this post was submitted on 16 Apr 2025
1115 points (98.4% liked)

Technology

69211 readers
3044 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago
MODERATORS
L3s@lemmy.world
enu@lemmy.world
technopagan@lemmy.world
L4s@lemmy.world
L3s@hackingne.ws
L4s@hackingne.ws
1115
Uncle Sam abruptly turns off funding for CVE program. Yes, that CVE program (go.theregister.com)
submitted 1 week ago by Tea@programming.dev to c/technology@lemmy.world
127 comments fedilink hide all child comments
 

Because vulnerability management has nothing to do with national security, right?

top 50 comments
sorted by: hot top controversial new old
[–] sinanbrendel@feddit.org 3 points 4 days ago

Why should something of this importance be entrusted to a single government anyways, shouldn't it be distributed/decentralized?

[–] you_are_it@lemmy.sdf.org 16 points 6 days ago

Are you guys free yet?

[–] Formfiller@lemmy.world 16 points 6 days ago

It’s because the entire administration is a vulnerability

[–] PunkRockSportsFan@fanaticus.social 17 points 6 days ago* (last edited 6 days ago) (2 children)

They dont want national security.

They want to steal your property and destroy the country so they can reform it in their image.

[–] rottingleaf@lemmy.world 7 points 6 days ago

Rather they want new vulnerabilities to go right to the market and remain unknown for longer, because that makes the surveillance and other criminal activity by the government easier.

[–] nightm4re@feddit.org 9 points 6 days ago

My European friends here: do whatever you can to make EUVD a viable alternative. It's a vulnerability database led by the European Union Agency for Cybersecurity enisa. Since their website is relatively new, you can help by providing feedback though this survey. Yes, the CVE funding has been continued for another year. But a sustainable approach to vulnerability management cannot be dependent on a single government-owned / funded entity any longer! I wish the board members all the best in transferring CVE to a new umbrella organization, but now is a great time to also consider global alternatives.

[–] Wimster@europe.pub 4 points 6 days ago

Oh my God, and then I think of all the hundreds of thousands of veterans who voted for Trump. You did a great job.

[–] oysvendsen@lemmy.world 4 points 6 days ago

😳 Is the program entirely funded by the US government?

What can EU and other governments/businesses do about this? Or what are they doing?

[–] ccbrown@programming.dev 4 points 6 days ago

Terrifying. Unfortunately it’s difficult to explain to laypeople why the CVE system is so important. Our nation’s leaders certainly won’t get it. Hopefully the experts are able to get through to them when it’s time to renew again. And maybe we can reduce our government dependence a bit by then.

[–] AnguishedNarwhal@discuss.tchncs.de 4 points 6 days ago

Yet another great decision by our benevolent leadership

[–] Australis13@fedia.io 299 points 1 week ago (12 children)

One can only conclude that either this is the latest step in a deliberate effort to sabotage the functioning of the US (and by extension much of the west), or just another monumentally stupid idea brought to life by their limitless incompetence.

[–] db2@lemmy.world 140 points 1 week ago

They're Russian puppets, both things are true.

load more comments (11 replies)
[–] Kbobabob@lemmy.world 170 points 1 week ago* (last edited 6 days ago) (10 children)

CVE program – the centralized Common Vulnerabilities and Exposures database of product security flaws

Just in case

Edit: I'm glad I wasn't the only one that didn't know. When the headline reads like everyone should know I felt a little dumb for a second.

[–] Arcka@midwest.social 3 points 6 days ago

Yep, one of those things the IT department takes care of and most other people just need to know to keep their devices updated.

load more comments (9 replies)
[–] cheese_greater@lemmy.world 120 points 1 week ago (6 children)

Ruzza just creamed their pants

load more comments (6 replies)
[–] sp3ctr4l@lemmy.dbzer0.com 113 points 1 week ago (4 children)

On the bright side, at least our upcoming American cyberpunk dystopia is now more likely to feature a greater prevelance of lone wolf, broke, two bit hackers as a semi-viable lifestyle/'career path'...

load more comments (4 replies)
load more comments
view more: next ›