Late Rate Admission (after March 9, 2025): US $375.00
Virtual Admission: US $100.00
Registration fees include four days of coffee breaks and buffet lunches, one networking reception hosted at the McKimmon Center, and applicable meeting materials. Note that discounted rates are not being offered for this event regardless of membership or speaking status.
An offsite social event is planned for Tuesday, April 8, from 19:00-21:00 in downtown Raleigh. Location to be announced in January. You may purchase a ticket during your main registration or access a separate purchase form link found in your registration email confirmation. Tickets are US $30.00 per person.
Program Overview: * Monday, April 7 — Training Day 1, Vendor Tables, Welcome Reception * Tuesday, April 8 — Training Day 2, Vendor Tables, Off-site Social Event * Wednesday, April 9 — Plenary, Breakouts, Vendor Tables * Thursday, April 10 — Plenary, Breakouts, Vendor Tables
Agenda: A detailed agenda will be available in March 2025.
Call for Papers: Closed on January 31, 2025. Details here.
Purpose: The purpose of VulnCon is to collaborate with various vulnerability management and cybersecurity professionals to develop forward leaning ideas that can be taken back to individual programs for action to benefit the vulnerability management ecosystem.
A key goal of the conference is to understand what important stakeholders and programs are doing within the vulnerability management ecosystem and best determine how to benefit the ecosystem broadly.",
+ "description": "VulnCon 2025 is co-sponsored by the CVE Program and FIRST and is open to the public.
SPECIAL MESSAGE FOR CVE NUMBERING AUTHORITIES (CNAs): VulnCon 2025 takes the place of this year’s Spring CVE Global Summit.
Standard Admission (by March 15, 2025): US $300.00
Late Rate Admission (after March 15, 2025): US $375.00
Virtual Admission: US $100.00
Registration fees include four days of coffee breaks and buffet lunches, one networking reception hosted at the McKimmon Center, and applicable meeting materials. Note that discounted rates are not being offered for this event regardless of membership or speaking status.
An offsite social event is planned for Tuesday, April 8, from 19:00-21:00 in downtown Raleigh. Location to be announced in January. You may purchase a ticket during your main registration or access a separate purchase form link found in your registration email confirmation. Tickets are US $30.00 per person.
Program Overview: * Day 1: Monday, April 7 — Plenary, Vendor Tables, Welcome Reception * Day 2: Tuesday, April 8 — Plenary, Vendor Tables, Off-site Social Event * Day 3: Wednesday, April 9 — Plenary, Breakouts, Vendor Tables * Day 4: Thursday, April 10 — Plenary, Breakouts, Vendor Tables
Call for Papers: Closed on January 31, 2025. Details here.
Purpose: The purpose of VulnCon is to collaborate with various vulnerability management and cybersecurity professionals to develop forward leaning ideas that can be taken back to individual programs for action to benefit the vulnerability management ecosystem.
A key goal of the conference is to understand what important stakeholders and programs are doing within the vulnerability management ecosystem and best determine how to benefit the ecosystem broadly.",
"permission": "public",
"url": "https://www.first.org/conference/vulncon2025/",
"date": {
diff --git a/src/assets/data/metrics.json b/src/assets/data/metrics.json
index 16e797eb2..a72a107d7 100644
--- a/src/assets/data/metrics.json
+++ b/src/assets/data/metrics.json
@@ -1137,7 +1137,7 @@
},
{
"month": "March",
- "value": "TBA"
+ "value": "2"
},
{
"month": "April",
diff --git a/src/assets/data/news.json b/src/assets/data/news.json
index fa4773b7d..84c4ec783 100644
--- a/src/assets/data/news.json
+++ b/src/assets/data/news.json
@@ -1,7 +1,178 @@
{
"currentNews": [
+ {
+ "id": 496,
+ "newsType": "news",
+ "title": "T-Mobile US Added as CVE Numbering Authority (CNA)",
+ "urlKeywords": "T-Mobile US Added as CNA",
+ "date": "2025-03-11",
+ "description": [
+ {
+ "contentnewsType": "paragraph",
+ "content": "T-Mobile US is now a CVE Numbering Authority (CNA) for all T-Mobile US products (including end-of-life/end-of-service products), as well as vulnerabilities in third-party software/hardware discovered by T-Mobile US that are not in another CNA’s scope."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "To date, 447 CNAs (444 CNAs and 3 CNA-LRs) from 40 countries and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign CVE Identifiers (CVE IDs) and publish CVE Records for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. T-Mobile US is the 240th CNA from USA."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "T-Mobile US’s Root is the CISA ICS Root."
