Honestly I feel like a coding agent review would have caught this issue. I guess if you want to vibe-code your branded CVE web site it's not a bad idea to at least mash /review at the end.

Kind of funny to do something impressive and then ignore the details on the presentation, but perhaps that's not uncommon for security researchers?