Tracking disclosed security research where a CVE has not been issued, but probably should have been.
This repository aims to document security research that has not been assigned a CVE (Common Vulnerabilities and Exposures) identifier, despite the potential impact of the disclosed vulnerabilities. The goal is to raise awareness and encourage the assignment of CVEs for these important findings.
Issues in this repository can be used to track discussions and email threads with vendors and CNAs (CVE Numbering Authorities).
This is a community-driven project. If you have a disclosure that you would like to add, please open an issue.
Why a seperate repository from JLLeitschuh/security-research
The JLLeitschuh/security-research repository is specifically for my own research. This repository contains vulnerabilities disclosed by other researchers that have not been assigned a CVE.