As US vuln-tracking falters, EU enters with its own security bug database

https://www.theregister.com/2025/05/13/eu_security_bug_database/

67•voxadam•3h ago

Comments

ta1243•2h ago

The is from a 2022 EU directive, well before recent US government actions, it's been developed for quite some time.

OJFord•2h ago

TFA doesn't hide or sensationalise that, makes the point that it's timely.

devrandoom•2h ago

It's sad to see the US being dismantled from within.

loloquwowndueo•1h ago

Is it though? pass the popcorn

lenerdenator•45m ago

For most sane people, yes.

FirmwareBurner•59m ago

People from post communist countries who saw what actual government dismantling looks like, will argue otherwise.

lenerdenator•42m ago

More of a dismantling-in-place, but still a dismantling.

FirmwareBurner•35m ago

Where are the arguments for that?

lenerdenator•32m ago

The idea is to greatly reduce the size of the administrative state and take what used to be functions of government and make them either go away entirely or privatize them.

Whether this is a good idea or not is not what I'm getting at, but yeah, it's a major dismantling of institutions that touch the everyday lives of Americans (and the world).

daveguy•29m ago

Agreed. This is very clearly laid out in Project 2025, which is guiding this administration's policies.

peterhadlaw•29m ago

100% agreed. The best part is nobody ever could provide an explanation for when the beast of bureaucracy would stop being fed. It is just a given that it must grow and grow and grow. Whether you voted for it or not. And don't you dare question it because questioning it is Fascism (from people who have never seen the actual results of real Fascism).

jrockway•14m ago

The government could be more efficient, but you have to look at the exact choices being made by the current administration. Why are we heavily taxing trade and the flow of ideas? Why are we dismantling our military with 2 major wars going on? Why are we being soft on financial crimes and crypto scams? Why are we accepting personal gifts from nation states? Why are we micromanaging medical care? Why are we removing our "soft power" influence? Why are we spending our money to "crack down" on people with autism? Why are we using the government's money to fund religious indoctrination?

There is always an argument to make the government more efficient, but I don't think this <gestures> is what anyone really has in mind. People want cheaper eggs, the ability to receive medical care, the ability to stabilize their living situation through property ownership, and a stable job. What are we doing about those things? The reality is that the "machine" has always tried to add stability in those areas, and throwing away the machine isn't making things better for anyone. Like, if we made the government so efficient, why am I still paying 40% of my income in taxes?

When we disappear people to El Salvador without trial, that's fascism, my friend.

peterhadlaw•1m ago

The thing with Americans is that they've had it so good for so long they don't even know what bad looks like. People who come from oppressive governments and have lived through it actually do. Notice I never mentioned efficiency in my original post, you assumed that's what I meant. I meant the oppressive nature of just the shear unending growth of the US government and the weight that bears upon it's people, it's business, and most importantly it's morale.

Duwensatzaj•16m ago

I’m very torn. Obviously USAID, NSF and academia in general do valuable things. But when organizations get hijacked and used as a slush fund to fund naked ideological activities and organizations barely related to the original purpose, I’m not surprised when the eventual response is to just hack and slash. I wish it was done more thoughtfully and carefully, but that doesn’t appear to be a choice. Just a choice of funding hostile NGOs and academics who endorse discrimination in education, employment, health care and even law nowadays or the current mess. It all sucks and I don’t have any solutions other than focusing on my career and family.

gadders•2h ago

"Register readers — especially those tasked with vulnerability management — will recall that the US government's funding for the CVE program was set to expire in April until the US Cybersecurity and Infrastructure Security Agency, aka CISA, swooped in at the 11th hour and renewed the contract with MITRE to operate the initiative."

https://en.wikipedia.org/wiki/Washington_Monument_syndrome

j_walter•2h ago

>>>and quietly rolled out a limited-access beta version last month during a period of uncertainty surrounding the United States' Common Vulnerabilities and Exposures (CVE) program.

You mean the 24 hour period where people freaked out and assumed things that weren't true? The renewal came down to the wire just like most do during negotiations...MITRE tossed the news out there to stir up concerns but it was all just sensationalized. A "funding lapse" is not the same as "contract not renewed yet"...

lesuorac•2h ago

"This comes after the Feds decided not to renew their long-standing contract with nonprofit research hub MITRE to operate the CVE database." [1]

Doesn't seem like an untrue assumption. Feds decided not to renew the contract, people got upset, and later the feds decided to renew the contract the night it would expire [1].

This is like saying Y2K is a nothingburger because people updated the code to handle more than 2 digit years. It's because of the people getting upset that triggered a preventative measure preventing the problem. It's just the superman movie [2], if the kid just listened to clark kent then superman would've never been necessary.

[1]: https://www.theregister.com/2025/04/16/cve_program_funding_s...

[2]: https://youtu.be/-ikd_hRnVR4?t=69

j_walter•8m ago

Review Peter Allor's comments...struggles on who pays and who should be the long term controller of this program was what led to the push right up to the last minute. As usual in government if you don't push hard enough nothing will change...and I still see nothing from CISA regarding their views on what happened...all we see is conjecture from MITRE and joy because they got their $$$.

tptacek•37m ago

This is a weird headline, because CISA did in fact end up funding NVD.

I wish people cared less about this particular issue, though, because we'd do fine with a non-government-sponsored CVE.

daveguy•32m ago

Well it certainly did falter (but not cease) due to incompetent leadership and guidance. We are seeing it throughout the government because the primary goal of this administration is to dismantle so that it can be reformed for their benefit.

It's more of a "break fast and move things" approach.

davidw•24m ago

If European leaders were quick on their feet and smart, they would be dialing up the "brain-draining" of the US to 11.

t-writescode•9m ago

What would that look like? I imagine most Europeans don’t want to recreate the United Stated and its personality in their countries, for example.

And many countries already have relatively easy visa processes for skilled workers, which would be what these scientists, developers, etc are.

Writing that changed how I think about PL

Show HN: Panels for macOS – Comic Reader for iOS available on the Mac

Calisthenics

The Max Headroom Chronicles

Show HN: Stop Reels – Block Instagram/Facebook/TikTok Reels, Keep the Rest

Native Farmers Pair Ancestral Knowledge with Climate Expertise

Ask HN: Automating Unit Tests

ESPN's new all-access streaming app will cost $29.99 per month

Pope addressed AI as a matter of concern

Show HN: How to make your MCP clients more context-aware

AI therapy is a surveillance machine in a police state

Three things we learned about Sam Altman by scoping his kitchen

Tough microbes found in NASA cleanrooms hold clues to space survival and biotech

Photographer's Lawsuit Could Redefine When Creators Can Sue for Infringement

SmolVLM: Real-time camera-based objection detection demo using llama.cpp

Interview with Seth Godin: On Strategy, Stories and How to Hack Back

Cryptocurrency boss' daughter escapes kidnapping attempt in Paris

Earthquake fault rupture: M7.9 surface rupture near Thazi, Myanmar [video]

ETH Zurich researchers discover new security vulnerability in Intel processors

The most useful data your startup probably isn't gathering

Apple Preparing to Launch Mind-Control Support for iPhones

Phones Aren't the Problem – Consumption Is

Lock-Free Rust: How to Build a Rollercoaster While It's on Fire

Coding Should Be a Vibe

AmpereOne M Brings the Big 12-Channel Socket to Its Arm CPUs

GitHub Issues search now supports nested queries and boolean operators

Sustainable by Design: A playbook to decarbonize digital products

Education giant Pearson hit by cyberattack exposing customer data

Linus Torvalds returns to mechanical keyboards

2025 Clarke Award Shortlist