Contributing CVE evidence
To unlock a "coming soon" stack, we need enough real, verifiable CVE (or published GHSA) rows with source URLs, mapped to rules via rule_threat_map.
- Each threat must have a
sourceUrl(NVD or advisory). - No synthetic IDs (e.g.
FRAMEWORK-CWE-*). - Each published rule must link at least one shippable threat and use CVE-titled sections in the body.