CVE Program Funding Renewed, New Foundation Launched

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has renewed funding for the Common Vulnerabilities and Exposures (CVE) program, preventing a shutdown that would have disrupted global cybersecurity efforts. This move comes after MITRE, the program's operator, warned of widespread impacts on vulnerability tracking and critical infrastructure if funding expired. The CVE system is vital for identifying and addressing vulnerabilities across major technology companies and public institutions. In response to concerns about dependence on a single government sponsor, a new CVE Foundation has been created to help ensure the program’s long-term stability and independence. The Foundation is focused on maintaining high-quality vulnerability identification and expanding community participation. Further details about the transition and future plans for the CVE program are expected soon.