Despite challenges, the CVE program is a public-private partnership that has shown resilience | CyberScoop<\/title> <meta name=\"description\" content=\"Over 25 years, the program has weathered challenges and dealt with changes that have enabled it to retain its status as the premier global go-to mechanism for understanding cybersecurity vulnerabilities.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/cve-program-history-mitre-nist-1999-2024\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"Despite challenges, the CVE program is a public-private partnership that has shown resilience\"> <meta property=\"og:description\" content=\"Over 25 years, the program has weathered challenges and dealt with changes that have enabled it to retain its status as the premier global go-to mechanism for understanding cybersecurity vulnerabilities.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/cve-program-history-mitre-nist-1999-2024\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-03-24T09:00:00+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/despite-challenges-the-cve-program-is-a-public-private-partnership-that-has-shown-resilience-2.jpg\"> <meta property=\"og:image:width\" content=\"3840\"> <meta property=\"og:image:height\" content=\"2160\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Greg Otto\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@gregotto\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1739294329g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1740508126g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1740691656g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=a815169637cf454b7376\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/83942\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.7.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=83942\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcve-program-history-mitre-nist-1999-2024%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcve-program-history-mitre-nist-1999-2024%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-83942 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/cve-program-history-mitre-nist-1999-2024\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"5.12\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Nominations can be submitted for the 2025 CyberScoop 50 awards!<\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \">\n<div class=\"single-article__header-content\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/cve-program-history-mitre-nist-1999-2024\/\"> <span>Cybersecurity<\/span> <\/a> <\/li>\n<\/ul>\n<p>   <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"360\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/despite-challenges-the-cve-program-is-a-public-private-partnership-that-has-shown-resilience.jpg?resize=640%2C360&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/despite-challenges-the-cve-program-is-a-public-private-partnership-that-has-shown-resilience-2.jpg 3840w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/despite-challenges-the-cve-program-is-a-public-private-partnership-that-has-shown-resilience-2.jpg?resize=300,168 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/despite-challenges-the-cve-program-is-a-public-private-partnership-that-has-shown-resilience-2.jpg?resize=768,432 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/despite-challenges-the-cve-program-is-a-public-private-partnership-that-has-shown-resilience-2.jpg?resize=1024,576 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/despite-challenges-the-cve-program-is-a-public-private-partnership-that-has-shown-resilience-2.jpg?resize=1536,864 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/despite-challenges-the-cve-program-is-a-public-private-partnership-that-has-shown-resilience-2.jpg?resize=2048,1152 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/despite-challenges-the-cve-program-is-a-public-private-partnership-that-has-shown-resilience-2.jpg?resize=600,337 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/despite-challenges-the-cve-program-is-a-public-private-partnership-that-has-shown-resilience-2.jpg?resize=1200,675 1200w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/despite-challenges-the-cve-program-is-a-public-private-partnership-that-has-shown-resilience-2.jpg?resize=1500,843 1500w\" sizes=\"(max-width: 1200px) 100vw, 1200px\"><figcaption> (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"109.28244545916\"><body readability=\"218.33183808608\"><\/p>\n<p>In 1999, Dave Mann and Steve Christey, two researchers from the nonprofit R&D corporation MITRE, <a href=\"https:\/\/www.cve.org\/Resources\/General\/Towards-a-Common-Enumeration-of-Vulnerabilities.pdf\">debuted<\/a> a concept for security vulnerabilities that laid the groundwork for the <a href=\"https:\/\/www.cve.org\/\">common vulnerability and exposures framework<\/a> (CVE) that organizes information around computer vulnerabilities.<\/p>\n<p>Twenty-five years later, the CVE program, which assigns a unique record to each reported vulnerability, is in its fifth iteration. It has become a highly valued and integral aspect of how cybersecurity defenders can consistently share information about vulnerabilities and achieve interoperability across threat databases. There <a href=\"https:\/\/www.cvedetails.com\/cve-assigners-cnas\/1.html\">are now<\/a> 413 organizations from over 40 countries reporting CVEs, with new reported vulnerabilities soaring to over 40,000, and total CVE records climbing to 270,768 in 2024.<\/p>\n<p>\u201cThe underlying value of CVE continues to resonate, which is: how do we make sure that two or more people in different organizations can look at a vulnerability and know they\u2019re talking about the same thing?\u201d Peter Sheingold, senior principal and senior manager of cybersecurity and infrastructure security at MITRE, which runs the CVE program, told CyberScoop. <\/p>\n<p>But along the way, the program has weathered challenges and dealt with changes that have enabled it to retain its status as the premier global go-to mechanism for understanding cybersecurity vulnerabilities. Ben Edwards, principal research scientist at Bitsight, likens the CVE system to Winston Churchill\u2019s famous quote, \u201cDemocracy is the worst form of government, except for all the others.