🔐 Cybersecurity May 14, 2026

NIST NVD Enrichment Policy Change: Prioritizing Vulnerabilities with Attacker Behavior Signals

Recorded Future
View Channel →
NIST NVD Enrichment Policy Change: Prioritizing Vulnerabilities with Attacker Behavior Signals
Source ↗ 👁 0 💬 0
As of April 15, 2026, NIST enriches only CVEs that appear in the CISA Known Exploited Vulnerabilities catalog, federal government software, or software designated critical under Executive Order 14028. Everything else carries a "Lowest Priority" status: no CVSS score, no affected product mappings, no weakness classification. NIST enriched roughly 42,000 CVEs in 2025, and submissions in early 2026 are running about a third higher year-over-year. Industry estimates suggest the prioritized categorie

Comments (0)

Sign in to join the discussion

More Like This

April 2026 CVE Landscape
Recorded Future · May 15, 2026
Beyond Acceleration and Automation: How AI + Intelligence Changes Cyber Defense
Recorded Future · May 14, 2026
A Complete History of Cybersecurity: From Early Viruses to AI-Powered Threats
Recorded Future · May 8, 2026
The Different Types of Payment Fraud and How to Prevent Them
Recorded Future · May 8, 2026
Digital Citizenship Glossary: Key Terms Every Internet User Should Know
Recorded Future · May 8, 2026
Quantum Risk Explained
Recorded Future · May 7, 2026