Snyk’s Statement on the MITRE CVEs Program Funding Update

The cybersecurity community has been watching closely as the future of the MITRE-run CVE (Common Vulnerabilities and Exposures) program, which could abruptly end due to federal funding uncertainty. However, a last-minute extension has been granted, providing temporary relief. The CVE system has become crucial to modern cybersecurity, highlighting the need for resilience and redundancy across the vulnerability disclosure ecosystem. Snyk, a company that maintains its own triaged vulnerability database, is committed to supporting a transparent and open vulnerability disclosure process and remains ready to collaborate with industry peers to ensure continued support if federal funding were to be discontinued. The situation serves as a reminder of the importance of proactive monitoring, investment in open security data, and delivering comprehensive vulnerability intelligence to developers and security teams.