Tootfinder

The idea from @… is so interesting that it gave me the idea to extend the "GCVE-BCP-02 - Practical Guide to Vulnerability Handling and Disclosure" with "Temporary Closure of Vulnerability Intake Windows"
#gcve

Temporary Closure of Vulnerability Intake Windows - Potential Annex/Extension for GCVE BCP-02
Temporary Closure of Vulnerability Intake Windows (Potential annex or extension to GCVE-BCP-02 - Practical Guide to Vulnerability Handling and Disclosure) Open source maintainers MAY temporarily close or suspend vulnerability intake windows for a defined period. This can be appropriate when maintainers are unavailable, on leave, recovering from burnout, observing holidays, or deliberately taking rest. Such a closure is not a rejection of coordinated vulnerability disclosure. It is a sustaina…

For hackathon.lu, I was initially unsure what my main project would be, but I ultimately decided to focus on implementing the future GCVE BCP-10.
GCVE-BCP-10: Improved Common Platform Enumeration for GCVE
The idea is combine it with the cpe-guesser and have a registry to facilitate the interaction with the CPE values to handle vendor and product references.
#gcve

GCVE-BCP-10 : Improved Common Platform Enumeration for GCVE
GCVE-BCP-10: Improved Common Platform Enumeration for GCVE Document ID: GCVE-BCP-10 Title: Improved Common Platform Enumeration for GCVE Status: Draft Category: Best Current Practice Updates: CPE-compatible naming and match semantics Author: GCVE.eu Intended use: Platform and product identification, applicability matching, vendor management, and synonym handling in the GCVE ecosystem Abstract This document specifies an improved platform enumeration format for GCVE. The format is intentionally…