CVE Foundation eyes year-end launch following 11th-hour rescue of MITRE program | CyberScoop<\/title> <meta name=\"description\" content=\"The CVE program narrowly avoided shutdown after a funding crisis, prompting calls for alternative models and renewed debate about the future of global vulnerability management in cybersecurity.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/cve-program-funding-crisis-cve-foundation-mitre\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"CVE Foundation eyes year-end launch following 11th-hour rescue of MITRE program\"> <meta property=\"og:description\" content=\"The CVE program narrowly avoided shutdown after a funding crisis, prompting calls for alternative models and renewed debate about the future of global vulnerability management in cybersecurity.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/cve-program-funding-crisis-cve-foundation-mitre\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/cyberscoop\/\"> <meta property=\"article:published_time\" content=\"2025-05-14T10:00:00+00:00\"> <meta name=\"author\" content=\"Greg Otto\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program-1.jpg\"> <meta name=\"twitter:creator\" content=\"@gregotto\"> <meta name=\"twitter:site\" content=\"@CyberScoopNews\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1746040294g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1747157649g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1747161863g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=13897d660a0ac2c9c7d1\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/84496\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.8.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=84496\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcve-program-funding-crisis-cve-foundation-mitre%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fcve-program-funding-crisis-cve-foundation-mitre%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"wp-singular post-template-default single single-post postid-84496 single-format-standard wp-theme-scoopnewsgroup wp-child-theme-cyberscoop\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/cve-program-funding-crisis-cve-foundation-mitre\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"4.9180327868852\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Voting is open for the 2025 CyberScoop 50 awards!<\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.488805970149\">\n<div class=\"single-article__header-content\" readability=\"34.819253438114\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/cve-program-funding-crisis-cve-foundation-mitre\/\"> <span>Cybersecurity<\/span> <\/a> <\/li>\n<\/ul>\n<p> An apparent bureaucratic contract snafu has sparked a fire under experts trying to save the CVE program from the precarity of a single government funder. One rival to the existing program says it is ready to launch in December. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/84496\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program-1.jpg 2736w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program-1.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program-1.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program-1.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program-1.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program-1.jpg?resize=2048,1365 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program-1.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program-1.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program-1.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program-1.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program-1.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> (Courtesy of ShutterStock) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"115.81459366461\"><body readability=\"231.53750774954\"><\/p>\n<p>In late March, the nonprofit research organization MITRE celebrated the 25<sup>th<\/sup> anniversary of the Common Vulnerability and Exposures (CVE) program, a widely hailed scientific achievement funded by the U.S. government and administered by MITRE.<\/p>\n<p>The <a href=\"https:\/\/www.cve.org\/\">CVE program<\/a> is the global bedrock of contemporary vulnerability management, cataloging and assigning unique identifiers to software vulnerabilities. Until April 15, cybersecurity defenders and data scientists <a href=\"https:\/\/cyberscoop.com\/cve-program-history-mitre-nist-1999-2024\/\">seemed unshakeable<\/a> in embracing the program, which had already overcome challenges to achieve its silver anniversary.<\/p>\n<p>On that day, and for reasons that are still unclear, the world learned from a leaked memo signed by MITRE executive Yosry Barsoum that the Cybersecurity and Infrastructure Security Agency (CISA) <a href=\"https:\/\/www.csoonline.com\/article\/3963190\/cve-program-faces-swift-end-after-dhs-fails-to-renew-contract-leaving-security-flaw-tracking-in-limbo.html\">failed to sign<\/a> a contract extension with MITRE for its CVE program funding and that the effort would come to a halt in approximately 36 hours.<\/p>\n<p>About 17 hours later, CISA <a href=\"https:\/\/cyberscoop.com\/cisa-reverses-course-extends-mitre-cve-contract\/\">reversed course<\/a> with an 11-month contract extension, ensuring no immediate disruption in the critical program.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>When it appeared the program would end, cyber defenders panicked. \u201cDid it scare everyone?\u201d vulnerability expert Peter Allor asked rhetorically when speaking with CyberScoop as an officer of the newly formed <a href=\"https:\/\/www.thecvefoundation.org\/\">CVE Foundation<\/a>. \u201cAbsolutely. Why? Because it was so sudden, it was the 11th hour, 59th minute. It gave a doomsday feel to it.