Colleagues, The CVE Program is happy to announce three (3) new CNAs: Organization Name: Mandiant Inc. Org Short Name: Mandiant Organization Location: USA Scope: Vulnerabilities in Mandiant products or discovered by Mandiant while performing vulnerability research or security assessments, unless covered by another CNA’s scope. Root: Google Top-Level Root: MITRE Disclosure Policy location: https://about.google/intl/ALL_us/appsecurity/ Advisory location: https://github.com/mandiant/Vulnerability-Disclosures Public point of contact: mandiant-...@google.com<mailto:mandiant-...@google.com> CNA Type: Vendor, Researcher Organization Name: Phoenix Technologies, Inc. Org Short Name: Phoenix Organization Location: USA Scope: All Phoenix Technologies products (supported products and end-of-life/end-of-service products), as well as vulnerabilities in third-party software discovered by Phoenix Technologies that are not in another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://www.phoenix.com/report-a-security-vulnerability/ Advisory location: https://www.phoenix.com/product-security/ Public point of contact: https://www.phoenix.com/report-a-security-vulnerability/ CNA Type: Vendor, Researcher Organization Name: VULSec Labs Org Short Name: VULSec Organization Location: Israel Scope: Vulnerabilities discovered by, or reported to, VULSec Labs that are not in another CNA’s scope. Root: Red Hat Top-Level Root: MITRE Disclosure Policy location: https://www.vulsec.org/conditions/vulnerability-disclosure-policy Advisory location: https://www.vulsec.org/advisories Public point of contact: https://www.vulsec.org/vulnerability-report CNA Type: Researcher
Total CNAs: 312 (310 CNAs and 2 CNA-LRs) Total Countries: 37 Respectfully, CVE Program Secretariat cve-prog-secretar...@mitre.org<mailto:cve-prog-secretar...@mitre.org> [A picture containing text, clipart Description automatically generated]
