#nvd — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #nvd, aggregated by home.social.
-
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
Resulting from funding gaps and idiotic shifts in priorities the U.S.A. is now woefully under investing in our core CyberDefense Ecosystem....
National Institute of Standards and Technology (NIST) is no longer enhancing all Common Vulnerabilities and Exposures (CVEs) with analysis and severity indicators, and instead NIST will prioritize enriching a much narrower set of security vulnerabilities.
Related: In April 2025, a funding gap by in DHS appropriations threatened to cease CVE operations entirely —which would have creating systemic risk for global vulnerability management. An emergency funding extension was implemented to avoid a full on crisis. https://www.justsecurity.org/136914/nist-cant-keep-up/ #NIST #MITRE #CVEs #NVD #Security #Risk #CyberSecurity #CyberDefence #CyberInfrastructure #AI #AISecurity #CISA #DHS #Vulnerability #ThreatIntelligence
-
New NFD40 blog about Nokia’s presentation: Nokia Networking for AI. Tags: #PeterWelcher #CCIE1773 #NFD40 #NetworkingFieldDay #TechFieldDay #NetworkingForAI #AINetworking #Nokia #NVD URL: https://www.linkedin.com/pulse/nfd40-nokia-networking-ai-peter-welcher-uvtqe/
-
New NFD40 blog about Nokia’s presentation: Nokia Networking for AI. Tags: #PeterWelcher #CCIE1773 #NFD40 #NetworkingFieldDay #TechFieldDay #NetworkingForAI #AINetworking #Nokia #NVD URL: https://www.linkedin.com/pulse/nfd40-nokia-networking-ai-peter-welcher-uvtqe/
-
New NFD40 blog about Nokia’s presentation: Nokia Networking for AI. Tags: #PeterWelcher #CCIE1773 #NFD40 #NetworkingFieldDay #TechFieldDay #NetworkingForAI #AINetworking #Nokia #NVD URL: https://www.linkedin.com/pulse/nfd40-nokia-networking-ai-peter-welcher-uvtqe/
-
New NFD40 blog about Nokia’s presentation: Nokia Networking for AI. Tags: #PeterWelcher #CCIE1773 #NFD40 #NetworkingFieldDay #TechFieldDay #NetworkingForAI #AINetworking #Nokia #NVD URL: https://www.linkedin.com/pulse/nfd40-nokia-networking-ai-peter-welcher-uvtqe/
-
New NFD40 blog about Nokia’s presentation: Nokia Networking for AI. Tags: #PeterWelcher #CCIE1773 #NFD40 #NetworkingFieldDay #TechFieldDay #NetworkingForAI #AINetworking #Nokia #NVD URL: https://www.linkedin.com/pulse/nfd40-nokia-networking-ai-peter-welcher-uvtqe/
-
NIST changes NVD rules, 160+ MSFT patches, and a new 'Comment and Control' attack targeting AI agents. #CyberSecurity #NVD #NIST #PatchTuesday #AISecurity 🧵👇
-
NIST changes NVD rules, 160+ MSFT patches, and a new 'Comment and Control' attack targeting AI agents. #CyberSecurity #NVD #NIST #PatchTuesday #AISecurity 🧵👇
-
NIST has confirmed a major policy shift, drastically reducing its CVE enrichment efforts and focusing only on critical vulnerabilities like those in CISA's KEV catalog. This move, driven by an overwhelming backlog and budget cuts, means security teams can no longer depend on the NVD as a single source of truth, forcing a re-evaluation of vulnerability management strategies and skepticism towards…
🤖 This post was AI-generated.
-
NIST Curtails CVE Enrichment Amid Vulnerability Surge
The National Institute of Standards and Technology (NIST) is overhauling its approach to enriching entries in the National Vulnerability Database (NVD) due to a staggering 263% surge in vulnerability submissions. To keep pace, NIST will now prioritize enrichment for only the most critical entries that meet specific conditions.
