Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA releases CVE Program Quality Era roadmap

Public Sector Action
First reported
Last updated
Happening score
H score 18
1 unique sources, 1 articles

Summary

Hide ▲

CISA released a new roadmap for the CVE Program, shifting the global vulnerability-identification system from its Growth Era to a Quality Era. The plan prioritizes trust, responsiveness, and better vulnerability data quality across the ecosystem. It also emphasizes broader community partnerships, continued sponsorship, modernization, transparency, and more open access to CVE data.

Related Happenings

CISA releases CI Fortify guidance for critical infrastructure resilience

Public Sector Action
First: 05.05.2026 15:00 Last: 05.05.2026 15:00 Sources 1

About this happening: CISA released CI Fortify, guidance for critical infrastructure operators across sectors to help keep essential services running during cyberattack or crisis conditions. The framew...

Latest development: 06.05.2026 16:15

CISA launched CI Fortify on Tuesday as a planning framework for critical infrastructure operators in water, energy, transportation and communications to prepare for cyber disruption by disconnecting OT systems from third-party and business networks, maintaining essential services in degraded communications conditions, and recovering compromised systems through backups, component replacement, or a transition to manual operations.

Open Happening

NIST CVE/NVD prioritization shift

Public Sector Action
First: 17.04.2026 00:47 Last: 17.04.2026 00:47 Sources 1

About this happening: **NIST** is **changing** its **CVE/NVD prioritization** so that, starting **April 15, 2026**, it will provide full details only for a **subset of CVEs**. The shift matters because...

Open Happening

NIST/NVD risk-based CVE enrichment change

Public Sector Action
First: 16.04.2026 15:43 Last: 16.04.2026 15:43 Sources 1

About this happening: **NIST** said the **US National Vulnerability Database (NVD)** will switch to a **risk-based CVE enrichment** model to cope with backlog growth. The change will **drop enrichment...

Open Happening

Wing FTP Server actively exploited installation path disclosure remote code execution flaw (CVE-2025-47813)

Vulnerability
First: 16.03.2026 20:00 Last: 16.03.2026 20:00 Sources 1

About this happening: **Wing FTP Server** instances faced **active exploitation** of **CVE-2025-47813**, a flaw that can reveal the server's full local installation path on **unpatched** systems. The w...

Open Happening

CISA Emergency Directive 26-03 for Cisco SD-WAN

Public Sector Action
First: 25.02.2026 14:00 Last: 25.02.2026 14:00 Sources 1

About this happening: **CISA** issued **Emergency Directive 26-03** and supplemental guidance to force immediate remediation of **Cisco SD-WAN** vulnerabilities across **Federal Civilian Executive Bran...

Open Happening

Timeline

  1. 10.09.2025 15:00 2 articles · 8mo ago

    CISA releases CVE Program Quality Era roadmap

    Industry Or Public Sector Update

    CISA released CISA Strategic Focus: CVE Quality for a Cyber Secure Future, setting a new roadmap for the CVE Program as it transitions from its Growth Era to a Quality Era. The plan emphasizes trust, responsiveness, vulnerability data quality, broader community partnerships, government sponsorship, modernization, transparency, and data enrichment through Vulnrichment and the Authorized Data Publisher (ADP) capability.

    Show sources
    Open in new tab