CVE Foundation Launched to Ensure the Long-term Vulnerability Tracking

Its unique identifiers and open database have enabled security teams, vendors, and governments worldwide to coordinate responses to emerging cyber threats, underpinning the security of the digital ecosystem. Experts warned that any interruption could severely disrupt national vulnerability databases, security advisories, and incident response operations, leaving defenders with dangerous blind spots. As the CVE Program enters this new chapter, the Foundation’s mission is clear: to preserve the integrity, availability, and quality of vulnerability data for defenders worldwide, ensuring that the digital world remains resilient in the face of evolving threats. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The launch of the CVE Foundation marks not just the preservation of a critical resource, but a recommitment to global collaboration and innovation in cybersecurity vulnerability management. By transitioning governance to a dedicated non-profit, the Foundation seeks to eliminate the risk of a single point of failure and reflect the truly international nature of today’s threat landscape. “Cybersecurity professionals around the globe rely on CVE identifiers and data as part of their daily work from security tools and advisories to threat intelligence and response. However, this long-standing arrangement was thrown into jeopardy after MITRE confirmed that its contract with the Department of Homeland Security (DHS) would lapse at midnight on April 16, 2025, with no renewal in place. The Foundation aims to ensure that the CVE system remains a globally trusted, community-driven resource, free from reliance on a single government sponsor. In the coming days, the CVE Foundation will release further details about its organizational structure, transition planning, and opportunities for involvement from the broader cybersecurity community. The newly established CVE Foundation has been formally launched to safeguard the long-term continuity, stability, and independence of the Common Vulnerabilities and Exposures (CVE) Program. This move comes as the CVE Program, a 25-year foundational pillar of cybersecurity, faces unprecedented uncertainty following the expiration of its U.S. government contract. “CVE, as a cornerstone of the global cybersecurity ecosystem, is too important to be vulnerable itself,” said Kent Landfield, an officer of the new Foundation. For a quarter-century, the CVE Program operated by MITRE under U.S. government funding has served as the global standard for identifying, cataloging, and tracking software vulnerabilities. Security experts and vendors have widely welcomed the move, and many have pledged support and resources to ensure a smooth transition. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. Their solution: the creation of the CVE Foundation, an independent, non-profit entity dedicated solely to the stewardship of the CVE Program. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications. The announcement sent shockwaves through the cybersecurity sector, raising fears of a breakdown in vulnerability tracking and coordination.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 16 Apr 2025 09:40:11 +0000


Cyber News related to CVE Foundation Launched to Ensure the Long-term Vulnerability Tracking

