Forbes

CVE Program Funding Reinstated—What It Means And What To Do Next

Forbes contributors publish independent expert analyses and insights. Kate O’Flaherty is a cybersecurity and privacy journalist. U.S. President Donald Trump has cut funding for the global database of ...

CISA flags ASUS Live Update CVE, but the attack is years old

An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines ...
Dark Reading

CVE Data Is Often Misinterpreted: Here's What to Look For

Most people only ever give common vulnerabilities and exposures (CVEs) a passing glance. They might look at the common vulnerability scoring system (CVSS) score, determine whether the list of affected ...
ZDNet

Why the CVE database for tracking security flaws nearly went dark - and what happens next

Over the weekend, security experts were beginning to panic. MITRE announced that the US government had not renewed funding for the Common Vulnerabilities and Exposures (CVE) database. MITRE VP Yosry ...
WeLiveSecurity

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

ESET researchers provide a comprehensive analysis and assessment of a critical severity vulnerability with low likelihood of ...
The Hacker News

Warning: WinRAR Vulnerability CVE-2025-6218 Under Active Attack by Multiple Threat Groups

CISA warns WinRAR CVE-2025-6218 is under active attack by multiple threat groups, requiring federal fixes by Dec. 30, 2025.
Security Boulevard

CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited

A zero-day vulnerability in SonicWall’s Secure Mobile Access (SMA) 1000 was reportedly exploited in the wild in a chained attack with CVE-2025-23006.Key takeaways:CVE-2025-40602 is a local privilege ...