CVE Program<p>Jen Ellis of NextJenSecurity has joined the CVE Board <a href="https://www.cve.org/Media/News/item/news/2025/06/03/New-CVE-Board-Member-NextJenSecurity" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cve.org/Media/News/item/news/2</span><span class="invisible">025/06/03/New-CVE-Board-Member-NextJenSecurity</span></a> <br> <br><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/informationsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>informationsecurity</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
224active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.6
#vulnerabilitymanagement
10 posts · 7 participants · 0 posts today
CVE Program<p>Teradyne Robotics is now a CVE Numbering Authority (CNA) assigning CVE IDs for all products released by Teradyne Robotics subsidiaries, Universal Robots (UR) and Mobile Industrial Robots (MiR), including both actively supported and end-of-life/end-of-service products, as well as vulnerabilities in third-party software identified by Teradyne Robotics that are outside the scope of another CNA <br> <br><a href="https://www.cve.org/Media/News/item/news/2025/06/03/Teradyne-Robotics-Added-as-CNA" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cve.org/Media/News/item/news/2</span><span class="invisible">025/06/03/Teradyne-Robotics-Added-as-CNA</span></a><br> <br><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/cna" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cna</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
CVE Program<p>New on the <a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> Blog: <br>“CVE Program Report for Quarter 1 Calendar Year (Q1 CY) 2025” <br> <br><a href="https://medium.com/@cve_program/cve-program-report-for-quarter-1-calendar-year-q1-cy-2025-0e84776ee5c5" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">medium.com/@cve_program/cve-pr</span><span class="invisible">ogram-report-for-quarter-1-calendar-year-q1-cy-2025-0e84776ee5c5</span></a> <br> <br><a href="https://mastodon.social/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/InformationSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InformationSecurity</span></a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a></p>
CVE Program<p>883 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of May 19, 2025 <br> <br><a href="https://www.cisa.gov/news-events/bulletins/sb25-147" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cisa.gov/news-events/bulletins</span><span class="invisible">/sb25-147</span></a> <br> <br><a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.social/tags/CVEID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVEID</span></a> <a href="https://mastodon.social/tags/CVSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVSS</span></a> <a href="https://mastodon.social/tags/CWE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CWE</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://mastodon.social/tags/HSSEDI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HSSEDI</span></a> <a href="https://mastodon.social/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a></p>
FIRST.org<p>Big recognition for the work happening across the FIRST community!</p><p>NIST introduced a new "Likely Exploited Vulnerabilities" (LEV) metric, built on the foundation of the Exploit Prediction Scoring System (EPSS), developed by the EPSS SIG at FIRST, with support from Cyentia Institute and Empirical Security.</p><p>LEV enhances vulnerability management by providing: </p><p>🔍 Daily CVE exploitation probability data <br>📊 Historical EPSS score tracking <br>⚡Enhanced prioritization capabilities</p><p>This breakthrough gives vulnerability managers more clarity on past exploitation patterns and better tools for risk assessment, a significant step forward in unifying how security teams interpret and respond to threats.</p><p>Thank you Kevin Poireault, Infosecurity Magazine for highlighting this important advancement in vulnerability management.</p><p>Read the full story: <a href="https://go.first.org/wFQfW" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">go.first.org/wFQfW</span><span class="invisible"></span></a> </p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VulnerabilityManagement</span></a></p>
RF Wave<p>vBulletin Forum Software Vulnerability Alert</p><p>Vulnerability: ability to invoke protected methods in PHP Reflection API and misuse of template conditionals</p><p>Impact: allows an attacker to remotely execute code</p><p>CVE: CVE-2025-48827 (actively exploited), CVE-2025-48828</p><p>Remediation Steps: apply security updates or upgrade to latest version 6.1.1</p><p><a href="https://mstdn.ca/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mstdn.ca/tags/vBulletin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vBulletin</span></a> <a href="https://mstdn.ca/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerabilitymanagement</span></a></p><p><a href="https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-critical-flaw-in-vbulletin-forum-software/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/hackers-are-exploiting-critical-flaw-in-vbulletin-forum-software/</span></a></p>
Open Regulatory Compliance<p>💬 “Tech isn't the hardest part. Trust is.”</p><p>In a <a href="https://fosstodon.org/tags/CRAMondays" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CRAMondays</span></a> session, Olle E. Johansson shared that building a trusted global organisation is step one, and only then should we build the tech.<br>Want to learn more? Check out the recording! <a href="https://youtu.be/zSsGLJTgWvU" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/zSsGLJTgWvU</span><span class="invisible"></span></a> </p><p><a href="https://fosstodon.org/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://fosstodon.org/tags/OpenStandards" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenStandards</span></a> <a href="https://fosstodon.org/tags/ORCWG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ORCWG</span></a></p>
