GovInfoSecurity

Auditors Rip NIST Management of NVD Program

Management by the National Institute of Standards and Technology of a repository of vulnerability data came under sharp ...
techtimes

NIST National Vulnerability Database Severity Scores Wrong 88% of Time, Inspector General Finds

The federal database that security teams worldwide consult to decide which software flaws to patch first produces severity scores that are wrong nearly 88% of the time — and the government watchdog ...
CSO Online

US government report slams NIST for NVD backlog

NIST’s lack of strategic planning and decisive action have allowed the backlog of unprocessed vulnerabilities to continue ...

The Software Engineer Who Contributed a Fix for an Apache Airflow Vulnerability Used by Some Fortune 500 Companies

CVE-2025-57735 exposed a critical flaw in Apache Airflow’s session management: JSON Web Tokens (JWTs) remained valid even ...
Infosecurity-magazine.com

RSAC: CISA Launches Vulnrichment Program to Address NVD Challenges

The US Cybersecurity and Infrastructure Security Agency (CISA) announced on May 8 that it was starting a new software vulnerability enrichment program called ‘Vulnrichment.’ This comes almost three ...
Infosecurity-magazine.com

Beyond Disclosure: Transforming Vulnerability Data Into Actionable Security

Vulnerabilities are lurking everywhere, like hidden landmines in the digital landscape waiting to be stepped on. As technology advances, so does the rate of vulnerability disclosures and the speed ...
VentureBeat

Vulnerability management: Most orgs have a backlog of 100K vulnerabilities

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More The threat landscape never stands still. Almost every day there’s a new ...