\u201d<\/p>\n<p>Since then, industry organizations have scrambled to move this foundational effort away from its dependence on a single funder. \u201cThat little threat of defunding caused people to wake up,\u201d Sasha Romanosky, senior policy researcher at the RAND Corporation, told CyberScoop. \u201cIt lit this spark of energy under people in a way I haven\u2019t seen before.\u201d<\/p>\n<p>Along the way, a schism seems to have emerged between CVE experts who want to continue embracing the CISA-MITRE funding mechanism albeit with greater participation by new parties \u2014 and those who believe it\u2019s time to move the system to a private-sector funding model that removes the U.S. government as the central body and opens the door to a much broader endeavor.<\/p>\n<h5 class=\"wp-block-heading\" id=\"h-so-what-happened\">So, what happened?<\/h5>\n<p>It\u2019s unclear how CISA\u2019s funding of the CVE program seemingly came close to ending. Experts think it was simply a case of contract negotiations gone sideways.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cI don\u2019t think they had their act together,\u201d Allor said, referring to the Department of Homeland Security, CISA, and MITRE. \u201cI just think that they were trying to figure out how they were going to negotiate with one another, and the three parties were trying to figure out how that worked.\u201d<\/p>\n<p>Several other experts liken the situation to a previous CVE-related funding lapse that affected \u2014 and continues to affect \u2014 the functioning of the National Institute of Standards and Technology\u2019s (NIST) <a href=\"https:\/\/cyberscoop.com\/plan-to-resuscitate-beleaguered-vulnerability-database-draws-criticism\/\">National Vulnerability Database<\/a> (NVD). The NVD contains MITRE\u2019s CVE data enriched with other vulnerability severity and exploitation metrics, and is the primary source of CVE information for a good portion of the cybersecurity industry.<\/p>\n<p>\u201cThis played out exactly like the NVD issue played out,\u201d Jerry Gamblin, an expert in the CVE ecosystem, told CyberScoop. \u201cThat contract just kind of expired, and people started asking, \u2018Hey, why did that contract expire?\u2019 And there is still no good answer on why they let that contract lapse.\u201d<\/p>\n<p>On April 23, Matt Hartman, CISA\u2019s acting executive assistant director for cybersecurity, <a href=\"https:\/\/www.cisa.gov\/news-events\/news\/statement-matt-hartman-cve-program\">denied<\/a> that the MITRE program came close to collapse, saying press reports \u201cinaccurately implied the program was at risk due to a lack of funding.\u201d<\/p>\n<p> \u201cTo set the record straight, there was no funding issue, but rather a contract administration issue that was resolved prior to a contract lapse,\u201d he said. \u201cThere has been no interruption to the CVE program, and CISA is fully committed to sustaining and improving this critical cyber infrastructure.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<h5 class=\"wp-block-heading\" id=\"h-shifting-the-sector-away-from-us-government-funding\">Shifting the sector away from US government funding<\/h5>\n<p>Immediately following the contract imbroglio, CVE alternatives sprang to life. First, the European Union Agency for Cybersecurity (ENISA) unveiled its alternative, the <a href=\"https:\/\/euvd.enisa.europa.eu\/faq\">EUVD,<\/a> or the European Union Vulnerability Database, in beta.<\/p>\n<p>Similar to NIST\u2019s NVD, the EUVD <a href=\"https:\/\/euvd.enisa.europa.eu\/faq\">organizes<\/a> disclosed bugs by their CVE-assigned unique ID, documents their impact, and provides vulnerability information from multiple sources, including advisories supplied by vendors and CSIRTs (such as the members of the EU CSIRTs network), as well as other relevant stakeholders.<\/p>\n<p>Another European initiative thrust into the spotlight is the <a href=\"https:\/\/gcve.eu\/\">GCVE: Global CVE Allocation System<\/a>, developed by <a href=\"https:\/\/www.circl.lu\/\">CIRCL.eu<\/a>, the Computer Incident Response Center in Luxembourg. The GCVE is a new, decentralized system for identifying and numbering security vulnerabilities, using its own numbering authorities and independent entities that can allocate GCVE identifiers.<\/p>\n<p>Finally, and most prominently, a group of CVE board members quickly unveiled their plans to establish the <a href=\"https:\/\/www.thecvefoundation.org\/\">CVE Foundation<\/a>, an entirely new system funded by private-sector organizations and multiple governments.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cThere are so many groups stepping forward to say, \u2018We want to create something better,\u2019\u201d Ben Edwards, principal research scientist at Bitsight, told CyberScoop. \u201cWe want to help. We want to do something right here. I think that\u2019s a very big strength of our industry.\u201d<\/p>\n<p>Yet Edwards, like the other CVE experts who spoke to CyberScoop, is leery of creating a splintered CVE regime. \u201cIf CISA and MITRE went away, we would have a huge fracturing because so many people would want to step in and fill that power void created. And there\u2019s going to be a long period of chaos, I imagine, of everybody trying to do the right thing.\u201d<\/p>\n<p>Most CVE experts favor bringing European and international partners into a bigger tent while also seeking to reduce the funding monopoly the U.S. government has on the project, particularly as experts view the current administration as unpredictable. \u201cI don\u2019t think there is a single organization out there that thinks having all of your income coming from one place is a good idea,\u201d Jay Jacobs, founder of Empirical Security and chief data scientist emeritus and founder of the Cyentia Institute, told CyberScoop. \u201cAnd that\u2019s exactly what we have with the CVE program.