National Vulnerability Database Archives

Nominations can be submitted for the 2025 CyberScoop 50 awards!

National Vulnerability Database

Infosec pros: We need CVSS, warts and all

The Common Vulnerability Scoring System has a lot of critics, but experts say it’s still the best unified way to share the severity of cybersecurity flaws.

Feb 5, 2025 By Cynthia Brumfield

A digitally generated image of yellow data server discs organized into circular pattern is seen against on beige background. (Andriy Onufriyenko via GettyImages)

Plan to resuscitate beleaguered vulnerability database draws criticism

The National Vulnerability Database has ceased some of its work, but some experts fear the formation of a consortium to address its problems lacks sufficient urgency.

Mar 28, 2024 By Tim Starks

coding software hacking developing — (Getty Images)

In search of a B.S. filter for software bugs

Call it Yelp for software flaws, with more data and context thrown in.

Apr 15, 2020 By Sean Lyngaas

China’s vulnerability disclosure system twice as fast as U.S. version

China’s National Vulnerability Database works more than twice as fast on average as its U.S. counterpart, according to new research.

Oct 23, 2017 By Shaun Waterman

Government’s software vulnerability repository is slow to add new cyberthreats, report says

There is a median lag time of approximately seven days between when someone discovers an exploitable software vulnerability and its eventual release on NIST's National Vulnerability Database,…

Jun 7, 2017 By Chris Bing