The European cybersecurity agency ENISA has launched the beta version of the European Vulnerability Database (EUVD). ENISA was already approved as a CVE Numbering Authority (CNA) in June 2024. The CNA is an organization authorized to assign unique identifiers for publicly known security vulnerabilities in IT systems.
What is the EUVD?
The EUVD is a publicly accessible platform that provides in-depth, reliable, and actionable information on vulnerabilities in IT products and services. It aggregates data from open sources, national Computer Security Incident Response Teams (CSIRTs), manufacturers, and international programs such as MITRE CVE.
Particularly relevant for manufacturers and suppliers in medical technology:
- The EUVD supports the Common Security Advisory Framework (CSAF), which enables machine-readable and automated processing of security information.
- The database includes critical vulnerabilities, exploited vulnerabilities, and vulnerabilities reported in an EU-coordinated manner.
- The EUVD actively supports the implementation of NIS2 and the upcoming reporting requirements of the Cyber Resilience Act (CRA).
