Skip to content

Commit 235a9d1

Browse files
rrobergerroberge
authored
5/6/25 release branch (#3554)
* #3553 "CNA Enrichment Recognition List" for 5/5/25 * #3552 Update 2 WGs meeting schedules on WGs and Events pages
1 parent dbc186f commit 235a9d1

4 files changed

Lines changed: 55 additions & 17 deletions

File tree

src/assets/data/events.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -436,7 +436,7 @@
436436
"end": "2025-12-31",
437437
"repeat": {
438438
"day": "Thursday",
439-
"recurrence": "biweekly"
439+
"recurrence": "weekly"
440440
}
441441
}
442442
},

src/assets/data/news.json

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,41 @@
11
{
22
"currentNews": [
3+
{
4+
"id": 515,
5+
"newsType": "blog",
6+
"title": "Vulnerability Data Enrichment for CVE Records: 251 CNAs on the Enrichment Recognition List for May 5, 2025",
7+
"urlKeywords": "CNA Enrichment Recognition List Update",
8+
"date": "2025-05-06",
9+
"author": {
10+
"name": "CVE Program",
11+
"organization": {
12+
"name": "CVE Program",
13+
"url": ""
14+
},
15+
"title": "",
16+
"bio": ""
17+
},
18+
"description": [
19+
{
20+
"contentnewsType": "image",
21+
"imageWidth": "",
22+
"href": "/news/CnaEnrichmentRecognitionList.png",
23+
"altText": "Increasing the Value of the CVE Record - CNA Enrichment Recognition List"
24+
},
25+
{
26+
"contentnewsType": "paragraph",
27+
"content": "The “<a href='/About/Metrics#CNAEnrichmentRecognition'>CNA Enrichment Recognition List</a>” for May 5, 2025, is now available with 251 CNAs listed. Published every two weeks on the CVE website, the list recognizes those <a href='/ProgramOrganization/CNAs'>CVE Numbering Authorities (CNAs)</a> that are actively providing enhanced vulnerability data in their <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a>. CNAs are added to the list if they provide <a href='https://www.first.org/cvss/' target='_blank'>Common Vulnerability Scoring System (CVSS)</a> and <a href='https://cwe.mitre.org/' target='_blank'>Common Weakness Enumeration (CWE&trade;)</a> information 98% of the time or more within the two-week period of their last published CVE Record."
28+
},
29+
{
30+
"contentnewsType": "paragraph",
31+
"content": "For more about the recognition list, see “<a href='/Media/News/item/blog/2024/09/10/CNA-Enrichment-Recognition-List'>Recognition for CNAs Actively Providing Vulnerability Data Enrichment for CVE Records</a>.” To learn more about vulnerability information types like CVSS and CWE, see the <a href='/CVERecord/UserGuide'>CVE Record User Guide</a>. View the most current CNA Enrichment Recognition List on the CVE website Metrics page <a href='/About/Metrics#CNAEnrichmentRecognition'>here</a>."
32+
},
33+
{
34+
"contentnewsType": "paragraph",
35+
