Now I'd genuinely like to know whether "yes" had a CVE assigned, not sure how to search for it though...