#VulnerabilityManagement #Nist #NationalVulnerabilityDatabase #Nvd #Cve
-
NIST will now prioritize NVD enrichment for CVEs in CISA KEV & critical software. Other CVEs may see slower data updates. No direct exploit info, but vulnerability workflows could be impacted. Stay updated! https://radar.offseq.com/threat/nist-prioritizes-nvd-enrichment-for-cves-in-cisa-k-99bc1f23 #OffSeq #NVD #CISA #Infosec
-
NIST will now prioritize NVD enrichment for CVEs in CISA KEV & critical software. Other CVEs may see slower data updates. No direct exploit info, but vulnerability workflows could be impacted. Stay updated! https://radar.offseq.com/threat/nist-prioritizes-nvd-enrichment-for-cves-in-cisa-k-99bc1f23 #OffSeq #NVD #CISA #Infosec
-
NIST will now prioritize NVD enrichment for CVEs in CISA KEV & critical software. Other CVEs may see slower data updates. No direct exploit info, but vulnerability workflows could be impacted. Stay updated! https://radar.offseq.com/threat/nist-prioritizes-nvd-enrichment-for-cves-in-cisa-k-99bc1f23 #OffSeq #NVD #CISA #Infosec
-
NIST will now prioritize NVD enrichment for CVEs in CISA KEV & critical software. Other CVEs may see slower data updates. No direct exploit info, but vulnerability workflows could be impacted. Stay updated! https://radar.offseq.com/threat/nist-prioritizes-nvd-enrichment-for-cves-in-cisa-k-99bc1f23 #OffSeq #NVD #CISA #Infosec
-
📰 NIST Overhauls NVD, Will No Longer Enrich All CVEs Amidst 'Unsustainable' Surge in Reports
Major shift for vulnerability management: NIST will no longer enrich all CVEs in the NVD due to overwhelming volume. 📢 Focus will be on critical & exploited flaws. Time to re-evaluate your VT processes! #NIST #NVD #CVE #CyberSecurity
-
NIST Shifts Focus to Enriching Exploited Vulnerabilities
The National Vulnerability Database is shifting gears: going forward, it'll prioritize enriching newly reported and actively exploited vulnerabilities, temporarily deprioritizing older entries. This change comes as the database faces an unprecedented surge in reported software flaws, with a record number of Common Vulnerabilities and…
#Nist #NationalVulnerabilityDatabase #Nvd #Cve #ExploitedVulnerabilities
-
NIST Shifts Focus to Enriching Exploited Vulnerabilities
The National Vulnerability Database is shifting gears: going forward, it'll prioritize enriching newly reported and actively exploited vulnerabilities, temporarily deprioritizing older entries. This change comes as the database faces an unprecedented surge in reported software flaws, with a record number of Common Vulnerabilities and…
#Nist #NationalVulnerabilityDatabase #Nvd #Cve #ExploitedVulnerabilities
-
NIST Refocuses CVE Analysis Amid Vulnerability Surge
The National Institute of Standards and Technology (NIST) has adjusted its approach to vulnerability analysis, now prioritizing critical software, government systems, and actively exploited vulnerabilities amid a surge in reported threats. This strategic refocus aims to optimize its National Vulnerability Database's impact in a threat landscape…
#VulnerabilityAnalysis #Nist #NationalVulnerabilityDatabase #Nvd #Cve
-
Was searching for an explanation, why #NVD #CVE ratings are usually higher than others', landed on https://daniel.haxx.se/blog/2023/03/06/nvd-makes-up-vulnerability-severity-levels/ and saw a familiar face: Thanks for posting this, @bagder.
-
Was searching for an explanation, why #NVD #CVE ratings are usually higher than others', landed on https://daniel.haxx.se/blog/2023/03/06/nvd-makes-up-vulnerability-severity-levels/ and saw a familiar face: Thanks for posting this, @bagder.
-
Was searching for an explanation, why #NVD #CVE ratings are usually higher than others', landed on https://daniel.haxx.se/blog/2023/03/06/nvd-makes-up-vulnerability-severity-levels/ and saw a familiar face: Thanks for posting this, @bagder.
-
Was searching for an explanation, why #NVD #CVE ratings are usually higher than others', landed on https://daniel.haxx.se/blog/2023/03/06/nvd-makes-up-vulnerability-severity-levels/ and saw a familiar face: Thanks for posting this, @bagder.
-
----------------
🔹 🛠️ Tool: ThreatSentry AI
ThreatSentry AI is presented as an enterprise-focused threat-hunting platform that automates external asset discovery, enriches findings from multiple sources, and applies ensemble machine learning to prioritize risk. The project lists PyQt5 for UI, scikit-learn for ML, and SQLAlchemy for persistence, and names EclipseManic as project lead.
🔹 Core pipeline and integrations
The platform performs continuous external visibility via Shodan queries (preset and custom), extracts service banners across common products (examples in the project include Apache, Nginx, MySQL, IIS), and correlates banner data with NVD CVE information. CVSS-based severity classification is applied where CVE matches are found; the README notes that CVE metrics are updated only when vulnerabilities are identified to avoid data loss.
🔹 Machine learning and scoring
The risk engine is described as an ensemble combining Random Forest, Gradient Boosting, and Neural Network components. Models evaluate 40+ attributes spanning temporal context (exposure duration, patch lag), network position (service criticality, segmentation), behavioral signals (authentication failures, traffic anomalies), and compliance impact (data sensitivity, regulatory exposure). Each risk prediction includes a confidence score in the 0–1 range. The system is described as having configurable automatic retraining with analyst feedback integration for continuous learning.
