Celebrating 25 Years of the CVE Program

The Common Vulnerabilities and Exposures (CVE®) Program is celebrating its 25th anniversary today! This marks a major milestone in global cybersecurity. Since 1999, the CVE Program has been critical in helping organizations identify, manage and mitigate cybersecurity vulnerabilities through worldwide collaboration. Today, with over 240,000 CVE Records and more than 400 CVE Numbering Authorities (CNAs) across 40 countries, CVE remains a vital resource for vulnerability management and a key component of cybersecurity defense.

For more insights into the CVE Program and its impact on global cybersecurity, read the CVE 25th Anniversary Report.

Payara’s Role in CVE and Cybersecurity

At Payara, we understand the importance of robust security in enterprise applications. Through our fully supported Jakarta EE application server, Payara Platform Enterprise, we provide advanced tools designed to protect mission-critical applications and ensure compliance with ever-evolving cybersecurity regulations.

In line with our commitment to help users build secure and regulatory compliant applications, we are proud to serve as a CVE Numbering Authority (CNA), working with the CVE Program to quickly identify, report and resolve security vulnerabilities. Our focus on transparency and proactive resolution helps our clients mitigate risks and maintain secure application environments.

Why Vulnerability Management is Critical for Enterprise Applications

Effective vulnerability management is essential for safeguarding enterprise and web applications, particularly in industries subject to strict compliance requirements. We offer standards-based APIs and advanced security features to protect application resources and secure data transmitted over unprotected networks, including the internet.

By aligning with global security standards such as the National Institute of Standards and Technology (NIST)and its Federal Information Processing Standards (FIPS) as well as the Open Web Application Security Project (OWASP) guidelines, Payara ensures enterprises can meet regulatory and security requirements. Additionally, we actively participate in the Eclipse Foundation’s Open Regulatory Compliance Working Group, which develops frameworks to help organizations adhere to regulations such as the EU Cyber Resilience Act (CRA).

Driving Cybersecurity Forward with Payara and CVE

As the CVE Program marks its 25th anniversary, we remain committed to enhancing security in our Jakarta EE and MicroProfile runtimes. By choosing us as your partner, you gain access to cutting-edge tools, expert support and security know-how to protect your critical applications, reduce cybersecurity threats as well ensure compliance with global standards. To learn more about how you can develop applications with minimal security risks, download our guide here: