#cves — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #cves, aggregated by home.social.
-
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
🚨 OMG, #dnsmasq is exploding! 🚨 In a shocking twist of fate, CERT drops six #CVEs on lazy vendors who didn't realize their software was a ticking time bomb. Apparently, "longstanding bugs" means "we've ignored this for years, but now it's an emergency" 😂.
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html #cybersecurity #softwarebugs #vendorresponsibility #emergencyfix #HackerNews #ngated -
🚨 OMG, #dnsmasq is exploding! 🚨 In a shocking twist of fate, CERT drops six #CVEs on lazy vendors who didn't realize their software was a ticking time bomb. Apparently, "longstanding bugs" means "we've ignored this for years, but now it's an emergency" 😂.
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html #cybersecurity #softwarebugs #vendorresponsibility #emergencyfix #HackerNews #ngated -
🚨 OMG, #dnsmasq is exploding! 🚨 In a shocking twist of fate, CERT drops six #CVEs on lazy vendors who didn't realize their software was a ticking time bomb. Apparently, "longstanding bugs" means "we've ignored this for years, but now it's an emergency" 😂.
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html #cybersecurity #softwarebugs #vendorresponsibility #emergencyfix #HackerNews #ngated -
🚨 OMG, #dnsmasq is exploding! 🚨 In a shocking twist of fate, CERT drops six #CVEs on lazy vendors who didn't realize their software was a ticking time bomb. Apparently, "longstanding bugs" means "we've ignored this for years, but now it's an emergency" 😂.
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html #cybersecurity #softwarebugs #vendorresponsibility #emergencyfix #HackerNews #ngated -
🚨 OMG, #dnsmasq is exploding! 🚨 In a shocking twist of fate, CERT drops six #CVEs on lazy vendors who didn't realize their software was a ticking time bomb. Apparently, "longstanding bugs" means "we've ignored this for years, but now it's an emergency" 😂.
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html #cybersecurity #softwarebugs #vendorresponsibility #emergencyfix #HackerNews #ngated -
CERT is releasing six CVEs for serious security vulnerabilities in dnsmasq
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html
#HackerNews #CERT #CVEs #dnsmasq #security #vulnerabilities #cybersecurity #patches
-
CERT is releasing six CVEs for serious security vulnerabilities in dnsmasq
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html
#HackerNews #CERT #CVEs #dnsmasq #security #vulnerabilities #cybersecurity #patches
-
CERT is releasing six CVEs for serious security vulnerabilities in dnsmasq
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html
#HackerNews #CERT #CVEs #dnsmasq #security #vulnerabilities #cybersecurity #patches
-
CERT is releasing six CVEs for serious security vulnerabilities in dnsmasq
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html
#HackerNews #CERT #CVEs #dnsmasq #security #vulnerabilities #cybersecurity #patches
-
CERT is releasing six CVEs for serious security vulnerabilities in dnsmasq
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2026q2/018471.html
#HackerNews #CERT #CVEs #dnsmasq #security #vulnerabilities #cybersecurity #patches
-
Non-determinism is an issue with patching CVEs
https://flox.dev/blog/achieving-rapid-cve-remediation-in-an-era-of-escalating-vulnerabilities/
#HackerNews #Non-determinism #CVEs #patching #vulnerabilities #security #software #development
-
Non-determinism is an issue with patching CVEs
https://flox.dev/blog/achieving-rapid-cve-remediation-in-an-era-of-escalating-vulnerabilities/
#HackerNews #Non-determinism #CVEs #patching #vulnerabilities #security #software #development
-
Non-determinism is an issue with patching CVEs
https://flox.dev/blog/achieving-rapid-cve-remediation-in-an-era-of-escalating-vulnerabilities/
#HackerNews #Non-determinism #CVEs #patching #vulnerabilities #security #software #development
-
Non-determinism is an issue with patching CVEs
https://flox.dev/blog/achieving-rapid-cve-remediation-in-an-era-of-escalating-vulnerabilities/
#HackerNews #Non-determinism #CVEs #patching #vulnerabilities #security #software #development
-
Non-determinism is an issue with patching CVEs
https://flox.dev/blog/achieving-rapid-cve-remediation-in-an-era-of-escalating-vulnerabilities/
#HackerNews #Non-determinism #CVEs #patching #vulnerabilities #security #software #development
-
Exposure Management Platforms Face Validation Test
Are you tired of filling dashboards with green and closing hundreds of tickets, only to wonder if your organization is truly safer? The harsh reality is that most exposure management platforms fall short in connecting remediation to real risk reduction.