"content": "CNA Enrichment Recognition List for May 5, 2025, with 251 CNAs listed: <ul><li>1E Limited</li><li>9front Systems</li><li>Absolute Software</li><li>Acronis International GmbH</li><li>Adobe Systems Incorporated</li><li>Advanced Micro Devices Inc.</li><li>Alias Robotics S.L.</li><li>Amazon</li><li>AMI</li><li>ARC Informatique</li><li>Arista Networks, Inc.</li><li>Asea Brown Boveri Ltd.</li><li>ASUSTeK Computer Incorporation</li><li>ATISoluciones Diseño de Sistemas Electrónicos, S.L.</li><li>Austin Hackers Anonymous</li><li>Autodesk</li><li>Automotive Security Research Group (ASRG)</li><li>Avaya Inc.</li><li>Axis Communications AB</li><li>Baicells Technologies Co., Ltd.</li><li>Baxter Healthcare</li><li>Beckman Coulter Life Sciences</li><li>Becton, Dickinson and Company (BD)</li><li>BeyondTrust Inc.</li><li>Bitdefender</li><li>Bizerba SE & Co. KG</li><li>Black Duck Software, Inc.</li><li>Black Lantern Security</li><li>BlackBerry</li><li>Brocade Communications Systems LLC, a Broadcom Company</li><li>Canon EMEA</li><li>Canon Inc.</li><li>Carrier Global Corporation</li><li>Cato Networks</li><li>Centreon</li><li>CERT.PL</li><li>CERT@VDE</li><li>Check Point Software Technologies Ltd.</li><li>Checkmarx</li><li>Checkmk GmbH</li><li>cirosec GmbH</li><li>Cisco Systems, Inc.</li><li>Cloudflare, Inc.</li><li>Concrete CMS</li><li>ConnectWise LLC</li><li>Crafter CMS</li><li>CrowdStrike Holdings, Inc.</li><li>CyberArk Labs</li><li>CyberDanube</li><li>Dahua Technologies</li><li>Dassault Systèmes</li><li>Delinea, Inc.</li><li>Dell EMC</li><li>Dfinity Foundation</li><li>Docker Inc.</li><li>dotCMS LLC</li><li>Dremio Corporation</li><li>Dutch Institute for Vulnerability Disclosure (DIVD)</li><li>Eaton</li><li>Eclipse Foundation</li><li>Elastic</li><li>EnterpriseDB Corporation</li><li>Environmental Systems Research Institute, Inc. (Esri)</li><li>Ericsson</li><li>ESET, spol. s r.o.</li><li>EU Agency for Cybersecurity (ENISA)</li><li>Exodus Intelligence</li><li>F5 Networks</li><li>Financial Security Institute (FSI)</li><li>Fluid Attacks</li><li>Forcepoint</li><li>Forescout Technologies</li><li>Fortinet, Inc.</li><li>Fortra, LLC</li><li>FPT SOFTWARE CO., LTD</li><li>Gallagher Group Ltd</li><li>GE Healthcare</li><li>Genetec Inc.</li><li>Gitea Limited</li><li>GitHub (maintainer security advisories)</li><li>GitHub Inc, (Products Only)</li><li>GitLab Inc.</li><li>Glyph & Cog, LLC</li><li>Google LLC</li><li>Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)</li><li>Grafana Labs</li><li>Gridware Cybersecurity</li><li>Hanwha Vision Co., Ltd.</li><li>HashiCorp Inc.</li><li>HCL Software</li><li>HeroDevs</li><li>HiddenLayer, Inc.</li><li>Hillstone Networks Inc.</li><li>Hitachi Vantara</li><li>Hitachi, Ltd.</li><li>Honeywell International Inc.</li><li>HP Inc.</li><li>Huawei Technologies</li><li>HYPR Corp</li><li>IBM Corporation</li><li>ICS-CERT</li><li>iManage LLC</li><li>Indian Computer Emergency Response Team (CERT-In)</li><li>Intel Corporation</li><li>Internet Systems Consortium (ISC)</li><li>Israel National Cyber Directorate</li><li>Ivanti</li><li>Jamf</li><li>JetBrains s.r.o.</li><li>JFROG</li><li>Johnson Controls</li><li>JPCERT/CC</li><li>Kaspersky</li><li>KrCERT/CC</li><li>Kubernetes</li><li>Lenovo Group Ltd.</li><li>Lexmark International Inc.</li><li>LG Electronics</li><li>Liferay, Inc.</li><li>Logitech</li><li>M-Files Corporation</li><li>Mattermost, Inc</li><li>Mautic</li><li>Microchip Technology</li><li>Microsoft Corporation</li><li>Milestone Systems A/S</li><li>Mitsubishi Electric Corporation</li><li>Monash University - Cyber Security Incident Response Team</li><li>MongoDB</li><li>Moxa Inc.