CISA Advocates for Greater AI Company Involvement in CVE Program Amid Rising Vulnerability Reports
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is advocating for increased involvement of artificial intelligence (AI) companies in the Common Vulnerabilities and Exposures (CVE) program. Lindsey Cerkovnik, chief of the Vulnerability Response & Coordination Branch at CISA, emphasized the need for AI companies like OpenAI and Anthropic to play a larger role in software vulnerability disclosures. This call comes as the CVE program, managed by MITRE and sponsored by CISA, experiences a rapid increase in reported vulnerabilities. The introduction of new AI tools is expected to further accelerate this growth. Recently, Anthropic launched the Claude Mythos Preview, a large language model designed to autonomously identify and fix cybersecurity vulnerabilities. Similarly, OpenAI released GPT-5.4-Cyber, a version of its AI model fine-tuned for cybersecurity applications. These developments highlight the potential for AI to significantly impact the identification and management of software vulnerab... 