#ExposureManagement #VulnerabilityManagement #Cves #RiskReduction #Remediation
-
Ah, #Rust, the golden child of #programming languages that was supposed to eradicate #bugs like a magic wand. 🪄✨ Yet here we are, in 2026, discovering that even the mighty Rust can't catch everything — 44 #CVEs worth in a single audit! 🤦♂️ Apparently, the real bug is believing any language is infallible. 🐛🔍
https://corrode.dev/blog/bugs-rust-wont-catch/ #SoftwareDevelopment #Infallibility #HackerNews #ngated -
Ah, #Rust, the golden child of #programming languages that was supposed to eradicate #bugs like a magic wand. 🪄✨ Yet here we are, in 2026, discovering that even the mighty Rust can't catch everything — 44 #CVEs worth in a single audit! 🤦♂️ Apparently, the real bug is believing any language is infallible. 🐛🔍
https://corrode.dev/blog/bugs-rust-wont-catch/ #SoftwareDevelopment #Infallibility #HackerNews #ngated -
Ah, #Rust, the golden child of #programming languages that was supposed to eradicate #bugs like a magic wand. 🪄✨ Yet here we are, in 2026, discovering that even the mighty Rust can't catch everything — 44 #CVEs worth in a single audit! 🤦♂️ Apparently, the real bug is believing any language is infallible. 🐛🔍
https://corrode.dev/blog/bugs-rust-wont-catch/ #SoftwareDevelopment #Infallibility #HackerNews #ngated -
Ah, #Rust, the golden child of #programming languages that was supposed to eradicate #bugs like a magic wand. 🪄✨ Yet here we are, in 2026, discovering that even the mighty Rust can't catch everything — 44 #CVEs worth in a single audit! 🤦♂️ Apparently, the real bug is believing any language is infallible. 🐛🔍
https://corrode.dev/blog/bugs-rust-wont-catch/ #SoftwareDevelopment #Infallibility #HackerNews #ngated -
Ah, #Rust, the golden child of #programming languages that was supposed to eradicate #bugs like a magic wand. 🪄✨ Yet here we are, in 2026, discovering that even the mighty Rust can't catch everything — 44 #CVEs worth in a single audit! 🤦♂️ Apparently, the real bug is believing any language is infallible. 🐛🔍
https://corrode.dev/blog/bugs-rust-wont-catch/ #SoftwareDevelopment #Infallibility #HackerNews #ngated -
40,000+ CVEs in a year. For many teams, #Kubernetes has turned into a vulnerability battlefield. @cat_edelveis explains why chasing #CVEs doesn’t scale—and what to do instead.
Learn how to move from noise to controlled risk: https://javapro.io/2026/04/14/modernizing-production-containers-to-resist-the-constant-cve-flow/
#DevOps @kubernetesio
-
40,000+ CVEs in a year. For many teams, #Kubernetes has turned into a vulnerability battlefield. @cat_edelveis explains why chasing #CVEs doesn’t scale—and what to do instead.
Learn how to move from noise to controlled risk: https://javapro.io/2026/04/14/modernizing-production-containers-to-resist-the-constant-cve-flow/
#DevOps @kubernetesio
-
130 new #CVEs are disclosed every day.
Learn how to filter out the 95% of "noise" and focus on vulnerabilities that are actually exploitable in production.
Check out the latest guest blog from Jonas Rosland (Sysdig)
-
130 new #CVEs are disclosed every day.
Learn how to filter out the 95% of "noise" and focus on vulnerabilities that are actually exploitable in production.
Check out the latest guest blog from Jonas Rosland (Sysdig)
-
130 new #CVEs are disclosed every day.
Learn how to filter out the 95% of "noise" and focus on vulnerabilities that are actually exploitable in production.
Check out the latest guest blog from Jonas Rosland (Sysdig)
-
130 new #CVEs are disclosed every day.
