CNA governance

VAPT CVE Numbering Authority (CNA) policy.

Effective Date: April 2026 | Document Version: 1.0