Incorrect CVE being reported

[anderruiz]

I believe I have a case in where the matching is not correctly being done. The CVE

CVE: CVE-2020-0606
KB: [KB4535101](https://catalog.update.microsoft.com/Search.aspx?q=KB4535101)

Is being detected in a Windows 10 machine that has KB5044022 installed which in theory should supersede the other but in practice in Windows Catalog that is not the case. Am I missing something? Should that CVE still be reported for some reason? I even tried with the muc-lookup but it does not work as it is not in the same "branch" apparently

[bitsadmin]

Hi Ander Ruiz, I am afraid this is a limitation of the data feeds that are being ingested by the collector script (see collector folder in this repository).

For some more information about the collection, see the Dataset section in the following blog post
https://blog.bitsadmin.com/windows-security-updates-for-hackers#dataset