Author: Sarah Collins

According to recent analysis, approximately one-third of CVE vulnerability reports may be meaningless or disputed. Industry leaders are calling for substantial reforms to how security vulnerabilities are identified and scored, citing systemic issues with current approaches.

Vulnerability Identification Systems Under Scrutiny

Major cybersecurity vulnerability identification and scoring systems require significant overhaul, according to recent analysis from security industry leaders. Sources indicate that both the Common Vulnerabilities and Exposures (CVE) system and the Common Vulnerability Scoring System (CVSS) suffer from fundamental flaws that undermine their reliability.