Colleagues, The CVE Program is happy to announce five (5) new CNAs: Organization Name: Arcon Techsolutions Private Limited Org Short Name: ARCON Organization Location: India Scope: Vulnerabilities in ARCON’s products only. Top-Level Root: MITRE Disclosure Policy location: https://arconnet.com/product-security-disclosure/ Advisory location: https://arconnet.com/security-advisories/ Public point of contact: product.secur...@arconnet.com<mailto:product.secur...@arconnet.com> CNA Type: Vendor Organization Name: ASR Microelectronics Co., Ltd. Org Short Name: ASR Organization Location: China Scope: ASR products only. Root: CISA ICS Top-Level Root: CISA Disclosure Policy location: https://www.asrmicro.com/en/goods/policy Advisory location: https://www.asrmicro.com/en/goods/psirt Public point of contact: product-secur...@asrmicro.com<mailto:product-secur...@asrmicro.com> CNA Type: Vendor Organization Name: Checkmarx Org Short Name: Checkmarx Organization Location: Israel Scope: Vulnerabilities in Checkmarx products and open-source vulnerabilities discovered by, or reported to, Checkmarx, that are not in another CNA’s scope. Top-Level Root: MITRE Disclosure Policy location: https://devhub.checkmarx.com/disclosure-policy/ Advisory location: https://advisory.checkmarx.net/ Public point of contact: oss-rep...@checkmarx.com<mailto:oss-rep...@checkmarx.com> CNA Type: Vendor, Open Source, Researcher Organization Name: Smile CDR Inc. (doing business as “Smile Digital Health”) Org Short Name: SmileDigitalHealth Organization Location: Canada Scope: All Smile Digital Health products and HAPI FHIR. Top-Level Root: MITRE Disclosure Policy location: https://www.smiledigitalhealth.com/responsible-disclosure-policy Advisory location: https://www.smiledigitalhealth.com/legal/security-advisories Public point of contact: secur...@smiledigitalhealth.com<mailto:secur...@smiledigitalhealth.com> CNA Type: Vendor, Open Source Organization Name: WSO2 LLC Org Short Name: WSO2 Organization Location: USA Scope: WSO2 products and services scoped under Responsible Disclosure Program https://security.docs.wso2.com/en/latest/security-reporting/reward-and-acknowledgement-program/#products-services-in-scope. Top-Level Root: MITRE Disclosure Policy location: https://security.docs.wso2.com/en/latest/security-reporting/reward-and-acknowledgement-program/ Advisory location: https://security.docs.wso2.com/en/latest/security-announcements/ Public point of contact: secur...@wso2.com<mailto:secur...@wso2.com> CNA Type: Vendor, Open Source, Hosted Service
Total CNAs: 339 (337 CNAs and 2 CNA-LRs) Total Countries: 37 (+ 1 no country affiliation) Respectfully, CVE Program Secretariat cve-prog-secretar...@mitre.org<mailto:cve-prog-secretar...@mitre.org> [A picture containing text, clipart Description automatically generated]
