In the rapidly evolving field of artificial intelligence (AI), the identification, documentation, and mitigation of vulnerabilities are paramount to ensuring robust and secure systems. This paper discusses the minimum elements for AI vulnerability management and the establishment of an Artificial Intelligence Vulnerability Database (AIVD). It presents standardized formats and protocols for disclosing, analyzing, cataloging, and documenting AI vulnerabilities. It discusses how such an AI incident database must extend beyond the traditional scope of vulnerabilities by focusing on the unique aspects of AI systems. Additionally, this paper highlights challenges and gaps in AI Vulnerability Management, including the need for new severity scores, weakness enumeration systems, and comprehensive mitigation strategies specifically designed to address the multifaceted nature of AI vulnerabilities.

翻译：在人工智能（AI）快速发展的领域中，漏洞的识别、记录与修复对于确保系统稳健与安全至关重要。本文探讨了AI漏洞管理的基本要素以及人工智能漏洞数据库（AIVD）的建立。论文提出了用于披露、分析、分类和记录AI漏洞的标准化格式与协议，并论述了此类AI事件数据库必须超越传统漏洞范畴，聚焦于AI系统的独特性。此外，本文还强调了AI漏洞管理中的挑战与不足，包括需要专门针对AI漏洞多面性而设计的新型严重性评分标准、弱点枚举系统以及全面缓解策略。