</li><li>N-able</li><li>National Cyber Security Centre - Netherlands (NCSC-NL)</li><li>National Cyber Security Centre Finland</li><li>National Cyber Security Centre SK-CERT</li><li>National Instruments</li><li>NetApp, Inc.</li><li>Netflix, Inc.</li><li>Netskope</li><li>NLnet Labs</li><li>NortonLifeLock Inc</li><li>Nozomi Networks Inc.</li><li>Nvidia Corporation</li><li>Odoo</li><li>Okta</li><li>OMRON Corporation</li><li>ONEKEY GmbH</li><li>Open Design Alliance</li><li>Open-Xchange</li><li>OpenAnolis</li><li>openEuler</li><li>OpenHarmony</li><li>OpenText (formerly Micro Focus)</li><li>OPPO</li><li>OTRS AG</li><li>Palantir Technologies</li><li>Panasonic Holdings Corporation</li><li>Pandora FMS</li><li>PaperCut Software Pty Ltd</li><li>Patchstack OÜ</li><li>Pegasystems</li><li>Pentraze Cybersecurity</li><li>Perforce</li><li>Philips</li><li>Phoenix Technologies, Inc.</li><li>Ping Identity Corporation</li><li>PlexTrac, Inc.</li><li>Progress Software Corporation</li><li>Proofpoint Inc.</li><li>Protect AI</li><li>Pure Storage, Inc.</li><li>QNAP Systems, Inc.</li><li>Qualcomm, Inc.</li><li>rami.io GmbH</li><li>Rapid7, Inc.</li><li>Real-Time Innovations, Inc.</li><li>Red Hat CNA-LR</li><li>Red Hat, Inc.</li><li>Robert Bosch GmbH</li><li>Roche Diagnostics</li><li>SailPoint Technologies</li><li>Samsung TV & Appliance</li><li>SAP SE</li><li>Saviynt Inc.</li><li>SBA Research gGmbH</li><li>Schneider Electric SE</li><li>Seal Security</li><li>SEC Consult Vulnerability Lab</li><li>Secomea</li><li>Securin</li><li>ServiceNow</li><li>SHENZHEN CoolKit Technology CO., LTD.</li><li>SICK AG</li><li>Siemens</li><li>Silicon Labs</li><li>Snow Software</li><li>Snyk</li><li>SoftIron</li><li>SolarWinds</li><li>Sonatype Inc.</li><li>Sophos</li><li>Spanish National Cybersecurity Institute, S.A.</li><li>Splunk</li><li>STAR Labs SG Pte. Ltd.</li><li>Super Micro Computer, Inc.</li><li>Suse</li><li>Symantec - A Division of Broadcom</li><li>Synaptics</li><li>Synology Inc.</li><li>Talos</li><li>TeamViewer Germany GmbH</li><li>Teltonika Networks</li><li>Temporal Technologies Inc.</li><li>Tenable Network Security, Inc.</li><li>Thales Group</li><li>The Document Foundation</li><li>The Qt Company</li><li>The Tcpdump Group</li><li>The Wikimedia Foundation</li><li>TianoCore.org</li><li>Toshiba Corporation</li><li>TP-Link Systems Inc.</li><li>TR-CERT (Computer Emergency Response Team of the Republic of Turkey)</li><li>Trellix</li><li>TWCERT/CC</li><li>TXOne Networks, Inc.</li><li>upKeeper Solutions</li><li>Vivo Mobile Communication Technology Co., LTD.</li><li>VMware</li><li>VulDB</li><li>VulnCheck</li><li>VULSec Labs</li><li>WatchGuard Technologies, Inc.</li><li>Western Digital</li><li>Wind River Systems Inc.</li><li>Wiz, Inc.</li><li>Wordfence</li><li>WSO2 LLC</li><li>Xerox Corporation</li><li>Xiaomi Technology Co Ltd</li><li>Yandex N.V.</li><li>Yokogawa Group</li><li>Yugabyte, Inc.</li><li>Zabbix</li><li>Zephyr Project</li><li>Zero Day Initiative</li><li>Zohocorp</li><li>Zoom Video Communications, Inc.</li><li>Zscaler, Inc.</li><li>ZTE Corporation</li><li>ZUSO Advanced Research Team (ZUSO ART)</li><li>Zyxel Corporation</li></ul>"
36+
}
37+
]
38+
},
339
{
440
"id": 514,
541
"newsType": "news",

