The CVE Foundation

The Official Mastodon/Fediverse account of The CVE Foundation

The CVE Foundation boosted:
Tib3rius :antiverified:tib3rius@infosec.exchange
2025-04-30

What's the future of the CVE Program? I sat down with cybersecurity expert Pete Allor to discuss how The CVE Foundation plans to tackle funding challenges and enhance transparency. Watch our in-depth chat on YouTube!

youtu.be/LRbHiB5Jn4k

2025-04-28

Just updated our website with a more detailed explainer about the history of CVE and, importantly, the goals and intentions of the CVE Foundation to make CVE more stable and secure.

thecvefoundation.org

2025-04-24

@wirepair @joshbressers We embrace CISA’s statements and are grateful for the continued partnership as we work to increase the participation in the program!

2025-04-22

@acalarch @GossiTheDog Most of the people involved have 'day jobs' and not all employers are necessarily supportive. Some people asked to have time to first discuss what's happening with their employer before their name is public.

Especially as we're already seeing people presume that because someone involved with the Foundation works for Employer X it must mean Employer X is backing the Foundation - which is not safe to assume. So there is some concern about blowback on employers causing problems for the individual.

People are participating as individuals, not corporate representatives. As people are comfortable being named they'll be added to the FAQ entry.

(This is MegaZone. F5 is not officially involved, but supports employees working on initiatives outside of F5. They're aware of what I'm doing - our CEO commented on my LinkedIn post about being part of this.)

2025-04-21

h/t @textfiles

> The Internet Archive, the SF-headquartered nonprofit best known for its “Wayback Machine” archiving tool, was halfway through an NEH grant of $345,960 when the funding was cut.

source: sfstandard.com/2025/04/17/doge

The CVE Foundation boosted:
2025-04-20

FAQ has some updates, including 100% more human names associated!

2025-04-20

FAQ has some updates, including 100% more human names associated!

2025-04-19

@brnrd Good call. Thanks! The foundation is incorporated in Washington state, fwiw.

2025-04-19

@Quinn9282 @jerry But yeah, looking at the raw data coming in, it looks like user-embedded HTML is delivered as a payload and rendered in-browser, so if Mastodon is looking in the raw payload it isn't going to validate it. Honestly, just getting verification to work isn't enough to look for other hosting solutions, so this account will remain unverified until some future time when the site might move or a new verification system is rolled out.

Shame we can't verify via a DNS TXT record. It was a snap to do that for other accounts. But for now humans can see the site links to this account if they want to check for themselves.

2025-04-19

@christopherkunz We'll probably be sharing some names soon, we're confirming who is comfortable being named - events this week rushed things a bit. Most of us have 'day jobs' and we don't want to cause problems for anyone by outing them unless they're ready.

I don't care myself - I'm @megazone Though I'm not the only one who will always be behind this account. I already outed myself elsewhere as participating. I thought we should have an official account here and others agreed, so I made one.

2025-04-19

@Quinn9282 @jerry There was a cut/paste error with the HTML that I caught on a second look and fixed, so the link on the site is working now.

In a browser it shows fine in the source:
<a target="_blank" style="color: inherit; text-decoration: none;" rel="me" href="infosec.exchange/@thecvefounda"><span class="C9DxTc aw5Odc " style="font-size: 10.0pt; text-decoration: underline; vertical-align: baseline;">Mastodon</span></a>

It has styling but it is fundamentally the same link. If it won't verify, such is life.
Much higher priorities than that currently.

2025-04-19

@jerry Hmm - the site doesn't provide any way to edit raw HTML, you have to use the editor to 'embed' it. What shows up in the editor is the 'clean' anchor, and it shows up as standard HTML when I inspect the element in a browser. But maybe it being rendered out in browser?

If you look at the page, the link is in the footer.

2025-04-19

@cR0w @jerry It should be done - website is in the profile, link is on the website. Now we wait I suppose.

2025-04-18

@jerry Was already doing it. ;-)

2025-04-18

If you'd like more information, we also have a FAQ: thecvefoundation.org/frequentl

2025-04-18

We exist! See the press release announcing such: thecvefoundation.org/

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst