GCVE launches as a decentralized vulnerability intelligence platform
Security Tool/Service
Summary
Hide ▲
Show ▼
GCVE launched as a community-driven vulnerability intelligence platform, giving defenders a decentralized reference point for tracking and correlating vulnerabilities across over 25 public sources. The new db.gcve.eu service is hosted by CIRCL and is meant to reduce single points of failure in vulnerability information sharing. Its cross-compatible design matters because faster, more resilient publication and normalization can help security teams respond to serious threats sooner.
Related Happenings
NIST/NVD risk-based CVE enrichment change
Public Sector Action
First: 16.04.2026 15:43
Last: 16.04.2026 15:43
Sources 1
About this happening:
**NIST** said the **US National Vulnerability Database (NVD)** will switch to a **risk-based CVE enrichment** model to cope with backlog growth. The change will **drop enrichment...
NIST/NVD risk-based CVE enrichment change
Public Sector ActionAbout this happening: **NIST** said the **US National Vulnerability Database (NVD)** will switch to a **risk-based CVE enrichment** model to cope with backlog growth. The change will **drop enrichment...
CISA releases insider-threat infographic and framework for critical infrastructure and SLTT governments
Public Sector Action
First: 29.01.2026 18:00
Last: 29.01.2026 18:00
Sources 1
About this happening:
**CISA** released a new insider-threat infographic and framework, giving **critical infrastructure operators** and **SLTT governments** a structured way to prevent, detect, and re...
CISA releases insider-threat infographic and framework for critical infrastructure and SLTT governments
Public Sector ActionAbout this happening: **CISA** released a new insider-threat infographic and framework, giving **critical infrastructure operators** and **SLTT governments** a structured way to prevent, detect, and re...
CISA releases PQC product categories list
Public Sector Action
First: 23.01.2026 14:00
Last: 23.01.2026 14:00
Sources 1
About this happening:
On January 23, 2026, CISA released an initial list of product categories for technologies that use post-quantum cryptography (PQC) standards. The resource is intended to help orga...
CISA releases PQC product categories list
Public Sector ActionAbout this happening: On January 23, 2026, CISA released an initial list of product categories for technologies that use post-quantum cryptography (PQC) standards. The resource is intended to help orga...
Latest development: 26.01.2026 18:15
CISA published an initial list of hardware and software product categories that support or are expected to support post-quantum cryptography (PQC) standards, following Executive Order 14306 issued on June 6 2025 and compiled with the National Security Agency (NSA). The guidance covers cloud services, collaboration and web software, endpoint security, and networking hardware and software, while additional categories such as identity and access management (IAM) systems and enterprise security software are still transitioning; organizations are told to prioritize PQC-capable products for future procurements, and automated cryptographic discovery tools plus OT and IoT devices are outside the current scope.
CISA, NCSC-UK and FBI publish OT secure connectivity principles for connected industrial systems
Defensive Guidance
First: 14.01.2026 14:00
Last: 14.01.2026 14:00
Sources 1
About this happening:
A new **joint OT guidance** from **CISA**, **NCSC-UK**, the **FBI**, and partners gives operators practical ways to reduce **exposed and insecure connectivity**, lowering the risk...
CISA, NCSC-UK and FBI publish OT secure connectivity principles for connected industrial systems
Defensive GuidanceAbout this happening: A new **joint OT guidance** from **CISA**, **NCSC-UK**, the **FBI**, and partners gives operators practical ways to reduce **exposed and insecure connectivity**, lowering the risk...
Microsoft security patch release for CVE-2026-20805
Security Patch Release
First: 14.01.2026 02:47
Last: 14.01.2026 02:47
Sources 1
About this happening:
**Microsoft** released January 2026 security updates for **Windows** and supported software, fixing **at least 113 vulnerabilities** and **8 critical flaws**. The release includes...
Microsoft security patch release for CVE-2026-20805
Security Patch ReleaseAbout this happening: **Microsoft** released January 2026 security updates for **Windows** and supported software, fixing **at least 113 vulnerabilities** and **8 critical flaws**. The release includes...
Timeline
-
21.01.2026 12:30 2 articles · 4mo ago
GCVE launches as decentralized vulnerability intelligence platform
Initial DisclosureGCVE launches as a community-driven, European-headquartered alternative to the US-led CVE program, with db.gcve.eu hosted and operated by the Computer Incident Response Center Luxembourg (CIRCL). The open source platform brings together vulnerability information from over 25 public sources, lets GCVE Numbering Authorities (GNAs) allocate and publish vulnerability identifiers independently, and is intended to provide defenders, researchers, CSIRTs, vendors, and open-source projects with a single, unified reference point for vulnerability intelligence.
Show sources
- Experts Welcome Global Cybersecurity Vulnerability Enumeration Launch — www.infosecurity-magazine.com — 21.01.2026 12:30
- Experts Welcome Global Cybersecurity Vulnerability Enumeration Launch — www.infosecurity-magazine.com — 21.01.2026 12:30