The CVE Researcher Working Group (RWG) was established in July 2025 and seeks to explore and advocate for researcher and bug bounty CNA perspectives on CVE issuance and vulnerability disclosure. The inaugural working group is comprised of established researcher CNAs with long-term, varied experience researching and disclosing vulnerabilities in a wide range of technologies. We are actively seeking additional participation and insight from researcher and bug bounty CNAs with unique viewpoints on CVEs, CVD, and vulnerability risk management. You can read the RWG charter here.
The July 2025 announcement about the RWG is here.
As of November 2025, RWG meetings are held weekly on Tuesdays, alternating between 2 PM U.S. Eastern Time and 9 AM U.S. Eastern Time to allow for both Americas-based participation and EMEA engagement. Researcher and bug bounty CNAs in good standing can request to join the RWG here.