@cveprogram.bsky.social
Account maintained by the CVE Program to update the community on CVE-related announcements. http://www.cve.org
NOTICE—
Date/time field normalization maintenance of historical CVE Records to occur February 16–25, 2026.
Date/time fields in CVE Records are, and will remain, strings, not numerical timestamps.
Learn more and view the schedule here: medium.com/@cve_program...
New CVE Program Partner
Project Black is now a CVE Numbering Authority (CNA) assigning CVE IDs for discovered by Project Black that are not within another CNA’s scope
cve.org/News/item/ne...
#cve #cna #vulnerability #vulnerabilitymanagement #infosec #cybersecurity
The CVE Program and FIRST will co-host “VulnCon 2026” at the DoubleTree Resort by Hilton Hotel Paradise Valley - Scottsdale, in Scottsdale, Arizona, USA, on April 13–16, 2026. Registration, both virtual and in-person, is open on the FIRST website.
Registration is open for “CVE/FIRST VulnCon 2026” on April 13–16, 2026!!!
In-person & virtual available: first.org/conference/v...
#cve #first #vulncon26 #vulnerabilitymanagement #vulnerability
837 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of January 26, 2026
www.cisa.gov/news-events/...
#cve #cveid #cvss #cwe #vulnerabilitymanagement #vulnerability #hssedi #cisa
REMINDER —
Beginning this month in mid-February 2026, timestamp strings across historical CVE Records will be normalized. The new format is:
yyyy-MM-ddTHH:mm:ss.sssZ (ISO-8601, UTC)
For example, 2025-07-11T19:32:03.983Z
Learn more: www.cve.org/Media/News/i...
“CNA Enrichment Recognition” - 256 CNAs on the list for February 2, 2026
Published monthly, this list recognizes those CVE Numbering Authorities (#CNAs) actively providing #CVSS and #CWE vulnerability data in their #CVE Records
medium.com/@cve_program...
Minutes from the CVE Board teleconference meeting on January 7 are now available
www.mail-archive.com/cve-editoria...
#cve #vulnerability #vulnerabilitymanagement #hssedi #cisa #infosec #cybersecurity
New CVE Program Partner
CODRA is now a CVE Numbering Authority (CNA) assigning CVE IDs for CODRA’s products and related services
cve.org/Media/News/i...
#cve #cna #vulnerability #vulnerabilitymanagement #infosec #cybersecurity
A BIG WELCOME to these CVE Numbering Authority (#CNA) partners that joined the #CVE Program in January!!!
ByteDance
Hackrate
NIBE
Nintendo
TCL
Vantive
Join: cve.org/PartnerInfor...
1,268 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of January 19, 2026
cisa.gov/news-events/...
#cve #cveid #cvss #cwe #vulnerabilitymanagement #vulnerability #hssedi #cisa
New CVE Program Partner
TCL is now a CVE Numbering Authority (CNA) assigning CVE IDs for TCL smart TV, smart pad, and mobile phone devices only & projects listed on github.com/TclSecLab/CN...
cve.org/Media/News/i...
#cve #cna #vulnerabilitymanagement #vulnerability #cybersecurity
1,135 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of January 12, 2026
www.cisa.gov/news-events/...
#cve #cveid #cvss #cwe #vulnerabilitymanagement #vulnerability #hssedi #cisa
REMINDER—
Beginning in mid-February 2026, timestamp strings across historical CVE Records will be normalized. The new format is:
yyyy-MM-ddTHH:mm:ss.sssZ (ISO-8601, UTC)
For example, 2025-07-11T19:32:03.983Z
Learn more:
medium.com/@cve_program...
New CVE Program Partner
Nintendo is now a CVE Numbering Authority (CNA) assigning CVE IDs for system vulnerabilities in Nintendo Switch 2/Nintendo Switch/Nintendo Switch Lite + vulnerabilities in Nintendo Switch 2/Nintendo Switch applications it publishes
cve.org/Media/News/i...
#cve #cna #vulnerabilitymanagement
New CVE Program Partner
ByteDance is now a CVE Numbering Authority (CNA) assigning CVE IDs for ByteDance issues only
cve.org/Media/News/i...
