
Why are vulnerabilities out of control in 2024?
Updated 2025-01-16: Since writing this post, there’s now a vulnerability focused discord you can join to discuss vulnerabilities. You can join with this link If you follow the vulnerability world, 2024 is starting to feel like we’ve become trapped in the mirror universe. NVD collapsed, the Linux kernel is generating a huge number of CVE IDs, CISA is maybe enriching the CVE data, and the growth rate of CVE is higher than its ever been. It feels like we’re careening off a cliff in the clown car where half the people are trapped inside trying to get out, and the other half are laughing at the clown honking its nose. ...