Integration with common vulnerability management tools is needed for GCVE.eu to reach its full potential — and not introduce additional friction and confusion into CISOs’ remediation strategies.

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.

By the time of CVE's launch, ISS (later acquired by IBM) maintained a fully public VDB, as of August 1997. A company I helped ...

As the agency’s vulnerability database buckles under a flood of submissions, it’s planning to shift some responsibilities to other parties.

GCVE would enhance global collaboration, flexibility, and efficiency in tracking vulnerabilities. Duplicate entries and ...

The mission of the Common Vulnerabilities and Exposures (CVE®) Program is to identify, define, and catalog publicly disclosed ...

The EU has launched a new alternative to the US-led CVE vulnerability database, offering European security teams a decentralized backup amid funding and continuity concerns.

A new vulnerability database has launched in the EU, in a bid to reduce dependence on the U.S. program. Here's what you need ...

JFrog this week published an analysis of a vulnerability in Redis databases that may be more serious than initially thought following the discovery of a ...

BackBox, a leading provider of network cyber resilience solutions, is partnering with Nomios, one of Europe's leading providers of cybersecurity services, to enhance network visibility and automation ...

A recently disclosed security vulnerability in MongoDB has come under active exploitation in the wild, with over 87,000 potentially susceptible instances identified across the world. The vulnerability ...

In the sprawling landscape of cybersecurity, few systems are as simultaneously critical and underappreciated as the Common Vulnerabilities and Exposures (CVE) program. For more than two decades, this ...