#cve #cna #vulnerabilitymanagement #vulnerability #cybersecurity
New CVE Program Partner
Vantive is now a CVE Numbering Authority (CNA) assigning CVE IDs for Vantive’s commercially available products only
cve.org/Media/News/i...
#cve #cna #vulnerabilitymanagement #vulnerability #cybersecurity
New CVE Program Partner
NIBE is now a CVE Numbering Authority (CNA) assigning CVE IDs for products, services, & solutions developed or sold by NIBE & its subsidiaries
cve.org/Media/News/i...
#cve #cna #vulnerabilitymanagement #vulnerability
New CVE Program Partner
Hackrate is now a CVE Numbering Authority (CNA) assigning CVE IDs for vulnerabilities that are discovered, validated, & coordinated through the Hackrate Ethical Hacking Platform
cve.org/Media/News/i...
#cve #cna #vulnerabilitymanagement #vulnerability
935 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of December 29, 2025
cisa.gov/news-events/...
#cve #cveid #cvss #cwe #vulnerabilitymanagement #vulnerability #hssedi #cisa
The CVE Program and FIRST will co-host “VulnCon 2026” at the DoubleTree Resort by Hilton Hotel Paradise Valley - Scottsdale, in Scottsdale, Arizona, USA, on April 13–16, 2026. Registration, both virtual and in-person, is open on the FIRST website.
Register now for “CVE/FIRST VulnCon 2026” on April 13–16, 2026!!!
In-person & virtual available: first.org/conference/v...
#cve #first #vulncon26 #vulnerabilitymanagement #vulnerability
Minutes from the CVE Board teleconference meeting on December 10 are now available
www.mail-archive.com/cve-editoria...
#cve #vulnerability #vulnerabilitymanagement #hssedi #cisa #infosec #cybersecurity
IMPORTANT NOTICE:
“CVE Program to Normalize Formatting of Date/Time Fields Across Historical CVE Records Beginning in February 2026”
medium.com/@cve_program...
“CNA Enrichment Recognition” - 263 CNAs on the list for January 5, 2026
Published monthly, this list recognizes those CVE Numbering Authorities (#CNAs) actively providing #CVSS and #CWE vulnerability data in their #CVE Records
medium.com/@cve_program...
914 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of December 22, 2025
www.cisa.gov/news-events/...
#cve #cveid #cvss #cwe #vulnerabilitymanagement #vulnerability #hssedi #cisa
1,270 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of December 15, 2025
www.cisa.gov/news-events/...
#cve #cveid #cvss #cwe #vulnerabilitymanagement #vulnerability #hssedi #cisa
The CVE Program and FIRST will co-host “VulnCon 2026” at the DoubleTree Resort by Hilton Hotel Paradise Valley - Scottsdale, in Scottsdale, Arizona, USA, on April 13–16, 2026. Registration, both virtual and in-person, is open on the FIRST website. The Call for Paper closes on December 22, 2025.
FINAL Days —
"VulnCon 2026" Call for Speakers closes on Monday, December 22, 2025
Submission process, timeline, & other details: first.org/conference/v...
#cve #first #vulnerability #vulnerabilitymanagement
#technology #informationsecurity #cybersecurity
1,736 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of December 8, 2025
cisa.gov/news-events/...
#CVE #CVEID #CVSS #CWE #Vulnerability #VulnerabilityManagement #HSSEDI #CISA
REMINDER FOR CNAs —
The #CVE Record Format was updated in October 2025 to add support for Package URLs (purls)
Learn more in this video from the “CVE Program Technical Workshop 2025” for #CNAs, including when to use each #CPE & #PURL, & more
youtu.be/p6nbl58iL28?...
New on the #CVE Blog:
“CVE Record Disputes, Explained: A Community Path to Clearer Vulnerability Data in a Compliance-Driven World”
medium.com/@cve_program...
#vulnerability #vulnerabilitymanagement #informationcecurity #infosec #cybersecurity
816 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of December 1, 2025
www.cisa.gov/news-events/...
#CVE #CVEID #CVSS #CWE #Vulnerability #VulnerabilityManagement #HSSEDI #CISA