+ }
+ ]
+ },
+ {
+ "id": 495,
+ "newsType": "news",
+ "title": "Integrated DNA Technologies Added as CVE Numbering Authority (CNA)",
+ "urlKeywords": "Integrated DNA Technologies Added as CNA",
+ "date": "2025-03-11",
+ "description": [
+ {
+ "contentnewsType": "paragraph",
+ "content": "Integrated DNA Technologies, Inc. (IDT) is now a CVE Numbering Authority (CNA) for vulnerabilities within IDT-manufactured products, software, and services that are in-service."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "To date, 446 CNAs (443 CNAs and 3 CNA-LRs) from 40 countries and 1 no country affiliation have partnered with the CVE Program. CNAs are organizations from around the world that are authorized to assign CVE Identifiers (CVE IDs) and publish CVE Records for vulnerabilities affecting products within their distinct, agreed-upon scope, for inclusion in first-time public announcements of new vulnerabilities. Integrated DNA Technologies is the 239th CNA from USA."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "Integrated DNA Technologies’ Root is the CISA ICS Root."
+ }
+ ]
+ },
+ {
+ "id": 494,
+ "newsType": "news",
+ "title": "GE Vernova CNA Has Replaced General Electric (Gas Power) CNA",
+ "urlKeywords": "GE Vernova CNA Replaced General Electric Gas Power CNA",
+ "date": "2025-03-11",
+ "description": [
+ {
+ "contentnewsType": "paragraph",
+ "content": "As of March 11, 2025, the General Electric (Gas Power) CVE Numbering Authority (CNA), which became a CVE Program partner in 2022, has been replaced by the GE Vernova CNA. The GE Vernova CNA’s scope is: “All GE Vernova products.”"
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "To date, 445 CNAs (442 CNAs and 3 CNA-LRs) from 40 countries and 1 no country affiliation have partnered with the CVE Program. GE Vernova’s Root is the CISA ICS Root."
+ }
+ ]
+ },
+ {
+ "id": 493,
+ "displayOnHomepageOrder": 3,
+ "newsType": "blog",
+ "title": "Vulnerability Data Enrichment for CVE Records: 246 CNAs on the Enrichment Recognition List for March 10, 2025",
+ "urlKeywords": "CNA Enrichment Recognition List Update",
+ "date": "2025-03-11",
+ "author": {
+ "name": "CVE Program",
+ "organization": {
+ "name": "CVE Program",
+ "url": ""
+ },
+ "title": "",
+ "bio": ""
+ },
+ "description": [
+ {
+ "contentnewsType": "image",
+ "imageWidth": "",
+ "href": "/news/CnaEnrichmentRecognitionList.png",
+ "altText": "Increasing the Value of the CVE Record - CNA Enrichment Recognition List"
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "The “CNA Enrichment Recognition List” for March 10, 2025, is now available with 246 CNAs listed. Published every two weeks on the CVE website, the list recognizes those CVE Numbering Authorities (CNAs) that are actively providing enhanced vulnerability data in their CVE Records. CNAs are added to the list if they provide Common Vulnerability Scoring System (CVSS) and Common Weakness Enumeration (CWE™) information 98% of the time or more within the two-week period of their last published CVE Record."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "For more about the recognition list, see “Recognition for CNAs Actively Providing Vulnerability Data Enrichment for CVE Records.” To learn more about vulnerability information types like CVSS and CWE, see the CVE Record User Guide. View the most current CNA Enrichment Recognition List on the CVE website Metrics page here."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "CNA Enrichment Recognition List for March 10, 2025, with 246 CNAs listed:
9front Systems
Absolute Software
Acronis International GmbH
Adobe Systems Incorporated
Advanced Micro Devices Inc.
Alias Robotics S.L.
Amazon
AMI
AppCheck Ltd.
ARC Informatique
Arista Networks, Inc.
Asea Brown Boveri Ltd.
