惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

L
LangChain Blog
C
Check Point Blog
博客园 - Franky
V
Visual Studio Blog
云风的 BLOG
云风的 BLOG
aimingoo的专栏
aimingoo的专栏
Microsoft Security Blog
Microsoft Security Blog
V2EX - 技术
V2EX - 技术
AI
AI
Hacker News - Newest:
Hacker News - Newest: "LLM"
Jina AI
Jina AI
S
Security @ Cisco Blogs
Security Archives - TechRepublic
Security Archives - TechRepublic
H
Hacker News: Front Page
H
Hackread – Cybersecurity News, Data Breaches, AI and More
O
OpenAI News
Attack and Defense Labs
Attack and Defense Labs
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
爱范儿
爱范儿
H
Heimdal Security Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
G
Google Developers Blog
G
GRAHAM CLULEY
V
V2EX
The Register - Security
The Register - Security
人人都是产品经理
人人都是产品经理
B
Blog RSS Feed
Schneier on Security
Schneier on Security
M
MIT News - Artificial intelligence
Stack Overflow Blog
Stack Overflow Blog
Help Net Security
Help Net Security
大猫的无限游戏
大猫的无限游戏
C
CERT Recently Published Vulnerability Notes
The GitHub Blog
The GitHub Blog
V
Vulnerabilities – Threatpost
The Last Watchdog
The Last Watchdog
J
Java Code Geeks
S
Secure Thoughts
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
量子位
NISL@THU
NISL@THU
K
Kaspersky official blog
Engineering at Meta
Engineering at Meta
T
Threatpost
Recent Commits to openclaw:main
Recent Commits to openclaw:main
宝玉的分享
宝玉的分享
Security Latest
Security Latest
T
The Exploit Database - CXSecurity.com
博客园_首页
A
Arctic Wolf

SiliconANGLE

Will agentic AI governance run amok? The lesson of Asimov’s Three Laws - SiliconANGLE AI + quantum, Amazon vs. Starlink and the wide-open US-China internet battle - SiliconANGLE Team Cymru launches Total Insights Feed to replace legacy threat intelligence lists - SiliconANGLE NanoClaw partners with Vercel to deliver one-click approvals for AI agents working on sensitive tasks - SiliconANGLE AI Mode in Chrome adds split-screen view to enhance the web search experience - SiliconANGLE Resolve AI raises $40M at $1.5B valuation to optimize production environments - SiliconANGLE How Zscaler and OpenAI turn zero-trust security into an AI accelerator - SiliconANGLE OpenAI ratchets up Codex's agentic capabilities to rival Claude Code - SiliconANGLE Anthropic launches Claude Opus 4.7 with coding, visual reasoning improvements - SiliconANGLE Slash raises $100M at a $1.4B valuation to expand AI-powered banking platform for online businesses - SiliconANGLE Canva unveils Canva AI 2.0, recasting its platform as an agentic system for work - SiliconANGLE Data center, consumer device chips boost TSMC’s revenue - SiliconANGLE Mission-critical security cannot be bolted on, says Oracle - SiliconANGLE Agentic infrastructure reshapes enterprise AI - SiliconANGLE Data quality, and data freedom, foundational for AI success - SiliconANGLE Data trust is a bedrock in successful, scalable AI outcomes - SiliconANGLE Google introduces new agentic AI-ready tools and resources for Android developers  - SiliconANGLE Agentic AI orchestration separates winners from laggards - SiliconANGLE Data-driven tools turning the tide against human trafficking - SiliconANGLE Achieving trusted AI development goes beyond 'vibes' - SiliconANGLE Impinj boosts edge computing power in updated R700 RAIN RFID reader - SiliconANGLE Certinia powers professional services with AI - SiliconANGLE Antioch prepares to accelerate simulated testing for autonomous robots after raising $8.5M - SiliconANGLE Developer tooling startup Expo nabs $45M investment - SiliconANGLE Solidroad lands $25M to bring AI to customer support interactions - SiliconANGLE DuploCloud lands compliance and AI governance certifications as enterprise buyers tighten scrutiny - SiliconANGLE Lua lands $5.8M to help businesses build and manage AI agent workforces - SiliconANGLE Best of frenemies: Oracle's and AWS' clouds unite with dedicated, private connectivity - SiliconANGLE Cisco goes to the races with new Churchill Downs multiyear partnership - SiliconANGLE Susecon 2026 will tackle the future of open-source platforms - SiliconANGLE Seriously? Footwear brand Allbirds says it has just transformed into an AI business - SiliconANGLE Hilbert nabs $28M to ease analytics projects for consumer-focused companies - SiliconANGLE Qlik debuts new agentic capabilities, aiming to enhance AI trust and transparency - SiliconANGLE Google's Gemini 3.1 Flash TTS model offers unparalleled control over AI voices - SiliconANGLE Parasail raises $32M for its pay-per-token inference cloud - SiliconANGLE Distributed multicloud architectures reshape data - SiliconANGLE Scaling the AI factory through conversational analytics - SiliconANGLE AI-driven decision-making reshapes analytics - SiliconANGLE Artemis reels in $70M to make breach remediation more efficient with AI - SiliconANGLE Cloud infrastructure: Google Cloud growth drives market - SiliconANGLE Trusted data foundation is a gating factor for enterprise AI - SiliconANGLE Redefining database infrastructure with Oracle AI database - SiliconANGLE Oracle makes database key for agentic AI development - SiliconANGLE Oracle bets on AI database convergence for agentic AI - SiliconANGLE Quantum technologies drive EU strategy for hybrid computing - SiliconANGLE Hybrid quantum-HPC computing reshapes infrastructure - SiliconANGLE Quantum computing meets HPC in hybrid models - SiliconANGLE Quantum-HPC integration enters 'software moment' - SiliconANGLE DeepMind launches Gemini Robotics-ER 1.6 to meet precise physical AI demands  - SiliconANGLE GrowthLoop targets real-time, causal decisioning with AI-infused marketing platform - SiliconANGLE Stendr snags $5.4M in pre-seed funding to develop AI-native drone-tracking tech - SiliconANGLE Salesforce bets on conversation as the new interface for developers - SiliconANGLE Emergent launches Wingman: a personal AI agent for everyone  - SiliconANGLE Axonius targets remediation gap with AI, cyber-physical assets and data trust layer - SiliconANGLE Capsule Security launches with $7M to secure AI agents at runtime - SiliconANGLE Leapwork hands off code validation to AI agents to keep pace with automated software development - SiliconANGLE SolarWinds accelerates observability with SW1, an 'agentic AI teammate' that automates IT firefighting - SiliconANGLE AI satellite constellation startup Orbital gets funded by a16z to verify space-based data center concept - SiliconANGLE Helical raises $10M to bridge the gap between foundation models and drug discovery decisions - SiliconANGLE Sectigo launches Private PQC to enable post-quantum certificate testing in existing workflows - SiliconANGLE German startup Synera lands $40M to automate engineering workflows with AI agents - SiliconANGLE Leadership shifts redefine enterprise AI - SiliconANGLE OpenAI partners with Novo Nordisk to accelerate drug discovery and delivery - SiliconANGLE Amazon debuts high-speed satellite internet antenna for commercial aircraft - SiliconANGLE Japanese tech giants launch joint venture targeting physical AI for robots and machines - SiliconANGLE Electric pickup truck startup Slate Auto raises $650M in funding - SiliconANGLE Zoom Perspectives: Why 'agentic' work is the new enterprise standard - SiliconANGLE China has erased the US lead in AI, Stanford HAI's 2026 AI index reveals - SiliconANGLE Cloudflare expands Agent Cloud with new tools to build and scale AI agents - SiliconANGLE Commvault rolls out AI capabilities to secure agentic workflows and data - SiliconANGLE Digital employees are here: What now? - SiliconANGLE Report: Cisco could acquire AI agent security startup Astrix Security for $250M+ - SiliconANGLE CoreWeave inks multiyear cloud deal with Anthropic - SiliconANGLE Agentic AI will force a rethink at the network edge - SiliconANGLE AI training data startup AfterQuery nabs $30M investment - SiliconANGLE Quantum computing market picks up steam - SiliconANGLE Healthcare IT under siege: CloudWave is fighting back - SiliconANGLE Cloud rebalancing gives service providers a new edge - SiliconANGLE Anthropic tries to keep its new AI model away from cyberattackers as enterprises look to tame AI chaos - SiliconANGLE Nutanix expands agentic AI infrastructure for neoclouds - SiliconANGLE Meta says it will spend an additional $21B on CoreWeave's AI infrastructure - SiliconANGLE Florida AG opens probe into ChatGPT alleging connection to FSU shooting - SiliconANGLE Cisco buys Galileo to strengthen Splunk's agentic monitoring capabilities - SiliconANGLE RISC-V chip design startup SiFive nabs $400M investment - SiliconANGLE Anthropic and OpenAI target big businesses with enterprise-grade controls and lower pricing - SiliconANGLE Intel inks multiyear data center chip partnership with Google - SiliconANGLE Apiiro launches command-line interface to bring AI-native security into software development workflows - SiliconANGLE Yobi teams with Microsoft to deliver predictive consumer intelligence on Azure - SiliconANGLE Amazon CEO Andy Jassy highlights AI growth in annual shareholder letter - SiliconANGLE Is a backlash brewing? Rapid innovation in AI coding and agents may force push for enterprise order and control - SiliconANGLE AI-driven guest experience reshapes hospitality IT strategy - SiliconANGLE Tether launches open-source on-device AI framework for developers - SiliconANGLE Database lifecycle management top priority in enterprise AI - SiliconANGLE AWS previews a cloud-agnostic registry for managing agentic fleets at scale - SiliconANGLE Nutanix bets on agentic AI governance - SiliconANGLE AI infrastructure modernization drives storage rethink - SiliconANGLE Haast raises $12M to help legal teams make haste with compliant AI-generated content - SiliconANGLE Blaize launches AI Services platform to move enterprise AI from pilot to production - SiliconANGLE Wasabi to acquire Seagate's Lyve Cloud business - SiliconANGLE Refiant raises $5M to refine AI models with 'nature-inspired' energy efficiency - SiliconANGLE
NIST shifts National Vulnerability Database to risk-based triage as CVE submissions hit record levels - SiliconANGLE
by Duncan Riley · 2026-04-16 · via SiliconANGLE

