Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

EU: ENISA announces that it is now authorized as a Common Vulnerabilities and Exposures Numbering Authority

On June 12, 2024, the EU Agency for Cybersecurity (ENISA) announced that it expanded its support to EU Cybersecurity Incident Response Teams (CSIRTs) for Coordinated Vulnerability Disclosure and is now authorized as a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA).

As a CNA, ENISA is now authorized to assign CVE identifiers and publish CVE Records for vulnerabilities discovered by or reported to EU CSIRTs.

Furthermore, ENISA states that as per the Directive (EU) 2022/2555 on measures for a high common level of cybersecurity in the Union (NIS2 Directive), it is developing and maintaining a European Vulnerability Database (EUVD) that allows access to vulnerability information provided by sources including CSIRTs, vendors, and existing databases. The EUVD also introduces automation by supporting the Common Security Advisory Framework.

You can read the press release here.