3/31/26 release branch (#3891)

* #3887 Add Blog @ VulnCon 2026 registration closing date

* #3885 Add 4 new CNAs + Update 2 CNA's info

* #3886 Add 1 new Blog @ 500+ CNAs milestone

* Correct figure captions for centered italic text

* npm update on 3/30/26

* SADP tag/button implementation

---------

Co-authored-by: Roy Lane <rlane@mitre.org>

Author: rroberge

package-lock.json

@@ -3616,7 +3616,7 @@
       {
         "label": "Policy",
         "language": "",
-        "url": "https://publisher.hitachienergy.com/preview?DocumentID=9AKK107991A7713&LanguageCode=en&DocumentPartId=&Action=Launch"
+        "url": "https://publisher.hitachienergy.com/preview?DocumentID=9AKK107991A7713&LanguageCode=en&DocumentPartId=&Action=Launch"
       }
     ],
     "securityAdvisories": {
@@ -5684,16 +5684,16 @@
     "country": "USA"
   },
   {
-    "shortName": "NLOK",
+    "shortName": "GEN",
     "cnaID": "CNA-2020-0016",
-    "organizationName": "NortonLifeLock Inc.",
-    "scope": "All NortonLifeLock product issues only.",
+    "organizationName": "Gen Digital Inc.",
+    "scope": "All Gen Digital products and websites.",
     "contact": [
       {
         "email": [
           {
             "label": "Email",
-            "emailAddr": "security@nortonlifelock.com"
+            "emailAddr": "security@gendigital.com"
           }
         ],
         "contact": [],
@@ -5704,15 +5704,15 @@
       {
         "label": "Policy",
         "language": "",
-        "url": "https://www.nortonlifelock.com/content/dam/nortonlifelock/pdfs/other-resources/guidelines-for-security-vulnerability-reporting-and-response-en.pdf"
+        "url": "https://www.gendigital.com/us/en/contact-us/report-a-potential-security-vulnerability/"
       }
     ],
     "securityAdvisories": {
       "alerts": [],
       "advisories": [
         {
           "label": "Advisories",
-          "url": "https://us.norton.com/support/tools/security-advisories.html"
+          "url": "https://www.gendigital.com/us/en/contact-us/security-advisories/"
         }
       ]
     },
@@ -28640,5 +28640,231 @@
       ]
     },
     "country": "USA"
+  },
+  {
+    "shortName": "HDFG",
+    "cnaID": "CNA-2026-0016",
+    "organizationName": "The HDF Group",
+    "scope": "All HDF software including HDF5, HDF4, HSDS, HDFView.",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "security@hdfgroup.org"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://github.com/HDFGroup/hdf5/blob/develop/SECURITY.md"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://github.com/HDFGroup/hdf5/security/advisories"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "redhat",
+        "organizationName": "Red Hat, Inc."
+      },
+      "type": [
+        "Open Source"
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ]
+    },
+    "country": "USA"
+  },
+  {
+    "shortName": "FB",
+    "cnaID": "CNA-2026-0017",
+    "organizationName": "Fujifilm Business Innovation Corp.",
+    "scope": "Fuji Xerox and FUJIFILM Business Innovation products such as multifunction devices, printers, production printers, software, and cloud services.",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "dgi-fb_vulnerability_report@fujifilm.com"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://www.fujifilm.com/fbglobal/eng/company/quality/vdp"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://www.fujifilm.com/fbglobal/eng/company/quality/product_security/vulnerability"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "jpcert",
+        "organizationName": "JPCERT/CC"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "type": [
+        "Vendor"
+      ]
+    },
+    "country": "Japan"
+  },
+  {
+    "shortName": "Acer",
+    "cnaID": "CNA-2026-0018",
+    "organizationName": "Acer Inc.",
+    "scope": "Acer issues only.",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "vulnerability@acer.com"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://www.acer.com/us-en/support/security-advisory"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://www.acer.com/us-en/support/security-advisory"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "n/a",
+        "organizationName": "n/a"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "type": [
+        "Vendor"
+      ]
+    },
+    "country": "Taiwan"
+  },
+  {
+    "shortName": "Canva",
+    "cnaID": "CNA-2026-0019",
+    "organizationName": "Canva",
+    "scope": "All Canva products, including open-source software published and maintained by Canva, as well as vulnerabilities in third-party software discovered by Canva that are not in another CNA’s scope.",
+    "contact": [
+      {
+        "email": [
+          {
+            "label": "Email",
+            "emailAddr": "security@canva.com"
+          }
+        ],
+        "contact": [],
+        "form": []
+      }
+    ],
+    "disclosurePolicy": [
+      {
+        "label": "Policy",
+        "language": "",
+        "url": "https://www.canva.com/security/bug-bounty/"
+      }
+    ],
+    "securityAdvisories": {
+      "alerts": [],
+      "advisories": [
+        {
+          "label": "Advisories",
+          "url": "https://trust.canva.com/"
+        }
+      ]
+    },
+    "resources": [],
+    "CNA": {
+      "isRoot": false,
+      "root": {
+        "shortName": "n/a",
+        "organizationName": "n/a"
+      },
+      "roles": [
+        {
+          "helpText": "",
+          "role": "CNA"
+        }
+      ],
+      "TLR": {
+        "shortName": "mitre",
+        "organizationName": "MITRE Corporation"
+      },
+      "type": [
+        "Vendor",
+        "Open Source",
+        "Researcher"
+      ]
+    },
+    "country": "Australia"
   }
 ]

