Want to create an interactive transcript for this episode?
Podcast: FINOS Open Source in Finance Podcast
Episode: Communications Very Erratic (CVE): Stabilizing Vuln Data for the Industry (OSFF NY Preview)
Description: 🚨 What happens when the backbone of vulnerability reporting wobbles? In April 2025, funding shocks to CVE/CWE—and the downstream NVD—sparked panic before a short-term lifeline appeared. The uncertainty hasn’t gone away.In this clip:Christopher “CRob” Robinson, CTO & Chief Security Architect, OpenSSF (The Linux Foundation)CRob previews his OSFF NY session on why reliable, authoritative vulnerability metadata is critical for banks, regulated enterprises, and open source maintainers—and what upstream is doing about it. He walks through the recent CVE/NVD turbulence, why downstream teams (risk, OSPOs, product owners) struggle to meet regulatory obligations without stable data, and how the ope...