Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

What is incorrect about the post above? There are citations from multiple reputable news outlets for each claim.

People who actually work with CVEs have been posting about this problem on HN for 18 months.



Your post has now been edited to be factually correct. But the misleading implication that this abrupt cut is part of some other cuts that started before remains.


Anyone that silently edits their posts after being called out for misleading statements or lies is arguing in bad faith.

If you still have a cached copy of their original post you should publicly edit your earliest reply with their original quote.


The post (currently AND previous to comments being moved here from a different HN thread) links to the official _2024_ (not 2025) statement about NVD cutbacks. Here's a 3000 word article with quotes from Linux Foundation and commercial vendors, around the same time, https://news.ycombinator.com/item?id=43700884


NVD != CVE


NIST owns the budget for both NVD and CVE, contracting MITRE to operate the CVE program.

NIST budget was cut 12% in FY 2024 (Oct 2023 - Sep 2024).

An earlier bill to supplement NIST funding has been reintroduced in 2025, https://fedscoop.com/public-private-partnerships-bill-nist-h...




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: