National Vulnerability Database

Security automation reference data is currently housed within the National Vulnerability Database (NVD). The NVD is the U.S. Government repository of security automation data based on security automation specifications. This data provides a standards-based foundation for the automation of software asset, vulnerability, and security configuration management; security measurement; and compliance activities. This data supports security automation efforts based on the Security Content Automation Protocols (SCAP). The NVD includes databases of security configuration checklists for the NCP, listings of publicly known software flaws, product names, and impact metrics. A formal validation program tests the ability of vendor products to use some forms of security automation data based on a product's conformance in support of specific enterprise capabilities.

Data and Resources

National Vulnerability Databasehtml web page
The NVD is the U.S. government repository of standards based vulnerability...
Explore
- More information
- Go to resource
DOI Access for National Vulnerability Database
Explore
- More information
- Go to resource

Field	Value
accessLevel	public
accrualPeriodicity	R/P1D
bureauCode	{006:55}
catalog_@context	https://project-open-data.cio.gov/v1.1/schema/data.json
catalog_conformsTo	https://project-open-data.cio.gov/v1.1/schema
catalog_describedBy	https://project-open-data.cio.gov/v1.1/schema/catalog.json
identifier	1E0F15DAAEFB84E4E0531A5706813DD8436
issued	2022-01-11
landingPage	https://data.nist.gov/od/id/1E0F15DAAEFB84E4E0531A5706813DD8436
language	{en}
license	https://www.nist.gov/open/license
modified	2021-12-16 00:00:00
programCode	{006:045}
publisher	National Institute of Standards and Technology
resource-type	Dataset
source_datajson_identifier	true
source_hash	c575410991f3e482b1a0a82d60fc9b4fd0d2887a
source_schema_version	1.1
theme	{"Information Technology","Information Technology:Cybersecurity"}
Groups	AmeriGEOSS National Provider North America
Tags	800-53 amerigeo amerigeoss checklists ckan cve cvss geo geoss national north-america nvd scap united-states vulnerability
isopen	False
license_id	other-license-specified
license_title	other-license-specified
maintainer	Tanya Brewer
maintainer_email	tanya.brewer@nist.gov
metadata_created	2025-11-20T10:04:27.649087
metadata_modified	2025-11-20T10:04:27.649091
notes	Security automation reference data is currently housed within the National Vulnerability Database (NVD). The NVD is the U.S. Government repository of security automation data based on security automation specifications. This data provides a standards-based foundation for the automation of software asset, vulnerability, and security configuration management; security measurement; and compliance activities. This data supports security automation efforts based on the Security Content Automation Protocols (SCAP). The NVD includes databases of security configuration checklists for the NCP, listings of publicly known software flaws, product names, and impact metrics. A formal validation program tests the ability of vendor products to use some forms of security automation data based on a product's conformance in support of specific enterprise capabilities.
num_resources	2
num_tags	15
title	National Vulnerability Database