CVEProject · david-rocca · Apr 20, 2026 · Apr 21, 2026 · Apr 22, 2026 · Apr 22, 2026
diff --git a/api-docs/openapi.json b/api-docs/openapi.json
@@ -2605,7 +2605,7 @@
           "Registry Organization"
         ],
         "summary": "Updates information about the organization specified by short name (accessible Temporarily to Secretariat only)",
-        "description": "  <h2>Access Control</h2>  <p>User must belong to an organization with the <b>Secretariat</b> role temporarily.</p>  <p>In the future, only the organization's admin will be able to request changes to its information.</p>  <p>With Joint Approval required for the following fields:</p>  <h2>Expected Behavior</h2>  <b>This endpoint expects a full organization object in the request body.</b>  <p><b>Secretariat:</b> Updates any organization's information</p>  <p><b>Organization Admin:</b> Requests changes to its organization's information</p>  <ul>  <li>short_name</li>  <li>long_name</li>  <li>authority</li>  <li>aliases</li>  <li>oversees</li>  <li>root_or_tlr</li>  <li>charter_or_scope</li>  <li>product_list</li>  <li>disclosure_policy</li>  <li>contact_info.poc</li>  <li>contact_info.poc_email</li>  <li>contact_info.poc_phone</li>  <li>contact_info.org_email</li>  <li>partner_role</li>  <li>partner_type</li>  <li>partner_country</li>  <li>vulnerability_advisory_locations</li>  <li>advisory_location_require_credentials</li>  <li>industry</li>  <li>tl_root_start_date</li>  <li>is_cna_discussion_list</li>  </ul>",
+        "description": "  <h2>Access Control</h2>  <p>User must belong to an organization with the <b>Secretariat</b> role temporarily.</p>  <p>In the future, only the organization's admin will be able to request changes to its information.</p>  <p>With Joint Approval required for the following fields:</p>  <h2>Expected Behavior</h2>  <b>This endpoint expects a full organization object in the request body.</b>  <p><b>Secretariat:</b> Updates any organization's information</p>  <p><b>Organization Admin:</b> Requests changes to its organization's information</p>  <ul>  <li>short_name</li>  <li>long_name</li>  <li>authority</li>  <li>aliases</li>  <li>oversees</li>  <li>top_level_root</li>  <li>charter_or_scope</li>  <li>product_list</li>  <li>disclosure_policy</li>  <li>contact_info.poc</li>  <li>contact_info.poc_email</li>  <li>contact_info.poc_phone</li>  <li>contact_info.org_email</li>  <li>partner_role_type</li>  <li>partner_country</li>  <li>advisory_locations</li>  <li>industry</li>  <li>tl_root_start_date</li>  <li>is_cna_discussion_list</li>  </ul>",
         "operationId": "orgUpdateSingle",
         "parameters": [
           {
@@ -4788,6 +4788,122 @@
         }
       }
     },
+    "/conversation/{uuid}": {
+      "put": {
+        "tags": [
+          "Conversation"
+        ],
+        "summary": "Updates a conversation by UUID (accessible to Secretariat only)",
+        "description": "  <h2>Access Control</h2>  <p>User must belong to an organization with the <b>Secretariat</b> role</p>  <h2>Expected Behavior</h2>  <p><b>Secretariat:</b> Updates the conversation with the specified UUID</p>",
+        "operationId": "updateConversationByUUID",
+        "parameters": [
+          {
+            "name": "uuid",
+            "in": "path",
+            "required": true,
+            "schema": {
+              "type": "string"
+            },
+            "description": "The UUID of the conversation to update"
+          },
+          {
+            "$ref": "#/components/parameters/apiEntityHeader"
+          },
+          {
+            "$ref": "#/components/parameters/apiUserHeader"
+          },
+          {
+            "$ref": "#/components/parameters/apiSecretHeader"
+          }
+        ],
+        "responses": {
+          "200": {
+            "description": "Returns the updated conversation",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "../schemas/conversation/conversation.json"
+                }
+              }
+            }
+          },
+          "400": {
+            "description": "Bad Request",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "../schemas/errors/bad-request.json"
+                }
+              }
+            }
+          },
+          "401": {
+            "description": "Not Authenticated",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "../schemas/errors/generic.json"
+                }
+              }
+            }
+          },
+          "403": {
+            "description": "Forbidden",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "../schemas/errors/generic.json"
+                }
+              }
+            }
+          },
+          "404": {
+            "description": "Not Found",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "../schemas/errors/generic.json"
