CVE Board Meeting Minutes: March 4, 2026

Minutes from the CVE Board teleconference meeting on March 4 are now available

mail-archive.com/cve-editoria...

#cve #vulnerability #vulnerabilitymanagement #hssedi #cisa #infosec #cybersecurity

ICS Advisory Project ICS Advisory Project The ICS Advisory Project is an open-source project that provides the Critical Infrastructure Security Agency (CISA) ICS Advisories, visualized as a Dashboard and in Comma-Separat...

ICS[AP] Dashboards are updated with the 5 CISA Advisories released on 4/2/26:

Siemens: 1 New
Yokogawa: 1 New
Hitachi Energy: 1 New
Schneider Electric: 1 Update
Gardyn: 1 Update

www.icsadvisoryproject.com
#icssecurity
#otsecurity
#vulnerabilitymanagement

GitHub - icsadvprj/ICS-Advisory-Project: The ICS Advisory Project is an open-source project to provide CISA ICS Advisories data in Comma Separated Value (CSV) format to support vulnerability analysis ... The ICS Advisory Project is an open-source project to provide CISA ICS Advisories data in Comma Separated Value (CSV) format to support vulnerability analysis for the ICS/OT community. This is a co...

ICS[AP] updated CISA ICS Advisories Master File for 4/2/26 & the following year's CSVs:

CISA_ICS_ADV_2026_4_2.csv
CISA_ICS_ADV_2025_4_2_26.csv

Available @ ICS[AP] GitHub:
github.com/icsadvprj/IC...

#opensource
#vulnerabilitymanagement
#icssecurity

Whitespots Portal and ISO 27001 Certification 📄 New article is out! 🚀 See how our clients are leveraging Whitespots Portal to sail through audits, and secure ISO 27001 certification on their first attempt.

Whitespots Portal and ISO 27001 Certification
https://whitespots.io/blog/success-story-iso-27001
#ISO27001 #vulnerabilitymanagement #AppSec

ICS Advisory Project ICS Advisory Project The ICS Advisory Project is an open-source project that provides the Critical Infrastructure Security Agency (CISA) ICS Advisories, visualized as a Dashboard and in Comma-Separat...

ICS[AP] Dashboards are updated with the 3 CISA Advisories released on 3/31/26:

Anritsu: 1 New
PX4: 1 New
Mitsubishi Electric: 1 Update

www.icsadvisoryproject.com
#icssecurity
#otsecurity
#vulnerabilitymanagement

GitHub - icsadvprj/ICS-Advisory-Project: The ICS Advisory Project is an open-source project to provide CISA ICS Advisories data in Comma Separated Value (CSV) format to support vulnerability analysis ... The ICS Advisory Project is an open-source project to provide CISA ICS Advisories data in Comma Separated Value (CSV) format to support vulnerability analysis for the ICS/OT community. This is a co...

ICS[AP] updated CISA ICS Advisories Master File for 3/31/26 & the following year's CSVs:

CISA_ICS_ADV_2026_3_31.csv
CISA_ICS_ADV_2024_3_31_26.csv

Available @ ICS[AP] GitHub:
github.com/icsadvprj/IC...

#opensource
#vulnerabilitymanagement
#icssecurity

Amazon sends AI agents into pen testing and DevOps - Help Net Security AWS Security Agent enables on-demand penetration testing for apps, addressing gaps created by periodic testing limited by time and cost.

Amazon sends AI agents into pen testing and DevOps

🔗 Read more: www.helpnetsecurity.com/2026/03/31/a...

#vulnerabilitymanagement #AI #cybersecurity

500+ Organizations Now Participating as CVE Numbering Authorities (CNAs)!

500+ Organizations Now Participating as CVE Numbering Authorities (CNAs)!

As of March 31, 2026, there are 502 CNAs (499 CNAs and 3 CNA-LRs) from 42 countries participating in the CVE Program

Learn more:
www.cve.org/Media/News/i...

#cve #cna #vulnerability #vulnerabilitymanagement

New CVE Program Partner

Canva is now a CVE Numbering Authority (CNA) assigning CVE IDs for all Canva products, open-source software published & maintained by Canva, & 3rd-party vulnerabilities it discovers not in another CNA’s scope

cve.org/Media/News/i...

#cve #cna #vulnerability #vulnerabilitymanagement

New CVE Program Partner

Acer is now a CVE Numbering Authority (CNA) assigning CVE IDs for Acer issues only

cve.org/Media/News/i...

#cve #cna #vulnerability #vulnerabilitymanagement #informationsecurity #infosec #cybersecurity

Fujifilm Business Innovation is now a CVE Numbering Authority (CNA) assigning CVE IDs for Fuji Xerox & Fujifilm Business Innovation products

cve.org/Media/News/i...

#cve #cna #vulnerability #vulnerabilitymanagement #cybersecurity

New CVE Program Partner

The HDF Group is now a CVE Numbering Authority (CNA) assigning CVE IDs for all HDF software including HDF5, HDF4, HSDS, HDFView

cve.org/Media/News/i...

#cve #cna #vulnerability #vulnerabilitymanagement
#opensource

BaseFortify | Vulnerability Management That Focuses on Real Risk BaseFortify helps you identify, prioritize, and understand vulnerabilities that matter. Clear CVE insights, attack context, and actionable guidance.

🛡️ With BaseFortify, you can model components like:

cpe:2.3:a:axios:axios:1.14.1:*:*:*:*:nodejs:*:*

and instantly identify exposure across your environment.

Know what you run. React faster.

✅ Free registration available
basefortify.eu

#BaseFortify #VulnerabilityManagement #CyberDefense

The recent years have severely tested our reliance on foundational vulnerability data sources like CVE and NVD, leading to a significant loss of trust. As one of the key takeaways from ...
anchore.com/blog/cve-is-saved-but-th...

#Cybersecurity #VulnerabilityManagement #CVE #NVD

ICS Advisory Project ICS Advisory Project The ICS Advisory Project is an open-source project that provides the Critical Infrastructure Security Agency (CISA) ICS Advisories, visualized as a Dashboard and in Comma-Separat...

ICS[AP] Dashboards are updated with the 4 CISA Advisories released on 3/26/26:

WAGO: 1 New
OpenCode Systems: 1 New
PTC: 1 New
Honeywell: 1 Update

www.icsadvisoryproject.com
#icssecurity
#otsecurity
#vulnerabilitymanagement

GitHub - icsadvprj/ICS-Advisory-Project: The ICS Advisory Project is an open-source project to provide CISA ICS Advisories data in Comma Separated Value (CSV) format to support vulnerability analysis ... The ICS Advisory Project is an open-source project to provide CISA ICS Advisories data in Comma Separated Value (CSV) format to support vulnerability analysis for the ICS/OT community. This is a co...

ICS[AP] updated CISA ICS Advisories Master File for 3/26/26 & the following year's CSVs:

CISA_ICS_ADV_2026_3_26.csv

Available @ ICS[AP] GitHub:
github.com/icsadvprj/IC...

#opensource
#vulnerabilitymanagement
#icssecurity

After Funding Jolt, EU Moves to Back the CVE Vulnerability System The European Union, through ENISA, is moving to bolster and diversify support for the Common Vulnerabilities and Exposures (CVE) program after a contracting scare involving MITRE exposed reliance on a single U.S. government contract. Lawmakers and industry experts are pushing for clearer governance, continuity measures, and higher-quality, machine-readable vulnerability records to...

The EU, via ENISA, moves to strengthen and diversify support for the CVE system after dependency on a single U.S. contract was exposed. Focus on governance, continuity, and AI-driven attack resilience grows. #CVEProgram #EU #VulnerabilityManagement

The CVE program averted a funding emergency, but the crises of the last few years—like the NVD stopping work in 2024 and the 2025 funding scare—have eroded trust in the existing system.... anchore.com/blog/cve-is-saved-but-th...

#Cybersecurity #VulnerabilityManagement #CVE #NVD

We Speak CVE Podcast, Episode 30, “CVE Record Disputes Explained”

We Speak CVE Podcast episode 30 now available!
“CVE Record Disputes Explained”
youtu.be/8pZrGj5QCLU

#cve #vulnerability #vulnerabilitymanagement #vulnerabilityintelligence #cybersecurity

Nucleus Nucleus is a Risk Based Vulnerability Management (RBVM) solution that automates vulnerability management processes and workflows, enabling organizations to mitigate vulnerabilities 10 times faster.