NIST shifts National Vulnerability Database to risk-based triage as CVE submissions hit record levels

The U.S. National Institute of Standards and Technology today announced an overhaul of how it processes cybersecurity vulnerabilities in its National Vulnerability Database .

NIST is abandoning its longstanding goal of fully analyzing every submitted Common Vulnerability and Exposure in favor of a risk-based triage model that prioritizes the most dangerous flaws. The change, which took effect today, is the result of the sheer volume of CVE submissions that NIST has been receiving and the number is high. Between 2020 and 2025, CVE submissions surged 263% and in the first quarter of this year, they were nearly one-third higher than the same period last year.

NIST enriched nearly 42,000 CVEs in 2025, up 45% year-over-year, but the increase in output has not been enough to keep pace with growing submissions. Under the new model, NIST will now only fully enrich CVEs that meet one of three criteria.

The criteria needed for a CVE to make the cut include a vulnerability being listed in the U.S. Cybersecurity and Infrastructure Security Agency’s Known Exploited Vulnerabilities catalog, CVEs that affect software used within the federal government, and CVEs that affect software classified as critical under Executive Order 14028.

With the new model, NIST is aiming to enrich KEV catalog entries within one business day of receipt.

Other CVEs reported, though, are not going away. They will still be listed in the NVD but will be categorized as “Not Scheduled,” meaning NIST will not automatically add the severity scores and product data that security teams rely on to prioritize patching.

The agency is also addressing a significant backlog that has built up since early 2024. All CVEs with an NVD publish date before March 1, 2026, that remain unenriched will be moved into the “Not Scheduled” category, with NIST considering them for enrichment only as resources allow. CVEs already in the KEV catalog are excluded from that sweep.

The new model includes two additional procedural changes. NIST will no longer routinely issue its own severity score for CVEs where the submitting CVE Numbering Authority has already provided one. That will eliminate duplicate analysis, and modified CVEs will also only be reanalyzed if a change materially affects the enrichment data rather than automatically on every update.

Though NIST doesn’t directly blame the rise of CVE submissions on artificial intelligence, it’s one key driver behind the surge in CVE submissions, according to Vincenzo Iozzo, co-founder and chief executive of identity threat detection and response provider SlashID Inc.

“We’ve seen a dramatic spike in AI-reported valid vulnerabilities. According to reports, last year alone, the number of reported vulnerabilities more than doubled,” Iozzo told SiliconANGLE via email. “As a result, the new NIST policy is sensible and the categories still covered are the most critical ones.”

Also, he added, “large language models are approaching the point where they are good enough to allow individual organizations to prioritize and contextualize vulnerabilities in their environment, reducing the need for enriched CVEs.”

Shane Fry, chief technology officer at cybersecurity solutions company RunSafe Security Inc., believes that “the announcement is a signal to the industry that the era of waiting for a CVE score before acting has come to an end.”

“Vulnerability visibility is imperfect, but organizations that use a diverse set of vulnerability data sources will have more reliable insight into vulnerabilities and which ones they are affected by,” said Fry. “More importantly, organizations need to assume unknown vulnerabilities already exist in their software and deploy protections that can prevent exploitation before a patch — or a CVE score — is ever available.”

Photo: NIST

A message from John Furrier, co-founder of SiliconANGLE:

Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.

  • 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
  • 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.

About SiliconANGLE Media

SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.