Colleagues, The CVE Program is happy to announce two (2) new CNAs:
Organization Name: Concrete CMS Org Short Name: ConcreteCMS Organization Location: USA Scope: Concrete CMS Core versions 8.5 and above. Top-Level Root: MITRE Disclosure Policy location: https://www.concretecms.org/security, https://hackerone.com/concretecms?type=team Advisory location: https://www.concretecms.org/about/project-news/security, https://docs.google.com/spreadsheets/d/1lduRBavCZYnKPyPRUhaUNGP2Fza-5SE6MJoAcMSvqSQ/edit#gid=0 Public point of contact: secur...@concretecms.org<mailto:secur...@concretecms.org> CNA Type: Open Source Organization Name: Pentraze Cybersecurity Org Short Name: Pentraze Organization Location: Dominican Republic Scope: Vulnerabilities in third-party software discovered by Pentraze Cybersecurity that are not in another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://pentraze.com/vulnerability-disclosure-policy/ Advisory location: https://pentraze.com/vulnerability-reports/ Public point of contact: c...@pentraze.com<mailto:c...@pentraze.com> CNA Type: Researcher Total CNAs: 347 (345 CNAs and 2 CNA-LRs) Total Countries: 38 (+ 1 no country affiliation) Respectfully, CVE Program Secretariat cve-prog-secretar...@mitre.org<mailto:cve-prog-secretar...@mitre.org> [A picture containing text, clipart Description automatically generated]