9/9/25 release branch (#3691)

* #3689 Update CVE Services page

* #3690 Update WGs page

* #3688 Add  new CNA

* #3690 Update WGs page

* #3688 Update 1 CNA's info

* archives: use "meetingArchivePath" variable to replace hard-coded values
* news: change cve.mitre.org based links to archived meeting summaries, etc.

* add scroll box for product status in CVE record display

---------

Co-authored-by: Roy Lane <[email protected]>

Author: rroberge

src/assets/data/CNAsList.json

@@ -4478,7 +4478,7 @@
         "email": [
           {
             "label": "Email",
-            "emailAddr": "vuln@krcert.or.kr"
+            "emailAddr": "vuln_notice@krcert.or.kr"
           }
         ],
         "contact": [],
@@ -4497,7 +4497,7 @@
       "advisories": [
         {
           "label": "Advisories",
-          "url": "https://www.krcert.or.kr/kr/bbs/list.do?menuNo=205023&bbsId=B0000302"
+          "url": "https://www.krcert.or.kr/kr/bbs/list.do?menuNo=205023&bbsId=B0000302"
         }
       ]
     },
@@ -26994,5 +26994,61 @@
       ]
     },
     "country": "Ireland"
+  },
+  {
+    "shortName": "HackRTU",
+    "cnaID": "CNA-2025-0046",
+    "organizationName": "HackRTU",
+    "scope": "Vulnerability assignment related to its vulnerability coordination role for Industrial Control Systems (ICS) that are not covered by another CNA’s scope.",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "[email protected]"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://www.hackrtu.com/cna/cve-disclosure-policy/"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://www.hackrtu.com/cna/cve-list/"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "INCIBE",
+        "organizationName": "Spanish National Cybersecurity Institute, S.A. (INCIBE)"
+      },
+      "type": [
+        "Researcher"
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ]
+    },
+    "country": "Spain"
   }
 ]

src/assets/data/metrics.json

@@ -1204,7 +1204,7 @@
         },
         {
           "month": "September",
-          "value": "TBA"
+          "value": "1"
         },
         {
           "month": "October",

src/assets/data/news.json

@@ -150,10 +150,10 @@
               </ul>
             </div>
           </div>
-          <div id="cve-cvsss" v-if="cvsss.length > 0" class="mt-5 mb-5">
+          <div id="cve-cvsss" v-if="cvsss.length > 0" class="mt-5">
             <h4 class="title mb-0">CVSS  <span class="tag">{{ cvsss.length }} Total</span></h4>
 
-            <div class="cve-learn-more mb-5">
+            <div class="cve-learn-more mb-3">
               <router-link to="/CVERecord/UserGuide/#cve-cvss" class="cve-learn-more-link">Learn more</router-link>
             </div>
             <div class="table-container cve-table-scroll-container" id="cvss-table">
@@ -181,7 +181,7 @@
           </div>
         </div>
         <div v-if="roleName === 'cna'" id="cve-cna-container-end" class="mt-5">
-          <div id="cve-product-status-container">
+          <div id="cve-product-status-container" class="content">
             <ProductStatus role="cna" :productStatusList="cveFieldList.productsStatus.cna"></ProductStatus>
           </div>
           <div id="cve-credits" class="content" v-if="cveFieldList.credits.length > 0">

src/components/AdpVulnerabilityEnrichment.vue

@@ -6,7 +6,7 @@
       <div v-if="usecveRecordStore.emptyProductStatus[role]">
         <p class="is-italic cve-help-text">Information not provided</p>
       </div>
-      <div v-else>
+      <div v-else class="cve-scroll-box">
         <div v-for="(product, index) in productStatusList" :key="`${index}-${product.vendor}`">
           <div id="cve-vendor-product-platforms" class="column is-12-desktop mb-4 cve-row cve-light-gray-bg">
             <nav id="cve-vendor-product-platforms" class="level cve-x-scroll">

src/components/ProductStatus.vue

@@ -35,9 +35,8 @@
                 available to the public. Board messages from July 2021 to the
                 present are available at:
                 <blockquote>
-                <a href="https://www.mail-archive.com/[email protected]"
-                 target="_blank">
-                https://www.mail-archive.com/[email protected]
+                <a :href="meetingArchivePath" target="_blank">
+                {{meetingArchivePath}}
                 </a>
                 </blockquote>
                 Board messages before July 2021 are available here:

src/views/ProgramOrganization/Archives.vue

@@ -32,19 +32,6 @@
               </div>
             </div>
             <br/>
-            <div class="cve-white-bg-gray-border-container">
-              <h3 class="title mt-4">Podcast - CVE Working Groups, What They Are and How They Improve CVE</h3>
-              <figure class ="image is-16by9">  <!-- podcast -->
-                <iframe class="has-ratio" width="460" height="215" src="https://www.youtube.com/embed/IT9HlBOeKKc" frameborder="0" allowfullscreen>
-                </iframe>
-              </figure>
-              <p>
-                The chairs and co-chairs of the CVE Working Groups (WGs) &mdash; each of whom is an active member of the
-                CVE community &mdash; chat about their WG’s overall mission, current work, and future plans. WGs help improve quality, automation,
-                processes, and other aspects of the CVE Program as it continues to grow and expand. How and why to participate, and the impact
-                individuals can make on the program, are also included.
-              </p>
-            </div>
             <h2 :id="cvenavs['Program Organization']['submenu']['Working Groups']['items']['Automation Working Group (AWG)']['anchorId']"
             class="title">
             {{cvenavs['Program Organization']['submenu']['Working Groups']['items']['Automation Working Group (AWG)']['label']}}</h2>
@@ -339,7 +326,7 @@
               {{cvenavs['Program Organization']['submenu']['Working Groups']['items']['Researcher Working Group (RWG)']['label']}}
             </h2>
             <p>
-              Chair: TBA
+              Chair: Caitlin Condon
             </p>
             <p>
               The RWG was established with the purpose of giving voice to, and establishing working norms for, the extended community of

src/views/ProgramOrganization/WorkingGroups.vue

@@ -211,6 +211,7 @@
               <p>
                 To obtain CVE Services Organizational Administrator (OA) credentials, CNAs should contact their Root
                 (<router-link to="/PartnerInformation/ListofPartners/partner/icscert">CISA ICS</router-link>,
+                <router-link to="/PartnerInformation/ListofPartners/partner/CERTVDE">CERT@VDE</router-link>,
                 <router-link to="/PartnerInformation/ListofPartners/partner/Google">Google</router-link>,
                 <router-link to="/PartnerInformation/ListofPartners/partner/INCIBE">INCIBE</router-link>,
                 <router-link to="/PartnerInformation/ListofPartners/partner/jpcert">JPCERT/CC</router-link>,