CISA extends funding to the CVE program (BleepingComputer)

Sergiu Gatlan reportsthat the US government has extended funding for the CommonVulnerabilities and Exposures (CVE) program, following yesterday's reports that fundingwould run out as of April16.

"The CVE Program is invaluable to cyber community and a priority ofCISA," the U.S. cybersecurity agency told BleepingComputer. "Lastnight, CISA executed the option period on the contract to ensure therewill be no lapse in critical CVE services. We appreciate our partners'and stakeholders' patience."

The article also mentions the launch of a CVE Foundation, totransition the CVE program to a dedicated foundation and eliminate"a single point of failure in the vulnerability managementecosystem", as well as a European vulnerabilitydatabase (EUVD) backed by the European Union Agency forCybersecurity (ENISA). Details on these initiatives are scant at themoment, and it is unclear whether restoration of funding will have anyimpact on these efforts.