The National Vulnerability Database has long served as the authoritative enrichment layer for CVE severity ratings, the reference most security teams use to triage which vulnerabilities demand attention and which can wait. That function is now narrowed. According to NIST’s policy announcement, the agency will restrict its enrichment work to CVEs that appear in CISA’s Known Exploited Vulnerabilities catalog or that affect federal government software. Everything outside that scope will carry only the rating assigned by the submitting CVE Numbering Authority, no independent NIST enrichment, no standardized severity score.
The practical consequence is a two-tier CVE landscape. High-priority vulnerabilities in the KEV catalog, already known to be actively exploited, get full NIST enrichment as before. Everything else gets CNA-rated data only, with quality that varies significantly depending on which CNA submitted it. Some CNAs maintain rigorous rating processes. Others don’t. That variance, which NIST’s enrichment historically smoothed out, will now be visible directly in the data.
Why it matters for AI teams. NIST operates both the NVD and the AI Risk Management Framework. Those two functions aren’t unrelated. The AI RMF explicitly incorporates security as a risk dimension, and AI system security compliance frequently references NVD data for CVE prioritization in model serving infrastructure, API gateways, and underlying software dependencies. When NVD enrichment coverage narrows, AI security practitioners face a choice: build or buy supplementary CVE intelligence, rely more heavily on CISA KEV as a triage signal, or accept higher variance in severity data for non-KEV vulnerabilities.
Context. NIST cited a significant multi-year increase in CVE submissions as a contributing factor in the policy change. The policy shift follows a widely reported processing backlog that emerged in 2024, during which NIST fell behind on enriching newly published CVEs. The KEV-focused approach represents a strategic triage decision: concentrate enrichment resources on the vulnerabilities that demonstrably matter most, those already being exploited in the wild.
The policy change coincides with NIST’s ongoing development of its Center for AI Standards and Innovation, though a direct causal connection between that reorganization and the NVD policy change has not been confirmed.
What to watch. The CNA ecosystem’s response to this policy shift is the key forward signal. If major CNAs maintain high-quality enrichment for non-KEV CVEs, the practical gap may be smaller than it appears. If CNA rating quality proves uneven, which is the more likely scenario given the variation in CNA sophistication, the security community will likely push for supplementary enrichment from commercial or government sources. CISA’s KEV catalog update frequency is also worth monitoring: if KEV additions accelerate, more CVEs will receive NIST enrichment by inclusion rather than universal coverage.
TJS synthesis. The NVD policy shift is a resource allocation decision dressed up as a scope change. NIST is doing more with less by doing less overall. For AI security practitioners, the honest operational response is to stop treating NVD enrichment as complete coverage and start treating CISA KEV as the primary triage signal with NVD as a verification layer rather than a starting point. Build your CVE monitoring workflow for the landscape as it is, not as it was.