Funding Expires for Key Cyber Vulnerability Database

The non-profit research and development organisation, Mitre, has warned that its contract to maintain the Common Vulnerabilities and Exposures (CVE) programme will expire on 16 April.
The CVE programme tracks security flaws in software, which are assigned a unique identifying number to enable companies to identify and fix vulnerabilities.
There are hundreds of organisations, known as CVE Numbering Authorities, that are authorised by Mitre to assign CVE numbers to newly reported flaws.
If the programme ceases to operate, national vulnerability databases, tool vendors, incident response operations, and critical infrastructure may all be impacted.
Although the listing of vulnerabilities on the CVE website will remain, new CVEs will not be added after the funding cuts.
This is not the first time that the CVE programme has faced funding issues, with individuals closely following the matter suggesting that it is common for the budget to be left until the last minute.

Fast Feed