As part of the Open Source Week in Brussels, we're organising the GVIP Summit - a full day conference focusing on vulnerability management and databases. We'll take a look into the history, the current situation and into the future. Together we'll set the direction of future work within the GVIP project.
More details will follow soon. If you want to participate - follow GVIP on LinkedIn for updates or join the cve@owasp.org mailing list.
Participation is free. If you want to contribute as a speaker - contact Olle E Johansson today!
These are part of the work in the informal project group
- OWASP Foundation
- OpenSSF - Open Source Security Foundation, part of Linux foundation
- Eclipse Foundation
- Open Forum Europe
The work is supported by the Sovereign Tech Agency
- The CVE program:
- The National Vulnerability Database:
- CISA KEV:
- European Union Vulnerability Database (EUVD):
- Github Advisory Database
- JVN:
- OSV
- 2025-10: CVE at a Crossroads: A Blueprint for the Next 25 Years A report by the Institute for security + technology
- 2025-03: SecurityWeek.com: NIS is still struggling to clear vulnerability submissions backlog in NVD (March 2025)
- Mitre issues reported on reddit in 2025
- The Stack: As NVD flatlines, cybersecurity professionals call for urgent action (April 2024)
- 2025-04-16: The launch of the CVE foundation
- OWASP blog 2025-04-17:
- 2025-04The register
- Olle’s presentation for ORC WG April 28th:
- Chris Langton: Beyond CVE: Building a decentralized future for vulnerability intelligence)
- Cyberscoop: “CVE Foundation eyes year-end launch following 11th-hour rescue of MITRE program”
- Statement from the CVE Foundation 2025-05-15: )
- Phoenix Security Blog: The CVE & NVD Crisis: A Wake-Up Call for Cybersecurity Industry andApplication Security