Vulnerability Data Enrichment for CVE Records: 261 CNAs on the Enrichment Recognition List for May…

The "CNA Enrichment Recognition List" for May 4, 2026, is now available with 261 CNAs listed. Published monthly on the CVE website, the…

CVE Program Blog

~7 min read · May 5, 2026 (Updated: May 6, 2026) · Free: Yes

The "CNA Enrichment Recognition List" for May 4, 2026, is now available with 261 CNAs listed. Published monthly on the CVE website, the list recognizes those CVE Numbering Authorities (CNAs) that are actively providing enhanced vulnerability data in their CVE Records. CNAs are added to the list if they provide Common Vulnerability Scoring System (CVSS) and Common Weakness Enumeration (CWE™) in at least 98% of their records that were published within two weeks of their most recently published record.

CNA Enrichment Recognition List criteria and reporting are intended to recognize those CNAs taking on the work to increase the value of CVE Records for downstream consumers, and encourage others to do the same. Enrichment Recognition List criteria may change over time. The most recent modifications occurred in June 2025 when data pulls were moved from every two weeks and based upon data from the last 12 months, to the current reporting of once-per-month data pulls based upon data from the previous six months.

For more about the recognition list, see "Recognition for CNAs Actively Providing Vulnerability Data Enrichment for CVE Records." To learn more about vulnerability information types like CVSS and CWE, see the CVE Record User Guide. View the most current CNA Enrichment Recognition List on the CVE website Metrics page here.

CNA Enrichment Recognition List for May 4, 2026, with 261 CNAs listed:

2N Telekomunikace a.s.
Acronis International GmbH
Adobe Systems Incorporated
Advanced Micro Devices Inc.
Airbus
AlgoSec
Alibaba, Inc.
Altera
Altium
Amazon
AMI
ARC Informatique
Arista Networks, Inc.
Asea Brown Boveri Ltd.
ASR Microelectronics Co., Ltd.
ASUSTeK Computer Incorporation
ASUSTOR Inc.
ATISoluciones Diseño de Sistemas Electrónicos, S.L.
Austin Hackers Anonymous
Autodesk
Automotive Security Research Group (ASRG)
Axis Communications AB
BeyondTrust Inc.
Bitdefender
Black Duck Software, Inc.
Black Lantern Security
BlackBerry
Brocade Communications Systems LLC, a Broadcom Company
CA Technologies
Canon Inc.
Canonical Ltd.
Carrier Global Corporation
Cato Networks
CERT.PL
CERT@VDE
Check Point Software Technologies Ltd.
Checkmk GmbH
Cisco Systems, Inc.
Citrix Systems, Inc.
CODRA
Commvault Systems Inc
Concrete CMS
ConnectWise LLC
Crafter CMS
CrowdStrike Holdings, Inc.
Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
Dahua Technologies
Dassault Systèmes
Delinea, Inc.
Dell EMC
Delta Electronics, Inc.
Digi International Inc.
Docker Inc.
dotCMS LLC
Dragos, Inc.
Eclipse Foundation
Elastic
EnterpriseDB Corporation
Environmental Systems Research Institute, Inc. (Esri)
Ericsson
Erlang Ecosystem Foundation
ESET, spol. s r.o.
EU Agency for Cybersecurity (ENISA)
Everpure, Inc.
Extreme Networks, Inc.
F5 Networks
Fedora Project (Infrastructure Software)
Fermax Technologies SLU
Financial Security Institute (FSI)
Flexera Software LLC
floragunn GmbH
Fluid Attacks
Forcepoint
Fortinet, Inc.
Fortra, LLC
