diff --git a/src/assets/data/events.json b/src/assets/data/events.json
index 7c60f029..4059fc2e 100644
--- a/src/assets/data/events.json
+++ b/src/assets/data/events.json
@@ -1,11 +1,27 @@
{
"currentEvents": [
+ {
+ "id": 35,
+ "title": "CVE Artificial Intelligence Working Group (CVEAI WG) Meeting",
+ "location": "Virtual",
+ "description": "Focused on defining swim lanes for AI vulnerability disclosure within the CVE Program.",
+ "permission": "private",
+ "url": "/ProgramOrganization/WorkingGroups#CVEArtificialIntelligenceWorkingGroupCVEAIWG",
+ "date": {
+ "start": "2024-10-15",
+ "end": "2024-12-31",
+ "repeat": {
+ "day": "Monday",
+ "recurrence": "biweekly"
+ }
+ }
+ },
{
"id": 34,
"displayOnHomepageOrder": 1,
"title": "CVE Program Workshop – Autumn 2024",
"location": "Virtual",
- "description": "A collaborative virtual community event of CVE Partners focused on improving CVE.
Event Time: 10:00 AM to 2:00 PM EDT both days.
Workshop “save the date” announcement, with expected topics and other details, sent to partners on September 19, 2024.",
+ "description": "A collaborative virtual community event of CVE Partners focused on improving CVE.
Event Time: 10:00 AM to 2:00 PM EDT both days.
Please refer to the CNA partners email announcements for agenda topics, deadlines, and other workshop details.",
"permission": "private",
"url": "",
"date": {
@@ -430,15 +446,15 @@
"id": 3,
"title": "CVE Outreach and Communications Working Group (OCWG) Meeting",
"location": "Virtual",
- "description": "Promote the CVE Program to achieve program adoption and coverage goals through increased community awareness. Each calendar year there are six meetings held on a Monday (UTC-08:00) and six meetings held on a Wednesday (UTC-12:00).",
+ "description": "Promote the CVE Program to achieve program adoption and coverage goals through increased community awareness.",
"permission": "private",
"url": "/ProgramOrganization/WorkingGroups#OutreachandCommunicationsWorkingGroupOCWG",
"date": {
"start": "2024-01-01",
"end": "2024-12-31",
"repeat": {
- "day": "Monday or Wednesday alternating every other month",
- "recurrence": "monthly"
+ "day": "Friday",
+ "recurrence": "weekly"
}
}
},
diff --git a/src/assets/data/navigation.json b/src/assets/data/navigation.json
index a9ac6295..b1d94fac 100644
--- a/src/assets/data/navigation.json
+++ b/src/assets/data/navigation.json
@@ -201,6 +201,10 @@
"anchorId": "CNAOrganizationOfPeersCOOP",
"label": "CNA Organization of Peers (COOP)"
},
+ "CVE Artificial Intelligence Working Group (CVEAI WG)": {
+ "anchorId": "CVEArtificialIntelligenceWorkingGroupCVEAIWG",
+ "label": "CVE Artificial Intelligence Working Group (CVEAI WG)"
+ },
"Outreach and Communications Working Group (OCWG)": {
"anchorId": "OutreachandCommunicationsWorkingGroupOCWG",
"label": "Outreach and Communications Working Group (OCWG)"
diff --git a/src/assets/data/news.json b/src/assets/data/news.json
index fb174c93..d6962a51 100644
--- a/src/assets/data/news.json
+++ b/src/assets/data/news.json
@@ -1,5 +1,26 @@
{
"currentNews": [
+ {
+ "id": 421,
+ "newsType": "news",
+ "title": "CVE Program Adds New “CVE Artificial Intelligence Working Group (CVEAI WG)”",
+ "urlKeywords": "New CVE Artificial Intelligence Working Group",
+ "date": "2024-10-15",
+ "description": [
+ {
+ "contentnewsType": "paragraph",
+ "content": "The CVE Program’s newest working group (WG), CVE Artificial Intelligence (CVEAI WG), is open to CVE community members such as CVE Numbering Authorities (CNAs), the CVE Board, Authorized Data Publishers (ADPs), and participants from the CVE Program Secretariat; members of corporate vulnerability management programs and related standards, initiatives, and associations; and members of the AI community with expertise in AI and AI-related security concerns."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "The CVEAI WG will focus on: “determining what is a CVE-able vulnerability in AI technology. It is expected the CVEAI WG will produce documentation that defines how the CVE Program will address AI technologies moving forward. The CVEAI WG efforts are focused on defining swim lanes for AI vulnerability disclosure within CVE. This WG will discuss the concerns in defining what is within the responsibilities of the CVE Program. Because not all AI issues are appropriate for a CVE assignment, it will also try to define when other AI security-related initiatives are needed to address concerns outside the CVE Program.”"