The latest update for #NucleusSecurity includes "The 9 Essential Requirements for an Enterprise Vulnerability Management System" and "Why More #AI Doesn't Guarantee Better #VulnerabilityManagement Outcomes".

#Cybersecurity #Compliance https://opsmtrs.com/4403ecn

SafeAeon SafeAeon leads the industry as a top-tier Cybersecurity-as-a-Service provider, delivering 24x7 premium Managed Security Services with AI-powered and human-driven 24x7 SOC, cutting-edge technology, and cost-e

The latest update for #SafeAeon includes "#VulnerabilityManagement as a Service: What Businesses Need to Know" and "Proactive Threat Management Strategies for Modern #Cybersecurity".

#MDR #PenTesting #Compliance https://opsmtrs.com/3YezO99

Urgent: Citrix urges immediate patching of critical NetScaler vulnerabilities amid active exploitation. Protect your systems now! #CyberSecurity #Citrix #NetScaler #VulnerabilityManagement Link: thedailytechfeed.com/citrix-urges...

BaseFortify | Vulnerability Management That Focuses on Real Risk BaseFortify helps you identify, prioritize, and understand vulnerabilities that matter. Clear CVE insights, attack context, and actionable guidance.

🛡️ With BaseFortify, you can map systems like:

cpe:2.3:o:apple:macos:14.8.5:*:*:*:*:*:*:*

and instantly see related vulnerabilities.

Know your exposure. Prioritize fixes.

✅ Free registration available

basefortify.eu

#BaseFortify #VulnerabilityManagement #CyberDefense

Original post on infosec.exchange

VulnMCP is an MCP server built with FastMCP that provides AI clients, chat agents, and other automated systems with tools for vulnerability management. It offers modular "skills" that can be easily extended or integrated, enabling intelligent analysis and automated insights on software […]

ICS[AP] Dashboards are updated with the 5 CISA Advisories released on 3/24/26:

Grassroots: 1 New
Pharos Controls: 1 New
Schneider Electric: 2 New
WHILL Inc.: 1 Update

www.icsadvisoryproject.com
#icssecurity
#otsecurity
#vulnerabilitymanagement

GitHub - icsadvprj/ICS-Advisory-Project: The ICS Advisory Project is an open-source project to provide CISA ICS Advisories data in Comma Separated Value (CSV) format to support vulnerability analysis ... The ICS Advisory Project is an open-source project to provide CISA ICS Advisories data in Comma Separated Value (CSV) format to support vulnerability analysis for the ICS/OT community. This is a co...

ICS[AP] updated CISA ICS Advisories Master File for 3/24/26 & the following year's CSVs:

CISA_ICS_ADV_2026_3_24.csv
CISA_ICS_ADV_2025_3_24_26.csv

Available @ ICS[AP] GitHub:
github.com/icsadvprj/IC...

#opensource
#vulnerabilitymanagement
#icssecurity

CVE Blog

New on the CVE Blog:
“Supplier ADP Pilot” — CVE Program to Explore Benefits of Supporting VEX-like, Product Status Information in Upstream CVE Records

medium.com/@cve_program...

#cve #vulnerability #vulnerabilitymanagement #infosec #cybersecurity

New CVE Program Partner

Cribl is now a CVE Numbering Authority (CNA) assigning CVE IDs for vulnerabilities identified in Cribl products

cve.org/Media/News/i...

#cve #cna #vulnerability #vulnerabilitymanagement #informationsecuroty #infosec #cybersecurity

Open-source AI pentesting tools are getting uncomfortably good - Help Net Security Open-source AI pentesting tools like BugTrace-AI, Shannon, and CAI mimic human testers, blending recon, exploits, and automation.

Here's a great article re AI Pentesting tools :

buff.ly/LUWZtAk

Need help with pentesting? Contact us at securicore.ca

#CyberSecurity #PenTesting #OpenSource #AI #AppSec #SecurityTesting #VulnerabilityManagement