The CVE Program, a bedrock of global cyber defense, is teetering on the brink

A funding scare, AI and similar international initiatives are raising existential questions about the program’s future.
Forbes

The World Still Needs A CVE Program

For the last 25 years since its inception, the CVE Program (Common Vulnerabilities and Exposures) continues to be the dominant way of referencing security vulnerabilities and an important cornerstone ...
Forbes

CIOs Face Unrealistic Expectations As CVE Program Faces Uncertainty

When news broke that funding for the Common Vulnerabilities and Exposures (CVE) database would expire on April 16, panic quickly spread through the infosec community. MITRE, the nonprofit that ...
Dark Reading

CVE Program Cuts Send the Cyber Sector Into Panic Mode

In keeping with the current administration's pledge to skinny down government to its skeletal remains, the Cybersecurity and Infrastructure Security Agency (CISA) was reportedly prepared to let its ...
CSOonline

CVE program funding secured, easing fears of repeat crisis

The funding crisis that nearly shut down the global vulnerability tracking system last year has quietly been resolved, easing fears of another abrupt disruption to a cornerstone of the cybersecurity ...
Hosted on MSN

CVE program gets last-minute funding from CISA – and maybe a new home

In an 11th-hour reprieve, the US government last night agreed to continue funding the globally used Common Vulnerabilities and Exposures (CVE) program.… This comes after the Feds decided not to renew ...
Bleeping Computer

MITRE warns that funding for critical CVE program expires today

MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could ...
Business Wire

Ribose authorized as CVE Numbering Authority (CNA) by the CVE Program

LONDON--(BUSINESS WIRE)--Ribose has been authorized by the Common Vulnerabilities and Exposures (CVE ®) Program as a CVE Numbering Authority (CNA), allowing it to publish authoritative cybersecurity ...
CSOonline

New EU vulnerability database will complement CVE program, not compete with it, says ENISA

After the CVE’s program’s near-death experience in April, might the Europeans be looking for a more reliable long-term system? From this week, the global technology industry has a new database to ...
FedScoop

(Common Vulnerabilities and Exposure Program (CVE)

The AI Act of 2024 from Sens. Warner and Tillis calls on NIST and CISA to update databases and NSA to launch an AI security center.
Business Insider

Sonatype Intelligence Reveals CVE Program Leaves Majority of Vulnerabilities Unscored

Fulton, Md., Nov. 20, 2025 (GLOBE NEWSWIRE) -- Sonatype®, the leader in AI-driven DevSecOps, today released a new report, “Trust Issues: The CVE Crisis,” revealing that the world’s most widely used ...