"NVD Leaves Exploited Vulnerabilities Unchecked"

A new VulnCheck report found that the US National Vulnerability Database (NVD) lacks most currently exploited software vulnerabilities. In its May 23 report, the software security provider revealed that the NVD team has not analyzed 30 of 59 Known Exploited vVlnerabilities (KEVs) registered since February 12. In total, 50.8 percent of KEVs do not have critical metadata. When US Cybersecurity and Infrastructure Security Agency (CISA) analysts confirm a software vulnerability was exploited in the wild, it is added to the KEV list. CISA advises organizations to address these vulnerabilities immediately. Remediation deadlines are common for KEV list inclusion. This article continues to discuss key findings from the VulnCheck report.

Infosecurity Magazine reports "NVD Leaves Exploited Vulnerabilities Unchecked"

Submitted by grigby1