Learn how to filter out the 95% of "noise" and focus on vulnerabilities that are actually exploitable in production.
Check out the latest guest blog from Jonas Rosland (Sysdig)
-
130 new #CVEs are disclosed every day.
Learn how to filter out the 95% of "noise" and focus on vulnerabilities that are actually exploitable in production.
Check out the latest guest blog from Jonas Rosland (Sysdig)
-
Hundreds of #CVEs per scan. Tickets piling up. Teams start ignoring alerts. This isn’t a tooling issue—it’s a system design problem. Catherine Edelveis shows how to reduce CVE noise with hardened base images. See how to regain control: https://javapro.io/2026/04/14/modernizing-production-containers-to-resist-the-constant-cve-flow/
#DevOps @Docker
-
Hundreds of #CVEs per scan. Tickets piling up. Teams start ignoring alerts. This isn’t a tooling issue—it’s a system design problem. Catherine Edelveis shows how to reduce CVE noise with hardened base images. See how to regain control: https://javapro.io/2026/04/14/modernizing-production-containers-to-resist-the-constant-cve-flow/
#DevOps @Docker
-
While many organizations have mastered pre-deployment scanning, a massive blind spot remains: post-deployment vulnerability detection. As Tracy Ragan explains in her latest blog, software that is secure at release can become vulnerable as new #CVEs are disclosed.
https://openssf.org/blog/2026/04/03/rethinking-post-deployment-vulnerability-detection/
-
While many organizations have mastered pre-deployment scanning, a massive blind spot remains: post-deployment vulnerability detection. As Tracy Ragan explains in her latest blog, software that is secure at release can become vulnerable as new #CVEs are disclosed.
https://openssf.org/blog/2026/04/03/rethinking-post-deployment-vulnerability-detection/
-
While many organizations have mastered pre-deployment scanning, a massive blind spot remains: post-deployment vulnerability detection. As Tracy Ragan explains in her latest blog, software that is secure at release can become vulnerable as new #CVEs are disclosed.
https://openssf.org/blog/2026/04/03/rethinking-post-deployment-vulnerability-detection/
-
While many organizations have mastered pre-deployment scanning, a massive blind spot remains: post-deployment vulnerability detection. As Tracy Ragan explains in her latest blog, software that is secure at release can become vulnerable as new #CVEs are disclosed.
https://openssf.org/blog/2026/04/03/rethinking-post-deployment-vulnerability-detection/
-
While many organizations have mastered pre-deployment scanning, a massive blind spot remains: post-deployment vulnerability detection. As Tracy Ragan explains in her latest blog, software that is secure at release can become vulnerable as new #CVEs are disclosed.
https://openssf.org/blog/2026/04/03/rethinking-post-deployment-vulnerability-detection/
-
OpenClaw-Werkzeugkasten, Teil X – neu:
OpenClaw Security: 500.000 Instances, 3 ungepatchte CVEs, kein Enterprise Kill-Switch
https://agentenlog.de/posts/2026-04-01-openclaw-security-500k-instances-3-unpatched-cves-no-enterprise-kill-switch
#Agentenlog #OpenClaw #security #cves -
Time for a #rescue mission at #JCON2026 🚨
Your #Java container image is bloated, full of #CVEs, and one bad base image away from disaster?
Catherine Edelveis shows how to shrink, pin, scan and sign your images in 45 minutes.
https://youtube.com/shorts/TH5tVysKO4A
🎟️https://2026.europe.jcon.one/tickets -
Time for a #rescue mission at #JCON2026 🚨
Your #Java container image is bloated, full of #CVEs, and one bad base image away from disaster?
Catherine Edelveis shows how to shrink, pin, scan and sign your images in 45 minutes.
https://youtube.com/shorts/TH5tVysKO4A
🎟️https://2026.europe.jcon.one/tickets -
Time for a #rescue mission at #JCON2026 🚨
Your #Java container image is bloated, full of #CVEs, and one bad base image away from disaster?
Catherine Edelveis shows how to shrink, pin, scan and sign your images in 45 minutes.
https://youtube.com/shorts/TH5tVysKO4A
🎟️https://2026.europe.jcon.one/tickets