How NIST fumbled management of the National Vulnerability Database (opens in new tab)

A US federal watchdog has outlined how the National Institute of Standards and Technology (NIST) failed to effectively manage the growing backlog of unprocessed cybersecurity vulnerabilities in the National Vulnerability Database (NVD). How the NVD crisis unfolded The NVD was established in 2005 and serves as a central repository for cybersecurity vulnerability data. When security researchers or software vendors discover a flaw in a piece of software or hardware, they submit a report through ...