IG Report Criticizes NIST Over NVD Backlog
🔍 A U.S. Commerce Department inspector general report faults NIST for management and strategy shortcomings that contributed to a growing backlog in the National Vulnerability Database (NVD). The report cites duplicated effort with CISA, insufficient communication, and inconsistent severity scoring as key issues, while NIST points to budget cuts and disputed the report’s tone. Industry experts say the backlog reflects broader funding and process failures and warn that AI-driven increases in vulnerability discovery demand rethinking NVD processes.
