NIST Shifts to Risk-Based NVD Model as CVE Submissions Surge 263% Since 2020

NIST Scales Back Vulnerability Scoring in 2026 as CVE Volume Surges

The National Institute of Standards and Technology (NIST) is narrowing how it analyzes and scores software vulnerabilities, citing a sharp increase in submissions that has made it difficult to keep pace.  “For years, security teams relied on NVD for vulnerability context to support prioritization decisions. But that model is under real strain,” said Ian Gray, VP of Intelligence at Flashpoint in an email to eSecurityPlanet.  He added, “CVE submis…

NIST Shifts to Risk-Based NVD Model as CVE Submissions Surge 263% Since 2020

The National Institute of Standards and Technology (NIST) has officially updated how it processes vulnerabilities in the National Vulnerability Database (NVD). According to an April 15, 2026 announcement, NIST is abandoning its comprehensive analysis approach in favor of a targeted, risk-based model. This shift ensures security teams receive timely intelligence on high-impact threats. At the […] The post NIST Shifts to Risk-Based NVD Model as CV…

NIST Overhauls The National Vulnerability Database After CVEs Increased 263% between 2020 and 2025 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware - National Cyber Security Consulting

The National Institute of Standards and Technology (NIST) has announced sweeping operational changes to the National Vulnerability Database (NVD), introducing a new risk-based prioritization model aimed at coping with an unprecedented rise in reported software vulnerabilities. The move marks one of the most significant shifts in the history of the NVD, a critical resource used […] Thank you for subscribing to our RSS feed! The post NIST Overhaul…