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "Read the CVEAI WG charter."
+ }
+ ]
+ },
{
"id": 420,
"newsType": "news",
diff --git a/src/views/ProgramOrganization/WorkingGroups.vue b/src/views/ProgramOrganization/WorkingGroups.vue
index 039896e0..23ce440b 100644
--- a/src/views/ProgramOrganization/WorkingGroups.vue
+++ b/src/views/ProgramOrganization/WorkingGroups.vue
@@ -9,8 +9,9 @@
CVE Working Groups (WGs) actively focus on improving processes, workflows, and other aspects of the program as it continues to grow
- and expand. There are seven main WGs: Automation (AWG), CNA Organization of Peers (COOP), Outreach and Communications (OCWG),
- Quality (QWG), Strategic Planning (SPWG), Tactical (TWG), and Vulnerability Conference and Events (VCEWG).
+ and expand. There are eight main WGs: Automation (AWG), CNA Organization of Peers (COOP), CVE Artificial Intelligence (CVEAI WG),
+ Outreach and Communications (OCWG), Quality (QWG), Strategic Planning (SPWG), Tactical (TWG), and
+ Vulnerability Conference and Events (VCEWG).
Details about these WGs are found below including information on how to join, as well as links to documents, repositories,
@@ -136,6 +137,49 @@
+
+ {{cvenavs['Program Organization']['submenu']['Working Groups']['items']['CVE Artificial Intelligence Working Group (CVEAI WG)']
+ ['label']}}
+
+ The CVEAI WG is focused on defining swim lanes for AI vulnerability disclosure within CVE. This WG will discuss the concerns
+ in defining what is within the responsibilities of the CVE Program. Because not all AI issues are appropriate for a CVE assignment,
+ it will also try to define when other AI security-related initiatives are needed to address concerns outside the CVE Program.
+
+
+ Membership Eligibility: Per the CVEAI WG Charter, “Any active CVE-authorized program
+ member may participate in the CVEAI. This includes Board members, CVE Numbering Authority (CNA) representatives,
+ Authorized Data Publishers (ADP), and participants from the Secretariat’s organization. This WG is also open to public membership,
+ including members of corporate vulnerability management programs, as well as VM related standards, initiatives and associations
+ and others. It is also open to members of the AI community with expertise in AI and AI related security concerns.”
+
+
{{cvenavs['Program Organization']['submenu']['Working Groups']['items']['Outreach and Communications Working Group (OCWG)']['label']}}
@@ -371,9 +415,13 @@
| CNA Organization of Peers (COOP) |
Every other Wednesday 2:00pm ET |
+
+ | CVE Artificial Intelligence Working Group (CVEAI WG) |
+ Every other Monday 1:00pm ET |
+
| Outreach and Communications Working Group (OCWG) |
- Every other month on Monday 4:00pm ET / Every other month on Wednesday 8:00am ET |
+ Every Friday 9:00am ET |
| Quality Working Group (QWG) |
diff --git a/src/views/ResourcesSupport/Resources.vue b/src/views/ResourcesSupport/Resources.vue
index 2abf1a6b..3c6dd07e 100644
--- a/src/views/ResourcesSupport/Resources.vue
+++ b/src/views/ResourcesSupport/Resources.vue
@@ -479,13 +479,18 @@
-
- Strategic Planning Working Group (SPWG) Charter (PDF, 0.2MB)
+
+ CNA Organization of Peers (COOP) Charter (PDF, 0.1MB)
-
- CNA Organization of Peers (COOP) Charter (PDF, 0.1MB)
+
+ CVE Artificial Intelligence Working Group (CVEAI WG) Charter (PDF, 0.1MB)
+
+
+
+
+ Outreach and Communications Working Group (OCWG) Charter (PDF, 0.1MB)
@@ -494,8 +499,8 @@
-
- Outreach and Communications Working Group (OCWG) Charter (PDF, 0.1MB)
+
+ Strategic Planning Working Group (SPWG) Charter (PDF, 0.2MB)