A free, publicly accessible database for IT security vulnerabilities, the db.gcve.eu, has been created by GCVE (Global Cybersecurity Vulnerability Enumeration). The aim is to end dependence on US databases and strengthen digital sovereignty in Europe.
The initiative came together after a brief scare over the possible discontinuation of the Common Vulnerabilities and Exposures (CVE) program in 2025. The risk got many concerned forcing the cybersecurity industry to start thinking of alternatives.
GCVE database aims to facilitate vulnerability reporting
The platform brings together information from various public resources. These include the sources of the GCVE Numbering Authority (GNA) model. It replaces the traditional, centralized assignment of vulnerability identifiers (CVE IDs). Data from other recognized vulnerability directories is also used.
The decentralized approach makes it possible to assign and publish vulnerability identifiers autonomously without having to wait for central approval. A total of more than 25 different data sources are currently integrated. The vulnerability data collected is normalized, structured, and made searchable.
In addition, the open API offers seamless integration into existing compliance tools and risk management systems. This should enable security officers, scientists, computer security incident response teams, software providers, and open-source developers to track and evaluate security reports more efficiently across ecosystems.
No Responses