Latest posts tagged with #GCVE on Bluesky
An overview of the current set of sources in the db.gcve.eu instance running the latest version of vulnerability-lookup. https://db.gcve.eu/recent#fstec
A new pull request for Vulnerability-Lookup adds a CSAF producer that publishes advisories for many manufacturers.
This is great for defenders and researchers, as it increases the amount of detailed vulnerability information available.
It will push the […]
[Original post on infosec.exchange]
~Socket~
GCVE launched a decentralized vulnerability publishing ecosystem to address CVE centralization bottlenecks.
-
IOCs: (None identified)
-
#GCVE #ThreatIntel #Vulnerability
GCVE federated model
The GCVE.eu initiative will take part in hackathon.lu (14–15 April, Luxembourg), alongside core developers of GCVE-related projects. See you there to build, experiment, and collaborate!
#gcve #cve #opensource #openstandard #hackathon
🔗 https://hackathon.lu
@gcve
@circl
[🧵 3/3]
CodeClarity is a free, open-source alternative to Snyk & Checkmarx.
🦉 Join the parliament and contribute!
#OpenSource #CyberSecurity #DevSecOps #GCVE
GCVE and CRA - overview
Many people are concerned about the CRA requirements, especially how they map to real-world coordinated vulnerability disclosure (CVD) processes.
I tried to map the standard to the functionality we have in GCVE.eu to see how it could be integrated into a […]
[Original post on infosec.exchange]
Acknowledging Reality in Vulnerability Disclosure.
Every few years, vulnerability disclosure is declared settled. We are told that the ecosystem has matured, that coordinated disclosure is the answer, and that whatever remains outside this model is either irresponsible, obsolete, or simply […]
Full disclosure in computer security still exists and is complementary to other disclosure models. The evolution of vulnerability disclosure is not linear from full disclosure to responsible disclosure to coordinated disclosure. These models coexist and all need to be taken into account.
You […]
Following a great question from CERT.PL about GCVE KEV assertion format and especially about the confidence level for an evidence of a vulnerability assertion.
We made a first table of confidence level for the evidence in the KEV record format.
| Confidence | Label | Meaning (confidence in […]
GCVE will be at hackathon.lu - April 14th and 15th, 2026
So if you want to work on all the cool stuff around vulnerability management, federated publication of vulnerability information, analytics, and anything related to vulnerabilities, join us.
#gcve #opensource #vulnerabilitymanagement […]
GCVE-BCP-08 - GCVE GNA Directory File
Following some good pre-discussion at #fosdem - a first draft of the directory file specification has been updated. The goal is clarify some of the fields. Feedback is more than welcome.
@gcve
#opensource #gcve
🔗 […]
Want to help working on a future global vulnerability intelligence platform with us? Join our community meetings!
https://www.gvip-project.org/blog/2026/community-feb/
#CVE #NVD #GCVE #CRA
🇪🇺 Європа запустила власну публічну базу даних для відстеження вразливостей програмного забезпечення під назвою #GCVE. Метою ініціативи є зміцнення цифрової безпеки та створення децентралізованої альтернативи американським сервісам.
hackread.com/eu-launches-...
#Europe launches GCVE to track security vulnerabilities without relying on the US, creating a new independent platform for reporting security flaws in software.
Read: hackread.com/eu-launches-...
#CyberSecurity #InfoSec #Vulnerabilities #EU #GCVE
# KEV Assertion Format – Draft Specification (potential BCP?)
This format describes a **generic KEV (Known Exploited Vulnerability) assertion format**.
The goal is to express _who claims exploitation_ , _when_ , _based on what_ , _where it was observed_ , and _with which level of confidence_ […]
GCVE-BCP-02 - Practical Guide to Vulnerability Handling and Disclosure.
version 1.3 published
gcve.eu/bcp/gcve-bcp...