+                }
+              }
+            }
+          },
+          "500": {
+            "description": "Internal Server Error",
+            "content": {
+              "application/json": {
+                "schema": {
+                  "$ref": "../schemas/errors/generic.json"
+                }
+              }
+            }
+          }
+        },
+        "requestBody": {
+          "required": true,
+          "content": {
+            "application/json": {
+              "schema": {
+                "type": "object",
+                "properties": {
+                  "body": {
+                    "type": "string",
+                    "description": "The updated content of the conversation message"
+                  },
+                  "visibility": {
+                    "type": "string",
+                    "enum": [
+                      "private",
+                      "public"
+                    ],
+                    "description": "The updated visibility of the conversation message"
+                  }
+                }
+              }
+            }
+          }
+        }
+      }
+    },
     "/review/byUUID/{uuid}": {
       "get": {
         "tags": [

diff --git a/package-lock.json b/package-lock.json
diff --git a/schemas/registry-org/BaseOrg.json b/schemas/registry-org/BaseOrg.json
@@ -39,7 +39,23 @@
         "CNA",
         "SECRETARIAT",
         "BULK_DOWNLOAD",
-        "ADP"
+        "ADP",
+        "ROOT"
+      ]
+    },
+    "partnerRoleType": {
+      "description": "The type of role a partner holds",
+      "type": "string",
+      "enum": [
+        "",
+        "Bug Bounty Provider",
+        "CERT",
+        "Consortium",
+        "Hosted Service",
+        "N/A",
+        "Open Source",
+        "Researcher",
+        "Vendor"
       ]
     }
   },
@@ -70,8 +86,8 @@
         "$ref": "#/definitions/authority"
       }
     },
-    "root_or_tlr": {
-      "type": "boolean"
+    "top_level_root": {
+      "type": "string"
     },
     "reports_to": {
       "$ref": "#/definitions/uuidType"
@@ -102,15 +118,30 @@
       "minimum": 0,
       "maximum": 100000
     },
+    "private_contacts": {
+      "type": "array",
+      "items": {
+        "type": "object",
+        "properties": {
+          "phone": {
+            "type": "string"
+          },
+          "poc": {
+            "type": "string"
+          },
+          "poc_email": {
+            "type": "string",
+            "format": "email"
+          }
+        },
+        "additionalProperties": false
+      }
+    },
     "contact_info": {
       "type": "object",
       "properties": {
-        "additional_contact_users": {
-          "type": "array",
-          "uniqueItems": true,
-          "items": {
-            "$ref": "#/definitions/uuidType"
-          }
+        "phone": {
+          "type": "string"
         },
         "poc": {
           "type": "string"
@@ -119,20 +150,70 @@
           "type": "string",
           "format": "email"
         },
-        "poc_phone": {
-          "type": "string"
+        "website": {
+          "type": "string",
+          "format": "uri"
+        }
+      },
+      "additionalProperties": false
+    },
+    "program_data": {
+      "type": "object",
+      "properties": {
+        "cve_website_update_date": {
+          "type": "string",
+          "format": "date-time"
+        },
+        "cve_website_update_needed": {
+          "type": "boolean"
         },
-        "org_email": {
+        "partner_active_date": {
           "type": "string",
-          "format": "email"
+          "format": "date"
         },
-        "website": {
+        "partner_inactive_date": {
           "type": "string",
-          "format": "uri",
-          "description": "Organization's website URL"
+          "format": "date"
+        },
+        "status": {
+          "type": "string"
+        },
+        "advisory_location_require_credentials": {
+          "type": "boolean"
+        },
+        "vulnerability_advisory_location_for_web_scraping": {
+          "type": "array",
+          "items": {
+            "type": "string"
+          }
         }
       },
       "additionalProperties": false
+    },
+    "advisory_locations": {
+      "type": "array",
+      "items": {
+        "type": "string"
+      }
+    },
+    "industry": {
+      "type": "string"
+    },
+    "tl_root_start_date": {
+      "type": "string",
+      "format": "date-time"
+    },
+    "is_cna_discussion_list": {
+      "type": "boolean"
+    },
+    "partner_role_type": {
+      "$ref": "#/definitions/partnerRoleType"
+    },
+    "partner_number": {
+      "type": "string"
+    },
+    "partner_country": {
+      "type": "string"
     }
   },
   "required": [