By Cyber Guard Team 
In a letter to CVE board members on April 15, 2025, MITRE Vice President Yosry Barsoum stated that despite the government’s efforts to continue supporting MITRE’s role, the organization’s contract to manage the CVE program is ending. He emphasized MITRE’s commitment to keeping CVE a global resource and noted that the funding cut will also impact the Common Weakness Enumeration (CWE) program, which tracks software and hardware weaknesses.
The defunding of MITRE’s CVE project by the U.S. government would significantly disrupt global cybersecurity coordination. MITRE has long served as the steward of the CVE system, assigning standardized identifiers to security vulnerabilities. This work is essential for researchers, vendors, and organizations to communicate clearly and fix issues quickly.
Without funding, CVE operations could slow or degrade, impacting the National Vulnerability Database (NVD), which relies on CVE entries to score and track threats. Globally, this could lead to fragmented vulnerability reporting, delayed patching, and weakened defense against cyber threats. A copy of the letter by MITRE Vice President Yosry Barsoum to it’s board member:
