What is the EEF CNA?
EEF is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 10 CVE records since 2025.
How many CVEs has EEF published?
EEF has published 10 CVE records, including 10 in the last two years.
What is EEF's CVE data quality grade?
RadicalNotion.AI grades EEF's CVE data quality as A, with an overall completeness score of 100%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (100%) information.
What products does EEF publish CVEs for?
EEF most frequently publishes CVEs for OTP, hackney, bandit, erlang\/otp, hexpm.
Which vendors does EEF cover?
EEF publishes CVEs across 3 distinct vendors, most often Erlang, Hex, benoitc, mtrudel, hexpm.
Is EEF actively publishing CVEs?
EEF is currently active, based on 10 CVEs in the last two years.
What is the average severity of EEF's CVEs?
The average CVSS base score across EEF's scored CVEs is 6.5.
How many critical CVEs has EEF published?
EEF has published 3 critical-severity CVEs and 41 high-severity CVEs.
Are any of EEF's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of EEF's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in EEF's CVEs?
EEF's CVEs most often map to these CWE weakness types: CWE-770 (Allocation of Resources Without Limits or Throttling), CWE-400 (Uncontrolled Resource Consumption), CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')), CWE-93 (Improper Neutralization of CRLF Sequences ('CRLF Injection')).
How does EEF rank among CNAs?
By total CVE volume, EEF ranks #305 of 370 CNAs, and it reports more complete CVE records than 60% of all CNAs.