ASR Microelectronics Co., Ltd.
ASUSTeK Computer Incorporation
ATISoluciones Diseño de Sistemas Electrónicos, S.L.
Autodesk
Automotive Security Research Group (ASRG)
Avaya Inc.
Axis Communications AB
Baicells Technologies Co., Ltd.
Baxter Healthcare
Beckman Coulter Life Sciences
Becton, Dickinson and Company (BD)
BeyondTrust Inc.
Bitdefender
Black Duck Software, Inc.
BlackBerry
Brocade Communications Systems LLC, a Broadcom Company
Canon EMEA
Canon Inc.
Carrier Global Corporation
Cato Networks
CERT.PL
CERT@VDE
Check Point Software Technologies Ltd.
Checkmarx
Checkmk GmbH
cirosec GmbH
Cisco Systems, Inc.
ClickHouse, Inc.
Cloudflare, Inc.
Concrete CMS
Crafter CMS
CrowdStrike Holdings, Inc.
CyberArk Labs
CyberDanube
Cybersecurity and Infrastructure Security Agency (CISA) U.S. Civilian Government
Dassault Systèmes
Delinea, Inc.
Dell EMC
Delta Electronics, Inc.
Dfinity Foundation
DirectCyber
Docker Inc.
dotCMS LLC
Dragos, Inc.
Dutch Institute for Vulnerability Disclosure (DIVD)
Eaton
Eclipse Foundation
Elastic
EnterpriseDB Corporation
Environmental Systems Research Institute, Inc. (Esri)
Ericsson
ESET, spol. s r.o.
EU Agency for Cybersecurity (ENISA)
Exodus Intelligence
F5 Networks
Fedora Project (Infrastructure Software)
Fluid Attacks
Forcepoint
Forescout Technologies
ForgeRock, Inc.
Fortinet, Inc.
Fortra, LLC
Gallagher Group Ltd
GE Healthcare
Genetec Inc.
Gitea Limited
GitHub (maintainer security advisories)
GitHub Inc, (Products Only)
GitLab Inc.
Glyph & Cog, LLC
Google LLC
Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)
Grafana Labs
Gridware Cybersecurity
Hanwha Vision Co., Ltd.
HashiCorp Inc.
HeroDevs
HiddenLayer, Inc.
Hillstone Networks Inc.
Hitachi Energy
Hitachi Vantara
Hitachi, Ltd.
Honeywell International Inc.
HP Inc.
Huawei Technologies
HYPR Corp
IBM Corporation
ICS-CERT
Indian Computer Emergency Response Team (CERT-In)
Intel Corporation
Internet Systems Consortium (ISC)
Israel National Cyber Directorate
Ivanti
Jamf
JetBrains s.r.o.
JFROG
Johnson Controls
JPCERT/CC
Juniper Networks, Inc.
Kaspersky
KNIME AG
KrCERT/CC
Kubernetes
Lenovo Group Ltd.
Lexmark International Inc.
LG Electronics
Liferay, Inc.
Logitech
M-Files Corporation
Mattermost, Inc
Mautic
Microchip Technology
Microsoft Corporation
Milestone Systems A/S
Mitsubishi Electric Corporation
MongoDB
Moxa Inc.
N-able
National Cyber Security Centre - Netherlands (NCSC-NL)
National Cyber Security Centre Finland
National Cyber Security Centre SK-CERT
National Instruments
NetApp, Inc.
Netflix, Inc.
Netskope
NLnet Labs
NortonLifeLock Inc
Nozomi Networks Inc.
Nvidia Corporation
Odoo
Okta
OMRON Corporation
ONEKEY GmbH
Open Design Alliance
Open-Xchange
OpenAnolis
openEuler
OpenHarmony
OpenText (formerly Micro Focus)
OPPO
OTRS AG
Palantir Technologies
Palo Alto Networks
Panasonic Holdings Corporation
Pandora FMS
PaperCut Software Pty Ltd
Patchstack OÜ
Payara
Pegasystems
Pentraze Cybersecurity
Perforce
Phoenix Technologies, Inc.
PHP Group
Ping Identity Corporation
PlexTrac, Inc.
PostgreSQL
Progress Software Corporation
Proofpoint Inc.
Protect AI
Pure Storage, Inc.
