[coldpie]

The vulnerability branding trend is stupid, but I'm not sure it's worse for communicating what you're talking about than "CVE-2023-129038, 109239, and 120993" or "Those 5G vulnerabilities from uh I think 2022 or 2023? No not those, the other ones." Is there a better method?

[fragmede]

I don't think it's stupid because I can't, off the top of my head, tell you the CVE number for Heartbleed, despite being very involved with it for a couple of weeks.

Heartbleed I remember, along with Spectre/Meltdown, but I couldn't name the weak exploits that turn out to be nothing burgers. Log4j could have used a brand though, imo.

[andrewxdiamond]

How often do you need CVE numbers while simultaneously being unable to google for the CVE number?

[genmud]

Because everyone called it heartbleed.

I still remember some of the big ones like MS03-026/031, MS08-067, CVE-2005-1042.