2026-01-22 Journal
Criteria and Process for Feed Inclusion in Vulnerability-Lookup
- Source:
discourse.ossbase.org - Time:
17:15:16 - Summary: This document defines the criteria for adding new vulnerability feeds to Vulnerability-Lookup. https://discourse.ossbase.org#p-1026-feed-inclusion-criteria-1Feed Inclusion Criteria A feed SHOULD be considered for inclusion if it meets one or more of the following criteria: - If the core developers (e.g. CIRCL) have a strong operational or strategic interest in the data source, the priority for inclusion SHOULD be increased. - The feed…
KEV (Known Exploited Vulnerabilities) - Potential Format (BCP-07)
- Source:
discourse.ossbase.org - Time:
05:36:32 - Summary: Thanks for the feedback. Do you have a reference about this? In the CISA page, it’s clearly
exploited in the wild. We could add a specific field instatusfield.
KEV (Known Exploited Vulnerabilities) - Potential Format (BCP-07)
- Source:
discourse.ossbase.org - Time:
05:16:59 - Summary: Indeed, good catch. I just updated the CISA to KEV BCP-07 script to add it: github.com/gcve-eu/gcve-eu-kev chg: [CISA] the
cwesarray has been added toevidence.detailscommitted 05:09AM - 22 Jan 26 UTC
adulau +7249 2978 Reported by @hyc - https://discourse.ossbase.org/t/kev-known-exploited-vulnerabi…lities-potential-format-bcp-07/744/21 We also update the BCP-07 document to reference those fields are optional meta fields as usually the…