CVE Program

@CVE_Program
415 Followers
230 Following
430 Posts
Account maintained by the CVE™ Program to update the community on CVE-related announcements. https://www.cve.org
Websitehttps://www.cve.org
CVE Program1d ago
“CVE Record Dispute Policy” Updated

The updated policy clarifies the process for disputing a CVE Record & improves transparency for all parties involved

https://www.cve.org/Resources/General/Policies/CVE-Record-Dispute-Policy.pdf
CVE Program1d ago
The CVE Program is expanding its partnership with CERT@VDE for managing the assignment of #CVEIDs & publication of #CVE Records

CERT@VDE is now designated as a Root for organizations that are cooperative partners of https://infosec.exchange/@certvde

Learn more:
https://www.cve.org/Media/News/item/blog/2025/07/15/CERTVDE-Is-Now-a-Root-in-the
CERT@VDE (@certvde@infosec.exchange)

46 Posts, 15 Following, 20 Followers · est. 2017 Supporting OT/ICS Security. #CVE #CSAF #Advisory #OT We are the #CNA for: 365FarmNet, ads-tec Industrial IT, AKG, AMX, Auma, Beckhoff, Bender, Bucher Automation, Carlo Gavazzi Controls, CLAAS, Codesys, Dräger, DURAG, Endress+Hauser, Etherwan Systems, Euchner, Festo, Festo Didactic, Frauscher, Futronic, GEA, Harman International, Helmholz, Hilscher, HIMA, HYDAC, HYDAC Electronic GmbH, HYDAC Software GmbH, HYDAC Filter Systems GmbH, TTControl, ifm, Innominate, JBL, Jetter, JUMO, K4 DIGITAL, KEB, Kendrion, KEBA, KROHNE, KUKA, KUHNKE, Lenze, M&M Software, MB connect line, Miele, Murrelektronik, NEOCEPTION, Pepperl+Fuchs, PHOENIX CONTACT, Pilz, Red Lion Europe, Satinfo, SMA, SWARCO, Sysmik, TRUMPF, VARTA Storage, VEGA, VMT Vision Machine Technic, WAGO, Weidmueller, Welotec, Wiesemann & Theis. See https://certvde.com/en/cna/ for details.

Infosec Exchange
CVE Program1d ago
TYPO3 is now a CVE Numbering Authority (CNA) assigning CVE IDs for TYPO3 open-source products only, including TYPO3 CMS core & 3rd party extensions for TYPO3
https://cve.org/Media/News/item/news/2025/07/15/TYPO3-Added-as-CNA

#cve #cna #vulnerability #vulnerabilitymanagement #opensource
CVE Program1d ago
Minutes from the CVE Board teleconference meeting on June 25 are now available

https://www.mail-archive.com/cve-editorial-board-list@mitre.org/msg00277.html

#cve #vulnerability #vulnerabilitymanagement #hssedi #cisa #infosec #cybersecurity
CVE Meeting Minutes: June 25, 2025

CVE Program1d ago
Minutes from the CVE Board teleconference meeting on June 11 are now available

https://www.mail-archive.com/cve-editorial-board-list@mitre.org/msg00279.html

#cve #vulnerability #vulnerabilitymanagement #hssedi #cisa #infosec #cybersecurity
CVE Board Meeting Minutes: June 11, 2025

CVE Program3d ago
638 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of June 30, 2025

https://www.cisa.gov/news-events/bulletins/sb25-188

#CVE #CVEID #CVSS #CWE #Vulnerability #VulnerabilityManagement #HSSEDI #CISA
CVE ProgramJul 8
“CNA Enrichment Recognition” - 230 CNAs on the list for July 7, 2025

Published monthly, this list recognizes those CVE Numbering Authorities (#CNAs) actively providing #CVSS and #CWE vulnerability data in their #CVE Records

https://medium.com/@cve_program/vulnerability-data-enrichment-for-cve-records-230-cnas-on-the-enrichment-recognition-list-for-july-46422dd3ec31
CVE ProgramJul 8
Altium is now a CVE Numbering Authority (CNA) assigning CVE IDs for vulnerabilities in the following Altium products only: Altium Designer, A365, Octopart, & Altium Enterprise Server
https://cve.org/Media/News/item/news/2025/07/08/Altium-Added-as-CNA

#cve #cna #vulnerability #vulnerabilitymanagement #cybersecurity
CVE ProgramJul 3
746 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of June 23, 2025

https://www.cisa.gov/news-events/bulletins/sb25-181

#CVE #CVEID #CVSS #CWE #Vulnerability #VulnerabilityManagement #HSSEDI #CISA
CVE ProgramJul 2

New “CVE Consumer Working Group” Open to the Public

A forum for end-consumers of #CVE List data, CWG will identify consumer needs, evaluate usability of CVE data, & recommend improvements to ensure CVE remains aligned with real-world use cases

https://www.cve.org/Media/News/item/news/2025/07/01/New-CVE-Consumer-WG

×
CVE ProgramJun 24

Teradyne Robotics is now a CVE Numbering Authority (CNA) assigning CVE IDs for all products released by Teradyne Robotics subsidiaries, Universal Robots (UR) and Mobile Industrial Robots (MiR), as well as vulnerabilities in third-party software identified by Teradyne Robotics that are outside the scope of another CNA.

https://cve.org/Media/News/item/news/2025/06/03/Teradyne-Robotics-Added-as-CNA

#cve #cna #vulnerability #vulnerabilitymanagement #cybersecurity #robotics