Anasayfa » News » The CVE program for tracking security flaws is about to lose federal funding

The CVE program for tracking security flaws is about to lose federal funding

The CVE program for tracking security flaws is about to lose federal funding
You May Be Interested In:Nvidia’s new tool can turn 3D scenes into AI images


Funding is about to run out for the Common Vulnerabilities and Exposures (CVE) program – a system used by major companies like Microsoft, Google, Apple, Intel, and AMD to identify and track publicly disclosed cybersecurity vulnerabilities. The program helps engineers identify how bad an exploit is and how to prioritize applying patches or other mitigations.

MITRE, the federally funded organization behind the program, confirmed to The Verge that its contract to “develop, operate, and modernize” CVE will expire on April 16th.

First launched in 1999, the CVE program houses a database where participating organizations can assign IDs to known cybersecurity vulnerabilities. The IDs consist of the letters “CVE” followed by a year and a number, such as CVE-2022-27254, allowing security professionals to monitor details about the vulnerabilities that may impact the devices we use every day and systems that contain information critical to practically everything we do.

Lukasz Olejnik, a security and privacy researcher, said in a post on X that a lack of support for CVE could “cripple” cybersecurity systems around the globe. “The consequence will be a breakdown in coordination between vendors, analysts, and defense systems — no one will be certain they are referring to the same vulnerability,” Olejnik wrote. “Total chaos, and a sudden weakening of cybersecurity across the board.”

“The government continues to make considerable efforts to support MITRE’s role in the program and MITRE remains committed to CVE as a global resource,” Yosry Barsoum, MITRE’s vice president and director at the Center for Securing the Homeland, said in an emailed statement to The Verge. Barsoum also said the change will affect the Common Weakness Enumeration program, which catalogs hardware and software weaknesses.

The news was first spotted in a leaked letter to MITRE board members posted on X and Bluesky. MITRE receives funding from the US Department of Homeland Security (DHS) and the Infrastructure Security Agency (CISA) to “operate and evolve the CVE Program as an independent, objective third party,” according to a video about the program.

share Paylaş facebook pinterest whatsapp x print

Similar Content

Israeli Strikes Kill At Least 22 Palestinians In Northern Gaza
Israeli Strikes Kill At Least 22 Palestinians In Northern Gaza October 27, 2024
Donald Trump’s data purge has begun 
Donald Trump’s data purge has begun  January 31, 2025
Star Wars is so back
Star Wars is so back April 27, 2025
The '333 Method' Is The Ultimate Packing Hack For Your Next Trip
The ‘333 Method’ Is The Ultimate Packing Hack For Your Next Trip December 21, 2024
BougeRV’s electric wagon is the uphill king and downhill menace
BougeRV’s electric wagon is the uphill king and downhill menace April 16, 2025
Meta is working on ‘humanoid’ robots, too
Meta is working on ‘humanoid’ robots, too February 14, 2025
News Pizza Time | © 2025 | News