The US Cybersecurity and Infrastructure Agency (CISA) has announced the creation of “Vulnrichment,” a new project that aims to fill the CVE enrichment gap created by NIST National Vulnerability Database’s recent slowdown. NVD is failing Since 1999, NVD analysts have been adding CVE-numbered vulnerabilities to the database, after analyzing public data about them to “enrich” each entry with impact metrics (CVSS), vulnerability types (CWE), applicability statements (CPE), links to security advisories, and more.

Source: Help Net Security