Over several years, researchers, cybersecurity professionals, and the like have identified an anomaly in vulnerability reporting patterns. Occasionally, a significant spike in reporting a particular vulnerability or a vulnerability type will occur. This paper further dives into known examples of this reporting anomaly. It begins with a history of the vulnerability reporting landscape and an explanation of the phenomenon, as well as reasons that this phenomenon is harmful to the field of cybersecurity. Next, there is an explanation of the methodology used to find other instances of the phenomenon. This section uses known examples identified by other researchers juxtaposed against the data set and considers potential critiques of the methodology selected. It concludes with some suggestions for improvement in the identification process in the hopes of promoting awareness of the anomaly and limiting its occurrence in the future.

Recommended Citation: Shull E., Stoker G., Vetter R., Cummings J., (2024). An Analysis of the Efficacy of the Current Vulnerability Reporting Framework. UNCW MS CSIS Proceedings. V. 18 , N. 2 .