What is the Wiz CNA?
Wiz is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 7 CVE records since 2024.
How many CVEs has Wiz published?
Wiz has published 7 CVE records, including 7 in the last two years.
What is Wiz's CVE data quality grade?
RadicalNotion.AI grades Wiz's CVE data quality as A, with an overall completeness score of 100%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (100%), and CWE (100%) information.
What products does Wiz publish CVEs for?
Wiz most frequently publishes CVEs for Experience Platform (XP), Sitecore Experience Platform (XP), experience commerce, experience platform, experience manager.
Which vendors does Wiz cover?
Wiz publishes CVEs across 3 distinct vendors, most often Sitecore, Gogs, gogs.io, Wiz.
Is Wiz actively publishing CVEs?
Wiz is currently active, based on 7 CVEs in the last two years.
What is the average severity of Wiz's CVEs?
The average CVSS base score across Wiz's scored CVEs is 8.3.
How many critical CVEs has Wiz published?
Wiz has published 2 critical-severity CVEs and 5 high-severity CVEs.
Are any of Wiz's CVEs in CISA's Known Exploited Vulnerabilities catalog?
Yes. 2 of Wiz's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
What are the most common weakness types in Wiz's CVEs?
Wiz's CVEs most often map to these CWE weakness types: CWE-502 (Deserialization of Untrusted Data), CWE-200 (Exposure of Sensitive Information to an Unauthorized Actor), CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')), CWE-470 (Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')).
How does Wiz rank among CNAs?
By total CVE volume, Wiz ranks #334 of 370 CNAs, and it reports more complete CVE records than 60% of all CNAs.
