A reliance on CPE names currently makes accurate searching for high-risk security vulnerabilities difficult.