There has been so much discussion about the increase of volume in CVEs. I love that it's super apparent from looking at that graph of CVEs by year, there is a noticeable bend in the slope upward in the 2026 plot. It's not just hype, the rate of CVEs is changing faster than prior years.
Reads kind of sales-pitchy. Every day we see another actively exploited Linux LPE; have you thought about your SBOM today?
I feel we should definitely be digging way beyond the SBOM... but also wondering if the forecasting in the general ecosystem is on point or not.
I.e. is this overhyped?
That is not the title of the article:
> Achieving CVE Remediation in an Era of Escalating Vulnerabilities
There has been so much discussion about the increase of volume in CVEs. I love that it's super apparent from looking at that graph of CVEs by year, there is a noticeable bend in the slope upward in the 2026 plot. It's not just hype, the rate of CVEs is changing faster than prior years.
Reads kind of sales-pitchy. Every day we see another actively exploited Linux LPE; have you thought about your SBOM today?
I feel we should definitely be digging way beyond the SBOM... but also wondering if the forecasting in the general ecosystem is on point or not.
I.e. is this overhyped?
That is not the title of the article:
> Achieving CVE Remediation in an Era of Escalating Vulnerabilities