National Vulnerability Database
The U.S. government repository of standards-based vulnerability management data

The National Vulnerability Database (NVD) is a U.S. government repository maintained by NIST that catalogs publicly known cybersecurity vulnerabilities using the CVE standard. It provides detailed vulnerability data including severity scores, affected software, and remediation guidance. Security professionals and researchers use it to track and manage software vulnerabilities.
NIST ingests CVE records from the CVE Program and enriches them with CVSS scores, CWE classifications, and affected product data, making them searchable via a public web interface and API.
security professionals, researchers, and software developers
Background.
- Status
- launched
- Business model
- free
- Company
- National Institute of Standards and Technology (NIST)
Similar projects.
Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.
Have a take on this space?
Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.