{"id":233212,"date":"2026-04-16T08:43:00","date_gmt":"2026-04-16T12:43:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/04\/16\/nist-drops-nvd-enrichment-for-pre-march-2026-vulnerabilities\/"},"modified":"2026-04-20T05:10:16","modified_gmt":"2026-04-20T09:10:16","slug":"nist-drops-nvd-enrichment-for-pre-march-2026-vulnerabilities","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/04\/16\/nist-drops-nvd-enrichment-for-pre-march-2026-vulnerabilities\/","title":{"rendered":"NIST Drops NVD Enrichment for Pre-March 2026 Vulnerabilities"},"content":{"rendered":"<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/nvd-enrichment-premarch-2026\/\">NIST Drops NVD Enrichment for Pre-March 2026 Vulnerabilities<\/a><\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/nvd-enrichment-premarch-2026\/\">https:\/\/www.infosecurity-magazine.com\/news\/nvd-enrichment-premarch-2026\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-04-16 08:43:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.infosecurity-magazine.com\">www.infosecurity-magazine.com<\/a><\/p>\n<p>The team behind the US National Vulnerability Database (NVD) can\u2019t keep up with the explosion of new reported vulnerabilities, said a top official of the US National Institute of Standards and Technology (NIST), which hosts the database.<\/p>\n<p>Speaking at VulnCon26&#8217;s in Scottsdale, Arizona, on April 15, Harold Booth, a NIST computer scientist, said the NVD had to make operational adjustments in how its data analyst enrich vulnerabilities to address the \u201crecord growth\u201d of reported common vulnerabilities and exposures (CVEs).<\/p>\n<p>\u201cCVE reporting keeps increasing \u2013 and trust me, at the NVD, we see them all \u2013 and our ability to keep up is just not there, so our backlog keeps increasing too,\u201d Booth said.<\/p>\n<p>The data analyst will thus shift to a risk-based approach that will guide how they prioritize which CVE to process and enrich first.<\/p>\n<p>This new approach implies bold moves, including the NVD dropping routine enrichment for all currently unenriched vulnerabilities reported before March 1, 2026.<\/p>\n<p>Additionally, the NVD will prioritize enriching vulnerabilities found in software used by the US federal government or in critical software as defined by the Executive Order 14028, published in 2021.<\/p>\n<p>The NVD will also give precedence to vulnerabilities included in the US Cybersecurity and Infrastructure Agency\u2019s (CISA) Known Exploited Vulnerabilities (KEV) list.<\/p>\n<p>\u201cAll submitted CVEs will still be added to the NVD. However, those that do not meet the criteria above will be categorized as \u2018Not Scheduled,\u2019\u201d said Booth.<\/p>\n<p>\u201cVulnerabilities are a way for an attacker to gain access to a system that they should not and we want to close those holes as quickly, efficiently and effectively as possible. We want to focus on the ones that are important, not the ones that are unimportant,\u201d he added.<\/p>\n<p>Users can request enrichment of any unscheduled CVEs by emailing the NVD at nvd@nist.gov.<\/p>\n<h2><strong>The CVE Surge Threatens NVD Capacity<\/strong><\/h2>\n<p>This change is driven by a surge in CVE&#8230;<\/p>\n<p><a href=\"https:\/\/www.infosecurity-magazine.com\/news\/nvd-enrichment-premarch-2026\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>NIST Drops NVD Enrichment for Pre-March 2026 Vulnerabilities https:\/\/www.infosecurity-magazine.com\/news\/nvd-enrichment-premarch-2026\/ Publish Date: 2026-04-16 08:43:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":233213,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/assets.infosecurity-magazine.com\/webpage\/og\/e694a494-7a34-42e1-b690-a1c03c8ee7e3.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,27],"class_list":["post-233212","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/233212"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=233212"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/233212\/revisions"}],"predecessor-version":[{"id":233214,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/233212\/revisions\/233214"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/233213"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=233212"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=233212"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=233212"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}