US-based nonprofit corporation MITRE announced on Tuesday, April 15, that a looming service disruption could impact the global cybersecurity landscape. In a letter addressed to its board members that was leaked on the decentralized social media platform Bluesky, MITRE Vice President and Director of the Center for Securing the Homeland Yosry Barsoum said that its federal contract is set to expire today, April 16.The contract allows the organization to operate, develop, and modernize its highly regarded Common Vulnerabilities and Exposures (CVE) repository. This helps identify, catalog, and share known cybersecurity threats to keep systems and data secure. The letter didn’t specify the reason for the contract’s expiry. However, it could be related to the US government’s cost-cutting measures led by Elon Musk’s Department of Government Agency.This impacts sectors like the Cybersecurity and Infrastructure Security Agency’s (CISA) budget, which is the MITRE CVE program’s primary sponsor. The budget cut may also explain MITRE’s announcement that it will cut 442 jobs effective June 3.Rise in Security Threats Expected Established in 1999, the CVE system is a cornerstone of cybersecurity as we know it, enabling governments, researchers, and organizations worldwide to identify, track, and patch security threats efficiently. It was pivotal in tracking some of the biggest cyber threats in history, including the ransomware WannaCry and SolarWinds Sunburst, a cyberattack on the US federal government. Without funding, the program’s ability to operate would be severely compromised, potentially causing widespread global consequences. If CVE is not picked up by anyone else, sharing threat intelligence and developing critical security patches would slow down significantly. This gap could be exploited by bad actors, from individual hackers to state-sponsored groups, thus increasing the risk of successful cyberattacks. It would also complicate the coordination between different entities. Security researcher Lukasz Olejnik said on X that: This would result in a situation where “no one will be certain they are referring to the same vulnerability. Total chaos, and a sudden weakening of cybersecurity across the board.” – Lukasz Olejnik via X This development could also harm US national security on an even broader scale. The reduction in CISA’s budget will impact MITER and the agency’s ability to provide adequate cybersecurity and infrastructure protection. Like MITRE, CISA is set to cut its workforce, which may impact 1300 people. What’s Next for MITRE’s CVE Program While Barsoum added that the ’government continues to make considerable efforts to continue MITRE’s role in support of the program,’ it’s uncertain how long this will last. Not all is lost, though. If the program goes offline, its historical CVE records will still be available on GitHub. Plus, a global network of CVE Numbering Authorities (CNA) can continue to assign vulnerabilities with CVE IDs and publish CVE records.These CNAs include tech giants Apple, Google, and Microsoft which regularly issue CVE IDs and deploy patches. Despite that, MITRE’s central role in the CVE program cannot be dismissed entirely.In a LinkedIn post, Patrick Garrity, a security researcher at cybersecurity intelligence platform VulnCheck, also revealed that it has proactively reserved 1,000 CVEs for 2025 in response to the uncertainty at MITRE. Garrity commented that: “VulnCheck is closely monitoring the situation to ensure that both the community and our customers continue to receive timely, accurate vulnerability data,” As technology continues to evolve—from the return of 'dumbphones' to faster and sleeker computers—seasoned tech journalist, Cedric Solidon, continues to dedicate himself to writing stories that inform, empower, and connect with readers across all levels of digital literacy. With 20 years of professional writing experience, this University of the Philippines Journalism graduate has carved out a niche as a trusted voice in tech media. Whether he's breaking down the latest advancements in cybersecurity or explaining how silicon-carbon batteries can extend your phone’s battery life, his writing remains rooted in clarity, curiosity, and utility. Long before he was writing for Techreport, HP, Citrix, SAP, Globe Telecom, CyberGhost VPN, and ExpressVPN, Cedric's love for technology began at home courtesy of a Nintendo Family Computer and a stack of tech magazines. Growing up, his days were often filled with sessions of Contra, Bomberman, Red Alert 2, and the criminally underrated Crusader: No Regret. But gaming wasn't his only gateway to tech.  He devoured every T3, PCMag, and PC Gamer issue he could get his hands on, often reading them cover to cover. It wasn’t long before he explored the early web in IRC chatrooms, online forums, and fledgling tech blogs, soaking in every byte of knowledge from the late '90s and early 2000s internet boom. That fascination with tech didn’t just stick. It evolved into a full-blown calling. After graduating with a degree in Journalism, he began his writing career at the dawn of Web 2.0. What started with small editorial roles and freelance gigs soon grew into a full-fledged career. He has since collaborated with global tech leaders, lending his voice to content that bridges technical expertise with everyday usability. He’s also written annual reports for Globe Telecom and consumer-friendly guides for VPN companies like CyberGhost and ExpressVPN, empowering readers to understand the importance of digital privacy. His versatility spans not just tech journalism but also technical writing. He once worked with a local tech company developing web and mobile apps for logistics firms, crafting documentation and communication materials that brought together user-friendliness with deep technical understanding. That experience sharpened his ability to break down dense, often jargon-heavy material into content that speaks clearly to both developers and decision-makers. At the heart of his work lies a simple belief: technology should feel empowering, not intimidating. Even if the likes of smartphones and AI are now commonplace, he understands that there's still a knowledge gap, especially when it comes to hardware or the real-world benefits of new tools. His writing hopes to help close that gap. Cedric’s writing style reflects that mission. It’s friendly without being fluffy and informative without being overwhelming. Whether writing for seasoned IT professionals or casual readers curious about the latest gadgets, he focuses on how a piece of technology can improve our lives, boost our productivity, or make our work more efficient. That human-first approach makes his content feel more like a conversation than a technical manual. As his writing career progresses, his passion for tech journalism remains as strong as ever. With the growing need for accessible, responsible tech communication, he sees his role not just as a journalist but as a guide who helps readers navigate a digital world that’s often as confusing as it is exciting. From reviewing the latest devices to unpacking global tech trends, Cedric isn’t just reporting on the future; he’s helping to write it. View all articles by Cedric Solidon Our editorial process The Tech Report editorial policy is centered on providing helpful, accurate content that offers real value to our readers. We only work with experienced writers who have specific knowledge in the topics they cover, including latest developments in technology, online privacy, cryptocurrencies, software, and more. Our editorial policy ensures that each topic is researched and curated by our in-house editors. We maintain rigorous journalistic standards, and every article is 100% written by real authors.