QNAP Systems, Inc.
Qualcomm, Inc.
rami.io GmbH
Rapid7, Inc.
Real-Time Innovations, Inc.
Red Hat, Inc.
Robert Bosch GmbH
Roche Diagnostics
Rockwell Automation
SailPoint Technologies
Samsung TV & Appliance
SAP SE
SBA Research gGmbH
Schneider Electric SE
Schweitzer Engineering Laboratories, Inc.
Secomea
Securin
ServiceNow
SHENZHEN CoolKit Technology CO., LTD.
SICK AG
Siemens
Silicon Labs
Snow Software
Snyk
SoftIron
SolarWinds
Sonatype Inc.
Sophos
Spanish National Cybersecurity Institute, S.A.
Splunk
STAR Labs SG Pte. Ltd.
Super Micro Computer, Inc.
Suse
Switzerland National Cyber Security Centre (NCSC)
Synaptics
Synology Inc.
Talos
TeamViewer Germany GmbH
Teltonika Networks
Temporal Technologies Inc.
Tenable Network Security, Inc.
Thales Group
The Document Foundation
The Tcpdump Group
TianoCore.org
Tigera
Toshiba Corporation
TR-CERT (Computer Emergency Response Team of the Republic of Turkey)
Trellix
TWCERT/CC
TXOne Networks, Inc.
upKeeper Solutions
Vivo Mobile Communication Technology Co., LTD.
VulDB
VulnCheck
VULSec Labs
WatchGuard Technologies, Inc.
Western Digital
Wiz, Inc.
Wordfence
WSO2 LLC
Xerox Corporation
Xiaomi Technology Co Ltd
Yandex N.V.
Yokogawa Group
Yugabyte, Inc.
Zephyr Project
Zero Day Initiative
Zohocorp
Zoom Video Communications, Inc.
Zscaler, Inc.
ZTE Corporation
ZUSO Advanced Research Team (ZUSO ART)
Zyxel Corporation
"
+ }
+ ]
+ },
+ {
+ "id": 492,
+ "displayOnHomepageOrder": 2,
+ "newsType": "blog",
+ "title": "Full Agenda Now Available for CVE/FIRST VulnCon 2025 on April 7-10, 2025!",
+ "urlKeywords": "Full Agenda for CVE FIRST VulnCon 2025",
+ "date": "2025-03-11",
+ "author": {
+ "name": "CVE Program",
+ "organization": {
+ "name": "CVE Program",
+ "url": ""
+ },
+ "title": "",
+ "bio": ""
+ },
+ "description": [
+ {
+ "contentnewsType": "image",
+ "imageWidth": "",
+ "href": "/news/VulnCon2025.png",
+ "altText": "CVE/FIRST VulnCon 2025, April 7-10, 2025",
+ "captionText": "VulnCon 2025 Agenda"
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "The CVE Program and FIRST will co-host VulnCon 2025 at the McKimmon Center in Raleigh, North Carolina, USA, on April 7-10, 2025. The full agenda is available now on this conference web page or view the schedule by day."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "Monday, April 7 — View day 1 schedule Tuesday, April 8 — View day 2 schedule Wednesday, April 9 — View day 3 schedule Thursday, April 10 — View day 4 schedule"
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "
Virtual and In-Person Registration Options
"
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "CVE Numbering Authorities (CNAs) — VulnCon 2025 takes the place of the 2025 Spring CVE Global Summit."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "Registration, both virtual and in-person, is open on the VulnCon 2025 conference registration page hosted on the FIRST website."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "Discounted rates are not offered for this event regardless of membership or speaking status.
Virtual Admission: US $100.00
In-person Standard Admission (by March 15, 2025): US $300.00
In-person Late Rate Admission (after March 15, 2025): US $375.00
Registration fees for in-person attendance include four days of coffee breaks and buffet lunches, one networking reception hosted at the McKimmon Center, and applicable meeting materials.An offsite social event is planned for Tuesday, April 8, from 19:00-21:00 in downtown Raleigh. Location to be announced in January. You may purchase a ticket during your main registration or access a separate purchase form link found in your registration email confirmation. Tickets are $30 per person."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "
Venue
"
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "McKimmon Center North Carolina State University 1101 Gorman St. Raleigh, North Carolina 27606 USA"
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "
Learn More About VulnCon 2025
"
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "The purpose of the VulnCon — which is open to the public — is to collaborate with various vulnerability management and cybersecurity professionals to develop forward leaning ideas that can be taken back to individual programs for action to benefit the vulnerability management ecosystem. A key goal of the conference is to understand what important stakeholders and programs are doing within the vulnerability management ecosystem and best determine how to benefit the ecosystem broadly."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "For the most up-to-date information, visit the CVE/FIRST VulnCon 2025 conference page hosted on the FIRST website."
