There's been another one of those this month: a vulnerability arriving fully formed with a name, a logo, and a single-page website explaining how worried I should be. I won't pretend to remember the exact CVE off the top of my head, because honestly the branding usually lands in my feed a day before the advisory does, which tells you something about the order of operations.
I used to be sniffy about this. Heartbleed set the template back in 2014, and ever since, every researcher with a decent bug seems to want a mascot. It felt like marketing creeping into a space that should be sober and technical. A buffer over-read does not need a typeface.
I've softened. The grubby truth is that the branded ones get patched. I watched a serious, un-named flaw sit in the backlog for weeks because it read as "yet another CVE" on a list of two hundred. The one with the logo got a hotfix change window inside a day, because someone non-technical had seen the website and asked the question. The logo isn't for me. It's for the person who signs off the emergency change.
So I'll take it. The website is a bit much, the logo is usually worse, and I'd quietly prefer we lived in a world where severity scores were enough to make things happen. We don't. If a silly name gets the bad thing fixed before someone gets owned, name away. Just please put the affected versions above the fold.