CVE Foundation Launched to Ensure the Long-term Vulnerability Tracking - Its unique identifiers and open database have enabled security teams, vendors, and governments worldwide to coordinate responses to emerging cyber threats, underpinning the security of the digital ecosystem. Experts warned that any interruption could ...
1 month ago Cybersecuritynews.com
The First 10 Days of a vCISO’S Journey with a New Client - Cyber Defense Magazine - During this period, the vCISO conducts a comprehensive assessment to identify vulnerabilities, engages with key stakeholders to align security efforts with business objectives, and develops a strategic roadmap to prioritize actions and resources. If ...
7 months ago Cyberdefensemagazine.com
CVE-2009-3027 - VRTSweb.exe in VRTSweb in Symantec Backup Exec Continuous Protection Server (CPS) 11d, 12.0, and 12.5; Veritas NetBackup Operations Manager (NOM) 6.0 GA through 6.5.5; Veritas Backup Reporter (VBR) 6.0 GA through 6.6; Veritas Storage Foundation (SF) ...
6 years ago
Lost and found: How to locate your missing devices and more - Physical trackers are small, circular or square-shaped objects that use simple replaceable batteries to remain charged for a long time. For travelers going around with luggage on trains and planes, there have been times when they come in really handy ...
1 year ago Welivesecurity.com
Bill Would Require Privacy Compliance For Period-Tracking Apps - With a fast-growing number of users, period-tracking apps have opened up a new way for people to track their menstrual cycle and other vital health information. But, are they securely storing and protecting user data? A bill introduced in Congress ...
2 years ago Securityweek.com
10 Best IT Asset Management Tools - 2025 - What is Good?What Could Be Better?Atera can seamlessly service and monitor Linux, Mac, and Windows systems.Sometimes, when deploying an update, patch management will fail.Using an administrator terminal, keep an eye on IT asset activity remotely.The ...
1 month ago Cybersecuritynews.com
Post-Quantum Cryptography Alliance Launches to Advance Post-Quantum Cryptography - PRESS RELEASE. SAN FRANCISCO, Feb. 6, 2024 /PRNewswire/ - The Linux Foundation is excited to announce the launch of the Post-Quantum Cryptography Alliance, an open and collaborative initiative to drive the advancement and adoption of post-quantum ...
1 year ago Darkreading.com
How to Stop Advertisers From Tracking Your Teen Across the Internet | Electronic Frontier Foundation - At 13, children transition abruptly between two extremes—from potential helicopter parental surveillance to surveillance advertising that connects their online activity and search history to marketers serving targeted ads. The Children’s Online ...
7 months ago Eff.org
15 PostgreSQL Monitoring Tools - 2025 - What is Good?What Could Be Better?Monitoring application performance, user experience, and errors.Some users find the pricing high, especially for larger environments.Continuous server, database, and infrastructure monitoring.The extensive feature ...
4 weeks ago Cybersecuritynews.com
SpaceX Launched Military Satellites Designed to Track Hypersonic Missiles - Two prototype satellites for the Missile Defense Agency and four missile-tracking satellites for the US Space Force rode a SpaceX Falcon 9 rocket into orbit Wednesday from Florida's Space Coast. These satellites are part of a new generation of ...
1 year ago Wired.com Rocke
CIOs shape long-term success with GenAI expertise - Today's CIOs have evolved from managing IT infrastructure and ensuring systems' efficiency to becoming key business strategists, according to IDC. They stand at the intersection of technology and business, leveraging innovations to shape ...
1 year ago Helpnetsecurity.com
Understanding Medical Device Regulation Technology - With healthcare facilities constantly evolving, the medical device industry is becoming increasingly more regulated. As the need for the efficient and safe use of medical technology increases, so too does the adoption of medical device regulation ...
2 years ago Hackread.com
A top-secret Chinese spy satellite just launched on a supersized rocket - China's largest rocket apparently wasn't big enough to launch the country's newest spy satellite, so engineers gave the rocket an upgrade. The Long March 5 launcher flew with a payload fairing some 20 feet taller than its usual nose cone when it took ...
1 year ago Packetstormsecurity.com Rocke
Cisco Foundation Grantees prioritize Indigenous leadership to protect the Amazon Basin - This is the first of our three-part series on Cisco Foundation grantees working in the Amazon and South America region. This series will introduce you to eight Cisco Foundation Climate Impact & Regeneration grantees working to support preservation ...
1 year ago Feedpress.me
How to Build a Data Foundation for Generative AI - Generative AI is not just a general-purpose productivity aid that surfaces information the way a search engine does; with gen AI, organizations can combine their unique, proprietary data with foundation models that have been pre-trained on a broad ...
1 year ago Feeds.dzone.com
Data Insecurity: Experts Sound the Alarm on 4 Apps Putting User Privacy at Risk - Even though many of us rely on apps to entertain us, guide us, manage our exercise, and connect with family and friends, they are notoriously hard to trust. In an age when technology is constantly evolving, it is almost impossible to tell if a ...
1 year ago Cysecurity.news
Navigating privacy: Should we put the brakes on car tracking? - The sheer amount of data that an app or an operating system can use to identify you and collect your data is enormous, depending on the method of tracking it uses. While it's clear why manufacturers and sellers desire more data - to tailor their ...
1 year ago Welivesecurity.com
Exploring the Long-Term Benefits of Adopting a Zero Trust Architecture - Over the past few years, the adoption of Zero Trust Architecture as an effective security strategy across many organizations has significantly increased. By definition, Zero Trust Architecture is a security concept developed to ensure that every ...
2 years ago Tripwire.com
Apple fined €150 million over App Tracking Transparency issues - Autorité de la concurrence, France's antitrust watchdog, has fined Apple €150 million ($162 million) for using the App Tracking Transparency privacy framework to abuse its dominant market position in mobile app advertising on its devices. ...
1 month ago Bleepingcomputer.com
Short-term AWS access tokens allow attackers to linger for a longer while - Attackers usually gain access to an organization's cloud assets by leveraging compromised user access tokens obtained via phishing, by using malware, or by finding them in public code repositories. These are long-term access tokens associated with an ...
1 year ago Helpnetsecurity.com
How to Track Advanced Persistent Threats (APT) Using Threat Intelligence Lookup Tool - – Exploitation of zero-day vulnerabilities or watering hole attacks (compromising websites frequented by the target).Establishing a Foothold– Attackers deploy malware to create backdoors or tunnels for undetected movement within the ...
3 months ago Cybersecuritynews.com APT41
African Organizations Aim to Fix Cybersecurity in 2024 - Faced with numerous cybersecurity threats and challenges, but lacking adequate cyber training, African nations hope to develop the depth of skills needed to defend against attackers in 2024. In December, for example, the University of Lagos, the ...
1 year ago Darkreading.com
Student Cybersecurity Clubs: Fostering Online Safety - Student cybersecurity clubs are playing a crucial role in promoting online safety among students. Student cybersecurity clubs play a vital role in this regard, as they provide a platform for students to learn about the latest threats, share best ...
1 year ago Securityzap.com
Packet Analysis Optimization Advanced Protocols For Cybersecurity Analysts - Full packet capture (FPC) repositories enable analysts to reconstruct the sequence of events leading up to a security incident, identify the initial point of compromise, and trace the movement of attackers across the network. In conclusion, packet ...
4 weeks ago Cybersecuritynews.com
Selecting Cybersecurity Vendors - CISO’s Decision Framework - As the guardians of organizational security, CISOs must approach vendor selection with a strategic mindset that balances risk, integration, and long-term value. In an era where cyber threats are growing in sophistication and frequency, Chief ...
1 month ago Cybersecuritynews.com