ctipilot.ch

ENISA EU Vulnerability Database (EUVD)

enisa-euvd · A · active

https://euvd.enisa.europa.eu/

vulnsactive-breakinglang: enfetch failures: 0last fetch: 2026-07-09

EU vulnerability database mandated by NIS2 Art. 12(2), operated by ENISA — the EU counterpart to CISA KEV for exploitation ground truth, plus CVSS/EPSS-enriched coverage of newly published vulnerabilities. Records carry EUVD-YYYY-NNNNN ids aliased to CVE/GHSA ids, references to vendor advisories, `baseScore`/`epss`, and — on the exploited listing — `exploitedSince` (EU-side actively-exploited signal to read NEXT TO cisa-kev every run; the two catalogs overlap but neither is a superset). tier: essential — attempted on EVERY intel run, and the check means ALL THREE listing endpoints, not just one: (1) newest records → `python3 tools/fetch_source.py enisa-euvd recent lastvulnerabilities` (≙ https://euvd.enisa.europa.eu/); (2) critical CVSS 9.0–10.0 → `python3 tools/fetch_source.py enisa-euvd recent criticals` (≙ https://euvd.enisa.europa.eu/search?fromScore=9&toScore=10); (3) actively exploited → `python3 tools/fetch_source.py enisa-euvd recent exploited` (≙ https://euvd.enisa.europa.eu/search?exploited=true). Drill one record with `enisa-euvd advisory <EUVD-id>`. REQUIRED FETCH METHOD: the bridge api subcommands only — the SPA at euvd.enisa.europa.eu returns an empty <noscript> shell to WebFetch (not a fetch failure; recipe transition per the agent definition). The JSON API lives on the separate services host euvdservices.enisa.europa.eu (bridge re-pointed 2026-05-11). Citation discipline: the API JSON is the data, never the citation — cite the vendor advisory / CERT primary the record references (CVE primary-source order puts EUVD below vendor/CERT but above researcher write-ups); where the EUVD entry itself is the source, cite the human detail page https://euvd.enisa.europa.eu/enisa/eu_vulnerability_database/<EUVD-id>, never the search/listing URL. | 2026-07-09 added as tier: essential on operator request (EUVD ground truth next to CISA KEV): all three listing endpoints verified live and current same day — lastvulnerabilities, criticals, and exploited each returned in-window JSON (exploited carries exploitedSince; e.g. EUVD-2026-40121 / CVE-2026-56290 exploitedSince Jul 7).

Cited in 15 entries

Citation cadence

Citation days per ISO week (8 weeks of coverage span, total 12).