The GVIP community is where we all meet and discuss in an open manner where there are issues, what we can do and agree on a direction. Some meetings will have a short presentation, but there will always be room …
AboutCode has a long history of working with compliance and software supply chain security and integrity. In February, the Aboutcode Foundation joined as a member of the GVIP project where Philippe Ombredanne will join the GVIP project group. The VulnerableCode …
In a recent episode of the Open Source Security podcast, Josh chats with Olle E. Johansson about the Global Vulnerability Intelligence Platform (GVIP). It’s no secret the current vulnerability systems are reaching a breaking point. Olle is one of the …
The presentation slides are now available. If you visit the conference agenda there are links to the PDF in the lower part of the page. They are all stored in our Github Repository. A big thank you to all participants, …
In a posting on CyberSecurityDive.com Jan 23, 2026, NIST is finally talking about the situation with the National vulnerability database, the NVD. For years, Boyens said, vulnerabilities have been arriving in the database much more quickly than NIST can analyze …
FOSDEM has approved a birds-of-a-feather session on the topic of Open Source vulnerability management. We encourage everyone active in the field to join us! The vulnerability management world is in a bit of turmoil. With the DoS-type attack AI slop …
We are now starting a series of community meetings where we discuss our requirements and proceed with the work to build a long term platform for vulnerability intelligence. Registrations are now open for two meetings, one on Europe and Asia/Pacific …
Organising a conference can be stressful. Fixing the hotel, making decisions about food, microphones, rollups, badges and… so much details. And then we have the speakers. Trying to get the information needed for the agenda, the web site and social …
Alexandre is a Security Researcher and Head of CIRCL in Luxembourg. In the GVIP summit, he will talk about the GCVE project and the open-source Vulnerability Lookup project. The Global CVE (GCVE) allocation system is a new, decentralized approach to vulnerability identification …
Yogesh is a PSIRT Manager at Red Hat, where he specializes in the organizational design of global vulnerability ecosystems. His talk is titled: “Designing the Hierarchy of Trust: Governance Lessons from a CVE Root and CNA-LR” As the EU CRA …
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.