The US almost let the CVE system die - the cybersecurity world's universal bug tracker

Why it matters: Articles on this site that cover software vulnerabilities typically include CVE codes, which tech companies worldwide use to identify cybersecurity threats. Funding for the program that manages the CVE database nearly expired this week, potentially endangering global cybersecurity coordination efforts. Although the crisis was averted at the last minute, the cybersecurity community has begun taking steps to avoid a repeat. The US Department of Homeland Security has extended funding for the Common Vulnerabilities and Exposures (CVE) program, which was set to expire on Wednesday. Experts warn that the program is critical for worldwide cybersecurity efforts. CVE codes provide a standardized system that enables tech companies, researchers, and hackers to identify and address vulnerabilities. For example, security advisory pages from Apple, Microsoft, Mozilla, and other firms use the system to label issues. Although entities across the globe rely on CVE codes to ensure they ... Read full article.