Summary: The National Institute of Standards and Technology (NIST) is facing a significant backlog of Common Vulnerabilities and Exposures (CVEs), exacerbated by a 32% increase in submissions over the past year. Despite efforts to improve processing speeds, the current infrastructure and staffing levels are insufficient to manage the growing volume of reports. NIST is exploring automation technologies like AI and machine learning to address these challenges as the gap between reported vulnerabilities and actionable intelligence widens, impacting organizations relying on timely data.
Affected: National Institute of Standards and Technology (NIST)
Keypoints :
- NIST reports an increasing backlog of CVEs in the National Vulnerability Database (NVD), with a projected rise in submissions for 2025.
- The existing NVD workflows and data handling processes are outdated and unable to accommodate the rising volume of CVE submissions.
- Organizations are experiencing issues due to delayed processing of vulnerability data, which impedes timely decision-making and system protection.