Submitting CVE Records to the CVE Program

Important Message for CNAs

To learn about the CVE Program’s automated CVE Numbering Authority (CNA) tools for assigning CVE IDs and publishing CVE Records and updating them over time, select Home or CVE Services from the menu above.

How to Submit CVE Records (CNAs-only)

CNA partners may submit CVE Records to the CVE Program for posting on the CVE website, per below:

• A program for CNAs to submit CVE Records using JSON is available on the CVEProject website on GitHub.com. All CNAs are eligible to participate.

• CNAs may also continue to use the CVE Request web form to submit CVE Records.

Resources

• How to Contribute
  • GitHub
  • Web Form
• CVE JSON Schema Repository
  • CVE ID JSON File Format 4.0 (Draft)
  • Schema for validating a JSON file against the minimal CVE structure
• CVE Automation WG Tools
  • Python script to validate JSON files (requires a valid schema file)
• Vulnogram - tool for creating and editing CVE information in CVE JSON format:
  • https://github.com/Vulnogram/Vulnogram
  • https://vulnogram.github.io/

Help

For help, contact the CVE Program:

• CVE Request web form - choose “Other”