Safeguard
Tag

nvd

Safeguard articles tagged "nvd" — guides, analysis, and best practices for software supply chain and application security.

18 articles

Open Source Security

Why Snyk's vulnerability database often reports issues be...

NVD's CVE enrichment pipeline has a well-documented backlog since 2024. Here's the mechanical reason Snyk's database often shows vulnerabilities weeks earlier.

Aug 28, 20257 min read
Industry News

NIST NVD Recovery: The New Consortium Reshaping Vulnerability Data

After months of processing backlogs and community frustration, NIST announces a new consortium to modernize and sustain the National Vulnerability Database.

Nov 1, 20246 min read
Security Concepts

The National Vulnerability Database: How to Actually Use It

The National Vulnerability Database is the US government's CVE repository — here's how to search it, read its CVSS scores, and use it in a real workflow.

May 14, 20245 min read
Industry Analysis

NIST NVD Slowdown: What the Vulnerability Enrichment Backlog Means for Security Teams

NIST's National Vulnerability Database nearly stopped enriching CVEs in early 2024, creating a growing backlog that left security teams without the severity scores and metadata they depend on.

Mar 15, 20246 min read
Vulnerability Management

OSV Schema: The Open Source Vulnerability Database Format Explained

OSV provides a standardized format for vulnerability data that is purpose-built for open-source ecosystems. Here is how it works and why it is better than NVD for dependency scanning.

Aug 5, 20237 min read
Vulnerability Management

CPE Naming Convention and the Vulnerability Matching Problem

CPE is the backbone of NVD vulnerability matching, and it is deeply flawed. Understanding its limitations is essential for accurate vulnerability management.

Jun 15, 20226 min read
nvd (Page 2) — Safeguard Blog