Attaxion Becomes the First EASM Platform to Integrate ENISA’s EU Vulnerability Database (EUVD)

Operated by the European Union Agency for Cybersecurity (EISA), the vulnerability benchmark accessible to the public developed in response to the NIS2 directive. He entered beta tests in mid-April 2025. The database adopts a multi-party approach, affecting unique EUVD identifiers, CVE cross references, aggregating CSIRT comments and other sources, and publishing usable information such as mitigation measures and exploitation status.

With the recent crisis of financing of the almost avoided CVE and the growing backlog of vulnerabilities which are not treated by the NIST, many organizations have started to seek additional sources of truth for their efforts to manage vulnerability. Attaxion data show that only 30% of the discovery vulnerabilities have a CVE identifier attributed to them. The EUVD appears as a key resource to solve these problems.

Each vulnerability of the external attack surface of an organization identified by Attaxion will now display its corresponding EUVD ID, if necessary, offering security teams a wider coverage and context for the prioritization of vulnerability.