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "We look forward to seeing you at this exciting community event and encourage you to register today!"
+ }
+ ]
+ },
{
"id": 491,
+ "displayOnHomepageOrder": 1,
"newsType": "blog",
"title": "Please Complete Our “CVE Data Usage and Satisfaction Survey” by April 4, 2025",
"urlKeywords": "CVE Data Usage and Satisfaction Survey",
@@ -953,7 +1124,7 @@
},
{
"contentnewsType": "paragraph",
- "content": "Discounted rates are not offered for this event regardless of membership or speaking status.
Standard Admission (by March 9, 2025): US $300.00
Late Rate Admission (after March 9, 2025): US $375.00
Virtual Admission: US $100.00
Registration fees for in-person attendance include four days of coffee breaks and buffet lunches, one networking reception hosted at the McKimmon Center, and applicable meeting materials.An offsite social event is planned for Tuesday, April 8, from 19:00-21:00 in downtown Raleigh. Location to be announced in January. You may purchase a ticket during your main registration or access a separate purchase form link found in your registration email confirmation. Tickets are $30 per person."
+ "content": "Discounted rates are not offered for this event regardless of membership or speaking status.
In-person Standard Admission (by March 15, 2025): US $300.00
In-person Late Rate Admission (after March 15, 2025): US $375.00
Virtual Admission: US $100.00
Registration fees for in-person attendance include four days of coffee breaks and buffet lunches, one networking reception hosted at the McKimmon Center, and applicable meeting materials.An offsite social event is planned for Tuesday, April 8, from 19:00-21:00 in downtown Raleigh. Location to be announced in January. You may purchase a ticket during your main registration or access a separate purchase form link found in your registration email confirmation. Tickets are $30 per person."
},
{
"contentnewsType": "paragraph",
@@ -990,6 +1161,10 @@
{
"contentnewsType": "paragraph",
"content": "We look forward to seeing you at this exciting community event and encourage you to register today!"
+ },
+ {
+ "contentnewsType": "paragraph",
+ "content": "Note: This article was modified on March 11, 2025, to update the dates and deadlines for standard and late in-person admissions."
}
]
},
diff --git a/src/views/About/Metrics.vue b/src/views/About/Metrics.vue
index 7e96aa603..d27169cf3 100644
--- a/src/views/About/Metrics.vue
+++ b/src/views/About/Metrics.vue
@@ -295,8 +295,8 @@
CNA Enrichment Recognition List
-
Last Updated:
- Total CNAs: 240
+
Last Updated:
+ Total CNAs: 246
9front Systems
@@ -309,16 +309,18 @@
AMI
AppCheck Ltd.
ARC Informatique
+
Arista Networks, Inc.
Asea Brown Boveri Ltd.
ASR Microelectronics Co., Ltd.
ASUSTeK Computer Incorporation
+
ATISoluciones Diseño de Sistemas Electrónicos, S.L.
Autodesk
Automotive Security Research Group (ASRG)
Avaya Inc.
Axis Communications AB
Baicells Technologies Co., Ltd.
-
Baidu, Inc.
Baxter Healthcare
+
Beckman Coulter Life Sciences
Becton, Dickinson and Company (BD)
BeyondTrust Inc.
Bitdefender
@@ -334,8 +336,8 @@
Check Point Software Technologies Ltd.
Checkmarx
Checkmk GmbH
-
Ciena Corporation
cirosec GmbH
+
Cisco Systems, Inc.
ClickHouse, Inc.
Cloudflare, Inc.
Concrete CMS
@@ -380,11 +382,11 @@
GitLab Inc.
Glyph & Cog, LLC
Google LLC
+
Government Technology Agency of Singapore Cyber Security Group (GovTech CSG)