Oh fantastic. Someone assigned a CVE to an invalid bug report. Of course it's rated "critical".
Now I have to file for a rejection again, while thousands of "vulnerability report sites" copy each others bad summary of the CVE text making it worse with every copy.
The whole CVE system and the "security research industry" at large is a steaming pile of 💩