{"guid":"aa191d1c-70c5-52b1-8f04-3b1653fcc45f","title":"Panic at the CVE-o-theque","subtitle":null,"slug":"eh22-138-panic-at-the-cve-o-theque","link":"https://cfp.eh22.easterhegg.eu/eh22/talk/CST9KM/","description":"The recent breakdown in centralized CVE handling and databases has caused quite the ruckus in the IT-Sec community. 48 hours later funding is yet again (temporarily) secure, several additional databases, organizations and numbering systems have come forward.\n\nWhat can organizations do to cope with the situation? What should our role as community be moving forward? What can you specifically do depending on your position in your organization? What recommendations can we give to management about how to handle the situation?\n\nThe recent breakdown in centralized CVE handling and databases has caused quite the ruckus in the IT-Sec community. 48 hours later funding is yet again (temporarily) secure, several additional databases, organizations and numbering systems have come forward. However, we should not disregard the temporary panic as \"false alarm\" and go back to the old status quo. The split brain between the several databases has already occurred, insecurity and distrust have grown and must be taken seriously.\n\nWhat can organizations do to cope with the situation? What should our role as community be moving forward? What can you specifically do depending on your position in your organization? What recommendations can we give to management about how to handle the situation?\n\nThis is a short breakdown on the personal experience within the last few days. As the situation is still ever-changing I cannot yet present proven strategies, so prepare mainly for thought processes and pointers on where to start from here.\n\nLicensed to the public under https://creativecommons.org/licenses/by/4.0/","original_language":"eng","persons":["pennylane"],"tags":["138","2025","eh22","Talk","P1 Workshop","eh22-eng","Day 3"],"view_count":369,"promoted":false,"date":"2025-04-20T12:45:00.000+02:00","release_date":"2025-04-20T00:00:00.000+02:00","updated_at":"2026-04-03T15:30:04.478+02:00","length":1753,"duration":1753,"thumb_url":"https://static.media.ccc.de/media/conferences/eh2025/138-aa191d1c-70c5-52b1-8f04-3b1653fcc45f.jpg","poster_url":"https://static.media.ccc.de/media/conferences/eh2025/138-aa191d1c-70c5-52b1-8f04-3b1653fcc45f_preview.jpg","timeline_url":"https://static.media.ccc.de/media/conferences/eh2025/138-aa191d1c-70c5-52b1-8f04-3b1653fcc45f.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/conferences/eh2025/138-aa191d1c-70c5-52b1-8f04-3b1653fcc45f.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/eh22-138-panic-at-the-cve-o-theque","url":"https://api.media.ccc.de/public/events/aa191d1c-70c5-52b1-8f04-3b1653fcc45f","conference_title":"Easterhegg 2025: Unhandled Eggception","conference_url":"https://api.media.ccc.de/public/conferences/eh22","related":[],"recordings":[{"size":26,"length":1753,"mime_type":"audio/mpeg","language":"eng","filename":"eh22-138-eng-Panic_at_the_CVE-o-theque_mp3.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2025-04-20T22:31:29.090+02:00","recording_url":"https://cdn.media.ccc.de/events/eh2025/mp3/eh22-138-eng-Panic_at_the_CVE-o-theque_mp3.mp3","url":"https://api.media.ccc.de/public/recordings/87081","event_url":"https://api.media.ccc.de/public/events/aa191d1c-70c5-52b1-8f04-3b1653fcc45f","conference_url":"https://api.media.ccc.de/public/conferences/eh22"},{"size":151,"length":1753,"mime_type":"video/webm","language":"eng","filename":"eh22-138-eng-Panic_at_the_CVE-o-theque_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2025-04-20T22:44:28.888+02:00","recording_url":"https://cdn.media.ccc.de/events/eh2025/webm-hd/eh22-138-eng-Panic_at_the_CVE-o-theque_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/87084","event_url":"https://api.media.ccc.de/public/events/aa191d1c-70c5-52b1-8f04-3b1653fcc45f","conference_url":"https://api.media.ccc.de/public/conferences/eh22"},{"size":68,"length":1753,"mime_type":"video/webm","language":"eng","filename":"eh22-138-eng-Panic_at_the_CVE-o-theque_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2025-04-20T22:44:22.501+02:00","recording_url":"https://cdn.media.ccc.de/events/eh2025/webm-sd/eh22-138-eng-Panic_at_the_CVE-o-theque_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/87083","event_url":"https://api.media.ccc.de/public/events/aa191d1c-70c5-52b1-8f04-3b1653fcc45f","conference_url":"https://api.media.ccc.de/public/conferences/eh22"},{"size":58,"length":1753,"mime_type":"video/mp4","language":"eng","filename":"eh22-138-eng-Panic_at_the_CVE-o-theque_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2025-04-20T22:33:49.223+02:00","recording_url":"https://cdn.media.ccc.de/events/eh2025/h264-sd/eh22-138-eng-Panic_at_the_CVE-o-theque_sd.mp4","url":"https://api.media.ccc.de/public/recordings/87082","event_url":"https://api.media.ccc.de/public/events/aa191d1c-70c5-52b1-8f04-3b1653fcc45f","conference_url":"https://api.media.ccc.de/public/conferences/eh22"},{"size":18,"length":1753,"mime_type":"audio/opus","language":"eng","filename":"eh22-138-eng-Panic_at_the_CVE-o-theque_opus.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2025-04-20T22:31:25.343+02:00","recording_url":"https://cdn.media.ccc.de/events/eh2025/opus/eh22-138-eng-Panic_at_the_CVE-o-theque_opus.opus","url":"https://api.media.ccc.de/public/recordings/87080","event_url":"https://api.media.ccc.de/public/events/aa191d1c-70c5-52b1-8f04-3b1653fcc45f","conference_url":"https://api.media.ccc.de/public/conferences/eh22"},{"size":200,"length":1753,"mime_type":"video/mp4","language":"eng","filename":"eh22-138-eng-Panic_at_the_CVE-o-theque_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2025-04-20T22:28:49.391+02:00","recording_url":"https://cdn.media.ccc.de/events/eh2025/h264-hd/eh22-138-eng-Panic_at_the_CVE-o-theque_hd.mp4","url":"https://api.media.ccc.de/public/recordings/87079","event_url":"https://api.media.ccc.de/public/events/aa191d1c-70c5-52b1-8f04-3b1653fcc45f","conference_url":"https://api.media.ccc.de/public/conferences/eh22"}]}