\u201d<\/p>\n<p>Jacobs\u2019 co-founder at Empirical Security, Michael Roytman, underscores the need to move away from the U.S. government as a sole funding source. \u201cA healthy distrust of over-reliance on one particular actor to provide critical infrastructure is good,\u201d he told CyberScoop. \u201cThe funding could dry up, whether it\u2019s the government or even the private sector. You want resiliency in something that is that critical.\u201d<\/p>\n<h5 class=\"wp-block-heading\" id=\"h-a-year-end-timeline\">A year-end timeline?<\/h5>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Allor says the CVE Foundation could be up and running as a fully functioning alternative database by December, four months before MITRE\u2019s contract extension expires.<\/p>\n<p>\u201cWho owns this problem is the real question,\u201d Allor said. \u201cI would postulate that the software producers own this problem.\u201d<\/p>\n<p> \u201cThat doesn\u2019t mean governments don\u2019t have a need,\u201d he added. \u201cThey absolutely have a need. They need to be at the table, but they can\u2019t solely be at the table. At the end of the day, they don\u2019t produce this. They don\u2019t fix it.\u201d<\/p>\n<p>Allor contends that the CVE program is a matter of national security and the country can\u2019t \u201crely on a government that will wait until the 11<sup>th<\/sup> hour to ensure its continued functioning.\u201d<\/p>\n<p>\u201cWhy are we putting the entire ecosystem at risk if it is a national security issue?\u201d Allor said. \u201cHow did you miss your mission if it was critical to national security? That\u2019s just ridiculous.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The answer for Allor and CVE Foundation board members is \u201cthat we need something more reliable, broader supported, with input from all concerned, and that allows us to focus on the most impactful part.\u201d<\/p>\n<p>Allor said dozens of private-sector companies, plus four non-U.S. governments, have already pledged support to get the foundation up and running. However, former CISA Director Jen Easterly has come down hard on the CVE Foundation, whose board contains members from the independent CVE program board that oversees the current MITRE program.<\/p>\n<p>In a LinkedIn <a href=\"https:\/\/www.linkedin.com\/pulse\/trust-transparency-future-cve-program-jen-easterly-vcs9e\/?trackingId=Dg78wl8pQLZXzv2CXKvGtQ%3D%3D\">post<\/a>, Easterly accused CVE Foundation board members of duplicity, saying that \u201cwhile sitting on the governing board of one of the most critical cybersecurity programs in the world, some members were ostensibly working in secret to build a separate organization to assume control of that very program. And they didn\u2019t resign while doing so, given the obvious conflict of interest.\u201d<\/p>\n<p>Easterly also argued that while \u201csoftware vendors should have a voice in the CVE Program,\u201d the effort \u201cshould be funded by the government and governed by independent stakeholders who are a balanced representation of the ecosystem.\u201d<\/p>\n<p>When asked about the prospect of the CVE Foundation launching its rival effort by December, a MITRE spokesperson told CyberScoop: \u201cMITRE appreciates the recent overwhelming support for the CVE and CWE [common weakness enumeration] programs that the global cyber community, industry, and government has expressed. MITRE remains committed to CVE and CWE as a global resource for the greater good.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>As the parties continue talking, Gamblin said he doesn\u2019t want to \u201cpick sides.\u201d<\/p>\n<p>\u201cI just want to see the program survive and be healthy,\u201d he said, \u201cin whatever way is the most beneficial for people who aren\u2019t able to spend money on intelligence feeds\u201d that depend on CVE records.<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"2.5\">\n<div class=\"author-card\" readability=\"10\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/05\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program.png?w=640&ssl=1\" alt=\"Cynthia Brumfield\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Cynthia Brumfield<\/h4>\n<p> Cynthia Brumfield is a veteran communications and technology analyst who is now focused on<br \/>\ncybersecurity. She runs a cybersecurity news and information site, Metacurity.com. <\/p>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/cve-program-funding-crisis-cve-foundation-mitre\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE Foundation eyes year-end launch following 11th-hour rescue of MITRE<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[78],"tags":[86],"class_list":["post-7637","post","type-post","status-publish","format-standard","hentry","category-cybersecurity","tag-cybersecurity"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/cybersecurity\/\" rel=\"category tag\">Cybersecurity<\/a>","tag_info":"Cybersecurity","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7637","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=7637"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/7637\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=7637"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=7637"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=7637"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":7637,"date":"2025-05-14T05:00:00","date_gmt":"2025-05-14T10:00:00","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=84496"},"modified":"2025-05-14T05:00:00","modified_gmt":"2025-05-14T10:00:00","slug":"cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/05\/14\/cve-foundation-eyes-year-end-launch-following-11th-hour-rescue-of-mitre-program\/","title":{"rendered":"CVE Foundation eyes year-end launch following 11th-hour rescue of MITRE program"},"content":{"rendered":"