NIST Drops NVD Enrichment for Pre-March 2026 Vulnerabilities
NIST’s National Vulnerability Database will now prioritize enriching new and exploited flaws to address the record growth of reported CVEs
Stay informed on database security trends, breaches, and best practices in information security with our comprehensive news and updates.
Search across headline titles and summaries.
Background for this topic.
Databases store and organize data electronically, enabling efficient retrieval and management. They often hold sensitive information such as user credentials, financial records, or personal details, making them prime targets for attackers. Common database types include relational databases using structured query language (SQL) and NoSQL databases designed for unstructured data.
Security risks include SQL injection attacks that exploit improper input handling to manipulate or extract data, and misconfigured access controls that allow unauthorized users to view or alter information. Protecting databases involves strict authentication, role-based access controls, encryption of data at rest and in transit, and timely application of security patches to database software. Monitoring query logs and access patterns helps detect suspicious activity that could indicate compromise or insider threats.
Weekly headline count for the current query.
NIST’s National Vulnerability Database will now prioritize enriching new and exploited flaws to address the record growth of reported CVEs
Ariomex database reveals potential sanctions evasion and capital transfers tied to Iranian actors
A database featuring 300,000+ users of notorious hacking forum BreachForums has been leaked online
Cifas noted a record number of filings in its National Fraud Database for the first half of 2025
The audit of the NVD will be conducted by the US Department of Commerce’s Office of Inspector General
ENISA has officially launched the European Vulnerability Database as required by the NIS2 directive
Security community reacts with shock at US government’s decision not to renew MITRE contract for CVE database
Security community reacts with shock at US government’s decision not to renew MITRE contract for CVE database
Common Good Cyber has released a new mapping database designed to help NGOs find the security tools they need
Researchers at Wiz uncovered a publicly accessible database belonging to Chinese GenAI provider DeepSeek that leaked sensitive data, including chat history
Atos Group has denied the ransomware group Space Bears' claims of compromising its database, calling the allegations unfounded
The data leak exposed personal data of 100m US citizens, resulting from a misconfigured database made accessible online
Over half of CISA’s known exploited vulnerabilities disclosed since February 2024 have not yet been analyzed by NIST’s National Vulnerability Database
Santander has warned that customer and employee data has been breached following unauthorized access to a database held by a third-party provider
Several software security experts have told Infosecurity that no new vulnerabilities have been added to the US National Vulnerability Database (NVD) since May 9
CISA launched a new software vulnerability enrichment program to fill the gap left by NIST’s National Vulnerability Database backlog
An open letter signed by 50 cybersecurity practitioners requires the US Congress to support NIST in restoring operations at the National Vulnerability Database
After months of speculation, NIST has finally confirmed its intention to establish an industry consortium to develop the NVD in the future
Vulnerability data has stopped being added to the most widely used software vulnerability database for over a month, putting organizations at risk – and nobody knows why
Database compromise dates back to March 2022