AI, funding concerns threaten future of CVE program

The Common Vulnerabilities and Exposures program was noted by Intel Product Security Incident Response Team Director Katie Noble, who is a board member for the program, to be facing an uncertain future amid mounting AI usage in vulnerability reports, funding anxieties, and similar international efforts, Cybersecurity Dive reports. "I don't think we can afford to continue at the pace [and] with the tools that we currently have in order to make real progress. We're just gonna be left in the dust," said Noble at the RSAC 2026 Conference. Addressing the surge of AI-generated reports necessitates an evolution of the CVE program with the help of the cybersecurity community, noted Noble. While the fragility of federal support for the program that was highlighted by the near-lapse of the Department of Homeland Security's funding last April triggered the launches of new CVE number allocation systems, Noble and other experts believe the close coordination could prevent fragmentation.