On Wed, Aug 24, 2022, at 11:56, Kevin Kofler via devel wrote:
That was exactly my point though. If nobody finds CVEs, then nobody
has to
fix them. We can only fix what we know about, and blackhats can only attack
what they know about.
The fact that there are no new CVEs (and therefore fixes) does not imply that there are no
security vulnerabilities (potentially) exploited in the wild.
--
Fabio Alessandro "Fale" Locati
fale.io