Foxit Software Incorporated
FPT SOFTWARE CO., LTD
Gallagher Group Ltd
Gen Digital Inc.
Genetec Inc.
GeoVision Inc.
GitHub (maintainer security advisories)
GitHub Inc, (Products Only)
GitLab Inc.
Glyph & Cog, LLC
Google Cloud
Google LLC
Gridware Cybersecurity
Hackrate Kft.
HackRTU
Hallo Welt! GmbH
Hanwha Vision Co., Ltd.
Harborist
HashiCorp Inc.
HeroDevs
HiddenLayer, Inc.
Hillstone Networks Inc.
Hitachi Energy
Hitachi Vantara
Hitachi, Ltd.
Honeywell International Inc.
HP Inc.
Huawei Technologies
HYPR Corp
ICS-CERT
Insyde Software
Intel Corporation
Internet Systems Consortium (ISC)
Intigriti
Israel National Cyber Directorate
Ivanti
Jamf
JetBrains s.r.o.
JFROG
Johnson Controls
JPCERT/CC
Juniper Networks, Inc.
Kaspersky
KNIME AG
KrakenD, S.L.
KrCERT/CC
Kubernetes
Larry Cashdollar
Legion of the Bouncy Castle Inc.
Lenovo Group Ltd.
Lexmark International Inc.
M-Files Corporation
Maritime Hacking Village
Mattermost, Inc
Mautic
Medtronic
Microchip Technology
Microsoft Corporation
Milestone Systems A/S
Mitsubishi Electric Corporation
Monash University — Cyber Security Incident Response Team
MongoDB
Moxa Inc.
N-able
National Cyber Security Centre Finland
National Cyber Security Centre SK-CERT
National Instruments
NEC Corporation
Neo4j
NETGEAR
Netskope
Nozomi Networks Inc.
Nutanix
Nvidia Corporation
Omnissa, LLC
OMRON Corporation
Open Design Alliance
OpenHarmony
OpenJS Foundation
OpenText (formerly Micro Focus)
OpenVPN Inc.
OTRS AG
Palantir Technologies
Palo Alto Networks
Pandora FMS
PaperCut Software Pty Ltd
Patchstack OÜ
Payara
Pegasystems
Pentraze Cybersecurity
Perforce
PHP Group
Ping Identity Corporation
PostgreSQL
Progress Software Corporation
Project Black
Proofpoint Inc.
Protect AI
PTC Inc.
QNAP Systems, Inc.
Qualcomm, Inc.
Qualys, Inc.
Radiometer Medical ApS
rami.io GmbH
Rapid7, Inc.
Real-Time Innovations, Inc.
Red Hat CNA-LR
Ribose Limited
Robert Bosch GmbH
Rockwell Automation
runZero, Inc.
S21sec Cyber Solutions by Thales
SailPoint Technologies
Samsung TV & Appliance
SAP SE
SBA Research gGmbH
Schneider Electric SE
SCHUTZWERK GmbH
Secomea
Security Risk Advisors
ServiceNow
SICK AG
Siemens
Sierra Wireless Inc.
Silicon Labs
Snowflake
Snyk
Softing
SoftIron
SolarWinds
Solidigm
Sonatype Inc.
Spanish National Cybersecurity Institute, S.A.
Spartans Security
Suse
Switzerland National Cyber Security Centre (NCSC)
Symantec — A Division of Broadcom
Synaptics
Synology Inc.
Talos
Tanium Inc.
TCS-CERT
TeamViewer Germany GmbH
Temporal Technologies Inc.
Tenable Network Security, Inc.
Teradyne Robotics
Thales Group
The Browser Company of New York
The Document Foundation
The Missing Link Australia (TML)
The Qt Company
The Tcpdump Group
The Wikimedia Foundation
TianoCore.org
Toreon
TP-Link Systems Inc.
TR-CERT (Computer Emergency Response Team of the Republic of Turkey)
Trellix
Trend Micro, Inc.
Turan Security
TWCERT/CC
TYPO3 Association
upKeeper Solutions
Vaadin Ltd.
Vivo Mobile Communication Technology Co., LTD.
VulDB
VulnCheck
VULSec Labs
WatchGuard Technologies, Inc.
Western Digital
Wiz, Inc.
wolfSSL Inc.
Wordfence
WSO2 LLC
Xerox Corporation
Yandex N.V.
Yokogawa Group
Yugabyte, Inc.
Zabbix
Zephyr Project
Zero Day Initiative
Zohocorp
Zoom Video Communications, Inc.
Zscaler, Inc.
ZUSO Advanced Research Team (ZUSO ART)
Zyxel Corporation

