In the field of cybersecurity, there are few initiatives as universally recognized as the Common Vulnerabilities and Exposures (CVE) program. The program has recently celebrated its 25th anniversary, and we would like to highlight why we joined it a year ago—through the Wren Security products we’ve been actively developing and deploying for our clients over the long term.

A Quarter-Century of Innovation and Global Impact

Launched in 1999, the CVE Program has gradually grown into a globally utilized vulnerability database. From the original 321 recorded vulnerabilities, it has expanded to more than 240,000 entries, thanks to the collaboration of hundreds of organizations serving as CVE Numbering Authorities (CNAs). This program helps easily and uniformly identify security weaknesses in software and systems.
You can find more details about the anniversary in the official CVE report.

Wren Security as a CVE Numbering Authority

As mentioned in our previous article, Wren Security—an open-source project we use for identity management (IdM) and access management (AM)—has become a CVE Numbering Authority (CNA). This grants it the authority to assign unique CVE identifiers to new vulnerabilities and publish them under the program.
Why is this so important?

• A Higher Level of Security: CNA status allows Wren Security to promptly contribute to identifying vulnerabilities and help other developers and organizations address them quickly.
• Worldwide Recognition: Wren Security has joined more than 400 CNAs from over 40 countries and is one of only two partners in the Czech Republic.

Our Role and Looking Ahead

At Orchitech, we’re proud to be the main contributor and sponsor of this project. We use Wren Security to develop custom solutions tailored to our clients’ needs, and through our involvement in the CVE Program, we collectively help build a safer future for digital identities.

The CVE Program continues to expand and modernize, with plans to grow the CNA community, strengthen collaboration with global cybersecurity leaders, and improve the clarity of published vulnerabilities.

We extend our thanks to everyone involved in the Wren Security project and in advancing the CVE Program. Together, we can keep pushing the boundaries of cybersecurity and protect an increasingly complex digital infrastructure.