The European Union is stepping forward to reinforce what many experts describe as a bedrock cyber vulnerability tracking system, as questions linger over the long-term sustainability of the Common Vulnerabilities and Exposures Program. The initiative, widely relied upon by cybersecurity professionals worldwide, has come under renewed scrutiny following a contracting scare involving MITRE, prompting discussions about diversification of support and governance. 

The vulnerability cataloging system, first launched in 1999, provides a standardized framework for identifying publicly known cybersecurity flaws. Each vulnerability is assigned to a unique identifier, enabling researchers, vendors, ...