) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
NVD CVSS v4.0 Official Support
The NVD now supports CVSS v4.0!
The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and
produce a numerical score reflecting its severity. CVSS version 4.0 is the next generation of the Common Vulnerability Scoring
System standard; released November 1, 2023. CVSS v4.0 provides increased granularity for Base metrics, a new Supplemental metric
group, a different methodology for determining severity and more. For more information regarding CVSS v4.0 please visit
https://www.first.org/cvss/v4.0/specification-document.
CVSS v4.0 information will be displayed throughout the NVD website:
Vulnerability Detail Pages
The Metrics section of the Vulnerability detail pages will now contain CVSS v4.0 data when available.
CVSS v4.0 data will be displayed in a similar fashion to CVSS v3.x and CVSS v2.0 and will be displayed if available
through NVD enrichment or CVE Program related CNA and/or ADP contributions.
CVSS v4.0 Calculator
A CVSS v4.0 Calculator (based on the one provided by the FIRST CVSS SIG) has been included on the website.
While visually distinct from previous calculators, the same functionality exists when including CVE IDs or CVSS
vector string parameters in the URL to the page (See Calculator
Product Integration).
Vulnerability Search Form
The advanced section of the vulnerability search page has been updated to allow searching by CVSS v4.0 criteria.
Vulnerability Search Results
The search results will now include CVSS v4.0 badges when appropriate.