public/images/news/cvePartnersMap31March2026.png

@@ -63,7 +63,7 @@
       "displayOnHomepageOrder": 1,
       "title": "CVE/FIRST VulnCon 2026",
       "location": "Scottsdale, Arizona, USA & Virtual",
-      "description": "REGISTRATION IS OPEN!<br/>Closes April 6, 2026.<br/><br/>VulnCon is co-hosted by the <a href='/'>CVE Program</a> and <a href='https://www.first.org/conference/vulncon26/' target='_blank'>FIRST</a> and is open to the public.<br/><br/><strong>Agenda</strong>:<br/>Available on the <a href='https://www.first.org/conference/vulncon26/program' target='_blank'>conference web page</a> or view the schedule by day:<br/><br/><strong>Monday, April 13</strong> &mdash; <a href='https://www.first.org/conference/vulncon26/program#d20260413' target='_blank'>View day 1 schedule</a><br/><strong>Tuesday, April 14</strong> &mdash;  <a href='https://www.first.org/conference/vulncon26/program#d20260414' target='_blank'>View day 2 schedule</a><br/><strong>Wednesday, April 15</strong> &mdash; <a href='https://www.first.org/conference/vulncon26/program#d20260415' target='_blank'>View day 3 schedule</a><br/><strong>Thursday, April 16</strong> &mdash; <a href='https://www.first.org/conference/vulncon26/program#d20260416' target='_blank'>View day 4 schedule</a><br/><br/>An Offsite Social Event will be held at the Western Spirit Museum on Wednesday, April 15. Learn more <a href='https://www.first.org/conference/vulncon26/registration#Registration-Information' target='_blank'>here</a>.<br/><br/><strong>Registration</strong>:<br/>Both virtual and in-person registration are open now on the VulnCon 2026 <a href='https://www.first.org/conference/vulncon26/registration#Registration-Information' target='_blank'>conference registration page</a> hosted on the FIRST website. <ul><li>Standard Admission (by March 14, 2026): US $525.00</li><li>Late Rate Admission (after March 14, 2026): US $600.00</li><li>Virtual Admission: US $100.00</li></ul>Registration fees include full admission to conference activities Monday through Thursday; continental breakfast, lunch, and two coffee breaks Tuesday through Thursday; entry to the Monday welcome reception; entry to the Tuesday networking reception; entry to the vendor hall; all applicable conference materials;, and access to live streams and applicable apps.<br/><br/><i>NOTE: Registration closes on April 6, 2026, at 19:00 UTC. Registration is based on availability and may close before the indicated date. Learn more <a href='https://www.first.org/conference/vulncon26/registration#Registration-Information' target='_blank'>here</a>.</i><br/><br/><strong>Purpose:</strong><br/>The purpose of VulnCon is to collaborate with various vulnerability management and cybersecurity professionals to develop forward leaning ideas that can be taken back to individual programs for action to benefit the vulnerability management ecosystem.<br/><br/>A key goal of the conference is to understand what important stakeholders and programs are doing within the vulnerability management ecosystem and best determine how to benefit the ecosystem broadly.<br/><br/><strong>Call for Speakers (CFS)</strong>:<br/>Closed on December 22, 2025. The <a href='https://www.first.org/conference/vulncon26/cfs' target='_blank'>CFS</a> requirements and submission process are available <a href='https://www.first.org/conference/vulncon26/cfs' target='_blank'>here</a>.",
+      "description": "<i>Registration closes on April 6, 2026, at 19:00 UTC.</i><br/><br/>VulnCon is co-hosted by the <a href='/'>CVE Program</a> and <a href='https://www.first.org/conference/vulncon26/' target='_blank'>FIRST</a> and is open to the public.<br/><br/><strong>Agenda</strong>:<br/>Available on the <a href='https://www.first.org/conference/vulncon26/program' target='_blank'>conference web page</a> or view the schedule by day:<br/><br/><strong>Monday, April 13</strong> &mdash; <a href='https://www.first.org/conference/vulncon26/program#d20260413' target='_blank'>View day 1 schedule</a><br/><strong>Tuesday, April 14</strong> &mdash;  <a href='https://www.first.org/conference/vulncon26/program#d20260414' target='_blank'>View day 2 schedule</a><br/><strong>Wednesday, April 15</strong> &mdash; <a href='https://www.first.org/conference/vulncon26/program#d20260415' target='_blank'>View day 3 schedule</a><br/><strong>Thursday, April 16</strong> &mdash; <a href='https://www.first.org/conference/vulncon26/program#d20260416' target='_blank'>View day 4 schedule</a><br/><br/>An Offsite Social Event will be held at the Western Spirit Museum on Wednesday, April 15. Learn more <a href='https://www.first.org/conference/vulncon26/registration#Registration-Information' target='_blank'>here</a>.<br/><br/><strong>Registration</strong>:<br/>Both virtual and in-person registration are open now on the VulnCon 2026 <a href='https://www.first.org/conference/vulncon26/registration#Registration-Information' target='_blank'>conference registration page</a> hosted on the FIRST website. <ul><li>Standard Admission (by March 14, 2026): US $525.00</li><li>Late Rate Admission (after March 14, 2026): US $600.00</li><li>Virtual Admission: US $100.00</li></ul>Registration fees include full admission to conference activities Monday through Thursday; continental breakfast, lunch, and two coffee breaks Tuesday through Thursday; entry to the Monday welcome reception; entry to the Tuesday networking reception; entry to the vendor hall; all applicable conference materials;, and access to live streams and applicable apps.<br/><br/><i>NOTE: Registration closes on April 6, 2026, at 19:00 UTC. Registration is based on availability and may close before the indicated date. Learn more <a href='https://www.first.org/conference/vulncon26/registration#Registration-Information' target='_blank'>here</a>.</i><br/><br/><strong>Purpose:</strong><br/>The purpose of VulnCon is to collaborate with various vulnerability management and cybersecurity professionals to develop forward leaning ideas that can be taken back to individual programs for action to benefit the vulnerability management ecosystem.<br/><br/>A key goal of the conference is to understand what important stakeholders and programs are doing within the vulnerability management ecosystem and best determine how to benefit the ecosystem broadly.<br/><br/><strong>Call for Speakers (CFS)</strong>:<br/>Closed on December 22, 2025. The <a href='https://www.first.org/conference/vulncon26/cfs' target='_blank'>CFS</a> requirements and submission process are available <a href='https://www.first.org/conference/vulncon26/cfs' target='_blank'>here</a>.",
       "permission": "public",
       "url": "https://www.first.org/conference/vulncon26/",
       "date": {

src/assets/data/CNAsList.json

@@ -1180,7 +1180,7 @@
         },
         {
           "month": "March",
-          "value": "4"
+          "value": "8"
         },
         {
           "month": "April",