On April 16, U.S authorities disclosed that they will expand the support for the Common Vulnerabilities and Exposures (CVE) database for 11 months, a key resource for determining vulnerabilities and threats. The decision came at the 11th hour just before MITRE’s contract was set to expire, creating uncertainties among cyber professionals. Cybersecurity and Infrastructure Security Agency (CISA) emphasized the database’s pivotal role in national and global networks and acknowledged the extension. 

Community Voice Support For CVE Database

The possible delay in funding created a wave of uncertainty in the cybersecurity community. John Hammomd, A Huntress researcher, showed his happiness at the extension and stated:

“I am glad that the community’s voice is heard loud and clear.”

IT administrators and cyber experts widely use the CVE database to track and address threats, making its operations a necessity for cybersecurity. Vice President and Director at the Centre for Securing Homeland at MITRE stated in a comment that the pause in the CVE and CWE programs had been prevented. Yosry Barsoum further appreciated the support and said:

“I’m grateful for the strong backing from the cyber industry, community, and the government in the last 24 hrs.”

However, a group named CVE Foundation disclosed a website with the goal of “viability, stability, and independence” of the system. But the company has not responded yet.