Merge pull request #3669 from CVEProject/8/19/25ReleaseBranch

jdaigneau5 · web-flow · commit 88f13083c9b6 · 2025-08-19T11:30:12.000-04:00
#3665 Add 2 new CNAs + Update 1 CNA's info
diff --git a/src/assets/data/CNAsList.json b/src/assets/data/CNAsList.json
@@ -15692,7 +15692,7 @@
     "shortName": "VulnCheck",
     "cnaID": "CNA-2023-0021",
     "organizationName": "VulnCheck",
-    "scope": "Vulnerabilities discovered by, or reported to, VulnCheck that are not in another CNA’s scope.",
+    "scope": "Vulnerabilities observed by, discovered by, or reported to VulnCheck that are not in another CNA’s scope.",
     "contact": [
       {
         "email": [
@@ -26712,5 +26712,117 @@
       ]
     },
     "country": "USA"
+  },
+  {
+    "shortName": "spartans-security",
+    "cnaID": "CNA-2025-0041",
+    "organizationName": "Spartans Security",
+    "scope": "Vulnerabilities in software, services, and infrastructure owned and managed by Spartans Security, and vulnerabilities researched and found by Spartans Security in third-party products that are not part of another CNA's scope.",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "vulnerability@spartanssec.com"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://www.spartanssec.com/vulnerability-disclosure-policy"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://www.spartanssec.com/blog"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "redhat",
+        "organizationName": "Red Hat, Inc."
+      },
+      "type": [
+        "Researcher"
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ]
+    },
+    "country": "Australia"
+  },
+  {
+    "shortName": "Software",
+    "cnaID": "CNA-2025-0042",
+    "organizationName": "Software.com",
+    "scope": "Software.com issues only.",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "security_team@software.com"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://www.software.com/security/vulnerability-reporting"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://www.software.com/security/advisories"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "n/a",
+        "organizationName": "n/a"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "type": [
+        "Open Source"
+      ]
+    },
+    "country": "USA"
   }
 ]
diff --git a/src/assets/data/metrics.json b/src/assets/data/metrics.json
@@ -1200,7 +1200,7 @@
         },
         {
           "month": "August",
-          "value": "3"
+          "value": "5"
         },
         {
           "month": "September",
diff --git a/src/assets/data/news.json b/src/assets/data/news.json
@@ -1,5 +1,47 @@
 {
   "currentNews": [
+    {
+      "id": 561,
+      "newsType": "news",
+      "title": "Software.com Added as CVE Numbering Authority (CNA)",
+      "urlKeywords": "Software com Added as CNA",
+      "date": "2025-08-19",
+      "description": [
+        {
+          "contentnewsType": "paragraph",
+          "content": "<a href='/PartnerInformation/ListofPartners/partner/Software'>Software.com</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for Software.com issues only."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "To date, <a href='/PartnerInformation/ListofPartners'>466 CNAs</a> (463 CNAs and 3 CNA-LRs) from <a href='/ProgramOrganization/CNAs'>39 countries</a> and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. Software.com is the 254th CNA from USA."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Software.com’s Root is the <a href='/PartnerInformation/ListofPartners/partner/mitre'>MITRE Top-Level Root</a>."
+        }
+      ]
+    },
+    {
+      "id": 560,
+      "newsType": "news",
+      "title": "Spartans Security Added as CVE Numbering Authority (CNA)",
+      "urlKeywords": "Spartans Security Added as CNA",
+      "date": "2025-08-19",
+      "description": [
+        {
+          "contentnewsType": "paragraph",
+          "content": "<a href='/PartnerInformation/ListofPartners/partner/spartans-security'>Spartans Security</a> is now a <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCNA'>CVE Numbering Authority (CNA)</a> for vulnerabilities in software, services, and infrastructure owned and managed by Spartans Security, and vulnerabilities researched and found by Spartans Security in third-party products that are not part of another CNA's scope."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "To date, <a href='/PartnerInformation/ListofPartners'>465 CNAs</a> (462 CNAs and 3 CNA-LRs) from <a href='/ProgramOrganization/CNAs'>39 countries</a> and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign <a href='/ResourcesSupport/Glossary?activeTerm=glossaryCVEID'>CVE Identifiers (CVE IDs)</a> and publish <a href='/ResourcesSupport/Glossary?activeTerm=glossaryRecord'>CVE Records</a> for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. Spartans Security is the 10th CNA from Australia."
+        },
+        {
+          "contentnewsType": "paragraph",
+          "content": "Spartans Security’s Root is the <a href='/PartnerInformation/ListofPartners/partner/redhat'>Red Hat Root</a>."
+        }
+      ]
+    },
     {
       "id": 559,
       "newsType": "news",

Original file line number	Diff line number	Diff line change
`@@ -1200,7 +1200,7 @@`
`1200`	`1200`	`},`
`1201`	`1201`	`{`
`1202`	`1202`	`"month": "August",`
`1203`		`- "value": "3"`
	`1203`	`+ "value": "5"`
`1204`	`1204`	`},`
`1205`	`1205`	`{`
`1206`	`1206`	`"month": "September",`