WASHINGTON – Just as funding was set to expire, U.S. officials have confirmed an 11-month extension of support for a critical cybersecurity database managed by the non-profit MITRE Corp., a spokesperson said Wednesday. The decision comes amid rising concerns from the cybersecurity community over the potential lapse in service.
The database, known as the Common Vulnerabilities and Exposures (CVE) system, is a vital resource used globally to catalog and track cybersecurity flaws. Its possible defunding had triggered widespread alarm among IT professionals and cybersecurity experts.
The Cybersecurity and Infrastructure Security Agency (CISA) confirmed via email that the CVE program’s value remains significant, and it had acted to maintain uninterrupted service by executing an option period on MITRE’s contract. The extension ensures the continuation of the program’s operations for nearly another year.
Yosry Barsoum, vice president and director at MITRE’s Center for Securing the Homeland, stated that disruptions to both the CVE and the Common Weakness Enumeration (CWE) programs had been averted. “We appreciate the overwhelming support for these programs that have been expressed by the global cyber community, industry, and government over the last 24 hours,” Barsoum said.
The unexpected funding extension comes after intense public attention and concern. The situation reflects ongoing confusion within the U.S. government amid significant budget reductions under President Donald Trump’s administration.
John Hammond, a researcher at cybersecurity firm Huntress, welcomed the move. “I’m glad someone or something heard the voice of the community loud and clear,” he said, describing the decision as a “sigh of relief.”
In response to the uncertainty, some cybersecurity experts have begun pursuing alternatives. On Wednesday, a group identifying as the CVE Foundation launched a website promoting its mission to secure the system’s long-term independence and reliability. A request for comment from the group was not immediately answered.
