Tech »  Topic »  Feds Signal Shift in Vulnerability Oversight

Feds Signal Shift in Vulnerability Oversight

6 hours ago   bankinfosecurity

Backlogs, Funding Woes Drive NIST to Scale Back CVE Enrichment Role Chris Riotta (@chrisriotta) • February 6, 2026

The U.S. federal government is rethinking how to support its globally adopted vulnerability tracking ecosystem after years of backlogs, funding scares and growing doubts about whether the existing model can scale as vulnerability disclosures continue to accelerate.

See Also: Segmentation and Zero Trust: The Maturity Challenge

At the center of that ecosystem are two distinct but interdependent components. The Common Vulnerabilities and Exposures program, operated by Mitre, assigns standardized identifiers to software flaws. The National Vulnerability Database, maintained by the National Institute of Standards and Technology, enriches those records with severity scores, exploitability data and other metadata critical for defenders. Though closely linked in practice, CVE and NVD serve different functions - and face different operational pressures.

The most immediate challenges lie in NIST's role in enriching CVEs in the NVD. Jon ...


Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE