The CVE program, critical for global cybersecurity, narrowly avoided closure after its funding contract with the DHS was extended for 11 months. Concerns over the potential impacts of a service disruption prompted CVE board members to establish the CVE Foundation to ensure the program's future stability.

A new vulnerability database launched by the EU aims to complement the existing Common Vulnerabilities and Exposures (CVE) program rather than compete with it, according to ENISA. This initiative is intended to improve the identification and management of security vulnerabilities across the EU.

The EU cyber agency ENISA has introduced the EU Vulnerability Database (EUVD) to enhance vulnerability tracking, coinciding with ongoing funding challenges faced by MITRE's CVE program. Experts suggest this move reflects Europe’s desire for greater autonomy in cybersecurity, with the EUVD aiming to complement existing systems rather than replace them.

NIST has announced that all Common Vulnerabilities and Exposures (CVEs) published before January 1, 2018, will be classified as "deferred" in the National Vulnerability Database. This decision aims to prioritize the analysis of newer vulnerabilities while indicating that older ones still require attention from organizations for remediation.