CNA Enrichment Recognition List for May 4, 2026, with 261 CNAs listed:

2N Telekomunikace a.s.
Acronis International GmbH
Adobe Systems Incorporated
Advanced Micro Devices Inc.
Airbus
AlgoSec
Alibaba, Inc.
Altera
Altium
Amazon
AMI
ARC Informatique
Arista Networks, Inc.
Asea Brown Boveri Ltd.
ASR Microelectronics Co., Ltd.
ASUSTeK Computer Incorporation
ASUSTOR Inc.
ATISoluciones Diseño de Sistemas Electrónicos, S.L.
Austin Hackers Anonymous
Autodesk
Automotive Security Research Group (ASRG)
Axis Communications AB
BeyondTrust Inc.
Bitdefender
Black Duck Software, Inc.
Black Lantern Security
BlackBerry
Brocade Communications Systems LLC, a Broadcom Company
CA Technologies
Canon Inc.
Canonical Ltd.
Carrier Global Corporation
Cato Networks
CERT.PL
CERT@VDE
Check Point Software Technologies Ltd.
Checkmk GmbH
Cisco Systems, Inc.
Citrix Systems, Inc.
CODRA
Commvault Systems Inc
Concrete CMS
ConnectWise LLC
Crafter CMS
CrowdStrike Holdings, Inc.
Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
Dahua Technologies
Dassault Systèmes
Delinea, Inc.
Dell EMC
Delta Electronics, Inc.
Digi International Inc.
Docker Inc.
dotCMS LLC
Dragos, Inc.
Eclipse Foundation
Elastic
EnterpriseDB Corporation
Environmental Systems Research Institute, Inc. (Esri)
Ericsson
Erlang Ecosystem Foundation
ESET, spol. s r.o.
EU Agency for Cybersecurity (ENISA)
Everpure, Inc.
Extreme Networks, Inc.
F5 Networks
Fedora Project (Infrastructure Software)
Fermax Technologies SLU
Financial Security Institute (FSI)
Flexera Software LLC
floragunn GmbH
Fluid Attacks
Forcepoint
Fortinet, Inc.
Fortra, LLC
Foxit Software Incorporated
FPT SOFTWARE CO., LTD
Gallagher Group Ltd
Gen Digital Inc.
Genetec Inc.
GeoVision Inc.
GitHub (maintainer security advisories)
GitHub Inc, (Products Only)
GitLab Inc.
Glyph & Cog, LLC
Google Cloud
Google LLC
Gridware Cybersecurity
Hackrate Kft.
HackRTU
Hallo Welt! GmbH
Hanwha Vision Co., Ltd.
Harborist
HashiCorp Inc.
HeroDevs
HiddenLayer, Inc.
Hillstone Networks Inc.
Hitachi Energy
Hitachi Vantara
Hitachi, Ltd.
Honeywell International Inc.
HP Inc.
Huawei Technologies
HYPR Corp
ICS-CERT
Insyde Software
Intel Corporation
Internet Systems Consortium (ISC)
Intigriti
Israel National Cyber Directorate
Ivanti
Jamf
JetBrains s.r.o.
JFROG
Johnson Controls
JPCERT/CC
Juniper Networks, Inc.
Kaspersky
KNIME AG
KrakenD, S.L.
KrCERT/CC
Kubernetes
Larry Cashdollar
Legion of the Bouncy Castle Inc.
Lenovo Group Ltd.
Lexmark International Inc.
M-Files Corporation
Maritime Hacking Village
Mattermost, Inc
Mautic
Medtronic
Microchip Technology
Microsoft Corporation
Milestone Systems A/S
Mitsubishi Electric Corporation
Monash University — Cyber Security Incident Response Team
MongoDB
Moxa Inc.
N-able
National Cyber Security Centre Finland
National Cyber Security Centre SK-CERT
National Instruments
NEC Corporation
Neo4j
NETGEAR
Netskope
Nozomi Networks Inc.
Nutanix
Nvidia Corporation
Omnissa, LLC
OMRON Corporation
Open Design Alliance
OpenHarmony
OpenJS Foundation
OpenText (formerly Micro Focus)
OpenVPN Inc.
OTRS AG
Palantir Technologies
Palo Alto Networks
Pandora FMS
PaperCut Software Pty Ltd
Patchstack OÜ
Payara
Pegasystems
Pentraze Cybersecurity
Perforce
PHP Group
Ping Identity Corporation
PostgreSQL
Progress Software Corporation
Project Black
Proofpoint Inc.
Protect AI
PTC Inc.
QNAP Systems, Inc.
Qualcomm, Inc.
Qualys, Inc.
Radiometer Medical ApS
rami.io GmbH
Rapid7, Inc.
Real-Time Innovations, Inc.
Red Hat CNA-LR
Ribose Limited
Robert Bosch GmbH
Rockwell Automation
runZero, Inc.
S21sec Cyber Solutions by Thales
SailPoint Technologies
Samsung TV & Appliance
SAP SE
SBA Research gGmbH
Schneider Electric SE
SCHUTZWERK GmbH
Secomea
Security Risk Advisors
ServiceNow
SICK AG
Siemens
Sierra Wireless Inc.
Silicon Labs
Snowflake
Snyk
Softing
SoftIron
SolarWinds
Solidigm
Sonatype Inc.
Spanish National Cybersecurity Institute, S.A.
Spartans Security
Suse
Switzerland National Cyber Security Centre (NCSC)
Symantec — A Division of Broadcom
Synaptics
Synology Inc.
Talos
Tanium Inc.
TCS-CERT
TeamViewer Germany GmbH
Temporal Technologies Inc.
Tenable Network Security, Inc.
Teradyne Robotics
Thales Group
The Browser Company of New York
The Document Foundation
The Missing Link Australia (TML)
The Qt Company
The Tcpdump Group
The Wikimedia Foundation
TianoCore.org
Toreon
TP-Link Systems Inc.
TR-CERT (Computer Emergency Response Team of the Republic of Turkey)
Trellix
Trend Micro, Inc.
Turan Security
TWCERT/CC
TYPO3 Association
upKeeper Solutions
Vaadin Ltd.
Vivo Mobile Communication Technology Co., LTD.
VulDB
VulnCheck
VULSec Labs
WatchGuard Technologies, Inc.
Western Digital
Wiz, Inc.
wolfSSL Inc.
Wordfence
WSO2 LLC
Xerox Corporation
Yandex N.V.
Yokogawa Group
Yugabyte, Inc.
Zabbix
Zephyr Project
Zero Day Initiative
Zohocorp
Zoom Video Communications, Inc.
Zscaler, Inc.
ZUSO Advanced Research Team (ZUSO ART)
Zyxel Corporation

#vulnerability #infosec #information-security #cyber-security-awareness #cybersecurity

< Go to the original

Vulnerability Data Enrichment for CVE Records: 261 CNAs on the Enrichment Recognition List for May…

The "CNA Enrichment Recognition List" for May 4, 2026, is now available with 261 CNAs listed. Published monthly on the CVE website, the…

Reporting a Problem