\u201d <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Like democracy, the CVE program, despite its flaws, is still the best way to identify and deal with vulnerabilities, he told CyberScoop.<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-nbsp-growing-pains-from-cna-system-growth\"> Growing pains from CNA system growth<\/h4>\n<p>The CVE system has several key components, but few are more integral to understanding some of the program\u2019s current challenges than the <a href=\"https:\/\/www.cve.org\/ResourcesSupport\/Glossary?activeTerm=glossaryCNA\">CVE numbering authority<\/a> (CNA). CNAs are the entities that get to assign CVE IDs and publish the corresponding records. <\/p>\n<p>In 2016, the CVE program expanded the number of entities that can become CNAs. \u201cWhat has happened since then is, as we\u2019ve gained more CNAs who can all issue their own CVEs at their own rate, they\u2019re just able to catalog all the flaws there are,\u201d Edwards said. \u201cAnd we\u2019ve seen this exponential increase. I don\u2019t think this is a bad thing or necessarily means we should be worried that we\u2019re more insecure. Probably the opposite in the sense that the more visibility we have into these CVEs, the better we can protect ourselves,\u201d he said.<\/p>\n<p>Not everyone wholeheartedly embraces the rapid growth in the number of CNAs. Some professionals who work with the data suspect that there are software providers who joined the CNA ranks specifically to hide the vulnerabilities they find or to shade the data in the most flattering light. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cThe dirty secret is a lot of companies become CNAs now to hide vulnerabilities,\u201d Tom Pace, co-founder and CEO of NetRise, told Cyberscoop. \u201cFor example, if [a company] is a CNA, then if you are a researcher and you find a vulnerability or a zero day and you want to disclose it properly, the only route you have is to go through [the company].\u201d <\/p>\n<p>Experts acknowledge this incentive exists. Jay Jacobs, founder of Empirical Security, told Cyberscoop, \u201cIt\u2019s a tricky spot to be in because there is the notion that the more information the CNAs make public, the easier it could be to exploit it. There is a theory that if you don\u2019t disclose all information, maybe the number of attackers can be reduced or contained, or maybe it\u2019s zero if you have very little information. I don\u2019t think that\u2019ll ever be the case, but that\u2019s one of the theories that CNAs may be considering.\u201d<\/p>\n<p>However, Alec Summers, MITRE\u2019s principal cybersecurity engineer and group lead of cybersecurity operations and integration, told Cyberscoop that the federated nature of the CVE ecosystem helps limit how often CNAs can hide vulnerabilities. <\/p>\n<p>\u201cThere are plenty of things in the ecosystem to prevent that from happening,\u201d he said, particularly when outside researchers discover a flaw the CNA denies. \u201cYou go to that CNA, and they say, \u2018Oh, that\u2019s not a vulnerability.\u2019 And they fight, and they go back and forth. We have a dispute policy. The CVE program has a dispute policy and has an escalation policy\u201d to deal with precisely these situations.<\/p>\n<p>CNAs are governed by a hierarchy, with the highest level considered a <a href=\"https:\/\/nvd.nist.gov\/general\/cna-counting\">root CNA<\/a>, meaning that it can impose sanctions on lower-level CNAs if they are non-compliant with the system\u2019s community-developed rules. The <a href=\"https:\/\/www.cisa.gov\/resources-tools\/programs\/cisa-root-common-vulnerability-and-exposures-numbering-authority-industrial-control-systems\">top-level root CNAs<\/a> are the Cybersecurity and Infrastructure Security Agency (CISA) for industrial control systems and medical devices and MITRE for all other organizations.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<h4 class=\"wp-block-heading\" id=\"h-data-quality-and-complexity-issues-arise\">Data quality and complexity issues arise<\/h4>\n<p>Experts also point to several issues regarding the adequacy or complexity of the data reported by CNAs. <\/p>\n<p>\u201cThe biggest thing I run into is data quality,\u201d Jacobs said. \u201cThe amount of completeness and the quality of the records can vary enormously. \u201d He adds, \u201cWe do see an increase in the CNAs stepping up on their data quality, their completeness of data. It\u2019s not perfect. We\u2019re still missing data.\u201d<\/p>\n<p>Other experts argue that the growing number of CVEs is actually leading to improvements in CVE records, as the software suppliers who are most familiar with their flaws are best equipped to describe them. <\/p>\n<p>\u201cWhat is exciting about the CVE program and some of its recent programmatic evolution is the enabling of and the empowering of its hierarchical structure of roots and CNAs to start providing more of these kinds of metric information in the record itself,\u201d MITRE\u2019s Summers says. \u201cSo, you have people who are enabled through the CVE record format being closest to the product and having the knowledge of, for example, the root cause.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Edwards and other cybersecurity researchers have pointed out another issue: over the past 25 years, the data has grown more complex, making it sometimes challenging to interpret and still not useful for some consumers.<\/p>\n<p>\u201cThe format has maybe expanded to where it\u2019s a little unwieldy and maybe doesn\u2019t fit exactly the purposes that everybody needs,\u201d Edwards said. \u201cBut at the same time, it\u2019s what we\u2019ve got. And it is certainly better than starting from scratch trying to do a new standard and trying to build something else and potentially fracture the landscape.