VulnCheck, the exploit intelligence company, pledged its full support behind MITRE and the decades’ worth of positive contributions that MITRE has made to the entire cybersecurity community since the inception of its CVE program.
VulnCheck is committed to supporting the CVE program and to maintaining MITRE’s adherence to a well-run program where CVE Numbering Authority (CNA) collaboration has benefited the broader cybersecurity ecosystem. The company is also committing to better understand the upstream implications involving CVE.org as a data provider.
Cyber Technology Insights : ConnectSecure Launches Google Workspace Assessments to Strengthen Cloud Security Posture for MSPs
The uncertainty around what services at MITRE or the CVE program may or may not be impacted comes from a board-level communication from MITRE, disseminated on April 15, 2025, which explicitly states:
”On Wednesday, April 16, 2025, the current contracting pathway for MITRE to develop, operate and modernize CVE will expire. The government continues to make considerable efforts to continue MITRE’s role in support of the program…If a break in service were to occur, we anticipate multiple impacts to CVE, including deterioration of national vulnerability databases and advisories, tool vendors, incident response operations, and all manner of critical infrastructure.”
VulnCheck will continue to perform CVE assignments for the community in the coming days and weeks. In an effort to do this quickly, VulnCheck has proactively pre-allocated one thousand 2025 CVEs and will work to allocate more.
Cyber Technology Insights : Identity Digital Joins Shadowserver Foundation Alliance to Further Combat Malicious Online Activity
“VulnCheck is actively monitoring the MITRE situation, and will ensure that our customers, partners, and the entire cybersecurity community will have continued access to timely, accurate vulnerability data,” said Anthony Bettini, Founder and CEO, VulnCheck. “We recognize the critical role that the CVE program plays in the cybersecurity ecosystem, and we are actively preparing for any potential disruptions.”
Other cybersecurity vendors in the community, such as GreyNoise and Horizon3, successfully use this service from VulnCheck.
“We’ve partnered with VulnCheck for CVE assignments because they simplify the submission process and allow us to quickly receive identifiers for new threats we discover,” said Glenn Thorpe, Sr. Director, Security Research and Detection Engineering, GreyNoise.
“VulnCheck came through for us recently when we needed to get a CVE quickly assigned and published to support timely disclosure of our research,” said Naveen Sunkavally, Chief Architect, Horizon3.ai. “We look forward to continuing to use VulnCheck’s CNA service for new vulnerabilities that we discover.”
Cyber Technology Insights : Push Security Welcomes Former Bugcrowd Marketing Leader as Chief Marketing Officer
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
Source – businesswire