NIST updated their NVD operations. They will now prioritize CISA's KEV catalog, federal government software, and "critical software" defined in the Executive Order 14028 for faster enrichment.They also will not assign their own severity scores to CVEs that received a score from CNAs.AI CVEs took a toll on them, it seems like.https://www.nist.gov/news-events/news/2026/04/nist-updates-nvd-operations-address-record-cve-growth#cybersecurity #cve #security #nist #cisa #cna #vulnerability #vulnerabilitymanagement #ai
