3 sources·Technology

Critical CVE Program Funding Renewed in Last-Minute Move by CISA

The U.S. Cybersecurity and Infrastructure Security Agency has renewed its funding for the Common Vulnerabilities and Exposures Program, crucial for global cybersecurity.

The distribution of story sources: left-leaning (blue), center (light gray), and right-leaning (red).
Mostly Reliable
The underlying sources are generally reliable but sometimes include opinion, propaganda, or minor inaccuracies.
Leans Left
The underlying sources slightly lean left.
Subscribe to unlock this story

We really don't like cutting you off, but you've reached your monthly limit. At just $3/month or $30/year, subscriptions are how we keep this project going. Start your free 7-day trial today!

Get Started
  2. US Government Almost Kills Critical Cybersecurity Database

    The fact that the administration let it get to this point — where a system this fundamental to global cybersecurity could vanish overnight — demonstrates an administration that isn’t just incompetent, but recklessly destructive.

    US Government Almost Kills Critical Cybersecurity Database

    TechdirtTechdirt·2d
    Mostly Reliable
    This source is generally reliable but sometimes includes opinion, propaganda, or minor inaccuracies.
    ·
    Leans Left
    This outlet slightly leans left.
  3. CVE, global source of cybersecurity info, was hours from being cut by DHS

    The potential loss of crucial infrastructure for global cybersecurity led some CVE board members to launch the CVE Foundation, a nonprofit pledged to ensure a more secure future for the CVE program than the US government can provide at the moment.

    CVE, global source of cybersecurity info, was hours from being cut by DHS

    ARS TechnicaARS Technica·3d
    Reliable
    This source consistently reports facts with minimal bias, demonstrating high-quality journalism and accuracy.
    ·
    Center
    This outlet is balanced or reflects centrist views.
  1. Wired
  2. Techdirt
  3. ARS Technica
Updated: Apr 16th, 2025, 6:41 PM ET

Summary

A summary of the key points of this story verified across multiple sources.

In a last-minute decision, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) renewed funding for the Common Vulnerabilities and Exposures (CVE) Program, which was facing potential shutdown. Managed by MITRE, CVE is essential for cybersecurity, providing a standardized system for tracking vulnerabilities. The funding extension for 11 months aims to prevent instability in cybersecurity protocols. In parallel, concerns arose over the program’s long-term sustainability, prompting the creation of the CVE Foundation to ensure its independence from government funding. Experts stress the importance of the CVE Program in maintaining global cybersecurity efficacy, as losing it could create chaos in the sector.

Perspectives

Compare opinions on this story from liberal (Left), conservative (Right) or center-leaning news organizations.

  • The CVE program, vital for global cybersecurity, faced potential closure as its funding contract with the DHS was set to expire, necessitating a last-minute renewal to prevent disruptions.

  • The CVE Foundation has been established by board members to ensure the continuation and independence of the program, improving its sustainability beyond government dependency.

  • Experts emphasize that the loss of CVE funding could create chaos in cybersecurity, as organizations depend on standardized vulnerability data for effective threat management.

FAQs

A list of follow-up questions readers often ask about this story.

No FAQs available for this story.

Critical CVE Program Funding Renewed in Last-Minute Move by CISA - Pano News