What is the CERT-PL CNA?
CERT-PL is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 279 CVE records since 2023.
How many CVEs has CERT-PL published?
CERT-PL has published 279 CVE records, including 252 in the last two years.
What is CERT-PL's CVE data quality grade?
RadicalNotion.AI grades CERT-PL's CVE data quality as A, with an overall completeness score of 97.2%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (88.9%), and CWE (100%) information.
What products does CERT-PL publish CVEs for?
CERT-PL most frequently publishes CVEs for CGM CLININET, SOPlanning, QuickCMS, Quick.CMS, MegaBIP.
Which vendors does CERT-PL cover?
CERT-PL publishes CVEs across 129 distinct vendors, most often CGM, OpenSolution, SOPlanning, Jan Syski, raythahq.
Is CERT-PL actively publishing CVEs?
CERT-PL is currently active, based on 252 CVEs in the last two years.
What is the average severity of CERT-PL's CVEs?
The average CVSS base score across CERT-PL's scored CVEs is 6.9.
How many critical CVEs has CERT-PL published?
CERT-PL has published 68 critical-severity CVEs and 114 high-severity CVEs.
Are any of CERT-PL's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of CERT-PL's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in CERT-PL's CVEs?
CERT-PL's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')), CWE-306 (Missing Authentication for Critical Function), CWE-863 (Incorrect Authorization).
How does CERT-PL rank among CNAs?
By total CVE volume, CERT-PL ranks #72 of 370 CNAs, and it reports more complete CVE records than 46% of all CNAs.
