In the rapidly evolving field of artificial intelligence (AI), the identification, documentation, and mitigation of vulnerabilities are paramount to ensuring robust and secure systems. This paper discusses the minimum elements for AI vulnerability management and the establishment of an Artificial Intelligence Vulnerability Database (AIVD). It presents standardized formats and protocols for disclosing, analyzing, cataloging, and documenting AI vulnerabilities. It discusses how such an AI incident database must extend beyond the traditional scope of vulnerabilities by focusing on the unique aspects of AI systems. Additionally, this paper highlights challenges and gaps in AI Vulnerability Management, including the need for new severity scores, weakness enumeration systems, and comprehensive mitigation strategies specifically designed to address the multifaceted nature of AI vulnerabilities.

翻译：在快速演进的人工智能领域，漏洞的识别、记录与修复对于确保系统鲁棒性与安全性至关重要。本文探讨了人工智能漏洞管理的基本要素及人工智能漏洞数据库的构建框架。研究提出了用于披露、分析、归类和记录人工智能漏洞的标准化格式与协议，并论述了此类人工智能事件数据库必须超越传统漏洞管理范畴，聚焦人工智能系统的独特性。此外，本文着重分析了人工智能漏洞管理面临的挑战与不足，包括需要建立针对人工智能漏洞多维特性的新型严重性评分体系、缺陷枚举系统以及综合缓解策略。