Learn about CWE’s most important problems and where they fit within the challenges faced by the broader #vulnerabilitymanagement / #softwaresecurity ecosystem in this video from #VULNCON25
https://youtu.be/RcR-EFSptnQ #CVE #CWE
CWE Program
Account maintained by the Common Weakness Enumeration (CWE™) Program to update the community on CWE--related announcements.
https://cwe.mitre.org
Hardware #CWE SIG members—Reminder that our next meeting is Friday, 6/13/2025, at 12:30-1:30 PM EDT (16:30 – 17:30 UTC)
Topic:
- Continue discussion regarding Memory Access Related Weaknesses as they relate to hardware
Join HW SIG: http://bit.ly/3SCkqyk
All of the videos from “VulnCon 2025” are now available on YouTube!
https://youtube.com/playlist?list=PLWfD9RQVdJ6cm3kSvz-Sk87CawSzn5Ep0
#CWE #CVE #FIRST #VulnerabilityManagement #Vulnerability #Cybersecurity #InformationSecurity
#CWE User Experience Working Group (UEWG) members — Reminder that our next meeting is tomorrow, Wednesday, 5/28/2025, at 12:00-1:00PM EST
Topics:
- “CWE and Proactive Vulnerability Management” presentation by Przemyslaw Roguski, aka Rogue
- “CWE Content Development Repository (CDR) Overview” presentation by Connor Mullaly
- Open Discussion
About CWE UEWG: https://bit.ly/3CIylfz
Hardware #CWE SIG members—Reminder that our next meeting is Friday, 5/9/2025, at 12:30-1:30 PM EDT (16:30 – 17:30 UTC)
Topic:
- Memory Access Weaknesses in HW discussion
- Most Important Hardware Weaknesses Working Group (MIHW WG) update
Join CWE HW SIG: http://bit.ly/3SCkqyk
Learn @ the #CWE Top 25, it’s value to defenders, & how #CVE CNAs help create the list; the purpose & benefits of mapping the root causes of vulnerabilities identified in CVE Records to CWE #weaknesses; Root Cause Mapping (RCM) tips; & much more!
Thank you so much to everyone who attended the #CWE talks at the #VulnCon25 conference!!!
We’re already looking forward to next year’s event!
Follow the CWE Program on Bluesky!
Please also follow us there for program news, new versions, updates on community activities, & more at https://bsky.app/profile/cweprogram.bsky.social
Hardware #CWE SIG members—Reminder that our next meeting is tomorrow, Friday, 4/11/2025, at 12:30-1:30 PM EDT (16:30 – 17:30 UTC)
Topic:
- Most Important Hardware Weaknesses Working Group (MIHW WG) update
HW CWE SIG info: http://bit.ly/3SCkqyk
Day 4 of “CVE/FIRST VulnCon 2025”!
Today’s agenda for all 4 tracks:
https://first.org/conference/vulncon2025/program#d20250410
#CWE #VulnerabilityManagement #Vulnerability #CVE #FIRST #VulnCon25
Day 3 of “CVE/FIRST VulnCon 2025”!
Today’s agenda for all 3 tracks: https://first.org/conference/vulncon2025/program#d20250409
#CWE #VulnerabilityManagement #Vulnerability #CVE #FIRST #VulnCon25
Day 2 of “CVE/FIRST VulnCon 2025”!
Today’s agenda for all 7 tracks: https://first.org/conference/vulncon2025/program#d20250408
#CWE #VulnerabilityManagement #Vulnerability #CVE #FIRST #VulnCon25
Day 1 of “CVE/FIRST VulnCon 2025” is here!
Today’s agenda for all 5 tracks: https://first.org/conference/vulncon2025/program#d20250407
#CWE #VulnerabilityManagement #Vulnerability #CVE #FIRST #VulnCon
The #CWE Program is excited to announce that its “Content Development Repository (CDR)” is now fully public!
The CDR enables greater transparency and community collaboration on developing CWE information.
The broader cybersecurity community can better track and contribute to new weakness content development as well as the updating, modifying, and strengthening of existing corpus information.
Check it out here: https://cwe.mitre.org/news/archives/news2025.html#april03_CWE_Content_Development_Repository
Want to know the top ten #CWEs in CISA’s “Known Exploited Vulnerabilities (#KEV) Catalog”?
The “2024 CWE Top 10 KEV Weaknesses” list is now available on the CWE website!
List - https://cwe.mitre.org/top25/archive/2024/2024_kev_list.html
Key Insights - https://cwe.mitre.org/top25/archive/2024/2024_kev_insights.html
Methodology - https://cwe.mitre.org/top25/archive/2024/2024_kev_methodology.html
CWE 4.17 is now available! This latest release includes 3 new weaknesses, major updates to an #AI related weakness + extensive usability improvements to the #CWE website landing page, website navigation, CWE entry page renderings, tables, lists, & more
https://cwe.mitre.org/news/archives/news2025.html#april03_CWE_Version_4_17_Now_Available
“CVE/FIRST VulnCon 2025” is next week, April 7-10!
There are four #CWE talks on the agenda and it’s not too late to attend!
Virtual admission registration (US $100.00) closes on April 4, so register today at https://first.org/conference/vulncon2025/#Registration-Information
#CWE User Experience Working Group (UEWG) members — Reminder that our next meeting is Wednesday, 3/26/2025, at 12:00-1:00PM EST
Topics:
- Macro-Usability Changes for CWE 4.17
- CWE Views Questions & Guidance
- Open Discussion
About CWE UEWG: https://bit.ly/3CIylfz
Hardware #CWE SIG members—Reminder that our next meeting is tomorrow, Friday, 3/14/2025, at 12:30-1:30 PM EDT (16:30 – 17:30 UTC)
Topic:
- General status of current HW Submissions
- HW Crypto Leak Submission Review
- MIHW WG Update
HW CWE SIG info: http://bit.ly/3SCkqyk
Check out the four #CWE talks in the agenda for “CVE/FIRST VulnCon 2025” on April 7-10, 2025!
https://www.first.org/conference/vulncon2025/program
Virtual & In-person registration available. Register today!
#CVE #FIRST #VulnerabilityManagement #Vulnerability #Cybersecurity
Client Info
Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst