Vandalism, in my language, can be used for "security problems" where the attacker destroys simply for the pleasure of destroying. I believe we should centralize it in a "product" in the CVE Details, and add the security risk details for the protocols. in https://www.cvedetails.com/