src/views/About/Metrics.vue

Lines changed: 16 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -295,8 +295,8 @@
295295
</p>
296296
</div>
297297
<h3 class="title">CNA Enrichment Recognition List</h3>
298-
<p class="cve-help-text"><span class="has-text-weight-bold">Last Updated: </span><time>April 7, 2025</time><br/>
299-
<span class="has-text-weight-bold">Total CNAs: </span>249</p>
298+
<p class="cve-help-text"><span class="has-text-weight-bold">Last Updated: </span><time>May 5, 2025</time><br/>
299+
<span class="has-text-weight-bold">Total CNAs: </span>251</p>
300300
<div>
301301
<ul>
302302
<li>1E Limited</li>
@@ -311,7 +311,6 @@
311311
<li>ARC Informatique</li>
312312
<li>Arista Networks, Inc.</li>
313313
<li>Asea Brown Boveri Ltd.</li>
314-
<li>ASR Microelectronics Co., Ltd.</li>
315314
<li>ASUSTeK Computer Incorporation</li>
316315
<li>ATISoluciones Diseño de Sistemas Electrónicos, S.L.</li>
317316
<li>Austin Hackers Anonymous</li>
@@ -332,33 +331,31 @@
332331
<li>Brocade Communications Systems LLC, a Broadcom Company</li>
333332
<li>Canon EMEA</li>
334333
<li>Canon Inc.</li>
335-
<li>Canonical Ltd.</li>
336334
<li>Carrier Global Corporation</li>
337335
<li>Cato Networks</li>
336+
<li>Centreon</li>
338337
<li>CERT.PL</li>
339338
<li>CERT@VDE</li>
340339
<li>Check Point Software Technologies Ltd.</li>
341340
<li>Checkmarx</li>
342341
<li>Checkmk GmbH</li>
343342
<li>cirosec GmbH</li>
344343
<li>Cisco Systems, Inc.</li>
345-
<li>ClickHouse, Inc.</li>
346344
<li>Cloudflare, Inc.</li>
347345
<li>Concrete CMS</li>
346+
<li>ConnectWise LLC</li>
348347
<li>Crafter CMS</li>
349348
<li>CrowdStrike Holdings, Inc.</li>
350349
<li>CyberArk Labs</li>
351350
<li>CyberDanube</li>
352-
<li>Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government</li>
351+
<li>Dahua Technologies</li>
353352
<li>Dassault Systèmes</li>
354353
<li>Delinea, Inc.</li>
355354
<li>Dell EMC</li>
356-
<li>Delta Electronics, Inc.</li>
357355
<li>Dfinity Foundation</li>
358-
<li>DirectCyber</li>
359356
<li>Docker Inc.</li>
360357
<li>dotCMS LLC</li>
361-
<li>Dragos, Inc.</li>
358+
<li>Dremio Corporation</li>
362359
<li>Dutch Institute for Vulnerability Disclosure (DIVD)</li>
363360
<li>Eaton</li>
364361
<li>Eclipse Foundation</li>
@@ -370,7 +367,7 @@
370367
<li>EU Agency for Cybersecurity (ENISA)</li>
371368
<li>Exodus Intelligence</li>
372369
<li>F5 Networks</li>
373-
<li>Fedora Project (Infrastructure Software)</li>
370+
<li>Financial Security Institute (FSI)</li>
374371
<li>Fluid Attacks</li>
375372
<li>Forcepoint</li>
376373
<li>Forescout Technologies</li>
@@ -403,6 +400,7 @@
403400
<li>HYPR Corp</li>
404401
<li>IBM Corporation</li>
405402
<li>ICS-CERT</li>
403+
<li>iManage LLC</li>
406404
<li>Indian Computer Emergency Response Team (CERT-In)</li>
407405
<li>Intel Corporation</li>
408406
<li>Internet Systems Consortium (ISC)</li>
@@ -413,7 +411,6 @@
413411
<li>JFROG</li>
414412
<li>Johnson Controls</li>
415413
<li>JPCERT/CC</li>
416-
<li>Juniper Networks, Inc.</li>
417414
<li>Kaspersky</li>
418415
<li>KrCERT/CC</li>
419416
<li>Kubernetes</li>