CVE Program<p>All of the videos from “CVE/FIRST VulnCon 2025” are now available on YouTube! <br> <br><a href="https://www.youtube.com/playlist?list=PLWfD9RQVdJ6cm3kSvz-Sk87CawSzn5Ep0" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">youtube.com/playlist?list=PLWf</span><span class="invisible">D9RQVdJ6cm3kSvz-Sk87CawSzn5Ep0</span></a> <br> <br><a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.social/tags/FIRST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FIRST</span></a> <a href="https://mastodon.social/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mastodon.social/tags/InformationSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InformationSecurity</span></a></p>
Alexandre Dulaunoy<p>The VLAI Severity model is accessible via API. Here is a simple example from a recent Ivanti vulnerability description from their vulnerability webpage.</p><p>The VLAI Security model for vulnerabilities is accessible via vulnerability-lookup and the public instance operated by CIRCL. </p><p>So, if you have a vulnerability description, you can quickly assess it to get a general idea of its severity.</p><pre><code>curl -X 'POST' \<br> 'https://vulnerability.circl.lu/api/vlai/severity-classification' \<br> -H 'accept: application/json' \<br> -H 'Content-Type: application/json' \<br> -d '{ "description": "Ivanti has released updates for Ivanti Neurons for ITSM (on-prem only) which addresses one critical severity vulnerability. Depending on system configuration, successful exploitation could allow an unauthenticated remote attacker to gain administrative access to the system. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. We have included an environmental score to provide customers with additional context on the adjusted risk of this vulnerability with typical use cases. Customers who have followed Ivanti guidance on securing the IIS website and restricted access to a limited number of IP addresses and domain names have a reduced risk to their environment. Customers who have users log into the solution from outside their company network also have a reduced risk to their environment if they ensure that the solution is configured with a DMZ." }'<br></code></pre><p>and the result</p><pre><code>{<br> "severity": "Critical",<br> "confidence": 0.9256<br>}<br></code></pre><p><a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/ivanti" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ivanti</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://infosec.exchange/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerabilities</span></a> </p><p>For more details: <a href="https://www.vulnerability-lookup.org/2025/05/22/vulnerability-lookup-2-10-0/#ai-powered-enrichment-using-our-in-house-ai-models" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">vulnerability-lookup.org/2025/</span><span class="invisible">05/22/vulnerability-lookup-2-10-0/#ai-powered-enrichment-using-our-in-house-ai-models</span></a></p><p><span class="h-card" translate="no"><a href="https://social.circl.lu/@circl" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>circl</span></a></span> <span class="h-card" translate="no"><a href="https://social.circl.lu/@gcve" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>gcve</span></a></span></p>
gcve.eu<p>Significant progress has been made on the BCP-3 document, as well as on the implementation to enable synchronization and distributed publication of vulnerabilities.</p><p>The 2.10.0 release of vulnerability-lookup.org already includes the GCVE directory, and the next version will support BCP-3 as the reference implementation.</p><p>Thanks to <span class="h-card" translate="no"><a href="https://social.circl.lu/@circl" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>circl</span></a></span> <span class="h-card" translate="no"><a href="https://fosstodon.org/@cedric" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>cedric</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@adulau" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>adulau</span></a></span> <span class="h-card" translate="no"><a href="https://misp-community.org/@misp" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>misp</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@iglocska" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>iglocska</span></a></span> and many GNA for the contributions and constructive feedback.</p><p><a href="https://social.circl.lu/tags/gcve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gcve</span></a> <a href="https://social.circl.lu/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://social.circl.lu/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cve</span></a> <a href="https://social.circl.lu/tags/gna" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gna</span></a> <a href="https://social.circl.lu/tags/cna" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cna</span></a></p>
CVE Program<p>Harborist is now a CVE Numbering Authority (CNA) assigning CVE IDs for all projects listed under <a href="https://www.npmjs.com/~ljharb" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">npmjs.com/~ljharb</span><span class="invisible"></span></a> <br> <br><a href="https://cve.org/Media/News/item/news/2025/05/28/Harborist-Added-as-CNA" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cve.org/Media/News/item/news/2</span><span class="invisible">025/05/28/Harborist-Added-as-CNA</span></a> <br> <br><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/cna" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cna</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a></p>
CVE Program<p>1,110 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of May 12, 2025 <br> <br><a href="https://cisa.gov/news-events/bulletins/sb25-139" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cisa.gov/news-events/bulletins</span><span class="invisible">/sb25-139</span></a> <br> <br><a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.social/tags/CVEID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVEID</span></a> <a href="https://mastodon.social/tags/CVSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVSS</span></a> <a href="https://mastodon.social/tags/CWE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CWE</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://mastodon.social/tags/HSSEDI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HSSEDI</span></a> <a href="https://mastodon.social/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a></p>
