Increase in AI generated "vulnerability reports" and CVE requests
Hauke Mehrtens
hauke at hauke-m.de
Mon Nov 24 13:42:25 PST 2025
On 11/24/25 14:09, Paul Spooren wrote:
> Hi,
>
> over the last days I’m witnessing an increased number of security reports on our contact@ mail address. While I very much appreciate anyone improving the security of OpenWrt, this becomes a bit more tedious with the number of AI slop sent to us.
>
> I’m writing this mostly because those “security researchers” start filing (unconfirmed) CVEs and use disorienting email subjections on mailing list. The OpenWrt team is dedicated to resolve and annouce security issues, please don’t get distracted by any false information.
>
> Please have a nice day,
> Paul
Hi Paul,
Thank you for taking care of this.
I assume these people want a CVE (Curriculum vitae enhancer) and do not
care much about security.
Maybe we should publish all security reports and our responses to them,
then it could become a CVR (Curriculum vitae reducer) for them if they
just send some AI slob and this is associated with their name.
Hauke
More information about the openwrt-adm
mailing list