@@ -429,6 +426,7 @@
429426
<li>Microsoft Corporation</li>
430427
<li>Milestone Systems A/S</li>
431428
<li>Mitsubishi Electric Corporation</li>
429+
<li>Monash University - Cyber Security Incident Response Team</li>
432430
<li>MongoDB</li>
433431
<li>Moxa Inc.</li>
434432
<li>N-able</li>
@@ -456,14 +454,14 @@
456454
<li>OPPO</li>
457455
<li>OTRS AG</li>
458456
<li>Palantir Technologies</li>
459-
<li>Palo Alto Networks</li>
460457
<li>Panasonic Holdings Corporation</li>
461458
<li>Pandora FMS</li>
462459
<li>PaperCut Software Pty Ltd</li>
463460
<li>Patchstack OÜ</li>
464461
<li>Pegasystems</li>
465462
<li>Pentraze Cybersecurity</li>
466463
<li>Perforce</li>
464+
<li>Philips</li>
467465
<li>Phoenix Technologies, Inc.</li>
468466
<li>Ping Identity Corporation</li>
469467
<li>PlexTrac, Inc.</li>
@@ -483,6 +481,7 @@
483481
<li>SailPoint Technologies</li>
484482
<li>Samsung TV & Appliance</li>
485483
<li>SAP SE</li>
484+
<li>Saviynt Inc.</li>
486485
<li>SBA Research gGmbH</li>
487486
<li>Schneider Electric SE</li>
488487
<li>Seal Security</li>
@@ -505,7 +504,7 @@
505504
<li>STAR Labs SG Pte. Ltd.</li>
506505
<li>Super Micro Computer, Inc.</li>
507506
<li>Suse</li>
508-
<li>Switzerland National Cyber Security Centre (NCSC)</li>
507+
<li>Symantec - A Division of Broadcom</li>
509508
<li>Synaptics</li>
510509
<li>Synology Inc.</li>
511510
<li>Talos</li>
@@ -515,16 +514,19 @@
515514
<li>Tenable Network Security, Inc.</li>
516515
<li>Thales Group</li>
517516
<li>The Document Foundation</li>
517+
<li>The Qt Company</li>
518518
<li>The Tcpdump Group</li>
519+
<li>The Wikimedia Foundation</li>
519520
<li>TianoCore.org</li>
520-
<li>Tigera</li>
521521
<li>Toshiba Corporation</li>
522+
<li>TP-Link Systems Inc.</li>
522523
<li>TR-CERT (Computer Emergency Response Team of the Republic of Turkey)</li>
523524
<li>Trellix</li>
524525
<li>TWCERT/CC</li>
525526
<li>TXOne Networks, Inc.</li>
526527
<li>upKeeper Solutions</li>
527528
<li>Vivo Mobile Communication Technology Co., LTD.</li>
529+
<li>VMware</li>
528530
<li>VulDB</li>
529531
<li>VulnCheck</li>
530532
<li>VULSec Labs</li>

src/views/ProgramOrganization/WorkingGroups.vue

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -413,7 +413,7 @@
413413
</tr>
414414
<tr>
415415
<td data-label="Working Group" style="width: 55%">CNA Organization of Peers (COOP)</td>
416-
<td data-label="Meeting Time">Every other Wednesday 2:00pm ET</td>
416+
<td data-label="Meeting Time">Every other Wednesday 2:00pm ET and 9:00pm ET</td>
417417
</tr>
418418
<tr>
419419
<td data-label="Working Group" style="width: 55%">CVE Artificial Intelligence Working Group (CVEAI WG)</td>
@@ -425,7 +425,7 @@
425425
</tr>
426426
<tr>
427427
<td data-label="Working Group" style="width: 55%">Quality Working Group (QWG)</td>
428-
<td data-label="Meeting Time">Every other Thursday 4:00pm ET</td>
428+
<td data-label="Meeting Time">Every Thursday 4:00pm ET</td>
429429
</tr>
430430
<tr>
431431
<td data-label="Working Group" style="width: 55%">Strategic Planning Working Group (SPWG)</td>

0 commit comments

Comments
 (0)