Triple
T27756113
| Position | Surface form | Disambiguated ID | Type / Status |
|---|---|---|---|
| Subject | Love Letter worm |
E701335
|
entity |
| Predicate | exploitedSoftware |
P79628
|
FINISHED |
| Object | Microsoft Outlook address book |
—
|
NE NERFINISHED |
How this triple was built (2 steps)
Every LLM step that produced this triple, in pipeline order — named-entity classification, the disambiguation choices (the exact options shown, with the pick highlighted), and the generated description. The batch + timestamp of each is in the Provenance table below.
NER
Named-entity recognition
gpt-5-mini
Instruction
Given a phrase, classify it is english named entity (e.g., persons, organizations, works of art) in Latin script, or not (e.g., literals, dates, URLs, verbose phrases). For disambiguation, the statement where the phrase occurs as object is also given. Please return a JSON object with `phrase` (string, the phrase being analyzed) and `is_ne` (boolean, indicating whether the phrase is a Named Entity).
Input
Phrase: Microsoft Outlook address book | Statement: [Love Letter worm, exploitedSoftware, Microsoft Outlook address book]
PD
Predicate disambiguation
gpt-5-mini-2025-08-07
Target predicate: exploitedSoftware Context triple: [Love Letter worm, exploitedSoftware, Microsoft Outlook address book]
-
A.
exploits
Indicates that one entity unfairly or selfishly uses another entity or resource for its own advantage or benefit.
-
B.
canBeExploitedRemotely
Indicates that the vulnerability or weakness can be triggered and abused from a distance over a network, without requiring physical access to the target system.
-
C.
vulnerabilityType
Indicates the specific kind or category of vulnerability associated with an entity or situation.
-
D.
vulnerabilitySource
Indicates that one entity is the origin, cause, or contributing factor of another entity’s vulnerability or weakness.
-
E.
targetedSoftware
chosen
Indicates that a particular piece of software is the specific focus or target of an action, operation, or effect.
- F. None of above.
Provenance (3 batches)
The batch behind each pipeline step, in order, with when it ran. Timestamps are batch-level — stages were processed in waves, so the object chain (NER → NED1 → NEDg → NED2) reads in order, but predicate / elicitation batches can sit in a different wave.
| Step | Stage | Batch ID | Status | When |
|---|---|---|---|---|
| creating | Elicitation | batch_69ef6a5193808190816eb7d0020b2d87 |
completed | April 27, 2026, 1:53 p.m. |
| NER | Named-entity recognition | batch_69f65a6c900881908f18b61273d7bf8d |
completed | May 2, 2026, 8:11 p.m. |
| PD | Predicate disambiguation | batch_69f659ce58408190ba9e007b4810d4d0 |
completed | May 2, 2026, 8:08 p.m. |
Created at: April 27, 2026, 4:23 p.m.