Risky Bulletin Newsletter
May 14, 2025
Risky Bulletin: EU launches its own vulnerability database
Presented by

News Editor
The EU's cybersecurity agency ENISA has launched its own vulnerability database designed to aggregate information on software bugs across the European ecosystem.
Although some infosec researchers might think this is the EU's reaction to the recent MITRE funding issues in the US, the new EUVD database was coming anyway, regardless of what was happening to the CVE program.
The EU actually ordered ENISA to create the new database via the NIS2 directive that passed in December 2022—see paragraphs 62 and 63.