The European Union has officially launched its Vulnerability Database (EUVD), aimed at improving vulnerability management and transparency across ICT products and services. The database integrates multiple sources and provides critical information on exploited vulnerabilities, with mandatory reporting set for 2026.
Affected: EU institutions, ICT manufacturers, cybersecurity organizations, CISA, CVE Program
Affected: EU institutions, ICT manufacturers, cybersecurity organizations, CISA, CVE Program
Keypoints
- The EU Vulnerability Database (EUVD) has officially launched after being in development since December 2022.
- It functions similarly to the U.S. National Vulnerability Database, providing comprehensive data on cybersecurity vulnerabilities.
- EUVD offers views on critical vulnerabilities, exploited vulnerabilities, and those coordinated by European CSIRTs.
- The database will include data from sources such as CISAβs Known Exploited Vulnerability Catalogue and will integrate with the Single Reporting Platform in 2026.
- ENISA collaborates with EU Member States and works with MITRE to ensure resilience amid uncertainty over the future of the CVE Program.
- The CVE Foundation was launched to transition the CVE Program to a nonprofit model, seeking broader participation and transparency.
- CISA remains committed to supporting the CVE Program, with ongoing discussions about its organizational structure and community involvement.
Read More: https://thecyberexpress.com/eu-vulnerability-database-officially-launches-amid-cve-program-concerns/