CPAN Security Group has been authorized as a CVE Numbering Authority (CNA) today.
https://www.cve.org/Media/News/item/news/2025/02/25/CPAN-Security-Group-Added-as-CNA Our scope is vulnerabilities in Perl and CPAN Modules (including End-of-Life Perl versions) found at perl.org, cpan.org or metacpan.org, excluding distributions of Perl or CPAN Modules maintained by third-party redistributors. To request a CVE, or for updates to CVEs we have issued, please use: cve-requ...@security.metacpan.org For questions, disputes or other CNA related queries, please use: c...@security.metacpan.org New CVEs will be published to our cve-announce mailing list: https://lists.security.metacpan.org/cve-announce/ For more information, see our blog post: https://security.metacpan.org/2025/02/25/cpansec-is-cna-for-perl-and-cpan.html -- Stig Palmquist
