CVE Funding Cut Threatens Cybersecurity Vulnerability Tracking

April 16, 2025, 9:21 am

Recent reports reveal that US government funding for the Common Vulnerabilities and Exposures (CVE) database has been slashed, jeopardizing its role as a central hub for tracking software and operating system vulnerabilities. The defunding raises alarms over potential delays in identifying and mitigating critical security flaws, increasing the risk of widespread exploitation by cyber attackers. Experts warn that this move could impair organizations’ abilities to respond rapidly to emerging threats in a landscape of escalating digital attacks.

Reddit: r/politics

Bluesky: @couts.bsky.social, @wired.com, @wired.com, @hackernewsbot.bsky.social, @macrumors.bsky.social


wired.com / ‘Stupid and Dangerous’: CISA Funding Chaos Threatens Essential Cybersecurity Program

The CVE Program is the primary way software vulnerabilities are tracked. Its long-term future remains in limbo even after a last-minute renewal of the US government contract that funds it.

techdirt.com / US Government Almost Kills Critical Cybersecurity Database

In what appears to be the latest move in this administration’s total incompetence with regards to critical government tech infrastructure, MITRE announced yesterday that funding had run out for the Common Vulnerabilities and Exposures (CVE) system, the fundamental framework that basically...

arstechnica.com / CVE, global source of cybersecurity info, was hours from being cut by DHS

Board members have launched a nonprofit to take over the program from MITRE.

androidheadlines.com / The U.S. Just Defunded a Key Security Database, And Your Android Phone Could Pay the Price

The post The U.S. Just Defunded a Key Security Database, And Your Android Phone Could Pay the Price appeared first on Android Headlines.

appleinsider.com / Online risks will escalate as the global security vulnerability database gets defunded

The U.S. government has cut its funding of the CVE database, used to track security vulnerabilities in operating systems and software. It's a change that will make it harder for Apple to monitor and fix software issues.The loss of CVE will make it harder to track malwareThe Common Vulnerabilities...

betanews.com / Could this be the end of CVE? And what does it mean for cybersecurity?

The CVE (Common Vulnerabilities and Exposures) database is widely used across many cybersecurity tools, allowing the tracking of vulnerabilities. The CVE program has been in existence for 25 years but today MITRE -- the non-profit organization which looks after the database -- has announced that...

bleepingcomputer.com / CISA extends funding to ensure 'no lapse in critical CVE services'

CISA says the U.S. government has extended funding to ensure no continuity issues with the critical Common Vulnerabilities and Exposures (CVE) program. [...]

macrumors.com / Security Database Used by Apple Goes Independent After Funding Cut

Apple, along with other tech companies, relies on the Common Vulnerabilities and Exposures (CVE) program to identify and track security flaws in its software. This critical cybersecurity resource now faces an uncertain future, after federal funding was today abruptly cut off. In response to...

permalink / 14 stories from 10 sources in 13 days ago #cybersecurity #opensource #infosec #apple #dataprivacy #cloudsec #mobile #software




More Top Stories...

Meta energizes developers at inaugural LlamaCon with new AI API

At its first-ever LlamaCon, Meta unveiled its Llama API along with other AI innovations to win over developers. The company flexed its AI muscle with bold new tools aimed at stirring up enthusiasm in the tech community—even as skeptics wonder if this pitch will convert hardcore rivals. More...


OpenAI Reverses ChatGPT Update Amid Sycophancy Complaints

In response to user outcry over its overly deferential tone, OpenAI has pulled back a recent update to its ChatGPT model. CEO Sam Altman confirmed the rollback, citing concerns that the AI’s extreme sycophancy was undermining authentic, balanced interactions. More...


Microsoft’s Code Revolution: 30% Now AI-Generated

In a surprising twist for the programming world, Microsoft’s CEO revealed that up to 30% of the company’s code is generated by artificial intelligence. This bold move highlights the tech giant’s rapid adaptation to AI trends—and plenty of debugging adventures still lie ahead. More...


Apple AirPlay vulnerabilities enable zero‐click exploits across devices

Critical flaws in Apple's AirPlay protocol and SDK allow hackers to gain remote code execution without user interaction. This zero‐click vulnerability exposes smart speakers, TVs, and other connected devices to serious risk, proving that even polished ecosystems have their chinks in the armor. More...


Zero‐Day Exploits in State-Sponsored Cyber Operations

Recent reports highlight a surge in zero‐day hack usage by government-linked cyber actors. According to tech titans and security research, while overall threat detections dropped, targeted attacks have shifted to more covert exploits, raising alarms over national security vulnerabilities and the shadowy world of state-sponsored cyber warfare. More...




Related Tags


Cybersecurity

Apple AirPlay vulnerabilities enable zero‐click exploits across devices (14 hours ago)

Zero‐Day Exploits in State-Sponsored Cyber Operations (15 hours ago)

Massive Outage Paralyzes Spain, Portugal, and Parts of France (44 hours ago)

more #cybersecurity


Open Source

Bluesky Launches Official Blue Check Verification to Bolster Authenticity (8 days ago)

OpenAI’s o3/o4-mini Models Stir Mixed Reviews and Invisible Marking Debates (8 days ago)

Judicial blow on Google ad monopoly ruling sparks industry debate (11 days ago)

more #opensource


IT Security

Apple AirPlay vulnerabilities enable zero‐click exploits across devices (14 hours ago)

Zero‐Day Exploits in State-Sponsored Cyber Operations (15 hours ago)

Trump’s Tariffs Shake Global Trade and Domestic Policies (2 days ago)

more #infosec


Apple

Samsung Q1 Earnings: Chip Profit and Operating Success Exceed Forecasts (6 hours ago)

Apple Watch SE 3 Teases Bigger Display Options in Upcoming Model (10 hours ago)

Apple launches 'Snapshot' web page for celebrity content spotlight (14 hours ago)

more #apple


Data Privacy

WhatsApp Defends Privacy as AI Features Roll Out (13 hours ago)

Microsoft Unleashes AI-Powered "Recall" Across Windows 11 (4 days ago)

Yale New Haven Health Hit by Data Breach Affecting Over 5 Million (4 days ago)

more #dataprivacy


Cloud Security

WhatsApp Defends Privacy as AI Features Roll Out (13 hours ago)

Bug hunter exposes SSL.com flaw, triggers certificate revocations (8 days ago)

Signal scandal unsettles White House and GOP officials (8 days ago)

more #cloudsec


Mobile Applications

Snapchat Abandons Simplified Redesign Amid User Backlash (10 hours ago)

Debate Over Pricing and Availability of Apple Intelligence (6 days ago)

xAI Upgrades Grok with Vision, Voice, and Search Features (6 days ago)

more #mobile


Software

Microsoft’s Code Revolution: 30% Now AI-Generated (6 hours ago)

Meta energizes developers at inaugural LlamaCon with new AI API (14 hours ago)

Parallels Desktop 20.3 Update Enhances Virtualization Features for Windows and Mac (16 hours ago)

more #software


Disclaimer: The information provided on this website is intended for general informational purposes only. While we strive for accuracy, we do not guarantee the completeness or reliability of the content. Users are encouraged to verify all details independently. We accept no liability for errors, omissions, or any decisions made based on this information.