The National Vulnerability Database has ceased some of its work, but some experts fear the formation of a consortium to address its problems lacks sufficient urgency.
There is a median lag time of approximately seven days between when someone discovers an exploitable software vulnerability and its eventual release on NIST's National Vulnerability Database,…