Non-determinism is an issue with patching CVEs
mathewpregasen
44 points
12 comments
May 08, 2026
Related Discussions
Found 5 related stories in 84.0ms across 8,303 title embeddings via pgvector HNSW
- NIST gives up enriching most CVEs mooreds · 189 pts · April 17, 2026 · 53% similar
- Mythos Discovered a CVE in Its Training Data – and That's Still Worrying chris_j · 14 pts · May 11, 2026 · 50% similar
- Patch Your Kernel NOW: 732byte Python rootkit, cracks all distros since 2017 cednore · 14 pts · April 30, 2026 · 49% similar
- GNU IFUNC is the real culprit behind CVE-2024-3094 foltik · 55 pts · May 08, 2026 · 49% similar
- Vulnerability research is cooked pedro84 · 145 pts · March 30, 2026 · 48% similar
Discussion Highlights (3 comments)
jambay
There has been so much discussion about the increase of volume in CVEs. I love that it's super apparent from looking at that graph of CVEs by year, there is a noticeable bend in the slope upward in the 2026 plot. It's not just hype, the rate of CVEs is changing faster than prior years.
LoganDark
That is not the title of the article: > Achieving CVE Remediation in an Era of Escalating Vulnerabilities
tptacek
Reads kind of sales-pitchy. Every day we see another actively exploited Linux LPE; have you thought about your SBOM today?