CISA extends CVE program contract with MITRE for 11 months amid alarm over potential lapse therecord.media/cisa-exte…

The MITRE Corporation will continue operating the CVE program for at least another 11 months after federal cybersecurity officials confirmed that they temporarily extended their contract with the organization to keep the platform running. A spokesperson for the Cybersecurity and Infrastructure Security Agency (CISA) said on Wednesday morning that it exercised the option period of its contract with MITRE on Tuesday evening to “ensure there will be no lapse in critical CVE services.” “The CVE Program is invaluable to the cyber community and a priority of CISA,” the spokesperson said. “We appreciate our partners’ and stakeholders’ patience.”