#cve #gcve #cvd #vulnerabilitymanagement
We’ve updated the draft GCVE BCP-05 standard to introduce flexible record types, making it easier to extend, enrich, and structure security advisories.
Comments are more than welcome!
#gcve #cve #vulnerability #openstandard
@gcve
@circl
🔗 […]
GCVE-BCP-05 - GCVE Vulnerability Format (Updated CVE Record Format) has been published as DRAFT and ready for public review.
The standard is similar to the @cve record format with some extensions (via the `X_` prefixes) for GCVE format and the reference implementation vulnerability-lookup. This […]
We presented “Advancing Vulnerability Tracking and Disclosure Through an Open and Distributed Platform” at the excellent @uybhys.bsky.social
#cve #vulnerability #opensource #vulnerabilitymanagement #cybersecurity #gcve
🔗 www.vulnerability-lookup.org/2025/11/08/u...
Gestion des vulnérabilités par @adulau.bsky.social et C.Bonhomme du #CIRCL🇱🇺 à #UYBHYS2025, agrègent et corrèlent 27 sources 🇺🇸 🇨🇳 🇪🇺...👍🏻
Prédiction par IA de la sévérité à partir des descriptions textes 🤩
#GCVE permet à chacun de publier des vulnérabilités gcve.eu
www.vulnerability-lookup.org
Good example why open sources projects should self-publish or even counter-publish as a GNA in @gcve
Distributed publishing is not weakening the security advisory publication but it’s providing additional valuable sources.
#gcve #cve
🔗 www.openwall.com/lists/oss-security/2025/...
Overview of vulnerability-lookup
Vulnerability Lookup and GCVE: A Decentralized Approach to Vulnerability Publishing and Management Workshop at Hack.lu 2025
We published all the materials from the workshop given at #hacklu 2025
#gcve #vulnerabilitymanagement #opensource #cybersecurity […]
[Original post on infosec.exchange]
RE: https://infosec.exchange/@UYBHYS/115342659808677542
Glad to present at #UYBHYS with @cedric our work on GCVE and Vulnerability Lookup, facilitating vulnerability management and publishing through a fully open-source stack.
🔗 Online version https://vulnerability.circl.lu/
🔗 […]
GCVE-BCP-04 - Recommendations and Best Practices for ID Allocation version 1.1 published.
GCVE-BCP-04 - Recommendations and Best Practices for ID Allocation version 1.1 published.
BCP Document https://gcve.eu/bcp/gcve-bcp-04/
PDF https://gcve.eu/files/bcp/gcve-bcp-04.pdf
Comments and feedback […]
[Original post on infosec.exchange]
So @gcve brings a lot of interesting new aspects to cybersecurity! opensourcesecurity.io/2025/2025-08-gcve-cedric... -> are you a security researcher and you don't agree with the vendors assessment of the vuln you found and CVD'd -> you fork their disclosure and add your own meta data […]
I’ll do an online session about GCVE in 30 minutes. If you want to join, all details are below.
#gcve #vulnerability #vulnerabilitymanagement
infosec.exchange/@gcve@social.circl.lu/11...
Wrapped up an energising Vulnerability Lookup workshop during @circl’s Virtual Summer School 2025.
Video and slides are now available.
Big thanks to everyone who joined the discussions.
:youtube: Video https://youtu.be/imkPqA-1mVE
📜 Slides […]
The hackathon FIRSTCON25 takes place physically at 37th ANNUAL FIRST CONFERENCE on Sunday 22nd June in Copenhagen.
GCVE.eu topic has been added to the hackathon.
🔗 About the hackathon https://discourse.ossbase.org/c/hackathon-firstcon25/12
🔗 GCVE.eu topic […]
🇪🇺 ENISA’s EU Vulnerability Database (EUVD) and CIRCL’s Global CVE System (GCVE) have launched, offering European IDs and decentralized numbering authorities — all while the new CVE Foundation secures long‑term program stability.
#EUVD #GCVE #CVEFoundation
