U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Breadcrumb

  1. Home

National Vulnerability Database

Security automation reference data is currently housed within the National Vulnerability Database (NVD). The NVD is the U.S. Government repository of security automation data based on security automation specifications. This data provides a standards-based foundation for the automation of software asset, vulnerability, and security configuration management; security measurement; and compliance activities. This data supports security automation efforts based on the Security Content Automation Protocols (SCAP). The NVD includes databases of security configuration checklists for the NCP, listings of publicly known software flaws, product names, and impact metrics. A formal validation program tests the ability of vendor products to use some forms of security automation data based on a product's conformance in support of specific enterprise capabilities.

About this Dataset

Updated: 2026-06-19
Metadata Last Updated: 2025-07-01 00:00:00
Date Created: N/A
Data Provided by:
Dataset Owner: N/A

Access this data

Contact dataset owner Access URL
Landing Page URL
Table representation of structured data
Title National Vulnerability Database
Description Security automation reference data is currently housed within the National Vulnerability Database (NVD). The NVD is the U.S. Government repository of security automation data based on security automation specifications. This data provides a standards-based foundation for the automation of software asset, vulnerability, and security configuration management; security measurement; and compliance activities. This data supports security automation efforts based on the Security Content Automation Protocols (SCAP). The NVD includes databases of security configuration checklists for the NCP, listings of publicly known software flaws, product names, and impact metrics. A formal validation program tests the ability of vendor products to use some forms of security automation data based on a product's conformance in support of specific enterprise capabilities.
Modified 2025-07-01 00:00:00
Publisher Name National Institute of Standards and Technology
Contact mailto:[email protected]
Keywords CVE , CVSS , SCAP , 800-53 , Vulnerability , NVD , Checklists
{
    "identifier": "1E0F15DAAEFB84E4E0531A5706813DD8436",
    "accessLevel": "public",
    "contactPoint": {
        "hasEmail": "mailto:[email protected]",
        "fn": "Tanya Brewer"
    },
    "programCode": [
        "006:045"
    ],
    "landingPage": "https:\/\/data.nist.gov\/od\/id\/1E0F15DAAEFB84E4E0531A5706813DD8436",
    "title": "National Vulnerability Database",
    "description": "Security automation reference data is currently housed within the National Vulnerability Database (NVD). The NVD is the U.S. Government repository of security automation data based on security automation specifications. This data provides a standards-based foundation for the automation of software asset, vulnerability, and security configuration management; security measurement; and compliance activities. This data supports security automation efforts based on the Security Content Automation Protocols (SCAP). The NVD includes databases of security configuration checklists for the NCP, listings of publicly known software flaws, product names, and impact metrics. A formal validation program tests the ability of vendor products to use some forms of security automation data based on a product's conformance in support of specific enterprise capabilities.",
    "language": [
        "en"
    ],
    "distribution": [
        {
            "accessURL": "https:\/\/nvd.nist.gov\/",
            "format": "html web page",
            "description": "The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, misconfigurations, product names, and impact metrics.",
            "title": "National Vulnerability Database"
        },
        {
            "accessURL": "https:\/\/doi.org\/10.18434\/M3436",
            "title": "DOI Access for National Vulnerability Database"
        }
    ],
    "bureauCode": [
        "006:55"
    ],
    "modified": "2025-07-01 00:00:00",
    "publisher": {
        "@type": "org:Organization",
        "name": "National Institute of Standards and Technology"
    },
    "theme": [
        "Information Technology:Cybersecurity",
        "Information Technology"
    ],
    "keyword": [
        "CVE",
        "CVSS",
        "SCAP",
        "800-53",
        "Vulnerability",
        "NVD",
        "Checklists"
    ]
}