Tech Giants React as Funding Pulled from Critical CVE Security Program

The Common Vulnerabilities and Exposures (CVE) program, which tracks security vulnerabilities in hardware and software, has had its federal funding removed with immediate effect. The CVE system assigns unique IDs to reported security flaws, facilitating coordination among tech companies like Apple, Google, and Microsoft. The removal of funding by the US government is expected to cause significant disruptions in the cybersecurity field, including deterioration of national vulnerability databases and a breakdown in coordination between vendors and analysts. However, in response to this development, CVE board members have announced the formation of a non-profit organization called the CVE Foundation to continue the program's work. The foundation aims to maintain the quality and integrity of vulnerability identification and ensure the availability of CVE data for defenders worldwide. Funding will be crucial for the foundation's success, and it is expected that major tech companies like Apple will provide support.