News & Events

Please use our LinkedIn page to comment on the articles below, or send an email to cve@mitre.org.
Right-click and copy a URL to share an article.

Facebook and Hikvision Added as CVE Numbering Authorities (CNAs)
February 1, 2018 | Share this article

Two additional organizations are now CVE Numbering Authorities (CNAs): Facebook, Inc. for Facebook-supported open source projects, mobile apps, and other software, as well as vulnerabilities in third-party software discovered by Facebook that are not covered by another CNA, and Hangzhou Hikvision Digital Technology Co., Ltd. for all Hikvision Internet of Things (IoT) products including cameras and digital video recorders.

CNAs are organizations from around the world that are authorized to assign CVE Entries to vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities.

CNAs are the main method for requesting a CVE ID. The following 83 organizations currently participate as CNAs: Adobe; Airbus; Alibaba; Apache; Apple; Atlassian; Autodesk; BlackBerry; Brocade; CA; Canonical; CERT/CC; Check Point; Cisco; Dahua; Debian GNU/Linux; Dell EMC; Distributed Weakness Filing Project; Drupal.org; Duo; Eclipse Foundation; Elastic; F5; Facebook; Flexera Software; Fortinet; FreeBSD; Google; HackerOne; HP; Hewlett Packard Enterprise; Hikvision; Huawei; IBM; ICS-CERT; Intel; IOActive; ISC; JPCERT/CC; Juniper; Kaspersky; KrCERT/CC; Larry Cashdollar; Lenovo; MarkLogic; McAfee; Micro Focus; Microsoft; MITRE (primary CNA); Mozilla; Netflix; Netgear; Nvidia; Objective Development; OpenSSL; Oracle; Puppet; Qihoo 360; QNAP; Qualcomm; Rapid 7; Red Hat; Riverbed; Schneider Electric; Siemens; Silicon Graphics; Symantec; Synology; Talos; Tenable; TIBCO; Trend Micro; VMware; Yandex; Zephyr Project; Zero Day Initiative; and ZTE.

For more information about requesting CVE ID numbers from CNAs, visit Request a CVE ID.

Minutes from CVE Board Teleconference Meeting on January 24 Now Available
February 1, 2018 | Share this article

The CVE Board held a teleconference meeting on January 24, 2018. Read the meeting minutes.

New CVE Board Charter Is Approved
January 19, 2018 | Share this article

We are pleased to announce that the CVE Board has approved the latest version of the “CVE Board Charter,” version 2.5, which includes several important updates to membership, board member responsibilities and conduct, as well as policy and procedure changes.

This update was the result of many hours of hard work by the Board, and the resulting document better positions CVE for success as it continues to expand.

Minutes from CVE Board Teleconference Meeting on January 10 Now Available
January 19, 2018 | Share this article

The CVE Board held a teleconference meeting on January 10, 2018. Read the meeting minutes.

“Meltdown” Is CVE-2017-5754, and “Spectre” Is CVE-2017-5753 and CVE-2017-5715
January 8, 2018 | Share this article

Three CVE Entries are cited in numerous major advisories, posts, and news media references related to the recent critical “Meltdown” and “Spectre” vulnerabilities—CVE-2017-5754 for Meltdown, and CVE-2017-5753 and CVE-2017-5715 for Spectre—including in the following examples:

Other news articles may be found by searching on “CVE-2017-5754”, “CVE-2017-5753”, and “CVE-2017-5715” using your preferred search engine.

Also, the CVE Entry pages https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5753, and https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715 each include a list of advisories used as references.

CVE Refreshes Website with New Look and Feel and Easier-to-Use Navigation Menus
January 3, 2018 | Share this article

We have updated the CVE website to streamline site navigation and simplify content for an improved user experience. Improvements include the following:


CVE List Main Menu

Our new main menu provides you with direct access to the CVE List. Located in the black navigation bar at the top of every page, each item in the main menu links to a single page with a specific purpose:

New Site Organization and Secondary Dropdown Menu

The website is now organized into five sections, each of which is accessible from the dropdown menus located across the very top of every page:

Also, the CVE logo in the upper left corner of every page is the “Home” link to the website's homepage.


Please send any comments or concerns to cve@mitre.org.

CNA Rules, Version 2.0 Document Now Available
January 1, 2018 | Share this article

The CVE Numbering Authorities (CNA) Rules, Version 2.0 document is now available on the CVE website. For details, please see our January 1, 2018 blog post: “CNA Rules, Version 2.0 Now in Effect”.

Minutes from CVE Board Teleconference Meeting on December 13 Now Available
December 26, 2017 | Share this article

The CVE Board held a teleconference meeting on December 13, 2017. Read the meeting minutes.

Important Message About Our @CVEnew Twitter Account
December 20, 2017 | Share this article

We recently identified a Twitter handle impersonating our @CVEnew handle. Twitter was notified and suspended the impersonating handle. Follow https://twitter.com/CVEnew for regular CVE Entry updates.

Minutes from CVE Board Teleconference Meeting on November 29 Now Available
December 12, 2017 | Share this article

The CVE Board held a teleconference meeting on November 29, 2017. Read the meeting minutes.

New CVE Board Member from IBM
December 4, 2017 | Share this article

Scott Moore of IBM has joined the CVE Board.

Read the full announcement and welcome message in the CVE Board email discussion list archive.

Page Last Updated or Reviewed: February 01, 2018