Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.
The National Institute of Standards and Technology (NIST) scaled back on the number of CVEs it selects for in-depth analysis, but the move has produced mixed results, according to researchers.
June 29, 2026
After two months of cutbacks by the National Institute of Standards and Technology (NIST) on CVE enrichment, new research reveals some concerning trends that could make it harder for security teams to prioritize vulnerabilities.
In April, the NIST began dramatically reducing the number of CVEs that received "enrichment," or additional analysis, from the agency for its National Vulnerability Database (NVD). The shift was due to a severe backlog in submitted vulnerabilities, which led the NIST to prioritize flaws that, for example, were under exploitation or were featured in products used by the federal government.