🔹 Platform capabilities and outputs
ThreatSentry AI emphasizes proactive alerting and executive-ready dashboards that surface high-risk assets ahead of incidents. Preset Shodan queries are provided for common service classes (SSL, RDP, ICS/Modbus), with support for organization-specific custom queries. The architecture is described as extensible for integrating internal systems (SIEM, CMDB, patch sources) although specifics are implementation-dependent.
🔹 Project context
The README highlights single-developer authorship with assistance from AI development tools for code generation and documentation. The repo frames the project as addressing alert fatigue, fragmented data, and reactive security postures by converting multi-source telemetry into prioritized, confidence-scored intelligence.
🔹 Hashtags
-
----------------
🔹 🛠️ Tool: ThreatSentry AI
ThreatSentry AI is presented as an enterprise-focused threat-hunting platform that automates external asset discovery, enriches findings from multiple sources, and applies ensemble machine learning to prioritize risk. The project lists PyQt5 for UI, scikit-learn for ML, and SQLAlchemy for persistence, and names EclipseManic as project lead.
🔹 Core pipeline and integrations
The platform performs continuous external visibility via Shodan queries (preset and custom), extracts service banners across common products (examples in the project include Apache, Nginx, MySQL, IIS), and correlates banner data with NVD CVE information. CVSS-based severity classification is applied where CVE matches are found; the README notes that CVE metrics are updated only when vulnerabilities are identified to avoid data loss.
🔹 Machine learning and scoring
The risk engine is described as an ensemble combining Random Forest, Gradient Boosting, and Neural Network components. Models evaluate 40+ attributes spanning temporal context (exposure duration, patch lag), network position (service criticality, segmentation), behavioral signals (authentication failures, traffic anomalies), and compliance impact (data sensitivity, regulatory exposure). Each risk prediction includes a confidence score in the 0–1 range. The system is described as having configurable automatic retraining with analyst feedback integration for continuous learning.
🔹 Platform capabilities and outputs
ThreatSentry AI emphasizes proactive alerting and executive-ready dashboards that surface high-risk assets ahead of incidents. Preset Shodan queries are provided for common service classes (SSL, RDP, ICS/Modbus), with support for organization-specific custom queries. The architecture is described as extensible for integrating internal systems (SIEM, CMDB, patch sources) although specifics are implementation-dependent.
🔹 Project context
The README highlights single-developer authorship with assistance from AI development tools for code generation and documentation. The repo frames the project as addressing alert fatigue, fragmented data, and reactive security postures by converting multi-source telemetry into prioritized, confidence-scored intelligence.
🔹 Hashtags
-
https://www.europesays.com/lv/152632/ Aicina aktīvāk veikt valsts apmaksātu zarnu vēža skrīningu #Aktualitātes #BreakingNews #BreakingNews #FeaturedNews #FeaturedNews #Headlines #LatestNews #LatestNews #Latvia #Latvian #Latviešu #LatviešuValoda #LatviešuValoda #Latvija #LV #News #NVD #PopulārākāsZiņas #PopulārākāsZiņas #TopStories #TopStories #veselība #Ziņas
-
We have scheduled the community meetings for March 2026. This is where you meet fellows working with the same issues, discuss and help us set our priorities for the project.
Register for free here: https://www.gvip-project.org/community/
-
A few weeks ago I had a conversation with Josh Bressers about the The Global Vulnerability Intelligence Platform and what we're doing there. It's now available on YouTube and your favourite podcast channels!
https://opensourcesecurity.io/2026/2026-02-GVIP-olle-johansson/
-
A few weeks ago I had a conversation with Josh Bressers about the The Global Vulnerability Intelligence Platform and what we're doing there. It's now available on YouTube and your favourite podcast channels!
https://opensourcesecurity.io/2026/2026-02-GVIP-olle-johansson/
-
A few weeks ago I had a conversation with Josh Bressers about the The Global Vulnerability Intelligence Platform and what we're doing there. It's now available on YouTube and your favourite podcast channels!
https://opensourcesecurity.io/2026/2026-02-GVIP-olle-johansson/
-
A few weeks ago I had a conversation with Josh Bressers about the The Global Vulnerability Intelligence Platform and what we're doing there. It's now available on YouTube and your favourite podcast channels!
https://opensourcesecurity.io/2026/2026-02-GVIP-olle-johansson/
-
A few weeks ago I had a conversation with Josh Bressers about the The Global Vulnerability Intelligence Platform and what we're doing there. It's now available on YouTube and your favourite podcast channels!
https://opensourcesecurity.io/2026/2026-02-GVIP-olle-johansson/
-
Join our community and contribute to the work! Register today at https://www.gvip-project.org/community/
-
Join our community and contribute to the work! Register today at https://www.gvip-project.org/community/
-
Join our community and contribute to the work! Register today at https://www.gvip-project.org/community/
-
Join our community and contribute to the work! Register today at https://www.gvip-project.org/community/
