EUROSCOPE — FAUT-IL UNE BASE EUROPÉENNE DES FAILLES ?

Face à l’essoufflement du NVD américain, l’Europe lance l’EUVD. L’inventaire des vulnérabilités devient enjeu stratégique. Le silence d’une base peut faire grandir le risque.

https://whatsapp.com/channel/0029VaE5Wl8Dp2Q7vJyg0G30

#EuroScope #EUVD #ENISA #CVE #NVD #CyberSécurité #AutonomieStratégique

The global vulnerability intelligence platform project is moving forward. Many organisations are joining the efforts.
Our first open community meeting is Tuesday May 20 at 16:00 Central european time. Ping me for a zoom invite or join the #cve-wg slack channel in OWASP slack.

#CVE #NVD #ALLVD #OWASP

The global vulnerability intelligence project is making progress. We’re inviting to our first open meeting Tuesday May 20 at 16:00 CET. DM me to get a zoom invite or join the #CVE-wg slack channel in OWASP slack. #CVE #NVD #ALLVD

As #US #vulnerability-tracking falters, #EU enters with its own #security bug database
The European Vulnerability Database (#EUVD) is now fully operational, offering a streamlined platform to monitor critical and actively exploited security flaws amid the US struggles with budget cuts, delayed disclosures, and confusion around the future of its own tracking systems. The EUVD is similar to the US government's National Vulnerability Database (#NVD).
https://www.theregister.com/2025/05/13/eu_security_bug_database/ #CISA

You have discovered a new vulnerability? Submit it here and we will assign a CVE in no time. https://vuldb.com/?id.add #vuldb #cna #cve #mitre #nvd

For a while, I've been collecting thoughts on a global vulnerability management platform, funded by many sources and governments. This Monday, we had a webinar in Eclipse ORCWG and it's now available on YouTube. If you want to join the work, there's a mailing list on google groups "cve@owasp.org" as well as a work group in OpenSSF - Vulnerability disclosures wg.

https://youtu.be/zSsGLJTgWvU?si=ph69KosJ6fKk-9eX

#CVE #NVD #CWD #SBOM

Changes to the CVE program signal a critical moment for AppSec strategies. It's time to modernize your approach to risk management. https://jpmellojr.blogspot.com/2025/04/changes-to-cve-program-are-call-to.html #CVE #NVD #AppSec #BinaryAnalysis #RiskManagement #SoftwareSecurity

Quick writeup on the alleged cut of funding for the #CVE and #NVD. As with everything Trump destroys, tomorrow the situation might be different. But this is my current take on the story:

https://open.substack.com/pub/internationalcybersecurity/p/the-crumbling-foundation-of-global

Die Cybersecurity and Infrastructure Security Agency (CISA) arbeitet dringend daran, die Auswirkungen zu mildern und CVE zu erhalten, ist jedoch selbst von erheblichen Kürzungen und Chaos dank Elon Musks DOGE betroffen.

Zum Artikel: https://heise.de/-10353326?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#CVE #ITsicherheit #MITRE #NVD #CISA

US-Kürzungen: #CVE-Liste könnte sofort stoppen

"Die CVE-Liste ist zentral für koordinierte Maßnahmen gegen gefährliche Bugs. Die US-Regierung entzieht die Finanzierung. Per sofort.

Offen bleibt, wie es konkret weitergeht. Eine Liste der bisher zugeteilten CVE-Nummern steht bis auf Weiteres bei Github online...Von Dritten gemeldete Sicherheitslücken wird MITRE ab Donnerstag aber wohl nicht mehr in die Liste aufnehmen."
#MITRE #NVD
https://www.heise.de/news/US-Kuerzungen-CVE-Liste-koennte-sofort-stoppen-10353326.html

NVD's vulnerability enrichment crisis continues with no end in sight. @anchore @joshbressers explains how we're filling the gap with our own public database, helping security teams detect vulnerabilities despite NVD's backlog.

🔗 https://anchore.com/blog/nvd-crisis-one-year-later/

#NVD

We are a CNA. Submit your vulnerabilities and we will assign a CVE in no time. https://vuldb.com/?id.add #vuldb #cna #cve #mitre #nvd

So that's it, USA is giving up on all fronts?

#NVD #security

Man, they really are just gonna kill off MIST aren't they? Sheesh, what a kick in the nuts right now, with everything else going on

https://www.nist.gov/itl/nvd

#nvd #doge

@jean_dupont to answer the original question:

#zsh
#lazygit
#bat
#zellij
#starship

for #nix :
#nh, #nix-output-monitor, #nvd

#hashtagGalore

You want to publish a new vulnerability? Just submit and we will handle your CVE assignment in no time. https://vuldb.com/?id.add #vuldb #cna #cve #mitre #nvd

It's getting more and more urgent to build a global system for managing vulnerabilities in software. With new regulation, more vulnerabilities will have to be published and the pressure on the system will be much higher than today. We need to share the cost. #CyberSecurity #CVE #NVD

So here's some first answer. #NVD is still out there, but the trouble with #NIST has already begun.
https://cyberplace.social/@GossiTheDog/114038161923959059

You want to publish a new vulnerability? Just submit and we will handle your CVE assignment in no time. https://vuldb.com/?id.add #vuldb #cna #cve #mitre #nvd

#wired The NVD publishes a comprehensive JSON Schema for their API (e.g. https://csrc.nist.gov/schema/nvd/api/2.0/cve_api_json_2.0.schema)

#tired The NVD JSON API returns CVE records that don't comply with it (e.g. https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2009-3555)

https://github.com/google/osv.dev/pull/3044

🤦‍♂️

#nvd #cve #vulnerabilitymanagement #facepalm