Full Report
AI companies like OpenAI and Anthropic should play a bigger role in software vulnerability disclosures in the future, according to a leader of the world’s largest vulnerability disclosure scheme. Speaking at the opening of VulnCon26 in Scottsdale, Arizona, on April 14, Lindsey Cerkovnik said AI companies “should be better represented” in the Common Vulnerabilities and…
Analysis Summary
# Vulnerability: Inclusion of AI Companies in the CVE Program (Policy Advocacy)
## CVE Details
- **CVE ID**: N/A (General Policy Discussion)
- **CVSS Score**: N/A
- **CWE**: N/A
## Affected Systems
- **Products**: Large Language Models (LLMs), AI frameworks, and generative AI services.
- **Versions**: All current and future versions of AI-based software.
- **Configurations**: General deployments by AI developers such as OpenAI and Anthropic.
## Vulnerability Description
This report does not detail a specific technical flaw but addresses a systemic gap in the **Common Vulnerabilities and Exposures (CVE) Program**. Lindsey Cerkovnik, Chief of the Vulnerability Response & Coordination (VRC) Branch at CISA, highlighted at VulnCon26 that AI companies are currently underrepresented in the standardized vulnerability disclosure ecosystem.
The concern is that as AI software becomes integral to critical infrastructure and enterprise stacks, the lack of a formal, unified framework for identifying, cataloging, and disclosing AI-specific vulnerabilities (such as prompt injection, model poisoning, or data leakage) creates coordination challenges for global security researchers and end-users.
## Exploitation
- **Status**: Vulnerabilities within AI products are being actively researched; however, standardized vendor-led disclosure via CVEs is not yet fully mature for the AI industry.
- **Complexity**: Variable
- **Attack Vector**: Network (Cloud-hosted AI services)
## Impact
- **Confidentiality**: High (Risk of data extraction from training sets or private prompts)
- **Integrity**: High (Risk of model manipulation/output corruption)
- **Availability**: Medium (Risk of resource exhaustion/denial-of-service via complex queries)
## Remediation
### Patches
- There are no specific patches provided. The recommendation is for AI companies like OpenAI and Anthropic to become **CVE Numbering Authorities (CNAs)** to facilitate official reporting.
### Workarounds
- Implement "Human-in-the-loop" verification for AI outputs.
- Apply robust input filtering and output sanitization to LLMs.
- Monitor AI usage for anomalous traffic or adversarial prompting patterns.
## Detection
- **Indicators of Compromise**: Standardized IoCs for AI vulnerabilities are still being established.
- **Detection methods and tools**: Use of adversarial testing frameworks (e.g., OWASP Top 10 for LLMs) and monitoring for unusual API consumption patterns.
## References
- **Vendor advisories**: hxxps[://]threatbeat[.]com/government-and-industry/ai-companies-to-play-bigger-role-in-cve-program-says-cisa/
- **CISA VRC Branch**: hxxps[://]www[.]cisa[.]gov/coordinated-vulnerability-disclosure
- **CVE Program Information**: hxxps[://]www[.]cve[.]org/