NIST Shifts to Risk-Based NVD Model as CVE Submissions Surge 263% Since 2020

Due to a 263% surge in CVE submissions since 2020, NIST is shifting the National Vulnerability Database (NVD) to a risk-based model, prioritizing vulnerabilities affecting government agencies and critical software. This new approach aims to manage the overwhelming volume of reports by focusing enrichment efforts on high-impact threats and no longer generating duplicate severity scores.