+    ],
+    "cwes": [
+      "CWE-78"
+    ]
+  },
   "crowdsecurity/vpatch-CVE-2025-47812": {
     "name": "crowdsecurity/vpatch-CVE-2025-47812",
     "description": "Detects Wing FTP Server <= 7.4.3 RCE via Lua code injection in username parameter during login.",