LWN has an interesting article CVE woes and alternatives about how hard it is to get a CVE number for a vulnerability. The general thrust is that some researchers have found it too hard and so simply don't bother.
There were some suggestions about a new system that makes it …