Lmst

NOTICE—
Date/time field normalization maintenance of historical CVE Records to occur February 16–25, 2026.

Date/time fields in CVE Records are, and will remain, strings, not numerical timestamps.

Learn more and view the schedule here: https://medium.com/@cve_program/notice-date-time-normalization-maintenance-of-historical-cve-records-to-occur-february-16-25-2026-e1067ee15905

Monday, February 16 – CVE Records published from 1999–2007
Tuesday, February 17 – CVE Records published from 2008–2012
Wednesday, February 18 – CVE Records published from 2013–2015
Thursday, February 19 – CVE Records published from 2016–2017
Friday, February 20 – CVE Records published from 2018–2019 (Part 1)
Monday, February 23 – CVE Records published from 2019 (Part 2)–2020
Tuesday, February 24 – CVE Records published from 2021–2022 (Part 1)
Wednesday, February 25 – CVE Records published from 2022 (Part 2)–2026

Project Black is now a CVE Numbering Authority (CNA) assigning CVE IDs for discovered by Project Black that are not within another CNA’s scope

http://cve.org/News/item/news/2026/02/10/Project-Black-Added-as-CNA

#cve #cna #vulnerability #vulnerabilitymanagement #infosec #cybersecurity

Registration is open for “CVE/FIRST VulnCon 2026” on April 13–16, 2026!!!

In-person & virtual available: https://first.org/conference/vulncon26/registration

#cve #first #vulncon26 #vulnerabilitymanagement #vulnerability

The CVE Program and FIRST will co-host “VulnCon 2026” at the DoubleTree Resort by Hilton Hotel Paradise Valley - Scottsdale, in Scottsdale, Arizona, USA, on April 13–16, 2026. Registration, both virtual and in-person, is open on the FIRST website.

837 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of January 26, 2026

https://www.cisa.gov/news-events/bulletins/sb26-033

#cve #cveid #cvss #cwe #vulnerabilitymanagement #vulnerability #hssedi #cisa

REMINDER —
Beginning this month in mid-February 2026, timestamp strings across historical CVE Records will be normalized. The new format is:

yyyy-MM-ddTHH:mm:ss.sssZ (ISO-8601, UTC)

For example, 2025-07-11T19:32:03.983Z

Learn more: https://www.cve.org/Media/News/item/blog/2026/01/06/Historic-CVE-Record-Date-Time-Fields-Normalized

“CNA Enrichment Recognition” - 256 CNAs on the list for February 2, 2026

Published monthly, this list recognizes those CVE Numbering Authorities (#CNAs) actively providing #CVSS and #CWE vulnerability data in their #CVE Records

https://medium.com/@cve_program/vulnerability-data-enrichment-for-cve-records-256-cnas-on-the-enrichment-recognition-list-for-e4178607b17c

Increasing the Value of the CVE Record - CNA Enrichment Recognition List

Minutes from the CVE Board teleconference meeting on January 7 are now available

https://www.mail-archive.com/cve-editorial-board-list@mitre.org/msg00310.html

#cve #vulnerability #vulnerabilitymanagement #hssedi #cisa #infosec #cybersecurity

CODRA is now a CVE Numbering Authority (CNA) assigning CVE IDs for CODRA’s products and related services

http://cve.org/Media/News/item/news/2026/02/03/CODRA-Added-as-CNA

#cve #cna #vulnerability #vulnerabilitymanagement #infosec #cybersecurity

A BIG WELCOME to these CVE Numbering Authority (#CNA) partners that joined the #CVE Program in January!!!

ByteDance
Hackrate
NIBE
Nintendo
TCL
Vantive

Join: https://cve.org/PartnerInformation/Partner#HowToBecomeAPartner

1,268 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of January 19, 2026

https://cisa.gov/news-events/bulletins/sb26-026

#cve #cveid #cvss #cwe #vulnerabilitymanagement #vulnerability #hssedi #cisa

TCL is now a CVE Numbering Authority (CNA) assigning CVE IDs for TCL smart TV, smart pad, and mobile phone devices only & projects listed on https://github.com/TclSecLab/CNA/blob/main/README_EN.md

http://cve.org/Media/News/item/news/2026/01/27/TCL-Added-as-CNA

#cve #cna #vulnerabilitymanagement #vulnerability #cybersecurity

1,135 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of January 12, 2026

https://www.cisa.gov/news-events/bulletins/sb26-020

#cve #cveid #cvss #cwe #vulnerabilitymanagement #vulnerability #hssedi #cisa

REMINDER—
Beginning in mid-February 2026, timestamp strings across historical CVE Records will be normalized. The new format is:

yyyy-MM-ddTHH:mm:ss.sssZ (ISO-8601, UTC)

For example, 2025-07-11T19:32:03.983Z

Learn more:
https://medium.com/@cve_program/cve-program-to-normalize-formatting-of-date-time-fields-across-historical-cve-records-beginning-in-a1dacd5637fa

Nintendo is now a CVE Numbering Authority (CNA) assigning CVE IDs for system vulnerabilities in Nintendo Switch 2/Nintendo Switch/Nintendo Switch Lite + vulnerabilities in Nintendo Switch 2/Nintendo Switch applications for which Nintendo is the publisher worldwide

http://cve.org/Media/News/item/news/2026/01/13/Nintendo-Added-as-CNA

#cve #cna #vulnerabilitymanagement #vulnerability #cybersecurity

ByteDance is now a CVE Numbering Authority (CNA) assigning CVE IDs for ByteDance issues only

http://cve.org/Media/News/item/news/2026/01/13/ByteDance-Added-as-CNA

#cve #cna #vulnerabilitymanagement #vulnerability #cybersecurity

Vantive is now a CVE Numbering Authority (CNA) assigning CVE IDs for Vantive’s commercially available products only

http://cve.org/Media/News/item/news/2026/01/13/Vantive-Added-as-CNA

#cve #cna #vulnerabilitymanagement #vulnerability #cybersecurity

NIBE is now a CVE Numbering Authority (CNA) assigning CVE IDs for products, services, & solutions developed or sold by NIBE or any of its subsidiaries; open-source projects owned by NIBE or any of its subsidiaries; vulnerabilities in 3rd-party products used by NIBE or any of its subsidiaries that are outside the scope of another CNA; and subsidiaries of NIBE listed on https://www.nibe.com

http://cve.org/Media/News/item/news/2026/01/13/NIBE-Added-as-CNA

#cve #cna #vulnerabilitymanagement #vulnerability #cybersecurity

Hackrate is now a CVE Numbering Authority (CNA) assigning CVE IDs for vulnerabilities that are discovered, validated, and coordinated through the Hackrate Ethical Hacking Platform, including: software, web applications, APIs, and cloud services; vulnerabilities validated and triaged by our internal security team; and findings disclosed under our coordination that are not in another CNA’s scope

http://cve.org/Media/News/item/news/2026/01/13/Hackrate-Added-as-CNA

#cve #cna #vulnerabilitymanagement #vulnerability #cybersecurity

935 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of December 29, 2025

https://cisa.gov/news-events/bulletins/sb26-005

#cve #cveid #cvss #cwe #vulnerabilitymanagement #vulnerability #hssedi #cisa

Register now for “CVE/FIRST VulnCon 2026” on April 13–16, 2026!!!

In-person & virtual available: https://first.org/conference/vulncon26/registration

#cve #first #vulncon26 #vulnerabilitymanagement #vulnerability

Client Info