Mandated by the NIS2 Directive, the EUVD is designed to aggregate and interconnect publicly available vulnerability information from a wide array of sources, including national Computer Security Incident Response Teams (CSIRTs), industry threat researchers, ICT vendors, and established databases such as MITRE’s Common Vulnerabilities and Exposures (CVE) Program. Henna Virkkunen, European Commission Executive Vice-President for Tech Sovereignty, Security and Democracy, hailed the launch as “a major step towards reinforcing Europe’s security and resilience,” emphasizing that the EUVD will raise cybersecurity standards and empower stakeholders to protect digital spaces more efficiently and autonomously. The European Union has taken a significant leap forward in its digital security strategy with the official launch of the European Vulnerability Database (EUVD), developed and maintained by the European Union Agency for Cybersecurity (ENISA). Announced on May 13, 2025, the EUVD is now operational, providing a centralized, reliable, and actionable repository of cybersecurity vulnerabilities that affect Information and Communication Technology (ICT) products and services across the EU. The EUVD also leverages the Common Security Advisory Framework (CSAF), allowing for machine-readable advisories and streamlined vulnerability management. With the launch of the EUVD, Europe now possesses a robust, independent resource to bolster its cybersecurity posture, improve situational awareness, and limit exposure to evolving digital threats. Experts view the EUVD as a strategic move to reduce reliance on a single, non-European vulnerability source and to ensure continuity and resilience in global vulnerability management. In 2025, ENISA plans to further develop the EUVD, gathering feedback to enhance its services and ensure it remains a vital tool in the EU’s cybersecurity framework.
This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 15 May 2025 11:05:00 +0000