Drop support for CAPEC ID

The recent CVE Survey (April 2025) asked respondents about the value of fields and the CAPEC data ranked at the very bottom:

![Image](https://github.com/user-attachments/assets/fc899cba-e4b6-470a-9801-4829b31abb7b)

The topic to remove the CAPEC ID was raised in the QWG (as a result of the survey) on 2025-05-12 and to support that discussion I wanted to share some data points about the CAPEC data point.

Here is an example of a [recent CVE](https://github.com/CVEProject/cvelistV5/blob/c3316fa8c5d6398fec0d7816d608e8cde282b8c7/cves/2025/4xxx/CVE-2025-4613.json#L54C1-L65C1) with CAPEC ID supplied:
```
            "impacts": [
                {
                    "capecId": "CAPEC-175",
                    "descriptions": [
                        {
                            "lang": "en",
                            "value": "CAPEC-175 Code Inclusion"
                        }
                    ]
                }
            ],
```

This is the monthly counts of CVE records published with a CAPEC, along with the percent of monthly published CVEs with CAPEC IDs.

![Image](https://github.com/user-attachments/assets/2eeeaa33-1c12-48a5-a47d-77481934ccfa)

And of the 14,806 unique CVEs with CAPEC ID we see 256 unique CNAs (assignerShortName). This is how the proportion of the CVEs with CAPEC are sourced from CNAs:

![Image](https://github.com/user-attachments/assets/ae0a8f58-6232-430b-bb48-21cf3389b58b)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Drop support for CAPEC ID #419

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Drop support for CAPEC ID #419

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions