How CISA's list of 'must-patch' vulnerabilities has expanded both in size, and who's using it
While CISA says the catalog is catching on, some think it needs improvement.
House panel rips CVE contracting and oversight policies
The industry-wide program for naming and documenting vulnerabilities suffers from fluctuating funding and insufficient oversight, according to a House panel.
China's vulnerability disclosure system twice as fast as U.S. version
China’s National Vulnerability Database works more than twice as fast on average as its U.S. counterpart, according to new research.
Government's software vulnerability repository is slow to add new cyberthreats, report says
There is a median lag time of approximately seven days between when someone discovers an exploitable software vulnerability and its eventual release on NIST's National Vulnerability Database, according to research conducted by Recorded Future.