Temporal has been added to the CVE Program as a CVE Numbering Authority (CNA), allowing users who self-host Temporal to receive alerts about known issues and determine what actions are necessary to secure their clusters. This milestone reflects Temporal's commitment to security and transparency, with a focus on reporting vulnerabilities through industry-standard Common Vulnerability and Exposure (CVE) numbers. A recent report by Datadog led to the identification of a potential vulnerability in Temporal Server due to default configuration issues, which has been addressed in version 1.20 and can be mitigated in prior versions by setting a specific configuration option. The company acknowledges that building software without vulnerabilities is ideal but recognizes the importance of community reporting and transparency in achieving a high level of security.