While NIST upgraded the bug to 9.1, experts say teams must focus more on how attackers can exploit this flaw to gain VPN access.
Tag: NIST
AI, Cybersecurity, Global Security News
How NIST fumbled management of the National Vulnerability Database
A US federal watchdog has outlined how the National Institute of Standards and Technology (NIST) failed to effectively manage the growing backlog of unprocessed cybersecurity vulnerabilities in the National Vulnerability Database (NVD). How the NVD crisis unfolded The NVD was established in 2005 and serves as a central repository for cybersecurity vulnerability data. When security…
AI, APAC, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Risk Management
Data Breaches, AI Expansion, and Cloud Security Define This Week’s Cyber Landscape in April 2026
Major Threats & Vulnerabilities Vulnerability Scoring and Exploitation Trends The NIST Adjusts Scoring Amid CVE Spike report highlights a 260%+ increase in CVE submissions since 2020. To manage the surge, NIST will prioritize high-impact vulnerabilities, potentially leaving many without full scoring data. Security teams must adapt to inconsistent vulnerability data and prepare for potential blind…
AI, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
NIST Scales Back Vulnerability Scoring in 2026 as CVE Volume Surges
The National Institute of Standards and Technology (NIST) is narrowing how it analyzes and scores software vulnerabilities, citing a sharp increase in submissions that has made it difficult to keep pace. “For years, security teams relied on NVD for vulnerability context to support prioritization decisions. But that model is under real strain,” said Ian Gray,…
AI, Cybersecurity, Global Security News
NIST Limits CVE Enrichment After 263% Surge in Vulnerability Submissions
The National Institute of Standards and Technology (NIST) has announced changes to the way it handles cybersecurity vulnerabilities and exposures (CVEs) listed in its National Vulnerability Database (NVD), stating it will only enrich those that fulfil certain conditions owing to an explosion in CVE submissions. “CVEs that do not meet those criteria will still be…
AI, Global Security News, Risk Management
NIST admits defeat on NVD backlog, will enrich only highest-risk CVEs going forward
NIST is overhauling how it manages the National Vulnerability Database (NVD) and switching to a risk-based model that prioritizes “enrichment” of only the most critical CVE-numbered security vulnerabilities. “This change is driven by a surge in CVE submissions, which increased 263% between 2020 and 2025,” the National Institute of Standards and Technology said. “We don’t…
AI, Apps, Cybersecurity, Global Security News, Risk Management
US dominance of agentic AI at the heart of new NIST initiative
This week, the US National Institute of Standards and Technology (NIST) announced a new listening exercise, the AI Agent Standards Initiative, which it hopes will provide a roadmap for addressing agentic AI hurdles and, it said, ensure that the technology “is widely adopted with confidence.” AI agents, which have now ascended to the status of…