Tootfinder

We’ve updated the draft GCVE BCP-05 standard to introduce flexible record types, making it easier to extend, enrich, and structure security advisories.
Comments are more than welcome!
#gcve #cve #vulnerability

GCVE BCP-05 drafting - Best practices for the "container" format - modified CVE Record Format
Thanks @claudex . This is an excellent point and would also improve the ability to parse GCVE records reliably. Below is a proposal for a record_type field that would serve as a key within each GCVE record. Feel free to comment. @cedric I incorporated the idea concerning the sync of the comment (not sure if the most efficient way). Proposed update to BCP-05 (following the online workshop of 6th December in Belgium) The record_type field defines the semantic category of the content submitted by…

I've never written anything with React, but I run a bunch of public-facing software that might. Do they also use React Server Components? No idea! Ffs.
#CVE-2025-55182

Wow, what a list!
The #CVE databases keep growing as I ecpected them to.
https://source.android.com/docs/security/bulletin/2025-09-01

We presented “Advancing Vulnerability Tracking and Disclosure Through an Open and Distributed Platform” at the excellent @…
#cve #vulnerability