#vulnerability-disclosure 1 post tagged vulnerability-disclosure. Windows Security Boundaries: The Document That Decides What Gets a CVE May 23, 2026 Microsoft maintains a single public document that decides which Windows vulnerability reports receive a CVE, a Patch Tuesday bulletin, and a bounty payout. Here is how to read it.