+ "content": "The CVE Program publicly recognizes those <a href='/ProgramOrganization/CNAs'>CNAs</a> that are actively providing enhanced vulnerability data in their <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a>. The “<a href='/About/Metrics#CNAEnrichmentRecognition'>CNA Enrichment Recognition List</a>,” published monthly, recognizes CNAs that provide <a href='https://www.first.org/cvss/' target='_blank'>Common Vulnerability Scoring System (CVSS)</a> and <a href='https://cwe.mitre.org/' target='_blank'>Common Weakness Enumeration (CWE™)</a> information based upon a monthly data pull of the previous six months.<br/><br/>The recognition list was published on April 7 with <a href='/Media/News/item/blog/2025/04/08/CNA-Enrichment-Recognition-List-Update'>249 CNAs recognized</a>, May 5 with <a href='/Media/News/item/blog/2025/05/06/CNA-Enrichment-Recognition-List-Update'>251 CNAs recognized</a>, and June 2 with <a href='/Media/News/item/blog/2025/06/03/CNA-Enrichment-Recognition-List-Update'>229 CNAs recognized</a>.<br/><br/>Note that of June 2, 2025, the “CNA Enrichment Recognition List (ERL)” is issued monthly based upon a data pull of the previous six months. This is a change from the initial publication schedule of every two weeks with a data pull of the previous 12 months. These changes are informed by a review of existing trends in data change, maintain a regular publication cadence, and better align the ERL with the <a href='/Resources/General/Policies/Inactive-CNA-Policy.pdf' target='_blank'>Inactive CNA Policy</a>. Future changes to the ERL qualification criteria and reporting may occur over time as the CVE Program continually aims to recognize those <a href='/ProgramOrganization/CNAs'>CNAs</a> taking on the work to increase the value of <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for downstream consumers, and encourage others to do the same."
0 commit comments