Who maintains the Common Vulnerabilities and Exposures (CVE) Dictionary?

The organization responsible for maintaining the Common Vulnerabilities and Exposures (CVE) Dictionary is the MITRE Corporation. MITRE is a not-for-profit organization that operates federally funded research and development centers in the United States and plays a critical role in cybersecurity. It developed the CVE system to provide a publicly available list of common names (or "identifiers") for publicly known cybersecurity vulnerabilities and exposures, which helps facilitate the sharing of data across different security products and organizations.

MITRE's efforts in managing the CVE Dictionary aim to improve the consistency of how these vulnerabilities are referenced, thereby assisting security professionals and organizations in identifying and managing vulnerabilities effectively. The CVE entries make it easier for organizations to communicate about vulnerabilities and respond to them, promoting a more coordinated defense against threats.