Particle.news
Download on the App Store
14 ARTICLES
·
last wk.

CVE Program Loses Federal Funding, New Nonprofit Foundation Announced

The critical cybersecurity system faces disruption as U.S. funding ends, prompting CVE Board members to launch an independent nonprofit to sustain operations.

Image
Image
Image
Image

Overview

  • Federal funding for the Common Vulnerabilities and Exposures (CVE) program expired on April 16, 2025, as the U.S. government declined to renew MITRE's contract.
  • The CVE program, vital for tracking and standardizing vulnerability disclosures globally, risks operational disruption without immediate financial support.
  • In response, CVE Board members have announced the creation of the CVE Foundation, a nonprofit organization aimed at ensuring the program's continuity.
  • The funding lapse also affects the Common Weakness Enumeration (CWE) program, which identifies and categorizes software and hardware weaknesses.
  • Government agencies, including CISA, are working to mitigate the impact, while the new foundation seeks support from industry stakeholders to sustain cybersecurity coordination.