The U.S. National Institute of Standards and Technology today announced an overhaul of how it processes cybersecurity vulnerabilities in its National Vulnerability Database . NIST is abandoning its ...

The US Cybersecurity and Infrastructure Security Agency (CISA) announced on May 8 that it was starting a new software vulnerability enrichment program called ‘Vulnrichment.’ This comes almost three ...

For the last 25 years since its inception, the CVE Program (Common Vulnerabilities and Exposures) continues to be the dominant way of referencing security vulnerabilities and an important cornerstone ...

In keeping with the current administration's pledge to skinny down government to its skeletal remains, the Cybersecurity and Infrastructure Security Agency (CISA) was reportedly prepared to let its ...

MITRE Vice President Yosry Barsoum has warned that U.S. government funding for the Common Vulnerabilities and Exposures (CVE) and Common Weakness Enumeration (CWE) programs expires today, which could ...

When news broke that funding for the Common Vulnerabilities and Exposures (CVE) database would expire on April 16, panic quickly spread through the infosec community. MITRE, the nonprofit that ...

A Firefox vulnerability that sat undetected through roughly two decades of human code review now carries an official ...

Were the CVE program to be discontinued, security teams would have a hard time finding one resource that would function with the same impact across the board. Here are current issues of relying on CVE ...

The funding crisis that nearly shut down the global vulnerability tracking system last year has quietly been resolved, easing fears of another abrupt disruption to a cornerstone of the cybersecurity ...