search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

VINCE-NT Launching Soon vincepub/base.html

In the coming months, the Cybersecurity and Infrastructure Security Agency (CISA) will launch VINCE-NT, its next-generation platform for Coordinated Vulnerability Disclosure (CVD).

While users may continue to contact SEI/CERT and use the legacy VINCE portal for now, after February [insert date], all vulnerability reports must be submitted through VINCE-NT. All CVD casework will be managed directly through VINCE-NT.

What You Need to Know:

  • VINCE-NT will become the primary platform for submitting and managing vulnerability reports to CISA.
  • If you expect CISA to take action on your report, please use VINCE-NT once it becomes available.

If you need support, please reach out to us at cvd@cisa.dhs.gov. For frequently asked questions and additional resources, please visit cisa.gov/cvd.

Software Engineering Institute

CERT Coordination Center

Vulnerability Notes Database

The Vulnerability Notes Database provides information about software vulnerabilities. Vulnerability notes include summaries, technical details, remediation information, and lists of affected vendors. Most vulnerability notes are the result of private coordination and disclosure efforts. For more comprehensive coverage of public vulnerability reports, consider the National Vulnerability Database (NVD). CERT/CC also publishes the Vulnerability Notes Data Archive on GitHub.

Recently Published Vulnerabilities

VU#834248: Greg spricht Deutsch!

November 03, 2025

VU#978127: {{ 7 * 7 }}

December 01, 2022

VU#923271: Sew Case

July 18, 2022

VU#206747: Mary Kay Enamel

June 24, 2022

VU#670446: YETI

March 01, 2022
View More
 Subscribe to our feed

Search

Search over 3,500 vulnerability notes affecting over 2,300 vendors.

Want to report a vulnerability?

The CERT Coordination Center (CERT/CC) prioritizes coordination efforts on vulnerabilities that affect multiple vendors or that impact safety, critical or internet infrastructure, or national security. We also prioritize reports that affect sectors that are new to vulnerability disclosure. We may be able to provide assistance for reports when the coordination process breaks down.

Before reporting a vulnerability to us, we recommend reading our vulnerability disclosure policy and guidance.

Report a Vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis