You see the same thing with hundreds of CVEs assigned to random crap like PHPGurukul or Codeprojects. I.e. repositories of "tutorial" projects. Just like submitting a CVE for a vulnerability in OWASP's JuiceShop.