Back to glossary

National Vulnerability Database (NVD)

The US government repository of standards-based vulnerability management data, synchronized with the CVE list.

AbbreviationNVD
Categorysecurity

Overview

The NVD is maintained by the National Institute of Standards and Technology (NIST). It enhances the basic CVE list by providing additional analysis, such as CVSS scores, CWE categorizations, and mapping to affected product configurations (CPE).

Key Features

  • Searchable Database: Allows users to find vulnerabilities by product, vendor, or severity.
  • Data Feeds: Provides automated feeds for security tools to stay up-to-date.
  • Analysis: NIST analysts review every CVE and provide standardized metadata.

Importance

The NVD is the primary source of vulnerability information for most security tools and organizations worldwide.

Related Terms

Common Vulnerabilities and Exposures (CVE)Common Vulnerability Scoring System (CVSS)Common Weakness Enumeration (CWE)Vulnerability Management