Close-up of vivid yellow road markings on textured asphalt surface.

MITRE CVE list might go offline today

ByStefan Karg

😬 MITRE CVE list might go offline today! This would be catastrophic for global vulnerability management.

What I’ve described as a scenario theoretically possible in How Trump 2.0 could affect the IT industry in Europe might become reality more quickly than I’ve thought and not on the NIST-NVD level, but on the MITRE level including laying off 442 employees at MITRE. This might as well affect the Security standardisation (e.g. the MITRE ATT&CK framework).

Time to strengthen sovereign European Vulnerability management and Security standardisation. it’s really the eleventh hour now.

Here are a few links with regard to the topic:

  1. Post by Kevin Beaumont on LinkedIn regarding the letter sent to CVE board members
  2. 442 employees layed off at MITRE
  3. [DE] US-Kürzungen: CVE-Liste könnte sofort stoppen | heise online