\u201d<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-a-recent-stress-test\">A recent stress test<\/h4>\n<p>The US federal government funds all three major CVE players: the National Institute of Standards and Technology (NIST), CISA, and MITRE. Last year, NIST <a href=\"https:\/\/nvd.nist.gov\/general\/news\/nvd-program-transition-announcement\">lacked sufficient funding<\/a> to process CVEs on time, resulting in a backlog of their entering CVE records into a widely-used enriched CVE database called the National Vulnerability Database (NVD). <\/p>\n<p>This lag created concern among defenders and prompted CISA and <a href=\"https:\/\/vulncheck.com\/blog\/nvd-backlog-exploitation-lurking\">other organizations<\/a> to help fill in the gaps. NIST has been digging its way out of the backlog <a href=\"https:\/\/www.nist.gov\/itl\/nvd\/nvd-news#:~:text=NIST%20is%20working%20to%20establish,to%20CVE%205.0%20transition%20page.\">with the help<\/a> of a vendor, ANALYGENCE Labs.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Michael Roytman, co-founder of Empirical Security, told CyberScoop that although concerning, the NVD backlog was \u201cactually a good stress test to try to understand what happens to the ecosystem in the event that any of these databases go down, and the reasons could be numerous, the reasons could be administrative changes, could be funding, could be technical.\u201d <\/p>\n<p>The CVE program might undergo yet another stress test as the Trump administration\u2019s DOGE initiative shrinks headcount and reduces funding of not only NIST, which has already <a href=\"https:\/\/www.wired.com\/story\/the-national-institute-of-standards-and-technology-braces-for-mass-firings\/\">laid off<\/a> 500 employees, but also CISA, which has lost hundreds of employees in at least <a href=\"https:\/\/www.csoonline.com\/article\/3844343\/trump-nominates-cyber-vet-sean-plankey-for-cisa-chief-amid-doge-cuts-and-firings.html\">three rounds of layoffs<\/a>.<\/p>\n<p>Most CVE experts argue that even with the current climate, the cuts would have to be highly draconian to mar the program. Bitsight\u2019s Edwards said, \u201cI think that there is sufficient information within the MITRE CVE list that we can certainly get by\u201d if funding were to be significantly reduced. <\/p>\n<p>\u201cWe have 1,500 cybersecurity experts on staff ready to keep building,\u201d before a worst-case scenario would materialize, Lisa Fasold, public relations principal and group lead at MITRE Enterprise Communications, told CyberScoop.<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-optimism-for-the-future\">Optimism for the future<\/h4>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Despite glitches and possible funding potholes along the road, experts have nothing but praise and optimism for the CVE program\u2019s future. \u201cIt\u2019s not perfect by any means, but it has stood the test of time,\u201d Art Manion, a longtime CVE expert and deputy director of ANALYGENCE Labs, speaking in his personal capacity, told CyberScoop. \u201cA world without CVE in it would get pretty ugly.\u201d<\/p>\n<p>MITRE\u2019S Summers says, \u201cIt\u2019s been 25 years of this program, and I don\u2019t know if it\u2019s possible to name another such public-private partnership program that has lasted that long and has continued to be so impactful in an ongoing way. I\u2019m excited about the opportunity to continue evolving in ways that bring value to the community.\u201d<\/p>\n<p>Empirical Security\u2019s Roytman echoes the enthusiasm of his peers when he says, \u201cThe fact that we\u2019ve gotten together as an industry and have this public good and vendors build whole products off of it is wonderful and excellent and should continue to improve.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"4.5\">\n<div class=\"author-card\" readability=\"14\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/03\/despite-challenges-the-cve-program-is-a-public-private-partnership-that-has-shown-resilience-1.jpg?w=640&ssl=1\" alt=\"Greg Otto\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Greg Otto<\/h4>\n<p> Greg Otto is Editor-in-Chief of CyberScoop, overseeing all editorial content for the website. Greg has led cybersecurity coverage that has won various awards, including accolades from the Society of Professional Journalists and the American Society of Business Publication Editors. Prior to joining Scoop News Group, Greg worked for the Washington Business Journal, U.S. News & World Report and WTOP Radio. He has a degree in broadcast journalism from Temple University. <\/p>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/cve-program-history-mitre-nist-1999-2024\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Despite challenges, the CVE program is a public-private partnership that<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[78,117,1],"tags":[86,119,325],"class_list":["post-7468","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","category-government","category-uncategorized","tag-cybersecurity","tag-government","tag-uncategorized"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7468","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7468"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7468\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7468"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7468"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7468"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":7468,"date":"2025-03-24T04:00:00","date_gmt":"2025-03-24T09:00:00","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=83942"},"modified":"2025-03-24T04:00:00","modified_gmt":"2025-03-24T09:00:00","slug":"despite-challenges-the-cve-program-is-a-public-private-partnership-that-has-shown-resilience","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/03\/24\/despite-challenges-the-cve-program-is-a-public-private-partnership-that-has-shown-resilience\/","title":{"rendered":"Despite challenges, the CVE program is a public-private partnership that has shown resilience"},"content":{"rendered":"