NIST has announced that all Common Vulnerabilities and Exposures (CVEs) published before January 1, 2018, will be classified as "deferred" in the National Vulnerability Database. This decision aims to prioritize the analysis of newer vulnerabilities while indicating that older ones still require attention from organizations for remediation.

The article discusses concerns regarding newly published CVEs related to dnsmasq, highlighting that the required exploit involves replacing the configuration file, which undermines the validity of the vulnerabilities. Moritz Mühlenhoff points out similar issues with CVEs reported for the Kamailio SIP server, emphasizing the questionable nature of these reports.