Maybe we should start issuing CVEs for all bugs that might negatively impact the security of a system.