> https://euvd.enisa.europa.eu/

They already did it. Great!

Maybe we can ask them how to contribute to their software, as it seems to be proprietary at the moment?

edit: lol, their manifest.json is still the React boilerplate: https://euvd.enisa.europa.eu/manifest.json

Their database seems to also only contain fairly recent CVEs (up until 2019? some CVEs are missing...) and not before that

To quote the article

  "Fourth, national vulnerability databases like China’s and Russia’s, among others, will largely dry up (Russia more than China)."

  "Fourth [sic], hundreds, if not thousands, of National / Regional CERTs around the world, no longer have that source of free vulnerability intelligence."

  "Fifth [sic], every company in the world that relied on CVE/NVD for vulnerability intelligence is going to experience swift and sharp pains to their vulnerability management program."

All major powers have at least one each, some few for different parts of bureaucracy. Most of them are probably minimum budget operations just rsync-ing US CVD but they exist.

We can only hope they will get enough exposure now so they can get funding to fix stuff.

Other authorities: https://www.cve.org/programorganization/cnas

The CVE program is really important. This Administration is truly the example of the D.O.G.E. - Department Of Gaffes and Errors

This is (without any irony) the first useful thing I see from ENISA.

OSV is made by Google/Alphabet and therefore also prone to Trump intervention (see Gulf of Mexico executive order).

The circl.lu might be actually a potential cooperation partner.

(Vuldb is down right now)

you've slept just 3 hours? Go back to bed..

Maybe just a toilet break (see the bio): > Fun fact: All my comments have been written on the toilet. I don't use social media anywhere else.

Taking TDD to a level it’s never been before

Yep, toilet and now back to bed :D

hmm? it's already daytime in Europe where he's located