Tag: cve
-
CVE Foundation pledges continuity after Mitre funding cut
by
in SecurityNewsWith news that Mitre’s contract to run the world-renowned CVE Programme is abruptly terminating, a breakaway group is setting up a non-profit foundation to try to ensure the project’s continuity First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366622835/CVE-Foundation-pledges-continuity-after-MITRE-funding-cut
-
‘Stupid and Dangerous’: CISA Funding Chaos Threatens Essential Cybersecurity Program
by
in SecurityNewsThe CVE Program is the primary way software vulnerabilities are tracked. Its long-term future remains in limbo even after a last-minute renewal of the US government contract that funds it. First seen on wired.com Jump to article: www.wired.com/story/cve-program-cisa-funding-chaos/
-
CISA Extend Funding to MITRE to Keep CVE Program Running
by
in SecurityNewsThe Cybersecurity and Infrastructure Security Agency (CISA) has extended funding to the MITRE Corporation, ensuring the continued operation of the Common Vulnerabilities and Exposures (CVE) program, a linchpin of global cybersecurity. Announced late on April 15, 2025, just hours before the program’s funding was set to expire, the 11-month extension averts a crisis that could…
-
CVE Program Almost Unfunded
by
in SecurityNewsMitre’s CVE’s program”, which provides common naming and other informational resources about cybersecurity vulnerabilities”, was about to be cancelled, as the US Department of Homeland Security failed to renew the contact. It was funded for eleven more months at the last minute. This is a big deal. The CVE program is one of those pieces…
-
CVE Program Stays Online as CISA Backs Temporary MITRE Extension
by
in SecurityNewsMITRE avoids CVE program shutdown with last-minute contract extension. Questions remain about long-term funding and the future of… First seen on hackread.com Jump to article: hackread.com/cve-program-online-cisa-temporary-mitre-extension/
-
Windows NTLM Vulnerability (CVE-2025-24054) Actively Exploit in the Wild to Hack Systems
by
in SecurityNewsA critical vulnerability in Microsoft Windows, identified as CVE-2025-24054, has been actively exploited in the wild since March 19, 2025, targets organizations worldwide. The flaw, which enables NTLM hash disclosure through spoofing, allows attackers to harvest sensitive user credentials with minimal interaction, potentially leading to privilege escalation and full network compromise. Despite Microsoft releasing a…
-
Mitre CVE program regains funding as renewal deal reached
by
in SecurityNewsThe information security industry feared a lapse would lead to industrywide exposures of software vulnerabilities. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-extend-funding-cve/745531/
-
CVE, global source of cybersecurity info, was hours from being cut by DHS
by
in SecurityNewsBoard members have launched a nonprofit to take over the program from MITRE. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/04/crucial-cve-flaw-tracking-database-narrowly-avoids-closure-to-dhs-cuts/
-
CISA extends CVE program contract with MITRE for 11 months amid alarm over potential lapse
by
in SecurityNews“The CVE Program is invaluable to the cyber community and a priority of CISA,” a CISA spokesperson said. “We appreciate our partners’ and stakeholders’ patience.” First seen on therecord.media Jump to article: therecord.media/cisa-extends-cve-program-contract-with-mitre
-
CVE program gets last-minute funding from CISA and maybe a new home
by
in SecurityNewsUncertainty is the new certainty First seen on theregister.com Jump to article: www.theregister.com/2025/04/16/cve_program_funding_save/
-
CISA Extends Support a Last Minute to CVE Program, Averting Global Cybersecurity Crisis
by
in SecurityNewsCISA announced an eleventh-hour contract extension with MITRE Corporation to maintain the Common Vulnerabilities and Exposures (CVE) program, narrowly avoiding a lapse in federal funding that threatened to destabilize vulnerability management worldwide. The move came just hours before the program’s expiration deadline on April 16, 2025, preserving a system that has served as the backbone…
-
CVE program averts swift end after CISA executes 11-month contract extension
by
in SecurityNews
Tags: china, cisa, computer, cve, cyber, cybersecurity, data, defense, detection, endpoint, flaw, framework, government, infrastructure, intelligence, linkedin, mitre, nist, nvd, russia, service, software, technology, threat, update, vulnerability, vulnerability-managementImportant update April 16, 2025: Since this story was first published, CISA signed a contract extension that averts a shutdown of the MITRE CVE program.A CISA spokesperson sent CSO a statement saying, “The CVE Program is invaluable to cyber community and a priority of CISA. Last night, CISA executed the option period on the contract to ensure…
-
Sicherheits-Desaster: Trump stoppt mit DOGE die MITRE-Finanzierung; CVE-Datenbank eingestellt? Update: Es geht doch weiter
by
in SecurityNewsEine schlechte Nachricht für die Cybersicherheit. Die US-Administration unter Präsident Donald Trump hat über deren DOGE-Programm wohl die Finanzierung von MITRE gestoppt, so dass die von dieser Organisation gepflegte CVE-Datenbank, die über Sicherheitslücken informiert, eingestellt werden muss. Nachtrag: Es hat … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/04/16/sicherheits-desaster-trump-stoppt-mit-doge-die-mitre-finanzierung/
-
CISA reverses course, extends MITRE CVE contract
by
in SecurityNewsWhile the last-minute extension averts an immediate lapse in support, rival organizations are being stood up to supplant the global vulnerability system. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-reverses-course-extends-mitre-cve-contract/
-