ICS Advisory Project<p>ICS[AP] Dashboards are updated with the 13 (11 new & 2 updated) CISA Advisories released on 5/20/25:</p><p>ABUP: 1 New<br>National Instruments: 1 New<br>Danfoss: 1 New<br>ICONICS, Mitsubishi Electric: 1 New<br>Siemens: 1 New<br>Schneider Electric: 3 New | 2 Updated<br>AutomationDirect: 1 New<br>Vertiv: 1 New<br>Assured Telematics Inc.: 1 New</p><p>www.icsadvisoryproject.com</p><p><a href="https://infosec.exchange/tags/icssecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>icssecurity</span></a><br><a href="https://infosec.exchange/tags/otsecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>otsecurity</span></a><br><a href="https://infosec.exchange/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerabilitymanagement</span></a></p>
CVE Program<p>New on the <a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> Blog: <br>“CNA Operational Rules Version 4.1.0” Now in Effect <br> <br><a href="https://medium.com/@cve_program/cna-operational-rules-version-4-1-0-now-in-effect-2f929f4e52da" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">medium.com/@cve_program/cna-op</span><span class="invisible">erational-rules-version-4-1-0-now-in-effect-2f929f4e52da</span></a> <br> <br><a href="https://mastodon.social/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/InformationSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InformationSecurity</span></a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a></p>
CVE Program<p>Extreme Networks is now a CVE Numbering Authority (CNA) assigning CVE IDs for vulnerabilities discovered in Extreme Networks products & services<br> <br><a href="https://cve.org/Media/News/item/news/2025/05/20/Extreme-Networks-Added-as-CNA" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cve.org/Media/News/item/news/2</span><span class="invisible">025/05/20/Extreme-Networks-Added-as-CNA</span></a> <br> <br><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/cna" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cna</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
CVE Program<p>Minutes from the CVE Board teleconference meeting on April 30 are now available <br> <br><a href="https://cve.mitre.org/community/board/meeting_summaries/30_April_2025.pdf" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cve.mitre.org/community/board/</span><span class="invisible">meeting_summaries/30_April_2025.pdf</span></a> <br> <br><a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://mastodon.social/tags/HSSEDI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HSSEDI</span></a> <a href="https://mastodon.social/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a> <a href="https://mastodon.social/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a></p>
CVE Program<p>773 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of May 5, 2025 <br> <br><a href="https://www.cisa.gov/news-events/bulletins/sb25-132" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cisa.gov/news-events/bulletins</span><span class="invisible">/sb25-132</span></a> <br> <br><a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.social/tags/CVEID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVEID</span></a> <a href="https://mastodon.social/tags/CVSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVSS</span></a> <a href="https://mastodon.social/tags/CWE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CWE</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://mastodon.social/tags/HSSEDI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HSSEDI</span></a> <a href="https://mastodon.social/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a></p>
CVE Program<p>Minutes from the CVE Board teleconference meeting on April 16 are now available <br> <br><a href="https://cve.mitre.org/community/board/meeting_summaries/16_April_2025.pdf" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cve.mitre.org/community/board/</span><span class="invisible">meeting_summaries/16_April_2025.pdf</span></a> <br> <br><a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://mastodon.social/tags/HSSEDI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HSSEDI</span></a> <a href="https://mastodon.social/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CISA</span></a> <a href="https://mastodon.social/tags/Infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Infosec</span></a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a></p>
gcve.eu<p><span class="h-card" translate="no"><a href="https://social.circl.lu/@cedric" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>cedric</span></a></span> Thanks for the continuous work on the Python GCVE client for the registry. </p><p>The client is available at the following location: </p><p>🐍 <a href="https://github.com/gcve-eu/gcve" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/gcve-eu/gcve</span><span class="invisible"></span></a></p><p><a href="https://social.circl.lu/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cve</span></a> <a href="https://social.circl.lu/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://social.circl.lu/tags/gcve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gcve</span></a> <a href="https://social.circl.lu/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://social.circl.lu/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
gcve.eu<p>GCVE-BCP-02 - Practical Guide to Vulnerability Handling and Disclosure has been published.</p><p>This is a draft open for review.</p><p>🔗 <a href="https://gcve.eu/bcp/gcve-bcp-02/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">gcve.eu/bcp/gcve-bcp-02/</span><span class="invisible"></span></a></p><p><a href="https://social.circl.lu/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://social.circl.lu/tags/gcve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gcve</span></a> <a href="https://social.circl.lu/tags/vulnerabilityhandling" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerabilityhandling</span></a> <a href="https://social.circl.lu/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload