diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index e8c4d6bf16..90f6b54c0f 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -279,6 +279,7 @@ proposals is very challenging, we have lots of applicants that do great work and
needed to find a way to quantify their contributions. We use this rubric to do
so.
+- [github.com/pdxjohnny/cve-bin-tool#1: ad-hoc CVEs for bandit scans](https://github.com/pdxjohnny/cve-bin-tool/issues/1)
- https://github.com/blabla1337/skf-flask
- https://github.com/OWASP/common-requirement-enumeration
@@ -287,7 +288,7 @@ so.
subgraph system_context[System Context for Ideation]
- requirements_management[OWASP common-requirement-enumeration
[Software System]]
+ requirements_management[ad-hoc VEX using
vulntology and OWASP common-requirement-enumeration
[Software System]]
data_storage[oras.land
[Software System]]
source_control[Source Code Management Forgejo
[Software System]]
engineer[Software Engineer
[Entity]]