CVE security program used by Apple and others has funding removed [U]

The CVE security program used to track vulnerabilities in both hardware and software has had its federal funding removed with immediate effect. Apple is one of a number of tech giants who rely on the Common Vulnerabilities and Exposures (CVE) program to identify security flaws in their products. Update: CVE board members have responded by announcing a new non-profit known as the CVE Foundation, intended to continue the work – more at the end … The CVE security program The CVE program provides an easy and efficient way for any individual or organization to report a security vulnerability they have found in any tech product. Once reported, it is assigned a unique ID comprising CVE- followed by the year and a serial number. This allows others to see that the issue has been reported, and to carry out their own investigations to assist the tech company concerned in determining the severity of the problem. Where a vulnerability requires multiple tech companies to act, the CVE system hel ... Read full article.