Cybersecurity Alarms Sound Over Loss of CVE Program Funding
by
in SecurityNewsBoard Members Announce Launch of ‘CVE Foundation’ to Secure Program’s Future. Warnings are being sounded over the risk to global cybersecurity posed by the imminent disruption or management shutdown of the Common Vulnerabilities and Exposures program. A fix could be forthcoming in the form of a new, stand-alone foundation, although its details and funding remain…
-
MITRE Crisis: CVE Cash Ends TODAY, CISA says ‘No Lapse’
by
in SecurityNewsThese are “interesting” times: U.S. government funding for the Common Vulnerabilities and Exposures program expires April 16. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/mitre-cve-funding-crisis-richixbw/
-
CISA at the Last Minute Extends Funding for Crucial MITRE CVE Program
by
in SecurityNewsThe Trump Administration is ending funding for MITRE’s crucial CVE database program, a move that promises to hobble cybersecurity efforts around the world. However, CVE Board members introduce a new nonprofit organizations free of government funding and oversight. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/government-funding-for-cve-program-ends-but-a-new-group-emerges/
-
Oracle April 2025 Critical Patch Update Addresses 171 CVEs
by
in SecurityNewsOracle addresses 171 CVEs in its second quarterly update of 2025 with 378 patches, including 40 critical updates. Background On April 15, Oracle released its Critical Patch Update (CPU) for April 2025, the second quarterly update of the year. This CPU contains fixes for 171 unique CVEs in 378 security updates across 32 Oracle product…
-
Mitre warns over lapse in CVE coverage
by
in SecurityNewsMitre, the operator of the world-renowned CVE repository, has warned of significant impacts to global cyber security standards, and increased risk from threat actors, as it emerges its US government contract will lapse imminently First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366622813/MITRE-warns-over-lapse-in-CVE-coverage
-
CISA extends funding to ensure ‘no lapse in critical CVE services’
by
in SecurityNewsCISA says the U.S. government has extended funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-extends-funding-to-ensure-no-lapse-in-critical-cve-services/
-
Funding uncertainty may spell the end of MITRE’s CVE program
by
in SecurityNewsThe future of the Common Vulnerabilities and Exposures (CVE) program hangs in the balance: MITRE, the not-for-profit US organization that runs it, could lose the US federal … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/16/funding-uncertainty-may-spell-the-end-of-mitres-cve-program/
-
Cybersecurity Alarms Sound as CVE Program Funding Ceases
by
in SecurityNewsBoard Members Announce Launch of ‘CVE Foundation’ to Secure Program’s Future. Warnings are being sounded over the risk to global cybersecurity posed by the imminent disruption or management shutdown of the Common Vulnerabilities and Exposures program. A fix could be forthcoming in the form of a new, stand-alone foundation, although its details and funding remain…
-
American Sigh
by
in SecurityNewsA long, long time ago I can still remember How those CVEs would make me smile And I knew if I had my chance To patch a vuln or take a stance Maybe we’d be secure for a while But April ides made me shiver With each leaked memo and press release delivered Bad news……
-
Sicherheits-Desaster: Trump stoppt mit DOGE die MITRE-Finanzierung; CVE-Datenbank eingestellt
by
in SecurityNewsEine schlechte Nachricht für die Cybersicherheit. Die US-Administration unter Präsident Donald Trump hat über deren DOGE-Programm wohl die Finanzierung von MITRE gestoppt, so dass die von dieser Organisation gepflegte CVE-Datenbank, die über Sicherheitslücken informiert, eingestellt werden muss. Ankündigung der MITRE … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/04/16/sicherheits-desaster-trump-stoppt-mit-doge-die-mitre-finanzierung/
-
CVE-Finanzierung unklar: Datenbank für kritische Sicherheitslücken gefährdet
by
in SecurityNews
Tags: cveFür die Fortsetzung des CVE-Programms, der internationalen Datenbank für Sicherheitslücken, stehen keine finanziellen Mittel mehr zur Verfügung. First seen on golem.de Jump to article: www.golem.de/news/cve-finanzierung-unklar-datenbank-fuer-kritische-sicherheitsluecken-gefaehrdet-2504-195410.html
-
Chaos Reigns as MITRE Set to Cease CVE and CWE Operations
by
in SecurityNewsSecurity community reacts with shock at US government’s decision not to renew MITRE contract for CVE database First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chaos-reigns-mitre-cease-cve-cwe/
-
Cybersicherheit – USA stellen Finanzierung des CVE-Programms ein
by
in SecurityNewsHeute endet die zwischen der US-Regierung und MITRE geschlossene Finanzierung des CVE-Programms, was deutliche Auswirkungen haben könnte. First seen on computerbase.de Jump to article: www.computerbase.de/news/wirtschaft/cybersicherheit-usa-stellen-finanzierung-des-cve-programms-ein.92215
-
U.S. Govt. Funding for MITRE’s CVE Ends April 16, Cybersecurity Community on Alert
by
in SecurityNewsThe U.S. government funding for non-profit research giant MITRE to operate and maintain its Common Vulnerabilities and Exposures (CVE) program will expire Wednesday, an unprecedented development that could shake up one of the foundational pillars of the global cybersecurity ecosystem.The 25-year-old CVE program is a valuable tool for vulnerability management, offering a de facto standard…
-
MITRE warns that funding for critical CVE program expires today
by
in SecurityNewsMITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could lead to widespread disruption across the global cybersecurity industry. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mitre-warns-that-funding-for-critical-cve-program-expires-today/