Why the CVE database for tracking security flaws nearly went dark - and what happens next

fotograzia/Getty Images Over the weekend, security experts were beginning to panic. MITRE announced that the US government had not renewed funding for the Common Vulnerabilities and Exposures (CVE) database. MITRE VP Yosry Barsoum warned that the government contract support enabling MITRE "to develop, operate, and modernize CVE" would expire on April 16. That would mean, Barsoum continued, "multiple impacts to CVE, including deterioration of national vulnerability databases and advisories, tool vendors, incident response operations, and all manner of critical infrastructure." Also: Navigating AI-powered cyber threats: 4 expert security tips for businesses All computer security depends upon CVE, which is the standard for tracking what is (and is not) a significant security hole. Fortunately, with no time left on the clock, MITRE, the non-profit that oversees the CVE database, announced it would get funding for another 11 months. The CVE program, which has cataloged more than 274,00 ... Read full article.