Under a new model announced by the National Institute of Standards and Technology, NVD will no longer enrich every CVE.

NIST’s shift toward selective CVE enrichment creates significant visibility gaps for teams relying solely on the National Vulnerability Database. As AI accelerates vulnerability disclosure rates, ...

NIST’s National Vulnerability Database will now prioritize enriching new and exploited flaws to address the record growth of ...

NIST limits CVE enrichment after 263% surge since 2020, prioritizing KEV and federal software, shifting thousands to “Not ...

NIST is applying a risk-based model to NVD enrichment, prioritizing CVEs in the CISA KEV catalog and in critical software.

A majority of currently exploited software vulnerabilities are missing from the US National Vulnerability Database (NVD), a new VulnCheck report has found. In the report published on May 23, the ...

NIST is focusing on enriching cybersecurity vulnerabilities and exposures that appear in CISA’s Known Exploited ...

NIST can't keep up with vulnerability submissions.

More than 100 days after the National Vulnerability Database all but ceased validating the severity of vulnerability reports, the US National Institute of Standards and Technology (NIST) has come up ...

The National Institute of Standards and Technology will stop assigning severity scores to lower-priority vulnerabilities due ...

After warning it can't keep up with the exploding number of bugs being submitted to the National Vulnerability Database (NVD), the National Institute of Science and Technology (NIST) has asked for ...

A vulnerability tracked as CVE-2026-4747 has appeared in secondary cybersecurity reporting, which attributes the discovery to ...